Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/rLT2kzHu_P19bmRP3GkUpB238Hg.roa
File: rLT2kzHu_P19bmRP3GkUpB238Hg.roa (raw, json)
Hash identifier: 8eA6O6plR4ZQ9CMeIq666LKoJH7VlJ8jk2PWMV8QM1c=
Subject key identifier: AC:B4:F6:93:31:EE:FC:FD:7D:6E:64:4F:DC:69:14:A4:1D:B7:F0:78
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018E326A3573087E3D35D6E0919D8CB8BFD3
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/rLT2kzHu_P19bmRP3GkUpB238Hg.roa
Signing time: Tue 12 Mar 2024 11:26:45 +0000
ROA not before: Tue 12 Mar 2024 11:26:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 85.8.156.0/22 maxlen: 22
176.53.168.0/22 maxlen: 22
185.231.224.0/22 maxlen: 22
193.187.108.0/22 maxlen: 22
213.139.224.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:6a:35:73:08:7e:3d:35:d6:e0:91:9d:8c:b8:bf:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Mar 12 11:26:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acb4f69331eefcfd7d6e644fdc6914a41db7f078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:38:9d:df:47:3f:4f:d5:40:81:55:44:1a:7a:
e6:a7:cf:d9:56:80:69:ae:66:11:81:2a:2b:83:13:
43:1e:5e:2a:ec:81:70:7a:c2:f5:69:f1:f2:df:6b:
d1:dc:88:4c:36:04:18:07:ea:b8:b0:7f:15:71:01:
0d:3b:6d:b5:19:21:78:4a:e6:9e:b4:ac:20:25:47:
16:02:ac:d1:ce:25:c7:b0:8c:10:46:c9:18:cc:c6:
25:42:89:c6:59:f1:70:a9:8e:89:84:da:3b:2d:c0:
54:41:5d:19:d9:b4:ed:bb:64:4e:3f:ef:bc:f7:f7:
e2:59:c1:11:dd:dc:19:1c:5e:28:44:81:f9:c7:c4:
04:e1:90:c0:32:c1:47:26:32:bf:1d:ee:8e:f9:13:
3e:be:f0:9a:0d:c5:c2:33:23:99:ea:f6:12:9b:60:
47:3b:a8:8c:79:c9:d4:66:87:a2:18:f7:f1:f1:94:
d9:4b:2c:3d:91:a4:41:31:bc:4e:bb:eb:8f:be:8f:
d0:16:7e:ad:7c:27:b4:9c:07:a7:55:db:fe:38:63:
41:f5:52:ba:5a:dc:26:75:8f:ad:f0:f9:d9:af:57:
72:f2:5d:56:9a:52:89:f7:67:d8:33:ac:98:b5:ba:
da:f3:5f:59:b0:94:44:e8:56:17:60:3a:ac:8a:ef:
0e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B4:F6:93:31:EE:FC:FD:7D:6E:64:4F:DC:69:14:A4:1D:B7:F0:78
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/rLT2kzHu_P19bmRP3GkUpB238Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.156.0/22
176.53.168.0/22
185.231.224.0/22
193.187.108.0/22
213.139.224.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:9a:70:fb:65:2e:a8:d2:bb:9b:4d:8d:13:29:f7:0c:2d:5b:
e6:5a:db:6e:49:ae:9b:b5:6b:0a:30:00:28:8a:80:1e:a9:7b:
85:af:95:35:9f:82:26:ea:3b:83:ba:54:64:2d:7a:91:a1:f2:
85:1f:60:1d:9c:f9:c8:60:a0:f4:48:40:c2:31:93:37:06:89:
e2:92:f1:a2:68:c5:68:5a:dd:b3:b2:05:5d:1b:90:72:d5:9d:
48:77:c3:06:07:b3:c0:ab:bf:4d:40:cd:bb:18:5b:34:15:77:
47:f5:ec:f1:b4:be:1d:86:6d:46:b1:38:1e:66:63:f5:68:91:
ca:2a:6f:fa:3e:f4:8e:cb:52:0c:40:58:b6:36:e4:fc:41:4e:
c9:1c:63:93:ac:9d:e7:ac:18:15:7d:6a:51:0e:43:b3:d4:27:
8f:c9:3c:89:ec:90:b0:c8:f6:f9:9a:1e:8d:57:27:3a:1e:10:
ff:4c:bd:3b:49:00:cd:9b:3d:5d:b4:47:64:45:5b:d7:f1:98:
e3:d9:13:5a:c7:ce:b1:f8:0f:25:75:87:1c:98:fa:82:11:d4:
d2:71:81:0a:40:1f:35:a1:1e:e5:e0:bc:d8:d1:37:f1:b0:3b:
34:1f:57:0d:bd:5f:10:c2:63:81:64:42:12:74:dd:01:cf:04:
9d:4b:ec:bf
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY4yajVzCH49NdbgkZ2MuL/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwMzEyMTEyNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2I0ZjY5MzMxZWVmY2ZkN2Q2ZTY0NGZkYzY5MTRhNDFkYjdmMDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzid30c/T9VAgVVEGnrmp8/ZVoBp
rmYRgSorgxNDHl4q7IFwesL1afHy32vR3IhMNgQYB+q4sH8VcQENO221GSF4Suae
tKwgJUcWAqzRziXHsIwQRskYzMYlQonGWfFwqY6JhNo7LcBUQV0Z2bTtu2ROP++8
9/fiWcER3dwZHF4oRIH5x8QE4ZDAMsFHJjK/He6O+RM+vvCaDcXCMyOZ6vYSm2BH
O6iMecnUZoeiGPfx8ZTZSyw9kaRBMbxOu+uPvo/QFn6tfCe0nAenVdv+OGNB9VK6
WtwmdY+t8PnZr1dy8l1WmlKJ92fYM6yYtbra819ZsJRE6FYXYDqsiu8OJQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKy09pMx7vz9fW5kT9xpFKQdt/B4MB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvckxUMmt6SHVfUDE5Ym1SUDNHa1VwQjIzOEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVQicAwQC
sDWoAwQCuefgAwQCwbtsAwQC1YvgMA0GCSqGSIb3DQEBCwUAA4IBAQBKmnD7ZS6o
0rubTY0TKfcMLVvmWttuSa6btWsKMAAoioAeqXuFr5U1n4Im6juDulRkLXqRofKF
H2AdnPnIYKD0SEDCMZM3BonikvGiaMVoWt2zsgVdG5By1Z1Id8MGB7PAq79NQM27
GFs0FXdH9ezxtL4dhm1GsTgeZmP1aJHKKm/6PvSOy1IMQFi2NuT8QU7JHGOTrJ3n
rBgVfWpRDkOz1CePyTyJ7JCwyPb5mh6NVyc6HhD/TL07SQDNmz1dtEdkRVvX8Zjj
2RNax86x+A8ldYccmPqCEdTScYEKQB81oR7l4LzY0TfxsDs0H1cNvV8QwmOBZEIS
dN0BzwSdS+y/
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:52:29 2025 by rpki-client