Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/I4emCne_29V28uUFcYz5hu_Rezg.roa
File: I4emCne_29V28uUFcYz5hu_Rezg.roa (raw, json)
Hash identifier: 96USF7uc276n2Rs/poozBmGnwe39xgiKf2HQGb9xcQc=
Subject key identifier: 23:87:A6:0A:77:BF:DB:D5:76:F2:E5:05:71:8C:F9:86:EF:D1:7B:38
Certificate issuer: /CN=d779968e66edbea372ef95baa2bf689138567a40
Certificate serial: 0194258EF3B319687716CE1470C4877312E3
Authority key identifier: D7:79:96:8E:66:ED:BE:A3:72:EF:95:BA:A2:BF:68:91:38:56:7A:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/13mWjmbtvqNy75W6or9okThWekA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/I4emCne_29V28uUFcYz5hu_Rezg.roa
Signing time: Thu 02 Jan 2025 05:48:33 +0000
ROA not before: Thu 02 Jan 2025 05:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205496
IP address blocks: 185.214.228.0/22 maxlen: 22
185.214.228.0/24 maxlen: 24
185.214.229.0/24 maxlen: 24
185.214.230.0/24 maxlen: 24
185.214.231.0/24 maxlen: 24
194.15.137.0/24 maxlen: 24
2001:67c:2fd8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:f3:b3:19:68:77:16:ce:14:70:c4:87:73:12:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d779968e66edbea372ef95baa2bf689138567a40
Validity
Not Before: Jan 2 05:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2387a60a77bfdbd576f2e505718cf986efd17b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:74:80:0b:5c:0f:54:d4:98:23:3e:37:83:3d:
e0:15:88:ca:94:1c:21:11:d6:cf:c8:9f:e9:ac:b2:
6d:12:25:95:82:90:fa:f3:c5:bd:20:89:76:82:0a:
3c:0f:9e:aa:df:2f:4c:0f:08:4e:26:e4:59:5d:69:
47:fd:da:47:fb:0e:d9:6d:67:25:24:08:7c:87:78:
6e:b4:c8:ad:5c:4a:a1:bf:19:f9:b4:b8:e8:f2:da:
6a:14:a8:c3:48:64:59:9f:ef:12:99:09:41:3e:a5:
bf:9b:4f:18:6a:24:21:e4:f8:72:99:b0:e0:de:54:
7c:3b:4e:f3:9a:f8:95:84:22:08:b7:f3:b7:c1:58:
17:c6:b9:df:4b:6a:5f:75:1d:b2:2b:15:9f:08:e3:
58:d0:7a:d6:ae:f9:3b:88:8f:92:08:70:8d:bd:df:
3a:b1:b5:e3:c5:01:4e:c8:2e:d3:15:3a:0d:f7:ab:
de:bd:37:31:3b:ad:16:da:b2:be:89:6a:1a:39:91:
4d:95:be:24:b3:56:ff:2a:87:80:e1:51:f0:f5:92:
50:5f:1c:af:a3:49:04:51:0c:7f:3b:eb:fe:7c:a6:
15:fa:7a:06:7d:d0:d4:56:3f:9f:2f:89:81:83:bd:
41:54:ae:3b:a8:b3:5c:ab:ab:fb:d4:82:b8:38:16:
38:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:87:A6:0A:77:BF:DB:D5:76:F2:E5:05:71:8C:F9:86:EF:D1:7B:38
X509v3 Authority Key Identifier:
keyid:D7:79:96:8E:66:ED:BE:A3:72:EF:95:BA:A2:BF:68:91:38:56:7A:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13mWjmbtvqNy75W6or9okThWekA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/I4emCne_29V28uUFcYz5hu_Rezg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/13mWjmbtvqNy75W6or9okThWekA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.228.0/22
194.15.137.0/24
IPv6:
2001:67c:2fd8::/48
Signature Algorithm: sha256WithRSAEncryption
80:96:e2:ee:a4:2e:a8:bb:5b:0c:22:97:d2:d0:63:2f:42:52:
8d:75:14:ec:73:3d:2a:b8:f0:2f:42:5b:d9:de:07:30:a3:37:
24:20:61:22:2f:df:23:fc:06:69:fc:70:01:86:af:6a:1c:b5:
67:52:de:64:ad:ae:42:80:cd:c0:c7:0e:98:55:4a:99:4e:bd:
ed:70:1b:0a:c1:d9:0b:89:4f:13:90:41:39:60:72:f2:a6:7d:
e6:41:78:64:aa:9e:e0:a8:07:75:8a:48:e5:b9:54:18:c4:ea:
c3:81:8d:ac:73:cf:13:43:04:99:64:13:4e:ac:7c:37:5c:ab:
17:18:70:47:cb:0e:ce:03:a4:4d:62:45:c4:90:96:72:6d:62:
91:48:9f:7d:cb:3c:71:81:89:53:ac:7a:ef:31:ac:f5:39:a4:
e0:21:5a:39:f2:09:80:05:e9:4c:e2:6a:40:7d:6c:03:2d:04:
55:bf:db:80:9b:25:d5:c9:48:a5:04:4f:45:51:58:55:dc:3b:
81:7f:06:96:5f:bf:c0:22:b8:85:20:bb:98:e9:1f:88:a8:7a:
b9:74:38:61:09:d0:1e:86:cd:be:79:29:33:bc:63:22:72:7e:
79:d9:96:5f:dc:8c:e3:87:4e:64:38:4b:7d:a4:a3:8e:a1:19:
1e:a9:17:bf
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQljvOzGWh3Fs4UcMSHcxLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3Nzk5NjhlNjZlZGJlYTM3MmVmOTViYWEyYmY2ODkxMzg1
NjdhNDAwHhcNMjUwMTAyMDU0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzg3YTYwYTc3YmZkYmQ1NzZmMmU1MDU3MThjZjk4NmVmZDE3YjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3SAC1wPVNSYIz43gz3gFYjKlBwh
EdbPyJ/prLJtEiWVgpD688W9IIl2ggo8D56q3y9MDwhOJuRZXWlH/dpH+w7ZbWcl
JAh8h3hutMitXEqhvxn5tLjo8tpqFKjDSGRZn+8SmQlBPqW/m08YaiQh5PhymbDg
3lR8O07zmviVhCIIt/O3wVgXxrnfS2pfdR2yKxWfCONY0HrWrvk7iI+SCHCNvd86
sbXjxQFOyC7TFToN96vevTcxO60W2rK+iWoaOZFNlb4ks1b/KoeA4VHw9ZJQXxyv
o0kEUQx/O+v+fKYV+noGfdDUVj+fL4mBg71BVK47qLNcq6v71IK4OBY45QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCOHpgp3v9vVdvLlBXGM+Ybv0Xs4MB8GA1UdIwQY
MBaAFNd5lo5m7b6jcu+VuqK/aJE4VnpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTNtV2ptYnR2cU55NzVXNm9yOW9rVGhXZWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85NGJmNWItZDM4YS00Yzc2LWIwMWYt
NmU2ZmEzOWJiMWVjLzEvSTRlbUNuZV8yOVYyOHVVRmNZejVodV9SZXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85NGJmNWItZDM4YS00Yzc2LWIwMWYtNmU2ZmEzOWJiMWVj
LzEvMTNtV2ptYnR2cU55NzVXNm9yOW9rVGhXZWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCudbkAwQA
wg+JMA8EAgACMAkDBwAgAQZ8L9gwDQYJKoZIhvcNAQELBQADggEBAICW4u6kLqi7
Wwwil9LQYy9CUo11FOxzPSq48C9CW9neBzCjNyQgYSIv3yP8Bmn8cAGGr2octWdS
3mStrkKAzcDHDphVSplOve1wGwrB2QuJTxOQQTlgcvKmfeZBeGSqnuCoB3WKSOW5
VBjE6sOBjaxzzxNDBJlkE06sfDdcqxcYcEfLDs4DpE1iRcSQlnJtYpFIn33LPHGB
iVOseu8xrPU5pOAhWjnyCYAF6UziakB9bAMtBFW/24CbJdXJSKUET0VRWFXcO4F/
BpZfv8AiuIUgu5jpH4ioerl0OGEJ0B6Gzb55KTO8YyJyfnnZll/cjOOHTmQ4S32k
o46hGR6pF78=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:22 2025 by rpki-client