Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/2ijKrrPB9VwBrgM8_DmIIHJDC5Y.roa
File: 2ijKrrPB9VwBrgM8_DmIIHJDC5Y.roa (raw, json)
Hash identifier: 3MxKLzo168FzIHGaiUlKnKLaQGdj0Eshdd3CUakeBcw=
Subject key identifier: DA:28:CA:AE:B3:C1:F5:5C:01:AE:03:3C:FC:39:88:20:72:43:0B:96
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 019427B57AED6BBFAC4D687CCD001C2FD694
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/2ijKrrPB9VwBrgM8_DmIIHJDC5Y.roa
Signing time: Thu 02 Jan 2025 15:49:52 +0000
ROA not before: Thu 02 Jan 2025 15:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.182.100.0/24 maxlen: 24
5.182.101.0/24 maxlen: 24
45.14.72.0/24 maxlen: 24
45.84.44.0/24 maxlen: 24
45.84.45.0/24 maxlen: 24
45.84.47.0/24 maxlen: 24
45.157.74.0/23 maxlen: 23
85.8.188.0/24 maxlen: 24
85.8.189.0/24 maxlen: 24
85.8.190.0/23 maxlen: 23
85.209.216.0/24 maxlen: 24
85.209.218.0/23 maxlen: 23
88.218.100.0/24 maxlen: 24
88.218.101.0/24 maxlen: 24
88.218.102.0/23 maxlen: 23
92.119.180.0/24 maxlen: 24
92.119.181.0/24 maxlen: 24
92.119.183.0/24 maxlen: 24
139.28.137.0/24 maxlen: 24
139.28.138.0/23 maxlen: 23
141.98.240.0/24 maxlen: 24
141.98.241.0/24 maxlen: 24
141.98.242.0/23 maxlen: 23
193.31.72.0/24 maxlen: 24
193.31.73.0/24 maxlen: 24
193.31.75.0/24 maxlen: 24
194.5.0.0/22 maxlen: 22
194.124.52.0/22 maxlen: 22
195.206.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:7a:ed:6b:bf:ac:4d:68:7c:cd:00:1c:2f:d6:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Jan 2 15:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da28caaeb3c1f55c01ae033cfc39882072430b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b5:cc:7f:f1:07:1b:6e:f5:f3:78:8d:bf:df:
35:f2:65:d7:70:f8:2f:d2:be:06:bd:cd:96:b5:54:
4b:db:b8:7e:b0:d6:a5:9a:05:a7:f3:3d:ad:01:f5:
bb:8e:e8:92:90:f0:53:13:c5:0e:08:1c:0e:47:80:
22:8a:95:4a:0e:f9:7c:17:db:f6:78:99:4d:74:e8:
5d:d2:7b:34:7a:47:3f:2f:85:d9:5c:8e:c4:7b:f3:
22:23:aa:72:81:fc:8e:a9:6b:d5:f6:5f:fd:64:ec:
29:a4:99:fb:ab:6f:3d:a6:c2:c7:53:86:74:e2:2f:
ec:ef:b4:c2:af:1b:9e:1a:07:f5:53:7d:01:61:7b:
b4:35:d5:05:a4:37:ea:dc:97:ad:ef:04:c4:43:24:
e1:86:51:e9:a9:d2:da:07:95:c9:05:dd:05:8b:8b:
3e:6a:c7:ae:86:c1:32:42:3d:db:35:ad:a3:58:22:
24:f9:f3:24:ea:78:49:b8:7a:d9:b7:98:fa:23:d5:
62:6e:8d:76:8a:0e:ab:d0:56:6f:79:8a:06:5c:d8:
1c:ec:db:bc:56:e2:12:bb:51:fd:3d:24:d1:ea:d0:
a7:d5:76:53:77:42:9b:cc:da:ba:33:4c:5f:2a:ee:
9e:c9:73:5e:0d:af:65:98:cd:a9:3c:e5:e1:6b:33:
25:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:28:CA:AE:B3:C1:F5:5C:01:AE:03:3C:FC:39:88:20:72:43:0B:96
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/2ijKrrPB9VwBrgM8_DmIIHJDC5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.100.0/23
45.14.72.0/24
45.84.44.0/23
45.84.47.0/24
45.157.74.0/23
85.8.188.0/22
85.209.216.0/24
85.209.218.0/23
88.218.100.0/22
92.119.180.0/23
92.119.183.0/24
139.28.137.0-139.28.139.255
141.98.240.0/22
193.31.72.0/23
193.31.75.0/24
194.5.0.0/22
194.124.52.0/22
195.206.108.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:f4:9c:9f:89:5b:aa:b9:f5:36:b9:88:31:29:e0:a3:d3:cb:
97:7a:ed:33:fd:25:e1:9f:52:ea:df:c9:b5:4c:ab:6a:e1:3b:
04:21:40:20:c2:c9:82:43:bd:88:2e:22:f3:cf:55:4d:5a:b7:
f8:bd:65:31:b7:a6:a3:4d:c0:19:7f:74:0e:31:1a:9c:07:2d:
00:6c:d4:bf:b1:86:fc:f1:fb:7d:26:80:54:8d:1f:f1:4a:e3:
2d:89:0c:ac:56:24:95:fd:e2:29:13:26:26:de:4e:f2:54:45:
a0:7d:84:35:cf:49:b0:de:0e:c6:1c:0a:34:51:37:58:ed:3d:
26:19:02:cb:36:0f:29:a3:17:11:15:cd:be:17:44:d8:0d:89:
ec:1c:f4:6b:20:d1:ce:2c:e9:6a:2b:a0:da:04:29:7a:86:7b:
e4:84:d9:00:53:1a:fe:c9:b8:01:b8:f1:fa:ea:66:2c:e8:26:
c9:ed:64:3a:e5:c7:bf:33:ac:97:9b:46:a8:83:64:f3:f0:92:
21:df:58:93:f4:99:c3:2d:8b:37:d7:46:bc:42:cd:ab:65:39:
c6:2e:69:85:ed:49:7e:74:a4:fd:a7:26:d9:04:24:91:36:2c:
a2:d1:b6:33:c2:cb:fc:7b:3e:4c:ef:18:04:da:31:f7:81:b4:
9f:48:6e:02
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZQntXrta7+sTWh8zQAcL9aUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjUwMTAyMTU0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTI4Y2FhZWIzYzFmNTVjMDFhZTAzM2NmYzM5ODgyMDcyNDMwYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7XMf/EHG27183iNv9818mXXcPgv
0r4Gvc2WtVRL27h+sNalmgWn8z2tAfW7juiSkPBTE8UOCBwOR4AiipVKDvl8F9v2
eJlNdOhd0ns0ekc/L4XZXI7Ee/MiI6pygfyOqWvV9l/9ZOwppJn7q289psLHU4Z0
4i/s77TCrxueGgf1U30BYXu0NdUFpDfq3Jet7wTEQyThhlHpqdLaB5XJBd0Fi4s+
aseuhsEyQj3bNa2jWCIk+fMk6nhJuHrZt5j6I9Vibo12ig6r0FZveYoGXNgc7Nu8
VuISu1H9PSTR6tCn1XZTd0KbzNq6M0xfKu6eyXNeDa9lmM2pPOXhazMljwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFNooyq6zwfVcAa4DPPw5iCByQwuWMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvMmlqS3JyUEI5VndCcmdNOF9EbUlJSEpEQzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAQW2ZAME
AC0OSAMEAS1ULAMEAC1ULwMEAS2dSgMEAlUIvAMEAFXR2AMEAVXR2gMEAljaZAME
AVx3tAMEAFx3tzAMAwQAixyJAwQCixyIAwQCjWLwAwQBwR9IAwQAwR9LAwQCwgUA
AwQCwnw0AwQAw85sMA0GCSqGSIb3DQEBCwUAA4IBAQBv9JyfiVuqufU2uYgxKeCj
08uXeu0z/SXhn1Lq38m1TKtq4TsEIUAgwsmCQ72ILiLzz1VNWrf4vWUxt6ajTcAZ
f3QOMRqcBy0AbNS/sYb88ft9JoBUjR/xSuMtiQysViSV/eIpEyYm3k7yVEWgfYQ1
z0mw3g7GHAo0UTdY7T0mGQLLNg8poxcRFc2+F0TYDYnsHPRrINHOLOlqK6DaBCl6
hnvkhNkAUxr+ybgBuPH66mYs6CbJ7WQ65ce/M6yXm0aog2Tz8JIh31iT9JnDLYs3
10a8Qs2rZTnGLmmF7Ul+dKT9pybZBCSRNiyi0bYzwsv8ez5M7xgE2jH3gbSfSG4C
-----END CERTIFICATE-----
Generated at Wed Apr 9 15:36:44 2025 by rpki-client