Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/f31d68-ab5f-4113-afd0-69da307ce49c/1/CEONPyDVTaS6t4Reo2imsQAzCoA.roa
File: CEONPyDVTaS6t4Reo2imsQAzCoA.roa (raw, json)
Hash identifier: wPk++2agcI+xTxpZjSk2PYZMMUlAvbPsrpo5w3Zwq94=
Subject key identifier: 08:43:8D:3F:20:D5:4D:A4:BA:B7:84:5E:A3:68:A6:B1:00:33:0A:80
Certificate issuer: /CN=5ef586e9014a65f6007dbd006b062032f5d66e6f
Certificate serial: 01856DE649854392155BA66E003640B39D80
Authority key identifier: 5E:F5:86:E9:01:4A:65:F6:00:7D:BD:00:6B:06:20:32:F5:D6:6E:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XvWG6QFKZfYAfb0AawYgMvXWbm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/f31d68-ab5f-4113-afd0-69da307ce49c/1/CEONPyDVTaS6t4Reo2imsQAzCoA.roa
Signing time: Sun 01 Jan 2023 15:14:46 +0000
ROA not before: Sun 01 Jan 2023 15:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49565
IP address blocks: 80.253.192.0/20 maxlen: 24
213.250.128.0/18 maxlen: 24
185.8.240.0/22 maxlen: 24
188.119.192.0/18 maxlen: 24
2a02:d5c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:49:85:43:92:15:5b:a6:6e:00:36:40:b3:9d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ef586e9014a65f6007dbd006b062032f5d66e6f
Validity
Not Before: Jan 1 15:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08438d3f20d54da4bab7845ea368a6b100330a80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:14:a7:76:76:a3:5d:d2:0a:d2:5d:22:25:92:
67:1f:c3:30:de:7d:04:1a:b9:ba:5b:bf:2f:4c:03:
32:91:43:02:37:e6:be:ed:c4:31:6a:7f:ed:75:f7:
00:b4:79:19:4b:f5:0f:d9:b9:71:77:07:a5:f2:db:
96:18:51:2c:25:db:b0:f7:ce:5e:2f:73:3f:f2:30:
77:1e:7b:e4:84:cc:d0:1e:97:ae:c4:0c:2a:3b:84:
f7:39:45:96:50:35:c6:ec:79:93:ba:a3:65:f6:9c:
37:ae:58:74:d7:c4:80:8a:66:0f:5d:34:88:e7:a9:
cc:30:b3:26:5a:60:53:76:d1:da:1f:51:18:6e:f5:
e7:a3:4b:bc:77:97:ad:e0:2c:92:5c:12:6e:78:c7:
af:c6:72:2a:fd:e2:99:75:3c:0d:6a:a5:dc:00:56:
cb:fb:09:57:b4:0d:ff:b4:62:07:77:2b:9c:bd:3f:
8a:c8:d6:c7:59:e8:c1:ac:90:ba:05:2b:8c:b6:b8:
29:da:1b:35:2f:0e:17:63:a3:5c:21:79:29:a7:ae:
7b:94:b3:7f:10:1a:aa:c6:9c:c3:fd:55:9c:b6:66:
38:51:8e:bb:53:25:b9:2f:82:49:34:37:0e:fc:7d:
33:6e:e7:3b:0f:9e:fe:79:f7:b3:e3:87:6a:e7:b8:
0c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:43:8D:3F:20:D5:4D:A4:BA:B7:84:5E:A3:68:A6:B1:00:33:0A:80
X509v3 Authority Key Identifier:
keyid:5E:F5:86:E9:01:4A:65:F6:00:7D:BD:00:6B:06:20:32:F5:D6:6E:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XvWG6QFKZfYAfb0AawYgMvXWbm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/f31d68-ab5f-4113-afd0-69da307ce49c/1/CEONPyDVTaS6t4Reo2imsQAzCoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/f31d68-ab5f-4113-afd0-69da307ce49c/1/XvWG6QFKZfYAfb0AawYgMvXWbm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.192.0/20
185.8.240.0/22
188.119.192.0/18
213.250.128.0/18
IPv6:
2a02:d5c0::/29
Signature Algorithm: sha256WithRSAEncryption
39:6a:ba:4d:b3:ec:17:de:77:0e:4f:7c:ae:92:6c:3e:ea:40:
c6:93:9e:75:f4:48:fa:e0:47:8f:b3:42:28:50:82:68:58:bb:
41:b1:fa:0e:6f:d8:7c:f3:0c:71:b7:65:ad:a7:a2:30:8d:0e:
f0:6f:16:18:b2:08:7d:22:7e:9c:99:81:6b:cc:85:33:b1:f9:
05:1e:77:06:50:1d:1e:5b:4c:46:79:cc:2e:14:01:5b:be:e3:
12:5f:69:c3:c1:9c:b0:f8:f5:25:78:0e:49:f1:c1:c6:ab:3c:
50:a4:b4:a7:08:e7:2a:7f:54:49:f4:e0:82:8a:c3:5a:27:9d:
88:25:aa:db:98:cf:c0:db:1f:c4:f6:92:9c:7d:4f:de:1a:7e:
4b:99:51:6a:d1:a7:5d:34:76:ff:cb:f5:8d:c6:16:71:9f:43:
6d:82:ab:6b:39:ac:6b:ba:33:0c:29:37:0d:f1:82:28:bf:28:
bb:6d:d1:7a:86:5b:b3:70:d1:00:56:de:84:ff:5b:2a:13:87:
ad:88:6b:fe:90:b2:a5:35:5e:59:d3:66:b1:41:59:b1:da:64:
05:9a:21:e1:29:f1:cc:8d:91:0d:48:df:95:72:4c:a7:85:a5:
a5:34:99:dc:26:9a:3d:ed:53:3c:5b:cd:13:c2:22:a3:65:ac:
36:1c:90:e6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVt5kmFQ5IVW6ZuADZAs52AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZjU4NmU5MDE0YTY1ZjYwMDdkYmQwMDZiMDYyMDMyZjVk
NjZlNmYwHhcNMjMwMTAxMTUxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODQzOGQzZjIwZDU0ZGE0YmFiNzg0NWVhMzY4YTZiMTAwMzMwYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBSndnajXdIK0l0iJZJnH8Mw3n0E
Grm6W78vTAMykUMCN+a+7cQxan/tdfcAtHkZS/UP2blxdwel8tuWGFEsJduw985e
L3M/8jB3HnvkhMzQHpeuxAwqO4T3OUWWUDXG7HmTuqNl9pw3rlh018SAimYPXTSI
56nMMLMmWmBTdtHaH1EYbvXno0u8d5et4CySXBJueMevxnIq/eKZdTwNaqXcAFbL
+wlXtA3/tGIHdyucvT+KyNbHWejBrJC6BSuMtrgp2hs1Lw4XY6NcIXkpp657lLN/
EBqqxpzD/VWctmY4UY67UyW5L4JJNDcO/H0zbuc7D57+efez44dq57gMjwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAhDjT8g1U2kureEXqNoprEAMwqAMB8GA1UdIwQY
MBaAFF71hukBSmX2AH29AGsGIDL11m5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHZXRzZRRktaZllBZmIwQWF3WWdNdlhXYm04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9mMzFkNjgtYWI1Zi00MTEzLWFmZDAt
NjlkYTMwN2NlNDljLzEvQ0VPTlB5RFZUYVM2dDRSZW8yaW1zUUF6Q29BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9mMzFkNjgtYWI1Zi00MTEzLWFmZDAtNjlkYTMwN2NlNDlj
LzEvWHZXRzZRRktaZllBZmIwQWF3WWdNdlhXYm04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUP3AAwQC
uQjwAwQGvHfAAwQG1fqAMA0EAgACMAcDBQMqAtXAMA0GCSqGSIb3DQEBCwUAA4IB
AQA5arpNs+wX3ncOT3yukmw+6kDGk5519Ej64EePs0IoUIJoWLtBsfoOb9h88wxx
t2Wtp6IwjQ7wbxYYsgh9In6cmYFrzIUzsfkFHncGUB0eW0xGecwuFAFbvuMSX2nD
wZyw+PUleA5J8cHGqzxQpLSnCOcqf1RJ9OCCisNaJ52IJarbmM/A2x/E9pKcfU/e
Gn5LmVFq0addNHb/y/WNxhZxn0NtgqtrOaxrujMMKTcN8YIovyi7bdF6hluzcNEA
Vt6E/1sqE4etiGv+kLKlNV5Z02axQVmx2mQFmiHhKfHMjZENSN+VckynhaWlNJnc
Jpo97VM8W80TwiKjZaw2HJDm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:57 2025 by rpki-client