Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/jAktmyRCYJGxgHkZXZTofG8opxc.roa
File: jAktmyRCYJGxgHkZXZTofG8opxc.roa (raw, json)
Hash identifier: rEZ9RAcbBlJTGgBPMLx/km4ExKw627Nwf+Ribz8Ob+I=
Subject key identifier: 8C:09:2D:9B:24:42:60:91:B1:80:79:19:5D:94:E8:7C:6F:28:A7:17
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 0194DAE71C2215BD809A288F1AC248FB15DE
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/jAktmyRCYJGxgHkZXZTofG8opxc.roa
Signing time: Thu 06 Feb 2025 10:56:06 +0000
ROA not before: Thu 06 Feb 2025 10:56:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 86.110.36.0/24 maxlen: 24
86.110.44.0/24 maxlen: 24
86.110.46.0/24 maxlen: 24
86.110.54.0/24 maxlen: 24
86.110.58.0/24 maxlen: 24
86.110.59.0/24 maxlen: 24
86.110.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:da:e7:1c:22:15:bd:80:9a:28:8f:1a:c2:48:fb:15:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Feb 6 10:56:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c092d9b24426091b18079195d94e87c6f28a717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c9:3c:30:fd:47:97:7f:df:e9:ee:dc:d6:56:
59:a2:f3:57:9d:51:fc:ef:71:fa:18:d9:ba:4a:eb:
56:71:ea:cf:16:46:41:dc:91:f3:c0:7f:cc:1a:e8:
42:a5:84:16:5c:62:db:e7:70:fe:f2:f6:92:b3:d4:
45:3d:7e:e7:1d:91:41:b0:28:62:a0:f8:d2:cb:38:
ca:85:fd:d2:07:84:25:c0:4d:31:af:b6:2d:fe:af:
22:e6:59:b9:27:53:1f:33:cf:dd:d2:e9:45:f8:6e:
3d:56:f8:df:45:28:73:90:4a:fd:6a:4e:a4:a3:72:
fd:5a:6d:ba:4e:62:4d:87:c4:b9:d1:fa:01:05:37:
37:c9:9c:33:2c:54:21:25:78:80:89:86:8d:b2:fd:
f6:84:18:44:b7:d7:ba:a3:b8:18:92:0f:c1:0a:48:
6c:5c:c0:7b:5f:b6:84:81:cd:a4:7f:bb:c4:d9:d9:
c3:eb:df:fb:25:91:75:3a:4b:7e:6a:98:89:e8:d9:
19:a7:40:74:ad:23:cd:9c:d4:4d:f8:1c:cb:5c:a1:
74:46:a5:c7:7a:d3:ed:03:5e:96:96:a0:af:7e:c0:
4b:18:c7:3c:0b:00:6b:b8:8f:26:f0:68:0d:9a:59:
54:eb:2f:0b:4f:9e:c0:97:f4:86:92:16:c8:01:63:
a0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:09:2D:9B:24:42:60:91:B1:80:79:19:5D:94:E8:7C:6F:28:A7:17
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/jAktmyRCYJGxgHkZXZTofG8opxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.36.0/24
86.110.44.0/24
86.110.46.0/24
86.110.54.0/24
86.110.58.0/23
86.110.63.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:36:3c:33:12:90:ec:b1:f5:60:0b:dc:16:8a:3a:7c:d4:b3:
35:45:3c:c4:b4:78:49:09:45:0c:68:19:02:1e:0c:3e:5e:01:
55:4e:e6:b9:03:96:48:d2:b4:ab:c5:ff:69:50:0a:4a:9f:ca:
86:36:2c:a9:b5:b1:9c:18:a5:6c:d0:62:c9:be:37:e4:0b:b7:
88:20:22:49:ec:e3:28:8e:42:d5:05:dd:2b:58:7e:42:e1:86:
bc:e9:3b:24:53:a5:bb:76:f4:e9:46:0a:6b:be:68:45:ea:6d:
f9:3c:7f:94:ec:3c:9e:1b:87:4a:53:0d:a8:05:14:ad:b4:06:
cc:bc:93:2f:40:82:8b:02:f4:34:56:f8:f3:f2:c4:bc:ba:c3:
97:e3:22:bc:2e:f4:04:a9:b6:2b:98:91:ec:54:26:a2:0f:fe:
99:8c:c8:16:3a:59:20:d5:3f:8e:45:40:5f:83:2a:f4:9f:7f:
3c:20:af:88:d4:f5:1b:7a:09:8d:00:28:00:22:23:8e:24:f3:
a6:98:4a:cf:09:fc:66:33:c0:51:52:93:fe:f8:4e:ee:7d:46:
98:82:f1:e0:ba:33:3b:ba:60:53:81:23:c8:05:33:da:f1:e0:
18:62:08:bf:92:94:ed:7e:f2:02:ab:89:b7:6d:8e:9f:9b:a1:
61:70:a1:fd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZTa5xwiFb2AmiiPGsJI+xXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjUwMjA2MTA1NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzA5MmQ5YjI0NDI2MDkxYjE4MDc5MTk1ZDk0ZTg3YzZmMjhhNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28k8MP1Hl3/f6e7c1lZZovNXnVH8
73H6GNm6SutWcerPFkZB3JHzwH/MGuhCpYQWXGLb53D+8vaSs9RFPX7nHZFBsChi
oPjSyzjKhf3SB4QlwE0xr7Yt/q8i5lm5J1MfM8/d0ulF+G49VvjfRShzkEr9ak6k
o3L9Wm26TmJNh8S50foBBTc3yZwzLFQhJXiAiYaNsv32hBhEt9e6o7gYkg/BCkhs
XMB7X7aEgc2kf7vE2dnD69/7JZF1Okt+apiJ6NkZp0B0rSPNnNRN+BzLXKF0RqXH
etPtA16WlqCvfsBLGMc8CwBruI8m8GgNmllU6y8LT57Al/SGkhbIAWOgQQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIwJLZskQmCRsYB5GV2U6HxvKKcXMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvakFrdG15UkNZSkd4Z0hrWlhaVG9mRzhvcHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVm4kAwQA
Vm4sAwQAVm4uAwQAVm42AwQBVm46AwQAVm4/MA0GCSqGSIb3DQEBCwUAA4IBAQA6
NjwzEpDssfVgC9wWijp81LM1RTzEtHhJCUUMaBkCHgw+XgFVTua5A5ZI0rSrxf9p
UApKn8qGNiyptbGcGKVs0GLJvjfkC7eIICJJ7OMojkLVBd0rWH5C4Ya86TskU6W7
dvTpRgprvmhF6m35PH+U7DyeG4dKUw2oBRSttAbMvJMvQIKLAvQ0Vvjz8sS8usOX
4yK8LvQEqbYrmJHsVCaiD/6ZjMgWOlkg1T+ORUBfgyr0n388IK+I1PUbegmNACgA
IiOOJPOmmErPCfxmM8BRUpP++E7ufUaYgvHgujM7umBTgSPIBTPa8eAYYgi/kpTt
fvICq4m3bY6fm6FhcKH9
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:30:05 2025 by rpki-client