Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/08gGZaejickKF3TkRqLIcHmfHUc.roa
File: 08gGZaejickKF3TkRqLIcHmfHUc.roa (raw, json)
Hash identifier: +fLguKYO0D05wKtbliLeCydUJQ8HOdxjj+HJHTVscwM=
Subject key identifier: D3:C8:06:65:A7:A3:89:C9:0A:17:74:E4:46:A2:C8:70:79:9F:1D:47
Certificate issuer: /CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Certificate serial: 0193F87173FA84C722D23756F26F8BC2C848
Authority key identifier: 1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/08gGZaejickKF3TkRqLIcHmfHUc.roa
Signing time: Tue 24 Dec 2024 11:33:25 +0000
ROA not before: Tue 24 Dec 2024 11:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210421
IP address blocks: 91.193.167.0/24 maxlen: 24
94.45.129.0/24 maxlen: 24
94.45.136.0/24 maxlen: 24
94.45.139.0/24 maxlen: 24
94.45.146.0/23 maxlen: 24
94.45.148.0/23 maxlen: 24
94.45.152.0/22 maxlen: 24
94.45.156.0/23 maxlen: 24
94.45.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f8:71:73:fa:84:c7:22:d2:37:56:f2:6f:8b:c2:c8:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Validity
Not Before: Dec 24 11:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3c80665a7a389c90a1774e446a2c870799f1d47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:57:11:1c:c5:0b:19:64:e7:b9:69:3d:88:b2:
33:60:2b:f8:79:fa:64:01:74:03:4a:24:4e:cf:aa:
94:19:d8:46:68:13:cf:d8:98:29:49:33:6d:7a:3a:
ba:04:fc:8e:62:f1:69:e9:15:f3:1f:ab:ba:4e:9f:
37:2e:f0:c8:5a:af:c5:c3:33:5c:69:ad:b4:1f:e9:
c9:41:cb:d6:f8:ac:c2:fa:72:e7:55:cf:c0:8a:b7:
5c:03:c4:0d:0c:47:d5:6f:d6:10:b8:66:7a:52:53:
12:df:e1:a8:a5:57:c7:5b:b7:62:e5:8e:1b:2c:b6:
66:b4:22:84:e9:14:ce:ad:33:46:b2:58:50:ff:2b:
11:64:6b:6f:ff:f9:16:8b:77:7f:f9:bb:12:20:19:
77:a4:36:fd:a2:9f:b0:d4:cf:bc:d9:2d:fa:03:9e:
ae:6b:24:20:6c:77:ee:15:18:3a:98:4f:f6:62:a8:
90:3a:cc:04:4e:83:d7:4d:c8:1d:8d:33:bd:b1:3b:
51:c4:a1:45:58:0a:55:bc:dc:3d:01:3f:26:16:00:
b1:3a:2f:99:f6:b5:e0:45:e2:05:4f:5c:90:cc:ff:
67:e2:04:97:7e:96:76:e4:cb:63:4e:89:eb:e5:2b:
f0:71:18:ee:75:58:5c:2b:31:be:3e:d4:8c:f2:93:
33:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C8:06:65:A7:A3:89:C9:0A:17:74:E4:46:A2:C8:70:79:9F:1D:47
X509v3 Authority Key Identifier:
keyid:1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/08gGZaejickKF3TkRqLIcHmfHUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.167.0/24
94.45.129.0/24
94.45.136.0/24
94.45.139.0/24
94.45.146.0-94.45.149.255
94.45.152.0-94.45.157.255
Signature Algorithm: sha256WithRSAEncryption
5c:69:25:17:5f:24:4f:f3:6a:f6:7a:99:ee:43:a1:56:28:69:
f5:85:d0:9c:3e:e5:e6:f7:d4:2b:b0:1a:54:3b:26:8e:28:fe:
10:f3:ef:01:78:c7:05:3d:40:29:34:90:6c:a5:41:b6:bc:84:
b5:41:08:54:95:86:ef:d9:8c:19:5f:e9:96:50:d3:48:e4:78:
ca:89:e4:e6:56:ea:75:e0:d5:ea:e0:f5:7f:d1:ea:b5:11:52:
c7:04:32:0b:b2:af:32:3d:60:74:6b:62:25:60:d9:9c:49:95:
20:24:32:02:f2:ed:ee:61:0f:1d:77:58:e2:a4:a7:6d:f9:64:
9c:d1:f9:a4:8a:a7:bd:a9:1f:81:0a:4d:a4:2a:af:c8:96:ac:
4a:a4:b5:dd:62:9b:fd:80:2a:bf:47:af:34:06:dd:fe:d6:73:
74:ee:3b:5d:88:26:28:ab:dc:b4:31:35:4c:63:5c:8d:d6:50:
ab:86:1d:44:96:46:65:f8:0b:df:6f:78:3e:17:1b:de:10:1e:
85:72:e5:8d:66:7d:6e:54:28:2f:64:c6:70:75:3b:3d:02:a4:
2b:3f:8e:04:ec:12:6a:5e:75:81:3f:9d:f1:b8:0e:61:42:17:
9c:94:f7:8c:dc:85:e4:2a:dd:e9:63:10:db:94:35:3c:d3:3c:
41:77:e9:63
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZP4cXP6hMci0jdW8m+LwshIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTRlYjFlZWY2NmMyZDM0OWYzZjdkN2JhZmE2OGU0OWZi
ZmVjOWMwHhcNMjQxMjI0MTEzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2M4MDY2NWE3YTM4OWM5MGExNzc0ZTQ0NmEyYzg3MDc5OWYxZDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1cRHMULGWTnuWk9iLIzYCv4efpk
AXQDSiROz6qUGdhGaBPP2JgpSTNtejq6BPyOYvFp6RXzH6u6Tp83LvDIWq/FwzNc
aa20H+nJQcvW+KzC+nLnVc/AirdcA8QNDEfVb9YQuGZ6UlMS3+GopVfHW7di5Y4b
LLZmtCKE6RTOrTNGslhQ/ysRZGtv//kWi3d/+bsSIBl3pDb9op+w1M+82S36A56u
ayQgbHfuFRg6mE/2YqiQOswEToPXTcgdjTO9sTtRxKFFWApVvNw9AT8mFgCxOi+Z
9rXgReIFT1yQzP9n4gSXfpZ25MtjTonr5SvwcRjudVhcKzG+PtSM8pMzdQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFNPIBmWno4nJChd05EaiyHB5nx1HMB8GA1UdIwQY
MBaAFB4U6x7vZsLTSfP317r6aOSfv+ycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMt
OWNhOThmNDk1MGNmLzEvMDhnR1phZWppY2tLRjNUa1JxTEljSG1mSFVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMtOWNhOThmNDk1MGNm
LzEvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAW8GnAwQA
Xi2BAwQAXi2IAwQAXi2LMAwDBAFeLZIDBAFeLZQwDAMEA14tmAMEAV4tnDANBgkq
hkiG9w0BAQsFAAOCAQEAXGklF18kT/Nq9nqZ7kOhVihp9YXQnD7l5vfUK7AaVDsm
jij+EPPvAXjHBT1AKTSQbKVBtryEtUEIVJWG79mMGV/pllDTSOR4yonk5lbqdeDV
6uD1f9HqtRFSxwQyC7KvMj1gdGtiJWDZnEmVICQyAvLt7mEPHXdY4qSnbflknNH5
pIqnvakfgQpNpCqvyJasSqS13WKb/YAqv0evNAbd/tZzdO47XYgmKKvctDE1TGNc
jdZQq4YdRJZGZfgL3294Phcb3hAehXLljWZ9blQoL2TGcHU7PQKkKz+OBOwSal51
gT+d8bgOYUIXnJT3jNyF5Crd6WMQ25Q1PNM8QXfpYw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:42 2025 by rpki-client