Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/C2c0CRtx4NNfhqyzqSqwGRqOiVU.roa
File: C2c0CRtx4NNfhqyzqSqwGRqOiVU.roa (raw, json)
Hash identifier: rNdUcvia3G2Rf9icRrf1gWFLsrRJYXD3VHibSwtF5wA=
Subject key identifier: 0B:67:34:09:1B:71:E0:D3:5F:86:AC:B3:A9:2A:B0:19:1A:8E:89:55
Certificate issuer: /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial: 018412E1B3432815B0F44D48C7BC6B9CAC76
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/C2c0CRtx4NNfhqyzqSqwGRqOiVU.roa
Signing time: Wed 26 Oct 2022 06:01:32 +0000
ROA not before: Wed 26 Oct 2022 06:01:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 193.111.116.0/24 maxlen: 24
45.154.106.0/24 maxlen: 24
141.98.157.0/24 maxlen: 24
195.206.235.0/24 maxlen: 24
195.20.105.0/24 maxlen: 24
195.20.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:12:e1:b3:43:28:15:b0:f4:4d:48:c7:bc:6b:9c:ac:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Validity
Not Before: Oct 26 06:01:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b6734091b71e0d35f86acb3a92ab0191a8e8955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3c:92:38:0b:d4:53:a9:ec:36:22:cd:c5:bf:
15:a7:f3:44:3d:fa:42:13:81:0d:1c:65:ad:75:7c:
5a:cf:14:35:2b:14:78:1b:49:c0:dc:4b:7b:8f:ed:
cc:b5:dd:53:a4:5b:2a:39:8e:a7:2b:1a:26:9e:54:
03:ea:30:11:65:13:36:14:fb:78:21:b5:df:32:70:
27:d1:46:ea:7c:b4:a2:68:4a:a4:b0:a8:72:5d:c4:
c6:23:4e:f4:e1:ca:fd:04:84:9f:6f:60:46:d1:a4:
af:7f:29:c2:e4:d1:95:75:48:42:52:c4:62:5c:80:
14:bd:04:fc:1a:6c:51:43:5c:f3:db:d0:4b:95:3a:
66:2c:e5:32:df:b3:cf:88:28:75:47:e5:9d:81:5f:
08:2e:b7:57:3a:98:4f:d1:58:a5:10:a1:52:28:b4:
74:c5:bd:e5:2d:df:a4:e9:84:0f:43:2d:3c:a0:bd:
4a:4a:1e:d8:b4:1d:22:53:ad:fa:c2:76:8a:94:b1:
58:b5:56:dc:63:20:04:93:1f:e8:50:4a:08:47:8a:
70:98:a6:c5:ec:9a:d9:4f:9f:19:94:80:9a:13:b2:
b6:42:0e:da:22:32:05:73:83:89:33:25:a2:8f:fd:
5b:b2:3f:f3:c3:02:3e:c0:7b:1c:5c:9f:fe:8c:02:
64:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:67:34:09:1B:71:E0:D3:5F:86:AC:B3:A9:2A:B0:19:1A:8E:89:55
X509v3 Authority Key Identifier:
keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/C2c0CRtx4NNfhqyzqSqwGRqOiVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.106.0/24
141.98.157.0/24
193.111.116.0/24
195.20.99.0/24
195.20.105.0/24
195.206.235.0/24
Signature Algorithm: sha256WithRSAEncryption
27:95:4e:aa:b3:b7:03:b8:fc:69:7f:f4:27:d7:2e:22:de:5d:
11:11:2d:b1:63:1f:61:e0:76:94:5f:a5:be:3b:ce:dd:48:da:
a0:14:cf:8a:97:3e:f0:f1:df:03:0d:a4:16:65:28:01:27:76:
45:83:8a:10:76:a6:f6:a7:94:90:f7:5b:2f:15:6f:54:c9:68:
f8:64:de:2d:de:f7:f1:c3:4f:0c:8b:64:26:82:d9:f4:5a:44:
6f:01:f7:37:bd:96:64:b2:13:07:6b:dd:37:55:c6:6b:fa:48:
76:d2:20:c4:f0:72:26:d4:86:c5:1d:d3:e0:9e:5c:5c:95:fe:
1c:71:17:f3:b2:07:0b:4f:7b:e5:e0:1f:92:55:de:e4:84:73:
a1:6b:bd:f0:52:c9:9b:b3:60:d7:e3:a7:c7:91:17:58:30:44:
52:42:3b:93:55:23:98:b1:0b:c2:2c:7d:56:b8:a6:56:b4:1f:
86:59:80:04:b3:5c:aa:cd:7f:04:11:9d:e0:23:09:ef:cf:fb:
9a:0f:0f:ca:d9:bc:d4:56:c0:e3:52:66:8c:c6:7f:9c:de:48:
42:0f:3c:0e:32:16:2e:78:06:a4:46:61:38:23:1e:41:c7:bb:
af:28:c6:c4:d4:2d:86:f2:72:77:b4:0f:02:ca:59:c2:18:34:
7a:32:1e:8f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYQS4bNDKBWw9E1Ix7xrnKx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIxMDI2MDYwMTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjY3MzQwOTFiNzFlMGQzNWY4NmFjYjNhOTJhYjAxOTFhOGU4OTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzySOAvUU6nsNiLNxb8Vp/NEPfpC
E4ENHGWtdXxazxQ1KxR4G0nA3Et7j+3Mtd1TpFsqOY6nKxomnlQD6jARZRM2FPt4
IbXfMnAn0UbqfLSiaEqksKhyXcTGI0704cr9BISfb2BG0aSvfynC5NGVdUhCUsRi
XIAUvQT8GmxRQ1zz29BLlTpmLOUy37PPiCh1R+WdgV8ILrdXOphP0VilEKFSKLR0
xb3lLd+k6YQPQy08oL1KSh7YtB0iU636wnaKlLFYtVbcYyAEkx/oUEoIR4pwmKbF
7JrZT58ZlICaE7K2Qg7aIjIFc4OJMyWij/1bsj/zwwI+wHscXJ/+jAJkMwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAtnNAkbceDTX4ass6kqsBkajolVMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvQzJjMENSdHg0Tk5maHF5enFTcXdHUnFPaVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZpqAwQA
jWKdAwQAwW90AwQAwxRjAwQAwxRpAwQAw87rMA0GCSqGSIb3DQEBCwUAA4IBAQAn
lU6qs7cDuPxpf/Qn1y4i3l0RES2xYx9h4HaUX6W+O87dSNqgFM+Klz7w8d8DDaQW
ZSgBJ3ZFg4oQdqb2p5SQ91svFW9UyWj4ZN4t3vfxw08Mi2Qmgtn0WkRvAfc3vZZk
shMHa903VcZr+kh20iDE8HIm1IbFHdPgnlxclf4ccRfzsgcLT3vl4B+SVd7khHOh
a73wUsmbs2DX46fHkRdYMERSQjuTVSOYsQvCLH1WuKZWtB+GWYAEs1yqzX8EEZ3g
Iwnvz/uaDw/K2bzUVsDjUmaMxn+c3khCDzwOMhYueAakRmE4Ix5Bx7uvKMbE1C2G
8nJ3tA8CylnCGDR6Mh6P
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:32 2025 by rpki-client