Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/a58bde-c461-483f-911b-d179881d0618/1/IeGYeKSb1mNrsDIK_MI2sgH59I8.roa
File: IeGYeKSb1mNrsDIK_MI2sgH59I8.roa (raw, json)
Hash identifier: oXG5f/ORp1JUaZ43fOOSU/ciwmtq1CAOULwIZj8cXsU=
Subject key identifier: 21:E1:98:78:A4:9B:D6:63:6B:B0:32:0A:FC:C2:36:B2:01:F9:F4:8F
Certificate issuer: /CN=bbd932f7064b1fde9a1225f332779fc22e673239
Certificate serial: 019427B5363849072D7A5C2DD8D513447AFE
Authority key identifier: BB:D9:32:F7:06:4B:1F:DE:9A:12:25:F3:32:77:9F:C2:2E:67:32:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9ky9wZLH96aEiXzMnefwi5nMjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/a58bde-c461-483f-911b-d179881d0618/1/IeGYeKSb1mNrsDIK_MI2sgH59I8.roa
Signing time: Thu 02 Jan 2025 15:49:34 +0000
ROA not before: Thu 02 Jan 2025 15:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 81.10.128.0/17 maxlen: 24
86.56.128.0/17 maxlen: 24
90.146.0.0/16 maxlen: 24
185.196.156.0/22 maxlen: 24
212.33.32.0/19 maxlen: 24
212.241.64.0/18 maxlen: 24
2a00:cf8::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:36:38:49:07:2d:7a:5c:2d:d8:d5:13:44:7a:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbd932f7064b1fde9a1225f332779fc22e673239
Validity
Not Before: Jan 2 15:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21e19878a49bd6636bb0320afcc236b201f9f48f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d2:7d:04:ab:1a:00:6a:0d:6e:f2:3c:dd:86:
6a:5f:b9:66:9b:0d:14:81:3b:8a:29:88:37:e4:04:
20:76:5d:35:9d:26:ce:0b:4e:6b:23:0c:67:78:e3:
1a:5d:25:a6:78:7a:c9:e7:94:b5:8e:d5:24:64:08:
6a:07:64:ac:5a:00:b4:61:33:32:50:c2:bf:3e:08:
bf:8e:79:bc:79:f6:78:bf:a1:70:47:4e:11:99:a5:
1d:54:d2:77:b9:b6:34:f3:f2:7d:df:ad:a6:7f:23:
b9:7c:b8:0b:5b:43:66:75:05:bd:85:c5:c2:12:bc:
65:b6:84:a0:4a:c2:0c:db:35:3f:af:68:5f:10:dc:
e2:01:f4:f3:42:a8:48:9a:20:b6:f7:45:14:73:4c:
97:db:cd:b0:e7:fd:68:0e:36:43:fe:37:c6:4e:34:
9c:50:9a:20:4a:f4:25:ae:e2:53:0d:22:de:a4:63:
68:c4:d0:00:da:65:d1:39:ec:2e:49:ed:17:15:17:
4e:f9:7b:98:c4:70:fb:0a:d9:9d:69:f8:82:b3:ea:
cf:f3:31:1e:8d:29:8c:6d:9c:cb:ee:49:41:8d:9b:
8f:6b:36:1b:56:f2:da:48:cf:2d:ed:61:d9:ba:d0:
7e:25:1d:13:f8:4b:4b:6a:d5:32:10:f2:a6:63:d2:
4d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E1:98:78:A4:9B:D6:63:6B:B0:32:0A:FC:C2:36:B2:01:F9:F4:8F
X509v3 Authority Key Identifier:
keyid:BB:D9:32:F7:06:4B:1F:DE:9A:12:25:F3:32:77:9F:C2:2E:67:32:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9ky9wZLH96aEiXzMnefwi5nMjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a58bde-c461-483f-911b-d179881d0618/1/IeGYeKSb1mNrsDIK_MI2sgH59I8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a58bde-c461-483f-911b-d179881d0618/1/u9ky9wZLH96aEiXzMnefwi5nMjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.10.128.0/17
86.56.128.0/17
90.146.0.0/16
185.196.156.0/22
212.33.32.0/19
212.241.64.0/18
IPv6:
2a00:cf8::/32
Signature Algorithm: sha256WithRSAEncryption
00:a2:90:19:af:20:6c:e0:c7:27:83:28:2b:58:86:d2:81:ab:
4c:bb:32:e6:1f:49:01:b8:93:17:3d:01:ed:bb:66:94:6c:1d:
43:f8:38:7c:ce:38:33:c9:e0:0c:1e:50:7c:3a:a2:c4:63:cb:
73:35:61:69:44:86:13:d5:c6:c7:92:31:33:c3:77:b7:78:bf:
c9:7a:1d:37:03:3a:1f:42:23:88:0a:2f:f1:1c:b0:e1:da:a1:
b6:02:87:72:d3:21:e3:f4:ab:4c:2b:13:ec:60:ac:5f:dc:a4:
c3:03:6d:af:f0:fd:1e:48:36:2d:cf:d4:21:a0:b7:fa:e2:ab:
81:92:53:8b:55:16:a1:25:84:05:af:36:ed:cf:0b:0a:8a:84:
2a:66:c8:c7:13:64:64:f9:b0:c9:92:9b:32:7d:3f:38:17:8b:
14:5e:b8:97:14:e7:bf:8f:75:58:ef:8f:51:dc:2f:56:0c:c9:
a0:01:fb:83:9a:6d:f4:95:56:99:98:2f:ad:a8:09:8d:c5:c9:
a7:ba:7b:f8:43:cf:94:03:9c:53:4f:3f:3b:b4:87:bd:c7:18:
18:23:b5:c4:78:f4:02:4c:a0:6a:a0:65:0d:6c:79:32:c9:15:
47:fe:f0:b4:55:40:ac:12:e9:ba:4c:dd:33:4d:8b:c3:68:47:
c6:15:cc:0e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQntTY4SQctelwt2NUTRHr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZDkzMmY3MDY0YjFmZGU5YTEyMjVmMzMyNzc5ZmMyMmU2
NzMyMzkwHhcNMjUwMTAyMTU0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWUxOTg3OGE0OWJkNjYzNmJiMDMyMGFmY2MyMzZiMjAxZjlmNDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9J9BKsaAGoNbvI83YZqX7lmmw0U
gTuKKYg35AQgdl01nSbOC05rIwxneOMaXSWmeHrJ55S1jtUkZAhqB2SsWgC0YTMy
UMK/Pgi/jnm8efZ4v6FwR04RmaUdVNJ3ubY08/J9362mfyO5fLgLW0NmdQW9hcXC
ErxltoSgSsIM2zU/r2hfENziAfTzQqhImiC290UUc0yX282w5/1oDjZD/jfGTjSc
UJogSvQlruJTDSLepGNoxNAA2mXROewuSe0XFRdO+XuYxHD7CtmdafiCs+rP8zEe
jSmMbZzL7klBjZuPazYbVvLaSM8t7WHZutB+JR0T+EtLatUyEPKmY9JNXQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFCHhmHikm9Zja7AyCvzCNrIB+fSPMB8GA1UdIwQY
MBaAFLvZMvcGSx/emhIl8zJ3n8IuZzI5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTlreTl3WkxIOTZhRWlYek1uZWZ3aTVuTWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hNThiZGUtYzQ2MS00ODNmLTkxMWIt
ZDE3OTg4MWQwNjE4LzEvSWVHWWVLU2IxbU5yc0RJS19NSTJzZ0g1OUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9hNThiZGUtYzQ2MS00ODNmLTkxMWItZDE3OTg4MWQwNjE4
LzEvdTlreTl3WkxIOTZhRWlYek1uZWZ3aTVuTWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQHUQqAAwQH
VjiAAwMAWpIDBAK5xJwDBAXUISADBAbU8UAwDQQCAAIwBwMFACoADPgwDQYJKoZI
hvcNAQELBQADggEBAACikBmvIGzgxyeDKCtYhtKBq0y7MuYfSQG4kxc9Ae27ZpRs
HUP4OHzOODPJ4AweUHw6osRjy3M1YWlEhhPVxseSMTPDd7d4v8l6HTcDOh9CI4gK
L/EcsOHaobYCh3LTIeP0q0wrE+xgrF/cpMMDba/w/R5INi3P1CGgt/riq4GSU4tV
FqElhAWvNu3PCwqKhCpmyMcTZGT5sMmSmzJ9PzgXixReuJcU57+PdVjvj1HcL1YM
yaAB+4OabfSVVpmYL62oCY3Fyae6e/hDz5QDnFNPPzu0h73HGBgjtcR49AJMoGqg
ZQ1seTLJFUf+8LRVQKwS6bpM3TNNi8NoR8YVzA4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:26:15 2025 by rpki-client