Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/AMAwp6VcPHRw-QKe79lcrFcU19Y.roa
File: AMAwp6VcPHRw-QKe79lcrFcU19Y.roa (raw, json)
Hash identifier: 7tQw2Qq7bBZ1uCaMQ14QDglKar+luUjoIxeh5RB2w1o=
Subject key identifier: 00:C0:30:A7:A5:5C:3C:74:70:F9:02:9E:EF:D9:5C:AC:57:14:D7:D6
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 019493759EC6CBF3B9ED2A89B7403E3452AB
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/AMAwp6VcPHRw-QKe79lcrFcU19Y.roa
Signing time: Thu 23 Jan 2025 13:59:06 +0000
ROA not before: Thu 23 Jan 2025 13:59:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 147049
IP address blocks: 86.38.66.0/24 maxlen: 24
86.38.69.0/24 maxlen: 24
86.38.77.0/24 maxlen: 24
86.38.78.0/24 maxlen: 24
89.117.202.0/24 maxlen: 24
89.117.205.0/24 maxlen: 24
89.117.210.0/24 maxlen: 24
89.117.232.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:75:9e:c6:cb:f3:b9:ed:2a:89:b7:40:3e:34:52:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 23 13:59:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00c030a7a55c3c7470f9029eefd95cac5714d7d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:74:6e:ea:13:e5:cf:22:af:5a:d1:2b:1c:e9:
57:d1:f1:70:4d:99:6e:f1:29:3d:14:8e:6b:92:1e:
d7:83:da:a1:b3:16:40:a2:d3:ec:79:52:89:6a:f4:
d1:8b:73:e6:d0:92:d0:1d:a3:10:f3:04:45:3e:36:
db:b0:ce:21:a4:bb:ee:74:3c:34:03:4f:5a:a1:95:
3c:26:41:2d:fc:c6:a5:c2:9f:cc:60:ea:4b:64:cf:
5a:f9:d8:84:90:97:a5:e9:1a:74:6f:03:6b:c9:74:
f6:06:8b:56:8b:a6:10:31:42:5b:8e:ac:8c:fb:ec:
cb:15:49:88:58:f6:34:43:07:9a:f8:9c:0c:0a:f3:
ea:fd:22:87:6b:ba:4d:22:45:7a:ae:ab:ac:14:45:
c1:48:6e:24:ba:fb:67:9f:4c:9e:17:08:e5:d7:06:
da:c0:d3:44:8d:a9:df:69:7f:eb:6a:31:e7:38:a8:
ed:63:dc:eb:47:e0:a8:eb:db:43:d1:b1:e6:e7:0c:
67:92:42:76:a6:72:0d:b3:e4:83:4e:d0:e4:17:68:
18:f4:62:50:1e:56:06:8d:2d:fd:28:00:8a:e2:19:
fa:1c:09:08:8d:63:bf:14:7f:74:38:a9:da:b2:ee:
13:ab:c4:64:75:d8:be:fd:27:3f:f0:ce:62:28:88:
56:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C0:30:A7:A5:5C:3C:74:70:F9:02:9E:EF:D9:5C:AC:57:14:D7:D6
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/AMAwp6VcPHRw-QKe79lcrFcU19Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.66.0/24
86.38.69.0/24
86.38.77.0-86.38.78.255
89.117.202.0/24
89.117.205.0/24
89.117.210.0/24
89.117.232.0/24
Signature Algorithm: sha256WithRSAEncryption
70:e1:47:9f:e3:11:b7:a7:2c:dd:5e:76:89:d4:79:c2:ab:89:
67:61:88:4a:25:36:7a:09:aa:55:bd:54:aa:e1:6a:42:7f:c6:
1e:e9:2d:03:a7:59:0d:6e:cf:76:58:5e:c9:ec:88:e2:9a:7f:
31:8e:af:fe:3d:9e:b9:da:3f:73:11:1b:f9:d8:b4:de:66:3b:
96:df:ba:7d:72:6a:6f:ab:d6:eb:fa:64:14:82:33:5d:d0:2a:
38:6b:df:1a:cf:c6:36:7b:c1:89:c3:96:ed:5f:e8:a7:c6:85:
23:68:86:1c:35:92:34:9f:2e:c1:5d:46:3c:35:bf:b6:c4:e0:
49:ca:98:c9:93:56:99:65:90:50:a5:33:db:1b:4c:96:ff:d7:
65:02:a4:08:56:e1:b1:6d:fe:33:08:d1:27:27:4b:52:3f:0e:
33:f3:7a:29:bc:85:e1:41:81:6a:71:3e:35:fb:c5:b2:73:1c:
64:52:f1:97:f8:19:65:e9:60:27:9f:7b:b1:2b:3e:08:52:43:
c3:cd:d6:d3:7b:20:af:b6:20:09:d8:fc:b3:d2:06:99:f6:99:
cd:05:2e:a6:fa:e0:f2:44:08:4e:88:e3:41:b7:63:e2:dd:00:
ac:16:36:27:ec:17:3c:24:e3:84:39:56:a9:b0:46:b9:c7:b4:
71:e9:bc:19
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZSTdZ7Gy/O57SqJt0A+NFKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjUwMTIzMTM1OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGMwMzBhN2E1NWMzYzc0NzBmOTAyOWVlZmQ5NWNhYzU3MTRkN2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3Ru6hPlzyKvWtErHOlX0fFwTZlu
8Sk9FI5rkh7Xg9qhsxZAotPseVKJavTRi3Pm0JLQHaMQ8wRFPjbbsM4hpLvudDw0
A09aoZU8JkEt/Malwp/MYOpLZM9a+diEkJel6Rp0bwNryXT2BotWi6YQMUJbjqyM
++zLFUmIWPY0Qwea+JwMCvPq/SKHa7pNIkV6rqusFEXBSG4kuvtnn0yeFwjl1wba
wNNEjanfaX/rajHnOKjtY9zrR+Co69tD0bHm5wxnkkJ2pnINs+SDTtDkF2gY9GJQ
HlYGjS39KACK4hn6HAkIjWO/FH90OKnasu4Tq8Rkddi+/Sc/8M5iKIhWOQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFADAMKelXDx0cPkCnu/ZXKxXFNfWMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvQU1Bd3A2VmNQSFJ3LVFLZTc5bGNyRmNVMTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAViZCAwQA
ViZFMAwDBABWJk0DBABWJk4DBABZdcoDBABZdc0DBABZddIDBABZdegwDQYJKoZI
hvcNAQELBQADggEBAHDhR5/jEbenLN1edonUecKriWdhiEolNnoJqlW9VKrhakJ/
xh7pLQOnWQ1uz3ZYXsnsiOKafzGOr/49nrnaP3MRG/nYtN5mO5bfun1yam+r1uv6
ZBSCM13QKjhr3xrPxjZ7wYnDlu1f6KfGhSNohhw1kjSfLsFdRjw1v7bE4EnKmMmT
VpllkFClM9sbTJb/12UCpAhW4bFt/jMI0ScnS1I/DjPzeim8heFBgWpxPjX7xbJz
HGRS8Zf4GWXpYCefe7ErPghSQ8PN1tN7IK+2IAnY/LPSBpn2mc0FLqb64PJECE6I
40G3Y+LdAKwWNifsFzwk44Q5VqmwRrnHtHHpvBk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:14 2025 by rpki-client