Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/jsguEZSi2g1Z8ENz2ikBj1PJtOs.roa
File: jsguEZSi2g1Z8ENz2ikBj1PJtOs.roa (raw, json)
Hash identifier: g0y1NPbMCtF3k5qeBTX0O2c4sjLyBwDs6E94jjgRs1I=
Subject key identifier: 8E:C8:2E:11:94:A2:DA:0D:59:F0:43:73:DA:29:01:8F:53:C9:B4:EB
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 01942068210B5850E32F139513FD28A26EE6
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/jsguEZSi2g1Z8ENz2ikBj1PJtOs.roa
Signing time: Wed 01 Jan 2025 05:48:02 +0000
ROA not before: Wed 01 Jan 2025 05:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 80.86.192.0/24 maxlen: 24
80.86.193.0/24 maxlen: 24
81.221.250.0/24 maxlen: 24
81.221.252.0/24 maxlen: 24
81.221.254.0/24 maxlen: 24
194.191.16.0/24 maxlen: 24
194.191.17.0/24 maxlen: 24
194.191.18.0/24 maxlen: 24
194.191.19.0/24 maxlen: 24
194.191.20.0/24 maxlen: 24
194.191.24.0/24 maxlen: 24
194.191.25.0/24 maxlen: 24
194.191.26.0/24 maxlen: 24
194.191.28.0/24 maxlen: 24
194.191.29.0/24 maxlen: 24
194.191.30.0/24 maxlen: 24
195.48.221.0/24 maxlen: 24
195.49.16.0/24 maxlen: 24
2a01:2a8:2001::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:21:0b:58:50:e3:2f:13:95:13:fd:28:a2:6e:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: Jan 1 05:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ec82e1194a2da0d59f04373da29018f53c9b4eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:df:45:2f:14:29:d1:87:fe:c0:ad:58:13:09:
dd:c0:20:59:30:2d:ff:19:ee:af:35:5b:af:2f:35:
63:04:8e:34:c6:ef:ed:48:16:ce:f4:72:50:19:7b:
17:13:31:b9:16:55:5b:60:ca:d7:07:8e:81:b7:eb:
22:f8:2b:7e:ec:57:62:8b:0c:38:33:42:ec:80:e2:
61:df:6a:fa:ba:b3:83:8e:69:cc:32:72:e5:78:e1:
0d:63:a7:91:86:4a:c8:2e:2d:d8:4c:09:a3:c8:f6:
04:8d:2b:61:4a:e2:46:eb:af:54:4a:57:4b:ce:30:
58:a6:87:35:e4:9f:16:f2:73:e1:c2:a5:d5:25:a8:
8b:5b:81:1c:18:52:91:5c:95:b1:cd:74:9e:36:e0:
2f:e5:90:1a:ce:57:3e:0b:f9:31:6e:a4:ee:6f:6f:
91:a8:4b:61:d9:ba:7d:1e:d5:93:e8:5c:5b:31:d4:
06:01:57:bf:d7:37:7d:41:c5:18:d2:8c:09:4d:8d:
b3:3e:ed:85:95:3e:2b:b5:3f:ed:04:d2:0e:3e:a2:
c7:2c:14:95:ad:72:b0:c1:7c:bb:4f:5d:3e:c5:3f:
26:8d:da:2f:d8:47:67:46:9e:10:18:18:bc:17:a0:
76:ea:be:e0:bb:5a:3a:00:76:bc:e1:bf:9a:13:30:
8d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C8:2E:11:94:A2:DA:0D:59:F0:43:73:DA:29:01:8F:53:C9:B4:EB
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/jsguEZSi2g1Z8ENz2ikBj1PJtOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.192.0/23
81.221.250.0/24
81.221.252.0/24
81.221.254.0/24
194.191.16.0-194.191.20.255
194.191.24.0-194.191.26.255
194.191.28.0-194.191.30.255
195.48.221.0/24
195.49.16.0/24
IPv6:
2a01:2a8:2001::/48
Signature Algorithm: sha256WithRSAEncryption
c9:28:82:53:80:34:25:a0:02:7d:cd:e8:2b:c0:2e:68:da:3c:
24:ab:ee:10:9a:9c:83:54:7a:6d:31:f4:7d:09:6b:82:ac:5b:
6a:b2:f5:95:21:5f:6d:ed:32:f4:cc:3c:af:2c:9b:1f:66:fb:
0d:8c:d7:dd:65:39:55:93:41:69:da:81:29:75:ec:36:98:40:
f3:e7:1a:8e:82:e6:e3:c3:7b:82:94:0c:bf:2a:18:4b:70:71:
57:c7:07:40:d9:fc:4c:a8:9d:ed:58:4a:18:a8:ff:1b:fe:3d:
96:d2:98:62:fb:e9:53:80:70:9a:45:bd:bb:e6:25:f3:ec:05:
4c:37:e8:45:93:13:73:2c:ea:c3:a9:0a:37:bc:51:b3:27:21:
bc:8f:dd:fb:45:0f:4a:d7:fc:62:09:13:da:c5:cc:ab:0c:37:
fa:42:47:71:1e:41:ba:9b:b4:42:e2:c9:dc:a3:5e:f2:0c:df:
f7:ea:5e:4a:e2:45:cb:2d:26:c0:ff:e8:71:83:5f:10:cc:de:
8d:17:97:95:b7:b8:49:c7:25:00:19:4d:e9:3a:cc:c0:6c:45:
34:59:27:8f:6d:b7:48:6b:ca:3d:05:a0:8c:c6:b6:a0:e1:c5:
bf:46:5a:57:0c:98:cf:c4:2b:9f:a0:35:eb:6d:d6:41:aa:61:
a8:5b:9b:01
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZQgaCELWFDjLxOVE/0oom7mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGM2NzA2ZTNmYmViZGZmMTQ2YThhMTRlYzJhMzI4NGE5
MmJhNjIwHhcNMjUwMTAxMDU0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWM4MmUxMTk0YTJkYTBkNTlmMDQzNzNkYTI5MDE4ZjUzYzliNGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1t9FLxQp0Yf+wK1YEwndwCBZMC3/
Ge6vNVuvLzVjBI40xu/tSBbO9HJQGXsXEzG5FlVbYMrXB46Bt+si+Ct+7Fdiiww4
M0LsgOJh32r6urODjmnMMnLleOENY6eRhkrILi3YTAmjyPYEjSthSuJG669USldL
zjBYpoc15J8W8nPhwqXVJaiLW4EcGFKRXJWxzXSeNuAv5ZAazlc+C/kxbqTub2+R
qEth2bp9HtWT6FxbMdQGAVe/1zd9QcUY0owJTY2zPu2FlT4rtT/tBNIOPqLHLBSV
rXKwwXy7T10+xT8mjdov2EdnRp4QGBi8F6B26r7gu1o6AHa84b+aEzCNjwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFI7ILhGUotoNWfBDc9opAY9TybTrMB8GA1UdIwQY
MBaAFKdMZwbj++vf8UaooU7CoyhKkrpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjIt
YWE3ODhhNDIwYWVjLzEvanNndUVaU2kyZzFaOEVOejJpa0JqMVBKdE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjItYWE3ODhhNDIwYWVj
LzEvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBUBAIAATBOAwQBUFbAAwQA
Ud36AwQAUd38AwQAUd3+MAwDBATCvxADBADCvxQwDAMEA8K/GAMEAMK/GjAMAwQC
wr8cAwQAwr8eAwQAwzDdAwQAwzEQMA8EAgACMAkDBwAqAQKoIAEwDQYJKoZIhvcN
AQELBQADggEBAMkoglOANCWgAn3N6CvALmjaPCSr7hCanINUem0x9H0Ja4KsW2qy
9ZUhX23tMvTMPK8smx9m+w2M191lOVWTQWnagSl17DaYQPPnGo6C5uPDe4KUDL8q
GEtwcVfHB0DZ/Eyone1YShio/xv+PZbSmGL76VOAcJpFvbvmJfPsBUw36EWTE3Ms
6sOpCje8UbMnIbyP3ftFD0rX/GIJE9rFzKsMN/pCR3EeQbqbtELiydyjXvIM3/fq
XkriRcstJsD/6HGDXxDM3o0Xl5W3uEnHJQAZTek6zMBsRTRZJ49tt0hryj0FoIzG
tqDhxb9GWlcMmM/EK5+gNett1kGqYahbmwE=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:15 2025 by rpki-client