Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/52b634-6148-4e2e-b8f3-0c98c570a6e0/1/GvnG-mS30kZsC0VMkjG-9H9bKNc.roa
File: GvnG-mS30kZsC0VMkjG-9H9bKNc.roa (raw, json)
Hash identifier: fCMqeP5mwLekpgJxD7sr/iDT7Y2EP3bkaxbq5G7CFnk=
Subject key identifier: 1A:F9:C6:FA:64:B7:D2:46:6C:0B:45:4C:92:31:BE:F4:7F:5B:28:D7
Certificate issuer: /CN=607548c37abebc58b928ed285433d69e95df9c3b
Certificate serial: 0194221FB9F273F4106F4CCD00CA858B7898
Authority key identifier: 60:75:48:C3:7A:BE:BC:58:B9:28:ED:28:54:33:D6:9E:95:DF:9C:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YHVIw3q-vFi5KO0oVDPWnpXfnDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/52b634-6148-4e2e-b8f3-0c98c570a6e0/1/GvnG-mS30kZsC0VMkjG-9H9bKNc.roa
Signing time: Wed 01 Jan 2025 13:48:12 +0000
ROA not before: Wed 01 Jan 2025 13:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31294
IP address blocks: 83.220.160.0/22 maxlen: 22
2a01:b8a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b9:f2:73:f4:10:6f:4c:cd:00:ca:85:8b:78:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=607548c37abebc58b928ed285433d69e95df9c3b
Validity
Not Before: Jan 1 13:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1af9c6fa64b7d2466c0b454c9231bef47f5b28d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:27:59:50:f8:dd:d7:5c:71:12:09:c6:15:d5:
fb:9e:89:e0:ea:2e:d1:0b:81:b1:65:93:d6:68:14:
a3:8b:4c:92:96:47:0a:65:71:6c:f0:1a:19:90:3d:
1b:33:38:18:d9:e1:3c:6b:4b:2a:04:d6:3a:65:e8:
f3:4b:9d:e3:a0:3b:76:2a:e6:49:a5:b4:a9:b8:db:
ad:df:f5:85:b5:50:49:83:30:64:55:ca:c4:d7:f2:
75:01:bc:84:5a:cf:f8:c1:2b:68:99:62:cd:78:1a:
7f:1f:cc:a5:e4:46:42:f5:df:d4:b8:69:5c:25:37:
b1:34:6c:a8:62:9e:8e:ec:93:88:cc:16:9f:73:cd:
86:9e:a9:e3:0e:1d:7e:b4:01:3b:29:0a:ee:eb:dd:
05:4d:7c:dc:ec:c0:86:19:bc:0b:92:d5:b6:ef:37:
83:35:77:ea:5b:36:16:cb:aa:5b:bd:be:53:6d:c1:
3b:fe:18:6e:bc:67:09:9a:bd:4d:a6:92:87:c5:68:
f2:5b:f5:9f:69:23:5c:cb:b8:c7:70:2f:a6:b2:47:
3a:16:b7:fe:2c:3d:8e:e0:6f:54:87:a7:7b:ac:35:
ba:1b:97:d3:ab:84:3b:72:57:5e:ea:a9:d8:83:65:
10:ce:02:67:dc:e8:dc:48:ca:ce:41:7f:84:0f:f2:
18:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F9:C6:FA:64:B7:D2:46:6C:0B:45:4C:92:31:BE:F4:7F:5B:28:D7
X509v3 Authority Key Identifier:
keyid:60:75:48:C3:7A:BE:BC:58:B9:28:ED:28:54:33:D6:9E:95:DF:9C:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YHVIw3q-vFi5KO0oVDPWnpXfnDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/52b634-6148-4e2e-b8f3-0c98c570a6e0/1/GvnG-mS30kZsC0VMkjG-9H9bKNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/52b634-6148-4e2e-b8f3-0c98c570a6e0/1/YHVIw3q-vFi5KO0oVDPWnpXfnDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.220.160.0/22
IPv6:
2a01:b8a0::/32
Signature Algorithm: sha256WithRSAEncryption
ce:e4:90:20:b2:cf:51:fe:3e:88:47:62:65:f5:f9:60:46:43:
af:6c:62:61:75:d5:8b:be:e4:cd:6c:2a:33:50:06:33:e7:11:
1e:0f:4b:cc:de:36:c2:e6:9e:66:15:bf:23:b2:87:c9:5d:7d:
94:66:a5:09:3b:8f:db:92:a8:91:fa:ab:2f:72:e7:05:3d:81:
a6:29:69:bc:bd:fa:22:ff:96:99:d7:ab:08:5a:48:05:e1:c8:
af:76:b4:df:d0:cd:19:c2:0a:5c:87:7b:a0:36:09:75:67:1f:
83:ba:8d:87:ea:d8:73:22:ff:55:03:89:f9:a1:9e:90:7b:f7:
f0:ab:0c:fa:27:91:9d:00:48:6e:ca:8b:57:9b:dc:05:5e:5d:
67:cb:c6:79:aa:d6:6d:39:b8:fa:45:4f:cc:de:e1:a3:8e:0e:
94:cf:b8:be:8e:81:f0:24:93:c1:73:4f:ac:ea:6c:8f:eb:df:
e1:f4:2c:bc:f0:7c:ca:83:54:f1:4d:6d:de:d8:01:99:3b:7e:
6b:ed:1b:47:32:01:d9:4b:b4:2b:77:22:af:ba:00:31:f3:24:
1a:7a:dc:84:9b:99:e9:7e:c9:da:03:7a:5a:9e:bf:d8:70:8e:
15:7a:68:f3:d2:03:93:84:7f:ad:1d:ca:f5:f0:35:bb:74:8a:
35:2c:ec:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH7nyc/QQb0zNAMqFi3iYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNzU0OGMzN2FiZWJjNThiOTI4ZWQyODU0MzNkNjllOTVk
ZjljM2IwHhcNMjUwMTAxMTM0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWY5YzZmYTY0YjdkMjQ2NmMwYjQ1NGM5MjMxYmVmNDdmNWIyOGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyidZUPjd11xxEgnGFdX7nong6i7R
C4GxZZPWaBSji0ySlkcKZXFs8BoZkD0bMzgY2eE8a0sqBNY6ZejzS53joDt2KuZJ
pbSpuNut3/WFtVBJgzBkVcrE1/J1AbyEWs/4wStomWLNeBp/H8yl5EZC9d/UuGlc
JTexNGyoYp6O7JOIzBafc82GnqnjDh1+tAE7KQru690FTXzc7MCGGbwLktW27zeD
NXfqWzYWy6pbvb5TbcE7/hhuvGcJmr1NppKHxWjyW/WfaSNcy7jHcC+mskc6Frf+
LD2O4G9Uh6d7rDW6G5fTq4Q7clde6qnYg2UQzgJn3OjcSMrOQX+ED/IYgwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBr5xvpkt9JGbAtFTJIxvvR/WyjXMB8GA1UdIwQY
MBaAFGB1SMN6vrxYuSjtKFQz1p6V35w7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUhWSXczcS12Rmk1S08wb1ZEUFducFhmbkRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81MmI2MzQtNjE0OC00ZTJlLWI4ZjMt
MGM5OGM1NzBhNmUwLzEvR3ZuRy1tUzMwa1pzQzBWTWtqRy05SDliS05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81MmI2MzQtNjE0OC00ZTJlLWI4ZjMtMGM5OGM1NzBhNmUw
LzEvWUhWSXczcS12Rmk1S08wb1ZEUFducFhmbkRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCU9ygMA0E
AgACMAcDBQAqAbigMA0GCSqGSIb3DQEBCwUAA4IBAQDO5JAgss9R/j6IR2Jl9flg
RkOvbGJhddWLvuTNbCozUAYz5xEeD0vM3jbC5p5mFb8jsofJXX2UZqUJO4/bkqiR
+qsvcucFPYGmKWm8vfoi/5aZ16sIWkgF4civdrTf0M0Zwgpch3ugNgl1Zx+Duo2H
6thzIv9VA4n5oZ6Qe/fwqwz6J5GdAEhuyotXm9wFXl1ny8Z5qtZtObj6RU/M3uGj
jg6Uz7i+joHwJJPBc0+s6myP69/h9Cy88HzKg1TxTW3e2AGZO35r7RtHMgHZS7Qr
dyKvugAx8yQaetyEm5npfsnaA3panr/YcI4Vemjz0gOThH+tHcr18DW7dIo1LOzV
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:05 2025 by rpki-client