Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/renv5Ca8jvysB-b_oyhg-NA5PQg.roa
File: renv5Ca8jvysB-b_oyhg-NA5PQg.roa (raw, json)
Hash identifier: pKG1AYnX43VqhjKqN+ek5Uid0tl2ot6agojtR5yb/Vo=
Subject key identifier: AD:E9:EF:E4:26:BC:8E:FC:AC:07:E6:FF:A3:28:60:F8:D0:39:3D:08
Certificate issuer: /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial: 01852413CC07C9E5CF74BBAF04994292D47E
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/renv5Ca8jvysB-b_oyhg-NA5PQg.roa
Signing time: Sun 18 Dec 2022 07:12:34 +0000
ROA not before: Sun 18 Dec 2022 07:12:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209260
IP address blocks: 193.29.97.0/24 maxlen: 24
45.152.240.0/23 maxlen: 24
193.176.129.0/24 maxlen: 24
195.206.234.0/24 maxlen: 24
194.113.226.0/24 maxlen: 24
194.113.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:24:13:cc:07:c9:e5:cf:74:bb:af:04:99:42:92:d4:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Validity
Not Before: Dec 18 07:12:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ade9efe426bc8efcac07e6ffa32860f8d0393d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:17:b3:33:ee:fd:37:27:a4:00:f8:25:e6:d1:
11:e8:9c:b4:92:2b:95:49:28:9d:eb:bc:b1:ee:ad:
de:fd:89:27:fd:c0:72:29:19:d1:f0:42:a9:67:a4:
a4:ce:97:3d:0c:37:4e:8c:28:2a:9d:ed:63:0d:e6:
fb:f1:b7:2f:e7:5f:bb:ff:25:01:af:c1:db:1d:b7:
f1:3d:c3:8e:28:c2:a2:59:63:37:42:6a:ba:b4:ee:
98:00:28:ba:a0:e4:fc:1a:31:d2:91:7c:57:0e:9d:
fd:ed:d5:b3:15:31:44:f4:1e:4b:c2:bb:44:36:5d:
81:91:a4:3f:92:14:33:2a:c4:de:59:e5:fc:d2:76:
1e:be:b5:11:d3:20:a7:2f:dc:61:a4:81:c0:06:82:
bf:42:28:8b:43:e2:6d:c5:1c:70:31:52:3a:57:88:
db:ba:f1:12:89:64:c9:88:8a:b3:cc:42:ba:69:b1:
df:b2:f7:a8:ea:e0:5d:fd:c5:04:a1:55:77:98:07:
27:53:eb:a7:59:62:95:47:e7:e3:92:96:f0:a1:f2:
32:52:75:92:5d:c1:e0:fc:42:82:96:a1:0e:98:80:
44:10:25:e3:20:99:ea:b8:49:0d:0c:55:40:eb:d5:
b2:a0:3e:1d:68:4e:d9:0c:3d:cf:36:b6:84:bd:6d:
68:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E9:EF:E4:26:BC:8E:FC:AC:07:E6:FF:A3:28:60:F8:D0:39:3D:08
X509v3 Authority Key Identifier:
keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/renv5Ca8jvysB-b_oyhg-NA5PQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.240.0/23
193.29.97.0/24
193.176.129.0/24
194.113.223.0/24
194.113.226.0/24
195.206.234.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:8c:51:32:e6:6f:5a:a4:7b:18:5b:84:7a:2c:31:32:42:bb:
a4:83:f0:08:bd:82:29:e9:d3:fa:bd:00:23:c3:d1:30:c4:3d:
ea:cd:89:27:9b:c1:1e:22:28:09:57:99:fd:d0:b2:d0:6d:74:
8f:1a:9e:a4:39:fe:4f:b7:50:ec:24:9c:d5:bc:4f:84:75:db:
0e:8f:08:87:4f:51:a7:31:89:cc:2e:04:bf:50:32:80:0a:03:
ac:25:db:a5:b7:f8:82:f1:d2:96:6d:4c:09:00:ef:54:61:d8:
d9:16:e0:ee:6c:1d:c6:0a:4a:6d:e8:77:66:85:66:bc:a1:38:
9f:0c:3b:85:8d:2f:bf:2c:54:98:f9:06:31:ea:82:c8:85:18:
8d:80:8f:b3:f2:e5:10:ce:d2:14:50:ac:10:ee:8a:e5:d0:47:
ae:bf:49:e8:11:05:3a:cc:26:0e:e1:00:a9:49:a2:f2:bb:1e:
e7:03:c5:8e:dd:b4:c7:2c:b3:a0:22:b1:25:ac:5b:5e:73:b7:
41:53:48:c9:a9:f5:63:4a:0d:f2:23:b0:66:19:7b:e1:49:df:
8d:ff:67:6b:34:9a:90:90:2a:dc:4d:c5:27:12:65:7b:d9:cd:
8a:fa:b1:08:db:51:d2:d9:30:ac:8a:e4:09:ff:84:1a:e5:01:
3d:c9:9c:6c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYUkE8wHyeXPdLuvBJlCktR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIxMjE4MDcxMjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGU5ZWZlNDI2YmM4ZWZjYWMwN2U2ZmZhMzI4NjBmOGQwMzkzZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhezM+79NyekAPgl5tER6Jy0kiuV
SSid67yx7q3e/Ykn/cByKRnR8EKpZ6Skzpc9DDdOjCgqne1jDeb78bcv51+7/yUB
r8HbHbfxPcOOKMKiWWM3Qmq6tO6YACi6oOT8GjHSkXxXDp397dWzFTFE9B5LwrtE
Nl2BkaQ/khQzKsTeWeX80nYevrUR0yCnL9xhpIHABoK/QiiLQ+JtxRxwMVI6V4jb
uvESiWTJiIqzzEK6abHfsveo6uBd/cUEoVV3mAcnU+unWWKVR+fjkpbwofIyUnWS
XcHg/EKClqEOmIBEECXjIJnquEkNDFVA69WyoD4daE7ZDD3PNraEvW1oWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK3p7+QmvI78rAfm/6MoYPjQOT0IMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvcmVudjVDYThqdnlzQi1iX295aGctTkE1UFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLZjwAwQA
wR1hAwQAwbCBAwQAwnHfAwQAwnHiAwQAw87qMA0GCSqGSIb3DQEBCwUAA4IBAQAb
jFEy5m9apHsYW4R6LDEyQrukg/AIvYIp6dP6vQAjw9EwxD3qzYknm8EeIigJV5n9
0LLQbXSPGp6kOf5Pt1DsJJzVvE+EddsOjwiHT1GnMYnMLgS/UDKACgOsJdult/iC
8dKWbUwJAO9UYdjZFuDubB3GCkpt6HdmhWa8oTifDDuFjS+/LFSY+QYx6oLIhRiN
gI+z8uUQztIUUKwQ7orl0Eeuv0noEQU6zCYO4QCpSaLyux7nA8WO3bTHLLOgIrEl
rFtec7dBU0jJqfVjSg3yI7BmGXvhSd+N/2drNJqQkCrcTcUnEmV72c2K+rEI21HS
2TCsiuQJ/4Qa5QE9yZxs
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:55 2025 by rpki-client