Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/SswkbmEgewZ-vu6I9yZ8KG56V7o.roa
File: SswkbmEgewZ-vu6I9yZ8KG56V7o.roa (raw, json)
Hash identifier: tTUvLvUvDNSFJ7GjOtFTXzvEETLHvTJh61u4cWGE0ZM=
Subject key identifier: 4A:CC:24:6E:61:20:7B:06:7E:BE:EE:88:F7:26:7C:28:6E:7A:57:BA
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018DA7D7EA704FCDA0173C8B1F11C9B82D21
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/SswkbmEgewZ-vu6I9yZ8KG56V7o.roa
Signing time: Wed 14 Feb 2024 13:39:21 +0000
ROA not before: Wed 14 Feb 2024 13:39:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25773
IP address blocks: 92.61.238.0/24 maxlen: 24
94.188.205.0/24 maxlen: 24
94.188.206.0/24 maxlen: 24
94.188.207.0/24 maxlen: 24
94.188.208.0/24 maxlen: 24
94.188.209.0/24 maxlen: 24
94.188.210.0/24 maxlen: 24
94.188.232.0/24 maxlen: 24
94.188.234.0/24 maxlen: 24
94.188.236.0/24 maxlen: 24
94.188.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:d7:ea:70:4f:cd:a0:17:3c:8b:1f:11:c9:b8:2d:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 14 13:39:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4acc246e61207b067ebeee88f7267c286e7a57ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7e:c7:29:e1:be:b3:31:41:6c:cc:eb:3b:22:
dc:10:73:a7:be:bd:91:8a:30:36:b4:0b:e8:6b:7d:
dd:78:b5:cb:84:c6:ea:e3:ee:aa:cd:c9:76:e8:05:
2c:66:0d:ac:14:8a:b5:b0:54:81:92:d4:e9:75:31:
08:13:d3:fb:28:41:a8:1b:09:d3:d0:b9:24:8c:27:
ab:dc:71:b9:05:46:c3:2f:00:28:3e:fd:fc:63:1f:
03:ec:48:25:56:98:38:9f:77:6e:d7:9f:67:25:92:
6f:df:e1:32:e6:d8:0a:88:50:a1:84:8a:48:3d:fb:
f6:87:3e:0a:87:02:07:0a:b2:c1:a9:5f:a5:1a:ce:
f9:7b:2c:58:cb:b3:25:dd:1f:7f:76:1d:61:7d:f5:
8f:2d:e4:00:47:1f:ee:b8:c4:82:7d:31:43:57:eb:
2a:f7:2b:7a:73:7f:47:bc:d3:b4:f8:59:fd:5c:6e:
5d:66:e8:61:ee:66:52:7c:44:10:ec:43:25:b8:a1:
c1:99:57:81:8f:55:7f:5c:94:00:50:6e:d9:94:10:
b3:65:57:75:e7:57:c8:27:2b:30:dd:8d:ae:56:d6:
48:24:27:17:14:6a:16:2d:d7:f5:b1:f7:07:0a:b7:
96:4e:67:bd:21:3c:51:6d:1b:96:dd:fd:d9:31:ec:
fe:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:CC:24:6E:61:20:7B:06:7E:BE:EE:88:F7:26:7C:28:6E:7A:57:BA
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/SswkbmEgewZ-vu6I9yZ8KG56V7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.61.238.0/24
94.188.205.0-94.188.210.255
94.188.232.0/24
94.188.234.0/24
94.188.236.0/23
Signature Algorithm: sha256WithRSAEncryption
05:b2:01:bb:1b:f8:0f:bd:0e:79:fc:8b:21:67:f7:6b:36:43:
3d:e3:ab:b2:ca:c0:85:5f:2e:ab:c6:cc:1d:dc:76:4d:91:b8:
ee:73:a4:91:02:55:20:b0:e7:22:72:3f:16:b6:7c:da:b1:37:
40:87:c0:d8:f5:d7:63:5b:e0:20:bf:8d:c2:9b:89:8b:fe:34:
5b:03:8f:70:98:13:ff:23:a0:36:38:54:67:a8:93:11:5f:d1:
67:e1:a3:f0:39:bd:c5:41:77:58:26:a8:4f:c1:d5:1c:bb:6c:
83:e4:cf:4b:d6:d1:65:5b:48:0c:c4:77:76:d3:a5:1d:cc:87:
ec:2e:d1:2d:68:61:8a:16:0e:58:27:4b:38:28:ca:77:a2:0d:
0a:34:c6:0c:76:69:16:7b:8c:ce:61:01:16:38:90:ea:11:a8:
03:90:ba:fe:2a:8f:9e:76:64:0a:ad:c2:96:c6:fa:74:bc:53:
2b:1d:74:e3:d0:b1:9d:84:4b:1b:42:40:d6:06:c1:b4:97:31:
7e:94:9c:42:72:ab:58:21:8d:78:56:ba:b3:f0:9f:29:b8:ff:
89:ae:72:e1:23:81:f6:0d:03:7c:5e:40:10:5b:00:fe:a1:5d:
90:7d:eb:08:a2:94:89:5d:d2:7f:ca:de:08:99:b8:5a:85:4c:
be:44:57:e7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY2n1+pwT82gFzyLHxHJuC0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwMjE0MTMzOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWNjMjQ2ZTYxMjA3YjA2N2ViZWVlODhmNzI2N2MyODZlN2E1N2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmn7HKeG+szFBbMzrOyLcEHOnvr2R
ijA2tAvoa33deLXLhMbq4+6qzcl26AUsZg2sFIq1sFSBktTpdTEIE9P7KEGoGwnT
0LkkjCer3HG5BUbDLwAoPv38Yx8D7EglVpg4n3du159nJZJv3+Ey5tgKiFChhIpI
Pfv2hz4KhwIHCrLBqV+lGs75eyxYy7Ml3R9/dh1hffWPLeQARx/uuMSCfTFDV+sq
9yt6c39HvNO0+Fn9XG5dZuhh7mZSfEQQ7EMluKHBmVeBj1V/XJQAUG7ZlBCzZVd1
51fIJysw3Y2uVtZIJCcXFGoWLdf1sfcHCreWTme9ITxRbRuW3f3ZMez+9QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFErMJG5hIHsGfr7uiPcmfChuele6MB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvU3N3a2JtRWdld1otdnU2STl5WjhLRzU2VjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAXD3uMAwD
BABevM0DBABevNIDBABevOgDBABevOoDBAFevOwwDQYJKoZIhvcNAQELBQADggEB
AAWyAbsb+A+9Dnn8iyFn92s2Qz3jq7LKwIVfLqvGzB3cdk2RuO5zpJECVSCw5yJy
Pxa2fNqxN0CHwNj112Nb4CC/jcKbiYv+NFsDj3CYE/8joDY4VGeokxFf0Wfho/A5
vcVBd1gmqE/B1Ry7bIPkz0vW0WVbSAzEd3bTpR3Mh+wu0S1oYYoWDlgnSzgoynei
DQo0xgx2aRZ7jM5hARY4kOoRqAOQuv4qj552ZAqtwpbG+nS8UysddOPQsZ2ESxtC
QNYGwbSXMX6UnEJyq1ghjXhWurPwnym4/4mucuEjgfYNA3xeQBBbAP6hXZB96wii
lIld0n/K3giZuFqFTL5EV+c=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:02 2025 by rpki-client