Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/ghlI20QAtSI0GQDe0AzvPhNJTnY.roa
File: ghlI20QAtSI0GQDe0AzvPhNJTnY.roa (raw, json)
Hash identifier: OklQZNSUvw6mvN5KsJ0mW0wzv+SZygu10QQj6pdPsbA=
Subject key identifier: 82:19:48:DB:44:00:B5:22:34:19:00:DE:D0:0C:EF:3E:13:49:4E:76
Certificate issuer: /CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Certificate serial: 01832DE93EE30FA0C53711851CCBE7CB0E45
Authority key identifier: 8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/ghlI20QAtSI0GQDe0AzvPhNJTnY.roa
Signing time: Sun 11 Sep 2022 18:56:44 +0000
ROA not before: Sun 11 Sep 2022 18:56:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209372
IP address blocks: 88.218.80.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
95.214.83.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
84.252.64.0/22 maxlen: 24
77.83.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:2d:e9:3e:e3:0f:a0:c5:37:11:85:1c:cb:e7:cb:0e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Validity
Not Before: Sep 11 18:56:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=821948db4400b522341900ded00cef3e13494e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:09:da:ff:26:92:42:f8:83:85:d7:3c:e7:2d:
0e:72:1b:65:5f:85:c9:b3:d8:0a:6c:80:48:e3:9e:
cf:8f:0e:79:4c:0a:f5:71:48:ae:39:7d:38:9a:67:
0a:c4:59:87:06:56:6b:6e:ba:95:12:7e:12:d1:b8:
99:1f:58:41:cc:eb:44:d6:01:97:66:b9:33:79:da:
07:f5:64:59:af:f3:47:30:02:ec:d9:9c:c9:4b:35:
b6:d2:d8:fd:7a:9b:22:e6:11:b1:50:6d:0b:0d:0b:
f6:e8:b0:1b:fa:b2:db:9b:1e:72:d8:cd:d1:11:f5:
21:e4:1e:da:ca:e1:10:56:5d:45:75:0d:89:a7:d5:
01:d2:c0:54:cd:19:01:25:a5:f9:0b:01:d5:ba:b4:
ed:e9:99:2b:a0:d0:bc:cd:16:1e:8c:3c:8a:92:45:
dd:31:20:a1:ac:5c:5c:d3:fb:07:be:51:11:c8:dc:
87:b3:4e:2f:91:b5:9e:59:e2:15:f7:48:a4:37:28:
fa:94:78:a0:ad:80:27:5e:2e:82:dc:91:11:ab:7c:
67:82:00:ff:95:d8:31:1a:ab:32:99:5c:57:72:ec:
cf:85:97:52:2e:ae:93:b5:90:31:ee:7e:12:42:5b:
d1:7c:d7:7e:dc:02:83:b7:93:15:a6:df:34:28:4e:
af:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:19:48:DB:44:00:B5:22:34:19:00:DE:D0:0C:EF:3E:13:49:4E:76
X509v3 Authority Key Identifier:
keyid:8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/ghlI20QAtSI0GQDe0AzvPhNJTnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/jnR0gfLJj7tw3KjWXCPeT8o3WD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.20.0/22
84.252.64.0/22
88.218.80.0/24
95.214.83.0/24
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
Signature Algorithm: sha256WithRSAEncryption
92:05:a9:c6:00:b6:71:43:6a:02:3f:11:0e:7f:68:ef:91:75:
f7:33:8c:55:06:62:d5:9d:8a:e4:b6:9d:76:70:3c:b4:61:b9:
26:01:1d:9d:dc:59:01:ab:30:cd:77:f2:6c:ac:28:33:2c:68:
97:9a:cf:40:26:fc:76:f4:93:d0:34:62:81:c0:92:7e:1e:20:
f0:4b:2d:73:58:7e:0b:bf:d3:f4:7b:8b:d7:ee:a8:44:2a:f4:
eb:ab:dd:96:43:5c:92:85:f0:ff:44:10:70:e7:19:70:15:14:
81:79:97:45:a2:9c:4d:2b:61:df:8d:57:b2:02:0d:17:75:61:
98:8c:ce:c0:c8:0d:cf:c4:8c:00:69:33:2f:3f:af:5a:5d:9e:
8f:bb:18:8c:0c:6f:0d:c8:06:b8:73:b6:dd:a7:64:20:8a:c4:
ec:34:5a:56:10:51:fe:85:d4:e7:ab:cf:06:d7:a3:93:74:fb:
12:12:31:2d:59:7e:fe:c7:aa:c8:39:01:31:50:ed:fa:61:f3:
ee:a6:26:6b:03:ba:fc:85:54:5e:c8:fb:1a:77:ac:d3:40:13:
b1:43:3f:09:15:93:74:58:8d:34:fc:b6:bc:b1:b5:38:16:da:
55:3d:28:64:7c:71:6e:30:b6:fe:5f:51:de:ff:a9:b4:6b:de:
cc:09:b6:70
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYMt6T7jD6DFNxGFHMvnyw5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzQ3NDgxZjJjOThmYmI3MGRjYThkNjVjMjNkZTRmY2Ez
NzU4M2QwHhcNMjIwOTExMTg1NjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjE5NDhkYjQ0MDBiNTIyMzQxOTAwZGVkMDBjZWYzZTEzNDk0ZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwna/yaSQviDhdc85y0OchtlX4XJ
s9gKbIBI457Pjw55TAr1cUiuOX04mmcKxFmHBlZrbrqVEn4S0biZH1hBzOtE1gGX
ZrkzedoH9WRZr/NHMALs2ZzJSzW20tj9epsi5hGxUG0LDQv26LAb+rLbmx5y2M3R
EfUh5B7ayuEQVl1FdQ2Jp9UB0sBUzRkBJaX5CwHVurTt6ZkroNC8zRYejDyKkkXd
MSChrFxc0/sHvlERyNyHs04vkbWeWeIV90ikNyj6lHigrYAnXi6C3JERq3xnggD/
ldgxGqsymVxXcuzPhZdSLq6TtZAx7n4SQlvRfNd+3AKDt5MVpt80KE6v0wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIIZSNtEALUiNBkA3tAM7z4TSU52MB8GA1UdIwQY
MBaAFI50dIHyyY+7cNyo1lwj3k/KN1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgt
NjUyMWQzOTVmMTMyLzEvZ2hsSTIwUUF0U0kwR1FEZTBBenZQaE5KVG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgtNjUyMWQzOTVmMTMy
LzEvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCTVMUAwQC
VPxAAwQAWNpQAwQAX9ZTAwQBsHa8AwQAsHa/AwQBubFMAwQAwaBEMA0GCSqGSIb3
DQEBCwUAA4IBAQCSBanGALZxQ2oCPxEOf2jvkXX3M4xVBmLVnYrktp12cDy0Ybkm
AR2d3FkBqzDNd/JsrCgzLGiXms9AJvx29JPQNGKBwJJ+HiDwSy1zWH4Lv9P0e4vX
7qhEKvTrq92WQ1yShfD/RBBw5xlwFRSBeZdFopxNK2HfjVeyAg0XdWGYjM7AyA3P
xIwAaTMvP69aXZ6PuxiMDG8NyAa4c7bdp2QgisTsNFpWEFH+hdTnq88G16OTdPsS
EjEtWX7+x6rIOQExUO36YfPupiZrA7r8hVReyPsad6zTQBOxQz8JFZN0WI00/La8
sbU4FtpVPShkfHFuMLb+X1He/6m0a97MCbZw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:08 2025 by rpki-client