Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/c34150-5912-490c-b35b-f54fbf6917bc/1/2IUVrUcX57wEcebuPBNhbM7rtII.roa
File: 2IUVrUcX57wEcebuPBNhbM7rtII.roa (raw, json)
Hash identifier: xFARryMWCZ7xJebZzJ48q6NyTNbF+EONupkOj48G4Zc=
Subject key identifier: D8:85:15:AD:47:17:E7:BC:04:71:E6:EE:3C:13:61:6C:CE:EB:B4:82
Certificate issuer: /CN=1ecb9bd5ed96e69dda8fc2a1fe02147adae8f713
Certificate serial: 019420D65E963CA8D2E138E64EA52C1B0C0C
Authority key identifier: 1E:CB:9B:D5:ED:96:E6:9D:DA:8F:C2:A1:FE:02:14:7A:DA:E8:F7:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hsub1e2W5p3aj8Kh_gIUetro9xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/c34150-5912-490c-b35b-f54fbf6917bc/1/2IUVrUcX57wEcebuPBNhbM7rtII.roa
Signing time: Wed 01 Jan 2025 07:48:27 +0000
ROA not before: Wed 01 Jan 2025 07:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19229
IP address blocks: 77.95.80.0/21 maxlen: 21
77.95.80.0/23 maxlen: 23
77.95.82.0/23 maxlen: 23
77.95.84.0/23 maxlen: 23
77.95.86.0/23 maxlen: 23
176.32.232.0/21 maxlen: 24
176.32.232.0/24 maxlen: 24
176.32.233.0/24 maxlen: 24
176.32.234.0/24 maxlen: 24
176.32.235.0/24 maxlen: 24
176.32.236.0/24 maxlen: 24
176.32.237.0/24 maxlen: 24
176.32.238.0/24 maxlen: 24
176.32.239.0/24 maxlen: 24
185.148.132.0/22 maxlen: 22
185.148.132.0/23 maxlen: 23
185.148.134.0/23 maxlen: 23
217.64.224.0/20 maxlen: 20
217.64.224.0/23 maxlen: 23
217.64.226.0/23 maxlen: 23
217.64.228.0/23 maxlen: 23
217.64.230.0/23 maxlen: 23
217.64.232.0/23 maxlen: 23
217.64.234.0/23 maxlen: 23
217.64.236.0/23 maxlen: 23
217.64.238.0/23 maxlen: 23
217.147.64.0/20 maxlen: 20
217.147.64.0/23 maxlen: 23
217.147.66.0/23 maxlen: 23
217.147.68.0/23 maxlen: 23
217.147.70.0/23 maxlen: 23
217.147.72.0/23 maxlen: 23
217.147.74.0/23 maxlen: 23
217.147.76.0/23 maxlen: 23
217.147.78.0/23 maxlen: 23
2a02:5f00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5e:96:3c:a8:d2:e1:38:e6:4e:a5:2c:1b:0c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ecb9bd5ed96e69dda8fc2a1fe02147adae8f713
Validity
Not Before: Jan 1 07:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d88515ad4717e7bc0471e6ee3c13616cceebb482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:02:9f:6e:6e:e1:7f:b1:82:f3:e6:89:63:31:
61:63:e2:6c:36:d4:cb:23:c6:da:a0:47:5b:6f:03:
d7:34:bf:0a:11:1a:5d:06:a5:50:87:93:79:68:e2:
8d:4d:6b:94:1e:83:8a:44:70:5b:ec:d7:be:07:4e:
63:3b:18:9d:44:26:4b:6f:01:b6:2d:8e:ad:fc:53:
8f:e8:02:c4:32:3c:e9:5b:bb:89:30:4e:0d:85:96:
64:0a:3a:4b:78:fa:52:11:11:e2:d1:f2:30:3c:1f:
7d:e4:e5:5a:a6:74:88:e8:54:1d:4f:7b:93:85:74:
da:5e:96:ce:84:eb:0c:bb:0b:a0:d1:30:57:6d:43:
eb:be:c3:ba:a4:51:ed:89:f3:ab:5f:ee:ad:67:45:
4e:4c:d6:bc:9b:94:17:3c:c3:30:8b:aa:73:4f:7f:
82:7f:b4:aa:85:6e:a9:33:55:a0:93:6a:e5:2c:dc:
9d:83:5b:c9:8e:fc:73:05:c1:87:80:b5:48:af:06:
08:c8:7c:16:50:b2:b3:3a:64:0a:2e:a8:dd:a7:fd:
a9:a3:ff:5f:dd:98:fb:c4:65:af:37:31:75:8e:4e:
60:61:24:a6:ef:56:d1:43:94:8d:ca:44:28:b8:2c:
e4:c7:bc:08:3c:33:61:7e:30:15:b0:7f:5d:28:d4:
98:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:85:15:AD:47:17:E7:BC:04:71:E6:EE:3C:13:61:6C:CE:EB:B4:82
X509v3 Authority Key Identifier:
keyid:1E:CB:9B:D5:ED:96:E6:9D:DA:8F:C2:A1:FE:02:14:7A:DA:E8:F7:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hsub1e2W5p3aj8Kh_gIUetro9xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c34150-5912-490c-b35b-f54fbf6917bc/1/2IUVrUcX57wEcebuPBNhbM7rtII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c34150-5912-490c-b35b-f54fbf6917bc/1/Hsub1e2W5p3aj8Kh_gIUetro9xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.80.0/21
176.32.232.0/21
185.148.132.0/22
217.64.224.0/20
217.147.64.0/20
IPv6:
2a02:5f00::/32
Signature Algorithm: sha256WithRSAEncryption
0b:df:80:0f:c7:70:41:72:45:65:8b:80:35:99:da:42:5c:90:
e3:f1:65:c8:9f:5b:89:88:f4:44:26:fd:76:62:e2:0f:8e:70:
26:b6:17:35:28:b1:3a:60:9e:e7:d2:f1:41:89:f5:8d:54:ca:
33:24:c9:56:07:f8:da:a0:f9:0e:2b:a6:28:b2:97:45:4a:0d:
d8:e2:a3:5c:ff:10:0a:b6:0a:2d:df:2a:71:78:69:19:67:1f:
16:c7:9e:35:1d:3b:17:59:54:c2:49:ba:f4:d1:77:19:5b:70:
0a:8b:54:e7:d1:14:cc:82:cd:b0:41:44:8b:8d:6e:a3:9c:c0:
60:ea:9e:f3:ed:24:0a:48:0a:ad:41:ee:2b:59:b8:6b:3e:eb:
90:73:dc:cf:28:7d:ff:76:b1:84:a1:c5:fc:47:98:40:36:3c:
40:ac:9a:40:79:0c:98:bf:d1:a5:a2:9c:9f:5c:ad:f8:7c:49:
ba:18:66:38:bc:44:24:ab:5f:ee:8f:bd:68:81:f0:be:54:70:
b8:f2:0f:d6:a8:46:e2:89:ea:fd:84:d9:b6:59:34:e2:ae:1d:
28:d4:90:c3:e0:7a:5b:f0:0f:26:9d:49:de:5d:40:54:bc:d4:
7d:76:2b:df:9f:29:95:a7:76:d1:d0:45:65:c9:9a:d8:d9:46:
6e:7f:ca:49
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQg1l6WPKjS4TjmTqUsGwwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlY2I5YmQ1ZWQ5NmU2OWRkYThmYzJhMWZlMDIxNDdhZGFl
OGY3MTMwHhcNMjUwMTAxMDc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODg1MTVhZDQ3MTdlN2JjMDQ3MWU2ZWUzYzEzNjE2Y2NlZWJiNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wKfbm7hf7GC8+aJYzFhY+JsNtTL
I8baoEdbbwPXNL8KERpdBqVQh5N5aOKNTWuUHoOKRHBb7Ne+B05jOxidRCZLbwG2
LY6t/FOP6ALEMjzpW7uJME4NhZZkCjpLePpSERHi0fIwPB995OVapnSI6FQdT3uT
hXTaXpbOhOsMuwug0TBXbUPrvsO6pFHtifOrX+6tZ0VOTNa8m5QXPMMwi6pzT3+C
f7SqhW6pM1Wgk2rlLNydg1vJjvxzBcGHgLVIrwYIyHwWULKzOmQKLqjdp/2po/9f
3Zj7xGWvNzF1jk5gYSSm71bRQ5SNykQouCzkx7wIPDNhfjAVsH9dKNSYOwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNiFFa1HF+e8BHHm7jwTYWzO67SCMB8GA1UdIwQY
MBaAFB7Lm9Xtluad2o/Cof4CFHra6PcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHN1YjFlMlc1cDNhajhLaF9nSVVldHJvOXhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9jMzQxNTAtNTkxMi00OTBjLWIzNWIt
ZjU0ZmJmNjkxN2JjLzEvMklVVnJVY1g1N3dFY2VidVBCTmhiTTdydElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9jMzQxNTAtNTkxMi00OTBjLWIzNWItZjU0ZmJmNjkxN2Jj
LzEvSHN1YjFlMlc1cDNhajhLaF9nSVVldHJvOXhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDTV9QAwQD
sCDoAwQCuZSEAwQE2UDgAwQE2ZNAMA0EAgACMAcDBQAqAl8AMA0GCSqGSIb3DQEB
CwUAA4IBAQAL34APx3BBckVli4A1mdpCXJDj8WXIn1uJiPREJv12YuIPjnAmthc1
KLE6YJ7n0vFBifWNVMozJMlWB/jaoPkOK6YospdFSg3Y4qNc/xAKtgot3ypxeGkZ
Zx8Wx541HTsXWVTCSbr00XcZW3AKi1Tn0RTMgs2wQUSLjW6jnMBg6p7z7SQKSAqt
Qe4rWbhrPuuQc9zPKH3/drGEocX8R5hANjxArJpAeQyYv9GlopyfXK34fEm6GGY4
vEQkq1/uj71ogfC+VHC48g/WqEbiier9hNm2WTTirh0o1JDD4Hpb8A8mnUneXUBU
vNR9divfnymVp3bR0EVlyZrY2UZuf8pJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:31 2025 by rpki-client