Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/h5UPb41WBJf3smLRT3WauyTJhZk.roa
File: h5UPb41WBJf3smLRT3WauyTJhZk.roa (raw, json)
Hash identifier: 7y7FascFoSESS5H+heHuGPqwY6CoIfeWFtJUfTaH8Lg=
Subject key identifier: 87:95:0F:6F:8D:56:04:97:F7:B2:62:D1:4F:75:9A:BB:24:C9:85:99
Certificate issuer: /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial: 019423D6F2E725467E5623B9EBC920084195
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/h5UPb41WBJf3smLRT3WauyTJhZk.roa
Signing time: Wed 01 Jan 2025 21:47:56 +0000
ROA not before: Wed 01 Jan 2025 21:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 83.229.113.0/24 maxlen: 24
185.90.220.0/24 maxlen: 24
185.90.221.0/24 maxlen: 24
185.90.222.0/24 maxlen: 24
185.90.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:f2:e7:25:46:7e:56:23:b9:eb:c9:20:08:41:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Validity
Not Before: Jan 1 21:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87950f6f8d560497f7b262d14f759abb24c98599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e7:dd:b3:39:b8:96:7a:f3:14:59:bd:6d:56:
31:f4:b2:bd:12:62:93:61:4b:56:fa:3e:39:c1:10:
65:ee:88:6d:b6:98:fb:e2:44:87:a0:ab:ad:e7:49:
64:2b:98:ee:83:e8:2e:29:08:79:7e:e4:98:7f:53:
25:81:c1:75:0b:91:69:8d:7c:50:1c:25:e5:24:19:
5e:db:14:9f:09:8b:40:61:77:e1:7d:47:85:7b:7e:
bf:5f:db:1f:f5:79:08:d9:32:f8:34:b2:6b:3b:9f:
ea:4f:db:31:fd:e9:b4:62:36:99:31:64:be:62:40:
f2:22:1c:e2:62:48:0c:ee:e5:45:57:5a:32:c8:ff:
a4:b0:74:ec:4a:8b:26:f2:33:28:a4:70:08:0e:b6:
14:40:6f:2d:83:de:18:82:05:db:0d:07:ad:ca:20:
27:c1:8c:d4:23:01:88:20:85:8b:95:7f:89:34:25:
b2:a5:46:68:ba:af:af:be:c7:89:d0:e0:7c:ce:b3:
e3:1b:13:97:07:0d:22:62:6e:a0:d2:dd:e3:09:b3:
ef:3a:94:01:95:dd:77:30:a7:52:1f:82:e9:cf:9c:
38:dc:2f:99:05:0b:61:a3:79:72:68:63:49:46:b3:
38:30:0d:a7:5a:6d:e6:73:99:02:81:47:d0:c7:4d:
74:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:95:0F:6F:8D:56:04:97:F7:B2:62:D1:4F:75:9A:BB:24:C9:85:99
X509v3 Authority Key Identifier:
keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/h5UPb41WBJf3smLRT3WauyTJhZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.229.113.0/24
185.90.220.0/22
Signature Algorithm: sha256WithRSAEncryption
34:c9:34:ae:d5:2a:cb:c7:4a:50:ef:60:4a:62:d9:a8:57:67:
91:72:98:0f:c7:a3:65:21:65:8c:9b:f4:ea:a9:39:ba:ac:b6:
b7:73:c2:bb:47:c8:e4:21:7f:64:3b:8d:9a:6d:f3:00:bf:d3:
ba:f5:f7:85:35:a8:44:92:4a:bb:5b:e4:a0:3d:4b:fe:05:c9:
26:51:0f:ad:4c:7a:be:ca:4e:99:ec:b7:78:98:a5:16:9a:87:
c6:0c:c5:1b:8b:ce:1f:f2:54:84:ad:e3:b0:7f:0a:3e:cd:37:
f6:ab:9e:b1:8e:4c:fb:66:00:da:27:a4:fc:9d:1b:50:3c:5b:
37:67:6b:c9:f1:38:e0:96:d3:71:e4:0f:35:ba:e1:65:79:7e:
03:99:d7:9e:9f:4b:ea:5b:7e:d0:ec:7f:f2:76:16:d6:a3:45:
4e:c9:8d:0e:a0:73:bd:78:e2:f4:f0:3f:56:1f:c2:7c:7e:b8:
70:fb:37:65:50:80:14:71:52:74:39:c5:41:a3:19:11:7d:26:
e8:b9:3e:b1:ed:95:75:5a:7e:20:82:41:2a:37:60:a9:c1:60:
47:26:47:70:6a:94:f4:d5:6a:8e:54:6b:a5:42:f4:4e:0f:5e:
c2:a9:16:76:fd:74:36:e2:2a:bb:e4:45:34:98:75:cd:98:dc:
68:a8:a9:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1vLnJUZ+ViO568kgCEGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjIxMGYxMjk5YTFlMGFlZTcxZGMxZDc5ZTVmYjEyMDky
ZDMwYTkwHhcNMjUwMTAxMjE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzk1MGY2ZjhkNTYwNDk3ZjdiMjYyZDE0Zjc1OWFiYjI0Yzk4NTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwefdszm4lnrzFFm9bVYx9LK9EmKT
YUtW+j45wRBl7ohttpj74kSHoKut50lkK5jug+guKQh5fuSYf1MlgcF1C5FpjXxQ
HCXlJBle2xSfCYtAYXfhfUeFe36/X9sf9XkI2TL4NLJrO5/qT9sx/em0YjaZMWS+
YkDyIhziYkgM7uVFV1oyyP+ksHTsSosm8jMopHAIDrYUQG8tg94YggXbDQetyiAn
wYzUIwGIIIWLlX+JNCWypUZouq+vvseJ0OB8zrPjGxOXBw0iYm6g0t3jCbPvOpQB
ld13MKdSH4Lpz5w43C+ZBQtho3lyaGNJRrM4MA2nWm3mc5kCgUfQx010xQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIeVD2+NVgSX97Ji0U91mrskyYWZMB8GA1UdIwQY
MBaAFHPyEPEpmh4K7nHcHXnl+xIJLTCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDkt
Yjk0NjQ3MThiYTM3LzEvaDVVUGI0MVdCSmYzc21MUlQzV2F1eVRKaFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDktYjk0NjQ3MThiYTM3
LzEvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAU+VxAwQC
uVrcMA0GCSqGSIb3DQEBCwUAA4IBAQA0yTSu1SrLx0pQ72BKYtmoV2eRcpgPx6Nl
IWWMm/TqqTm6rLa3c8K7R8jkIX9kO42abfMAv9O69feFNahEkkq7W+SgPUv+Bckm
UQ+tTHq+yk6Z7Ld4mKUWmofGDMUbi84f8lSEreOwfwo+zTf2q56xjkz7ZgDaJ6T8
nRtQPFs3Z2vJ8TjgltNx5A81uuFleX4Dmdeen0vqW37Q7H/ydhbWo0VOyY0OoHO9
eOL08D9WH8J8frhw+zdlUIAUcVJ0OcVBoxkRfSbouT6x7ZV1Wn4ggkEqN2CpwWBH
JkdwapT01WqOVGulQvROD17CqRZ2/XQ24iq75EU0mHXNmNxoqKnC
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:15:39 2025 by rpki-client