Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2m84-v_WRPTPKqeB2oBWp-wF748.roa
File: 2m84-v_WRPTPKqeB2oBWp-wF748.roa (raw, json)
Hash identifier: ge/GZa0KnBL1KFiuwr6WpIKT7Q5PP1eQ1iEIdD5hVug=
Subject key identifier: DA:6F:38:FA:FF:D6:44:F4:CF:2A:A7:81:DA:80:56:A7:EC:05:EF:8F
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 0193504A0BEAB0D84FBB04F3DBC2CC807280
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2m84-v_WRPTPKqeB2oBWp-wF748.roa
Signing time: Thu 21 Nov 2024 19:54:10 +0000
ROA not before: Thu 21 Nov 2024 19:54:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209737
IP address blocks: 85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
85.235.75.0/24 maxlen: 24
93.190.8.0/24 maxlen: 24
193.17.5.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.78.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
217.18.210.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:50:4a:0b:ea:b0:d8:4f:bb:04:f3:db:c2:cc:80:72:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Nov 21 19:54:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da6f38faffd644f4cf2aa781da8056a7ec05ef8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:32:4f:53:20:88:20:f8:cd:3e:a9:f0:18:f0:
32:3e:69:9e:04:48:a1:b9:e6:bf:38:94:f4:d6:68:
21:35:31:d8:23:9a:e7:1a:53:11:0b:83:09:f9:5d:
03:e0:a8:fa:9a:fe:f2:fc:75:3e:f4:46:f6:a4:98:
03:4d:18:ee:0a:05:aa:dd:94:a5:6c:cd:1f:02:9e:
ec:52:09:6c:c5:82:05:79:81:dc:b0:62:ac:83:ad:
0e:d6:cf:86:f4:a2:2b:84:bd:2d:b3:23:6e:5e:85:
dc:37:4f:d3:34:f9:50:45:57:23:cf:7b:c0:a7:b5:
85:e7:05:89:58:40:a9:f0:aa:d6:d3:23:5c:0a:39:
77:34:b8:26:d0:05:57:79:4d:91:65:0e:f4:46:f2:
e3:a8:44:39:c6:57:03:9c:cc:c7:0c:54:21:c7:8e:
bb:75:bb:60:7a:3f:cc:69:2c:a1:1c:27:56:42:e2:
46:e3:4a:ec:ef:53:6d:89:b3:e0:e3:27:65:4d:22:
f0:e7:8a:f4:66:9f:23:2d:b5:55:24:fa:66:f2:59:
a5:51:0f:ad:fb:ee:c6:2e:23:d5:98:42:b4:a4:0f:
24:34:75:6a:1a:9f:2b:7c:5c:94:14:55:1b:00:b4:
20:9d:51:1f:a5:5b:14:99:66:0c:1d:d2:9c:d5:f8:
67:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:6F:38:FA:FF:D6:44:F4:CF:2A:A7:81:DA:80:56:A7:EC:05:EF:8F
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2m84-v_WRPTPKqeB2oBWp-wF748.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.72.0/22
93.190.8.0/24
193.17.5.0/24
193.111.76.0/24
193.111.78.0/24
217.18.208.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:c1:37:f5:12:b7:07:0c:a6:b0:08:9b:54:bb:cb:c7:7d:06:
2c:88:a2:2a:a1:e7:1f:e4:7a:b7:6f:c7:e8:9e:c7:54:9d:ec:
0d:ca:28:c3:80:2a:13:0f:05:ae:6c:2a:35:8b:1e:8c:fe:69:
fe:54:40:6f:cd:27:b5:7a:12:fc:85:74:8c:3e:6a:f7:21:cc:
e1:13:4b:e1:fe:d4:bc:07:7d:f0:9b:68:17:a4:31:92:8a:33:
e7:b0:c7:c6:a8:c6:fe:69:a7:d2:9a:2f:0f:bc:36:d7:68:f5:
a6:eb:8d:0b:b6:6c:10:62:f5:fd:4c:b0:b5:ca:ef:52:ed:41:
69:64:f6:fa:da:0e:75:b5:ac:53:4a:a8:95:b0:be:66:6a:7f:
5b:17:e2:a5:bb:cb:20:0a:7a:39:ef:38:c9:65:81:a5:92:74:
9f:4d:a6:31:f0:13:56:7b:40:9f:27:6c:0e:30:6d:01:78:9b:
02:49:7d:42:02:fc:3b:35:a3:9d:4d:cb:60:5b:24:e0:c3:cc:
83:5d:2d:43:46:22:6a:6c:e7:dd:6f:63:0a:b8:98:b1:c1:c1:
27:f6:05:d2:8c:68:10:df:4d:58:d8:12:3f:65:82:f2:c7:2f:
d5:51:c1:a7:52:e6:19:d7:0a:b3:bc:1e:49:ac:fe:ea:d3:19:
9a:93:ae:34
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZNQSgvqsNhPuwTz28LMgHKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQxMTIxMTk1NDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTZmMzhmYWZmZDY0NGY0Y2YyYWE3ODFkYTgwNTZhN2VjMDVlZjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjJPUyCIIPjNPqnwGPAyPmmeBEih
uea/OJT01mghNTHYI5rnGlMRC4MJ+V0D4Kj6mv7y/HU+9Eb2pJgDTRjuCgWq3ZSl
bM0fAp7sUglsxYIFeYHcsGKsg60O1s+G9KIrhL0tsyNuXoXcN0/TNPlQRVcjz3vA
p7WF5wWJWECp8KrW0yNcCjl3NLgm0AVXeU2RZQ70RvLjqEQ5xlcDnMzHDFQhx467
dbtgej/MaSyhHCdWQuJG40rs71NtibPg4ydlTSLw54r0Zp8jLbVVJPpm8lmlUQ+t
++7GLiPVmEK0pA8kNHVqGp8rfFyUFFUbALQgnVEfpVsUmWYMHdKc1fhntQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNpvOPr/1kT0zyqngdqAVqfsBe+PMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvMm04NC12X1dSUFRQS3FlQjJvQldwLXdGNzQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCVetIAwQA
Xb4IAwQAwREFAwQAwW9MAwQAwW9OAwQC2RLQMA0GCSqGSIb3DQEBCwUAA4IBAQAN
wTf1ErcHDKawCJtUu8vHfQYsiKIqoecf5Hq3b8fonsdUnewNyijDgCoTDwWubCo1
ix6M/mn+VEBvzSe1ehL8hXSMPmr3IczhE0vh/tS8B33wm2gXpDGSijPnsMfGqMb+
aafSmi8PvDbXaPWm640LtmwQYvX9TLC1yu9S7UFpZPb62g51taxTSqiVsL5man9b
F+Klu8sgCno57zjJZYGlknSfTaYx8BNWe0CfJ2wOMG0BeJsCSX1CAvw7NaOdTctg
WyTgw8yDXS1DRiJqbOfdb2MKuJixwcEn9gXSjGgQ301Y2BI/ZYLyxy/VUcGnUuYZ
1wqzvB5JrP7q0xmak640
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:43:23 2025 by rpki-client