Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/65XvJnWJ03E_wQffVJwqHIhdXKo.roa
File: 65XvJnWJ03E_wQffVJwqHIhdXKo.roa (raw, json)
Hash identifier: n+kIe9rqLt8sRYDNNs5D6ISEyr0cqYIZuIL9qO18qeE=
Subject key identifier: EB:95:EF:26:75:89:D3:71:3F:C1:07:DF:54:9C:2A:1C:88:5D:5C:AA
Certificate issuer: /CN=ad52c28ef9a5b2291aba671ac9a65d8faadc5518
Certificate serial: 018A18F9E67F94DF60D23D97DAB6A616056D
Authority key identifier: AD:52:C2:8E:F9:A5:B2:29:1A:BA:67:1A:C9:A6:5D:8F:AA:DC:55:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/65XvJnWJ03E_wQffVJwqHIhdXKo.roa
Signing time: Mon 21 Aug 2023 16:42:25 +0000
ROA not before: Mon 21 Aug 2023 16:42:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35819
IP address blocks: 89.237.173.0/24 maxlen: 24
78.138.192.0/18 maxlen: 18
78.138.240.0/24 maxlen: 24
212.24.226.0/24 maxlen: 24
212.24.227.0/24 maxlen: 24
89.237.139.0/24 maxlen: 24
212.24.228.0/24 maxlen: 24
89.237.162.0/24 maxlen: 24
89.237.167.0/24 maxlen: 24
2a00:f580::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:18:f9:e6:7f:94:df:60:d2:3d:97:da:b6:a6:16:05:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad52c28ef9a5b2291aba671ac9a65d8faadc5518
Validity
Not Before: Aug 21 16:42:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb95ef267589d3713fc107df549c2a1c885d5caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:84:7f:0e:de:ff:58:f7:e8:62:a9:2e:0c:d3:
d0:92:b9:76:2d:f7:4f:2a:d6:30:e9:6a:7f:73:07:
45:c2:d9:4a:4d:1e:ef:99:21:4f:f0:7d:88:6f:b6:
2b:89:07:cd:60:56:d6:40:d2:35:3b:d5:53:0c:4d:
51:1d:d2:4f:06:45:5e:b6:80:ab:ce:b1:48:73:98:
47:34:e3:69:fa:02:f0:07:be:b8:2f:bb:0e:82:f7:
48:5c:27:08:92:10:bf:18:27:a8:ee:e2:98:6d:04:
00:7f:bd:c9:3b:7c:87:a0:cd:f9:5b:04:6b:09:35:
64:6a:dc:a8:29:09:bd:f2:d6:49:d5:84:c4:cd:25:
c1:b6:f0:ad:38:57:29:96:cd:c2:ca:9c:f6:55:86:
76:14:0a:8d:8a:e8:a6:27:8f:4b:27:1f:d4:4f:5f:
94:b8:6c:52:25:3e:cb:db:cd:75:6b:c0:a0:db:2c:
b9:12:6e:76:14:37:de:88:c6:5b:e4:a5:94:c2:d2:
e6:50:48:2c:24:4b:ae:c3:3d:40:94:3c:00:8e:6e:
c8:03:68:73:1a:31:c4:2e:19:74:75:1f:4b:76:3d:
e5:ac:10:a8:bf:38:5f:b0:29:a2:66:ba:e1:e7:77:
0d:31:e1:62:f1:c0:39:b1:10:5f:b8:76:68:bb:c2:
ab:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:95:EF:26:75:89:D3:71:3F:C1:07:DF:54:9C:2A:1C:88:5D:5C:AA
X509v3 Authority Key Identifier:
keyid:AD:52:C2:8E:F9:A5:B2:29:1A:BA:67:1A:C9:A6:5D:8F:AA:DC:55:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/65XvJnWJ03E_wQffVJwqHIhdXKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/rVLCjvmlsikaumcayaZdj6rcVRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.192.0/18
89.237.139.0/24
89.237.162.0/24
89.237.167.0/24
89.237.173.0/24
212.24.226.0-212.24.228.255
IPv6:
2a00:f580::/32
Signature Algorithm: sha256WithRSAEncryption
2e:1c:54:b1:cf:c1:ce:42:28:1f:9b:2b:81:d8:79:be:1b:fb:
0a:27:67:75:a9:0c:27:cd:f3:90:8f:86:11:0b:95:f1:d1:c9:
32:f7:71:96:52:08:67:ec:23:a0:22:29:07:84:26:2d:a4:38:
86:ca:ed:bb:31:c4:8b:94:80:ff:9f:6e:20:d0:cd:2f:0e:55:
92:cf:81:61:59:90:ee:3d:0a:c6:68:cd:e2:b6:d7:60:46:8e:
66:72:9e:42:7c:30:87:40:66:c7:91:b6:28:5b:06:18:b4:9c:
d2:af:b3:4e:61:78:8e:78:ce:44:d3:5f:6a:65:b8:e9:7d:5a:
af:15:4d:cd:50:2d:53:41:1f:dd:e8:c8:b4:b3:e5:ca:60:2c:
35:0c:4e:4f:45:ec:75:eb:a9:f7:6d:47:93:35:52:f6:1f:c4:
8a:b5:ca:40:9f:65:20:96:0e:52:16:5d:d0:e7:95:e1:f6:9c:
cb:04:84:e3:54:dc:ba:48:c0:d7:8e:16:64:32:65:52:f6:54:
df:92:a6:f4:ca:ac:35:3a:81:56:ce:45:7b:62:82:b8:e7:32:
f8:35:ff:7c:d5:54:22:c7:91:5a:cb:62:4e:12:fb:1d:c1:e2:
43:50:bc:65:4b:22:bc:5f:9d:4f:f4:e5:d9:f2:c7:29:9c:7f:
a2:11:e2:32
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYoY+eZ/lN9g0j2X2ramFgVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNTJjMjhlZjlhNWIyMjkxYWJhNjcxYWM5YTY1ZDhmYWFk
YzU1MTgwHhcNMjMwODIxMTY0MjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjk1ZWYyNjc1ODlkMzcxM2ZjMTA3ZGY1NDljMmExYzg4NWQ1Y2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4R/Dt7/WPfoYqkuDNPQkrl2LfdP
KtYw6Wp/cwdFwtlKTR7vmSFP8H2Ib7YriQfNYFbWQNI1O9VTDE1RHdJPBkVetoCr
zrFIc5hHNONp+gLwB764L7sOgvdIXCcIkhC/GCeo7uKYbQQAf73JO3yHoM35WwRr
CTVkatyoKQm98tZJ1YTEzSXBtvCtOFcpls3Cypz2VYZ2FAqNiuimJ49LJx/UT1+U
uGxSJT7L2811a8Cg2yy5Em52FDfeiMZb5KWUwtLmUEgsJEuuwz1AlDwAjm7IA2hz
GjHELhl0dR9Ldj3lrBCovzhfsCmiZrrh53cNMeFi8cA5sRBfuHZou8Kr2QIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFOuV7yZ1idNxP8EH31ScKhyIXVyqMB8GA1UdIwQY
MBaAFK1Swo75pbIpGrpnGsmmXY+q3FUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclZMQ2p2bWxzaWthdW1jYXlhWmRqNnJjVlJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iYjNkNzMtY2EzZi00NDY3LWI2ZTgt
NzAyYmU0OGE1NTFlLzEvNjVYdkpuV0owM0Vfd1FmZlZKd3FISWhkWEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iYjNkNzMtY2EzZi00NDY3LWI2ZTgtNzAyYmU0OGE1NTFl
LzEvclZMQ2p2bWxzaWthdW1jYXlhWmRqNnJjVlJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQGTorAAwQA
We2LAwQAWe2iAwQAWe2nAwQAWe2tMAwDBAHUGOIDBADUGOQwDQQCAAIwBwMFACoA
9YAwDQYJKoZIhvcNAQELBQADggEBAC4cVLHPwc5CKB+bK4HYeb4b+wonZ3WpDCfN
85CPhhELlfHRyTL3cZZSCGfsI6AiKQeEJi2kOIbK7bsxxIuUgP+fbiDQzS8OVZLP
gWFZkO49CsZozeK212BGjmZynkJ8MIdAZseRtihbBhi0nNKvs05heI54zkTTX2pl
uOl9Wq8VTc1QLVNBH93oyLSz5cpgLDUMTk9F7HXrqfdtR5M1UvYfxIq1ykCfZSCW
DlIWXdDnleH2nMsEhONU3LpIwNeOFmQyZVL2VN+SpvTKrDU6gVbORXtigrjnMvg1
/3zVVCLHkVrLYk4S+x3B4kNQvGVLIrxfnU/05dnyxymcf6IR4jI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:49 2025 by rpki-client