Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/izRl0EDK4B0qzWxxkTnsFaQUD9I.roa
File: izRl0EDK4B0qzWxxkTnsFaQUD9I.roa (raw, json)
Hash identifier: deGltujGMo6zRw49YCgwFhp3rs4UuELASdCXPlgWHmM=
Subject key identifier: 8B:34:65:D0:40:CA:E0:1D:2A:CD:6C:71:91:39:EC:15:A4:14:0F:D2
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 0194FA90361AE80BE779BF8EE591D95F8114
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/izRl0EDK4B0qzWxxkTnsFaQUD9I.roa
Signing time: Wed 12 Feb 2025 14:29:02 +0000
ROA not before: Wed 12 Feb 2025 14:29:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58289
IP address blocks: 86.54.184.0/24 maxlen: 24
91.147.111.0/24 maxlen: 24
92.240.243.0/24 maxlen: 24
185.162.234.0/24 maxlen: 24
193.43.251.0/24 maxlen: 24
194.31.133.0/24 maxlen: 24
194.31.135.0/24 maxlen: 24
212.108.87.0/24 maxlen: 24
2a0e:6600::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fa:90:36:1a:e8:0b:e7:79:bf:8e:e5:91:d9:5f:81:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Feb 12 14:29:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b3465d040cae01d2acd6c719139ec15a4140fd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f3:86:0c:21:fc:23:1b:7f:79:a7:e6:4d:7d:
1f:39:fd:ae:2a:d2:5d:3b:80:76:8c:05:13:bf:24:
f8:55:4f:9c:d0:51:d3:b7:11:b6:70:a3:54:6d:d4:
ff:16:30:3b:e2:68:c6:8d:fb:e5:8b:3b:d7:ca:c1:
d6:57:a4:1d:65:9b:85:b0:d3:5f:32:16:74:da:36:
f5:70:eb:8e:d3:4c:74:21:bc:32:e3:81:2f:37:85:
42:6f:e5:d9:0c:61:92:57:5e:e9:78:1f:0a:71:fb:
68:6e:48:68:bf:3e:8c:d4:fa:19:98:c3:31:a8:cb:
65:66:bf:11:df:96:63:2c:06:fc:f1:ef:c9:9b:81:
c8:2a:d3:30:f3:99:75:e8:59:a2:61:72:b9:c5:e9:
46:1e:40:11:5d:cc:c9:24:31:52:8b:bc:c6:d0:1d:
17:8d:63:53:08:3f:0c:c6:31:c1:87:db:bb:02:64:
bf:7c:9d:48:2f:12:36:c0:0d:35:df:30:a6:d4:aa:
5b:be:d6:18:71:f6:be:9e:97:91:64:32:01:00:83:
27:58:ec:02:6d:e6:7c:14:79:07:67:c5:7a:39:a4:
93:d4:53:72:7c:89:5f:70:5a:16:a8:41:b5:56:fa:
b0:44:62:78:5f:61:17:3f:c3:a2:e1:ef:a4:ec:96:
75:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:34:65:D0:40:CA:E0:1D:2A:CD:6C:71:91:39:EC:15:A4:14:0F:D2
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/izRl0EDK4B0qzWxxkTnsFaQUD9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.54.184.0/24
91.147.111.0/24
92.240.243.0/24
185.162.234.0/24
193.43.251.0/24
194.31.133.0/24
194.31.135.0/24
212.108.87.0/24
IPv6:
2a0e:6600::/48
Signature Algorithm: sha256WithRSAEncryption
67:d8:6e:15:f3:19:5e:c3:7b:13:a1:0e:b8:81:e4:91:f9:95:
da:bd:4c:23:9c:b5:16:d1:e4:68:ef:c0:03:b6:06:b1:a5:55:
10:c0:06:d8:f5:ca:be:56:a2:2b:07:03:9a:66:47:8b:1a:44:
2d:3d:43:55:f8:51:01:32:cb:8a:37:ca:1a:88:85:04:cc:3d:
ef:bd:48:33:f4:7a:91:a5:8e:df:2b:aa:f4:53:e8:47:0c:46:
70:fa:fc:2a:e6:4f:04:6c:71:af:68:3c:b5:a5:da:c2:71:1d:
be:5c:7a:22:f1:d3:18:67:ee:57:3e:ff:f6:36:6d:56:17:59:
cf:ee:f6:f2:45:38:32:3a:28:80:2c:a2:7d:56:b5:cf:fc:67:
b6:27:00:65:d0:87:ef:e6:ea:94:ef:3f:f1:d7:be:18:d8:54:
f0:e3:ce:ea:a4:87:b4:ef:80:67:2f:f1:e3:5e:e5:1e:66:ef:
54:97:e3:7a:75:81:88:30:4c:29:e8:3b:14:7e:b2:4b:bf:96:
a9:06:72:bb:a3:a7:be:8e:bd:08:4c:5d:b0:31:78:90:f0:72:
00:1c:25:33:35:d7:9d:bc:d7:3e:bb:e5:e2:fc:a0:69:d0:57:
3d:17:7b:01:dc:58:30:c1:00:bc:4e:ce:ed:9b:2d:22:12:e8:
02:13:35:86
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZT6kDYa6Avneb+O5ZHZX4EUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjUwMjEyMTQyOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjM0NjVkMDQwY2FlMDFkMmFjZDZjNzE5MTM5ZWMxNWE0MTQwZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPOGDCH8Ixt/eafmTX0fOf2uKtJd
O4B2jAUTvyT4VU+c0FHTtxG2cKNUbdT/FjA74mjGjfvlizvXysHWV6QdZZuFsNNf
MhZ02jb1cOuO00x0Ibwy44EvN4VCb+XZDGGSV17peB8Kcftobkhovz6M1PoZmMMx
qMtlZr8R35ZjLAb88e/Jm4HIKtMw85l16FmiYXK5xelGHkARXczJJDFSi7zG0B0X
jWNTCD8MxjHBh9u7AmS/fJ1ILxI2wA013zCm1KpbvtYYcfa+npeRZDIBAIMnWOwC
beZ8FHkHZ8V6OaST1FNyfIlfcFoWqEG1VvqwRGJ4X2EXP8Oi4e+k7JZ16QIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFIs0ZdBAyuAdKs1scZE57BWkFA/SMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvaXpSbDBFREs0QjBxeld4eGtUbnNGYVFVRDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQAVja4AwQA
W5NvAwQAXPDzAwQAuaLqAwQAwSv7AwQAwh+FAwQAwh+HAwQA1GxXMA8EAgACMAkD
BwAqDmYAAAAwDQYJKoZIhvcNAQELBQADggEBAGfYbhXzGV7DexOhDriB5JH5ldq9
TCOctRbR5GjvwAO2BrGlVRDABtj1yr5WoisHA5pmR4saRC09Q1X4UQEyy4o3yhqI
hQTMPe+9SDP0epGljt8rqvRT6EcMRnD6/CrmTwRsca9oPLWl2sJxHb5ceiLx0xhn
7lc+//Y2bVYXWc/u9vJFODI6KIAson1Wtc/8Z7YnAGXQh+/m6pTvP/HXvhjYVPDj
zuqkh7TvgGcv8eNe5R5m71SX43p1gYgwTCnoOxR+sku/lqkGcrujp76OvQhMXbAx
eJDwcgAcJTM115281z675eL8oGnQVz0XewHcWDDBALxOzu2bLSIS6AITNYY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:05:30 2025 by rpki-client