Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/2aIRpfw60IZNOj3EjD1z1qAZBk8.roa
File: 2aIRpfw60IZNOj3EjD1z1qAZBk8.roa (raw, json)
Hash identifier: O8P+0jJmA2YXzZfq6w5aUf1WODfeXUlM9dzTrI+euoY=
Subject key identifier: D9:A2:11:A5:FC:3A:D0:86:4D:3A:3D:C4:8C:3D:73:D6:A0:19:06:4F
Certificate issuer: /CN=a28815e43926af7eb961de7b703aed6328953e30
Certificate serial: 018DE5B25D5B82815F08228949667121E686
Authority key identifier: A2:88:15:E4:39:26:AF:7E:B9:61:DE:7B:70:3A:ED:63:28:95:3E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oogV5Dkmr365Yd57cDrtYyiVPjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/2aIRpfw60IZNOj3EjD1z1qAZBk8.roa
Signing time: Mon 26 Feb 2024 13:54:48 +0000
ROA not before: Mon 26 Feb 2024 13:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35625
IP address blocks: 45.15.204.0/22 maxlen: 22
85.208.216.0/22 maxlen: 22
91.212.236.0/24 maxlen: 24
91.229.136.0/24 maxlen: 24
94.158.180.0/22 maxlen: 22
94.158.183.0/24 maxlen: 24
109.197.240.0/21 maxlen: 21
185.31.148.0/22 maxlen: 22
185.39.168.0/22 maxlen: 22
185.181.4.0/22 maxlen: 22
185.218.212.0/22 maxlen: 22
195.90.116.0/22 maxlen: 24
195.190.27.0/24 maxlen: 24
2a00:ba60::/31 maxlen: 31
2a00:ba60::/32 maxlen: 32
2a00:ba61::/32 maxlen: 32
2a00:ba62::/32 maxlen: 32
2a00:ba67::/32 maxlen: 32
2a09:8c40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e5:b2:5d:5b:82:81:5f:08:22:89:49:66:71:21:e6:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a28815e43926af7eb961de7b703aed6328953e30
Validity
Not Before: Feb 26 13:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9a211a5fc3ad0864d3a3dc48c3d73d6a019064f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:69:72:40:e3:bb:8d:22:85:73:86:82:02:4f:
84:86:2a:52:13:28:12:93:07:a8:dc:d8:d5:18:c6:
f0:9a:11:05:48:55:1d:00:55:87:aa:75:49:0c:5d:
a4:23:33:53:57:44:e0:ca:2a:12:fe:a1:99:30:b3:
27:40:55:73:6a:e6:3d:41:cb:40:53:79:65:1b:95:
46:e7:71:c1:b5:28:d0:19:38:85:14:f2:b9:b8:d5:
bf:ba:41:85:3f:25:42:ad:01:ee:7d:77:29:8c:33:
c3:76:8f:30:18:5a:cb:4b:4e:d8:7f:f5:dd:ef:2e:
0b:c6:8d:03:63:08:4c:37:a5:14:d2:72:75:49:24:
cc:3f:7c:3f:3c:a4:02:8e:4d:55:71:b0:2f:44:b2:
c4:5f:e4:6e:40:9d:7a:4a:62:e2:a2:b3:fa:1f:b7:
70:34:ac:63:7d:b4:96:af:fc:4a:37:79:fe:de:0b:
0e:fa:0d:ab:4b:02:55:47:31:42:4c:24:a9:a6:c7:
e4:42:21:9b:59:67:15:36:47:72:29:24:1f:3b:54:
f6:b3:b6:e5:3a:73:38:ba:41:9a:e1:4c:14:ec:a7:
af:9b:ba:6c:95:04:37:6c:93:67:ac:a9:6b:59:c9:
de:70:ed:0d:45:8b:3b:d6:63:f4:4a:c8:fb:e3:38:
17:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A2:11:A5:FC:3A:D0:86:4D:3A:3D:C4:8C:3D:73:D6:A0:19:06:4F
X509v3 Authority Key Identifier:
keyid:A2:88:15:E4:39:26:AF:7E:B9:61:DE:7B:70:3A:ED:63:28:95:3E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oogV5Dkmr365Yd57cDrtYyiVPjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/2aIRpfw60IZNOj3EjD1z1qAZBk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/oogV5Dkmr365Yd57cDrtYyiVPjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.204.0/22
85.208.216.0/22
91.212.236.0/24
91.229.136.0/24
94.158.180.0/22
109.197.240.0/21
185.31.148.0/22
185.39.168.0/22
185.181.4.0/22
185.218.212.0/22
195.90.116.0/22
195.190.27.0/24
IPv6:
2a00:ba60::-2a00:ba62:ffff:ffff:ffff:ffff:ffff:ffff
2a00:ba67::/32
2a09:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
b6:91:62:33:fc:4b:49:94:ae:c4:be:4a:ea:b8:2a:9f:35:36:
c1:24:83:45:6b:91:a7:7e:cd:26:b8:6c:e6:9b:42:dc:55:a7:
46:17:f9:41:da:93:31:5d:c8:c8:5d:8c:9a:0c:18:95:90:f0:
b5:31:22:f4:ec:59:76:24:59:fc:d5:7a:2c:5a:0a:73:77:11:
56:d2:9a:e0:00:57:84:26:f8:34:b7:99:ee:a3:4d:eb:c9:55:
b4:f8:56:af:9a:0f:ea:3d:80:66:f2:2e:e6:d4:c5:73:3f:62:
a3:34:8b:21:66:e9:f1:68:a5:e4:89:0a:2f:b0:e2:30:9a:1d:
4e:c0:dd:5f:5c:37:68:47:93:a6:4d:06:9e:12:dd:c1:e1:5a:
a7:2d:f3:11:9a:d8:c7:80:2b:d1:75:63:71:e4:2f:76:17:64:
93:de:d3:19:40:af:ae:0e:17:9a:4b:c4:88:67:c8:7c:9e:5b:
fe:21:17:c4:41:47:cf:e4:5e:ea:b5:39:2e:c9:97:7e:a8:68:
89:90:e3:83:63:c3:06:4d:5d:f9:27:15:6c:9b:1e:8e:83:a2:
42:0f:6a:cd:e8:f3:29:02:62:03:6a:81:8c:ca:41:ba:06:be:
ae:dd:75:12:02:1a:da:1f:f9:d5:f9:ff:39:91:4b:ed:5e:ff:
78:d7:57:d2
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAY3lsl1bgoFfCCKJSWZxIeaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyODgxNWU0MzkyNmFmN2ViOTYxZGU3YjcwM2FlZDYzMjg5
NTNlMzAwHhcNMjQwMjI2MTM1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWEyMTFhNWZjM2FkMDg2NGQzYTNkYzQ4YzNkNzNkNmEwMTkwNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWlyQOO7jSKFc4aCAk+EhipSEygS
kweo3NjVGMbwmhEFSFUdAFWHqnVJDF2kIzNTV0TgyioS/qGZMLMnQFVzauY9QctA
U3llG5VG53HBtSjQGTiFFPK5uNW/ukGFPyVCrQHufXcpjDPDdo8wGFrLS07Yf/Xd
7y4Lxo0DYwhMN6UU0nJ1SSTMP3w/PKQCjk1VcbAvRLLEX+RuQJ16SmLiorP6H7dw
NKxjfbSWr/xKN3n+3gsO+g2rSwJVRzFCTCSppsfkQiGbWWcVNkdyKSQfO1T2s7bl
OnM4ukGa4UwU7Kevm7pslQQ3bJNnrKlrWcnecO0NRYs71mP0Ssj74zgXtQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFNmiEaX8OtCGTTo9xIw9c9agGQZPMB8GA1UdIwQY
MBaAFKKIFeQ5Jq9+uWHee3A67WMolT4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb29nVjVEa21yMzY1WWQ1N2NEcnRZeWlWUGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS82NzcwM2MtMGVmOS00NjVlLThhNWEt
MzE0ZjcyOWZhNTk1LzEvMmFJUnBmdzYwSVpOT2ozRWpEMXoxcUFaQms4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS82NzcwM2MtMGVmOS00NjVlLThhNWEtMzE0ZjcyOWZhNTk1
LzEvb29nVjVEa21yMzY1WWQ1N2NEcnRZeWlWUGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwTgQCAAEwSAMEAi0PzAME
AlXQ2AMEAFvU7AMEAFvliAMEAl6etAMEA23F8AMEArkflAMEArknqAMEArm1BAME
Arna1AMEAsNadAMEAMO+GzAkBAIAAjAeMA4DBQUqALpgAwUAKgC6YgMFACoAumcD
BQMqCYxAMA0GCSqGSIb3DQEBCwUAA4IBAQC2kWIz/EtJlK7EvkrquCqfNTbBJINF
a5Gnfs0muGzmm0LcVadGF/lB2pMxXcjIXYyaDBiVkPC1MSL07Fl2JFn81XosWgpz
dxFW0prgAFeEJvg0t5nuo03ryVW0+Favmg/qPYBm8i7m1MVzP2KjNIshZunxaKXk
iQovsOIwmh1OwN1fXDdoR5OmTQaeEt3B4VqnLfMRmtjHgCvRdWNx5C92F2ST3tMZ
QK+uDheaS8SIZ8h8nlv+IRfEQUfP5F7qtTkuyZd+qGiJkOODY8MGTV35JxVsmx6O
g6JCD2rN6PMpAmIDaoGMykG6Br6u3XUSAhraH/nV+f85kUvtXv9411fS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:46 2024 by rpki-client on console-fra.rpki-client.org