Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/0874yYNMWcf6M9u2M0XN44DVibo.roa
File: 0874yYNMWcf6M9u2M0XN44DVibo.roa (raw, json)
Hash identifier: z7xXRMiDepsTHFXGMQ0QRpMi+N/OpZBDsdt7+9yL0Oo=
Subject key identifier: D3:CE:F8:C9:83:4C:59:C7:FA:33:DB:B6:33:45:CD:E3:80:D5:89:BA
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01942747D6270A4EC39C914FED23F3C40159
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/0874yYNMWcf6M9u2M0XN44DVibo.roa
Signing time: Thu 02 Jan 2025 13:50:06 +0000
ROA not before: Thu 02 Jan 2025 13:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213220
IP address blocks: 95.182.108.0/24 maxlen: 24
95.182.110.0/24 maxlen: 24
109.248.6.0/23 maxlen: 24
109.248.33.0/24 maxlen: 24
109.248.45.0/24 maxlen: 24
188.130.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d6:27:0a:4e:c3:9c:91:4f:ed:23:f3:c4:01:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 13:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3cef8c9834c59c7fa33dbb63345cde380d589ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2d:31:9e:bd:e4:aa:81:fa:81:fe:f3:28:d2:
91:35:2c:30:a6:d1:ff:aa:e3:25:6a:bb:53:f9:34:
ab:13:88:1a:64:64:54:10:fc:f3:84:0a:1d:d9:a1:
61:b8:ce:a4:88:c9:12:c9:83:6a:ad:72:03:e6:a4:
d9:32:26:79:ae:d9:a1:fa:db:b0:2b:38:57:6c:83:
bc:4a:e4:05:b7:56:cf:3e:e7:2f:7c:e0:4a:0c:7f:
12:fd:9c:a6:2f:59:37:1d:5c:e1:17:36:b6:cc:c3:
d7:f7:57:07:d7:22:dd:2c:eb:81:3b:8d:e4:96:19:
30:d2:46:66:d6:40:4d:6c:3e:59:a7:0d:07:9a:34:
c3:51:c5:9d:b0:97:53:0e:06:68:1b:95:ff:44:bb:
66:a2:d2:1e:cd:db:f0:16:56:ff:bc:dd:3e:c7:28:
92:f4:1b:55:98:e4:1c:25:62:e7:00:f0:e5:60:b8:
8d:07:cd:ed:1f:99:04:3e:42:8d:8d:e4:76:83:32:
77:09:91:bd:b5:c8:97:16:9d:d2:ee:9f:f7:a5:ec:
68:4c:4c:2e:db:80:e7:14:67:04:94:bb:83:58:b3:
2e:38:62:a5:89:e6:4c:5f:21:fb:79:e0:42:ef:45:
06:e2:7c:28:66:c7:95:b8:1e:8f:62:ef:82:bb:5f:
04:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:CE:F8:C9:83:4C:59:C7:FA:33:DB:B6:33:45:CD:E3:80:D5:89:BA
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/0874yYNMWcf6M9u2M0XN44DVibo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.182.108.0/24
95.182.110.0/24
109.248.6.0/23
109.248.33.0/24
109.248.45.0/24
188.130.209.0/24
Signature Algorithm: sha256WithRSAEncryption
35:57:e0:c1:c2:ea:4a:92:c1:54:bd:7a:a9:84:8e:1f:5b:74:
78:e3:c7:28:9e:40:68:9a:d7:d8:cb:ac:97:3d:57:d4:62:9a:
93:c0:f5:a4:4e:db:df:ba:bd:8f:ef:ef:01:68:d1:87:9f:7d:
cc:d8:e0:f7:7e:61:64:24:e1:82:23:b7:3b:c5:7b:30:90:00:
50:1d:06:56:d4:a6:41:68:25:f9:25:20:50:31:55:d8:03:b2:
a0:12:d0:3a:50:73:c4:85:d1:ac:c3:64:a6:bb:16:ae:e9:88:
db:82:0c:22:76:ed:9e:94:36:ed:6a:e4:0a:07:0c:06:7f:8c:
77:99:d8:1e:b1:e9:ab:0a:fc:48:5e:69:85:e9:23:64:f9:46:
b2:e0:65:36:28:2d:60:86:44:d6:b0:c8:6b:6d:79:b9:b4:c9:
7a:c3:71:10:e9:e4:13:9a:3f:8e:2d:9c:d5:2d:9d:76:b8:2a:
5a:a3:9d:cc:0f:8e:73:8c:b1:f0:7a:64:15:1b:f1:00:31:97:
b2:aa:cd:02:58:ec:04:4e:e4:5e:e7:52:08:04:fb:51:99:e1:
ad:55:46:ca:a1:ad:ea:43:21:1b:48:a2:45:61:22:be:c4:1c:
71:48:ca:dc:6b:3b:a4:9f:c6:48:9a:aa:2a:98:bd:ac:9c:81:
51:ae:60:29
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQnR9YnCk7DnJFP7SPzxAFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwMTAyMTM1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2NlZjhjOTgzNGM1OWM3ZmEzM2RiYjYzMzQ1Y2RlMzgwZDU4OWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS0xnr3kqoH6gf7zKNKRNSwwptH/
quMlartT+TSrE4gaZGRUEPzzhAod2aFhuM6kiMkSyYNqrXID5qTZMiZ5rtmh+tuw
KzhXbIO8SuQFt1bPPucvfOBKDH8S/ZymL1k3HVzhFza2zMPX91cH1yLdLOuBO43k
lhkw0kZm1kBNbD5Zpw0HmjTDUcWdsJdTDgZoG5X/RLtmotIezdvwFlb/vN0+xyiS
9BtVmOQcJWLnAPDlYLiNB83tH5kEPkKNjeR2gzJ3CZG9tciXFp3S7p/3pexoTEwu
24DnFGcElLuDWLMuOGKlieZMXyH7eeBC70UG4nwoZseVuB6PYu+Cu18EkwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNPO+MmDTFnH+jPbtjNFzeOA1Ym6MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvMDg3NHlZTk1XY2Y2TTl1Mk0wWE40NERWaWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAX7ZsAwQA
X7ZuAwQBbfgGAwQAbfghAwQAbfgtAwQAvILRMA0GCSqGSIb3DQEBCwUAA4IBAQA1
V+DBwupKksFUvXqphI4fW3R448conkBomtfYy6yXPVfUYpqTwPWkTtvfur2P7+8B
aNGHn33M2OD3fmFkJOGCI7c7xXswkABQHQZW1KZBaCX5JSBQMVXYA7KgEtA6UHPE
hdGsw2Smuxau6Yjbggwidu2elDbtauQKBwwGf4x3mdgesemrCvxIXmmF6SNk+Uay
4GU2KC1ghkTWsMhrbXm5tMl6w3EQ6eQTmj+OLZzVLZ12uCpao53MD45zjLHwemQV
G/EAMZeyqs0CWOwETuRe51IIBPtRmeGtVUbKoa3qQyEbSKJFYSK+xBxxSMrcazuk
n8ZImqoqmL2snIFRrmAp
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:09:23 2025 by rpki-client