Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/lqAZI_o90mNT6sSjt3zbsFQbO-8.roa
File: lqAZI_o90mNT6sSjt3zbsFQbO-8.roa (raw, json)
Hash identifier: rELUd+uYxi1aelZ40aYz7vmJB0Qkfw5A09vUcLSHIOw=
Subject key identifier: 96:A0:19:23:FA:3D:D2:63:53:EA:C4:A3:B7:7C:DB:B0:54:1B:3B:EF
Certificate issuer: /CN=a663abd479cbff76082304bf60d03adc3187d936
Certificate serial: 0185AC4A4B8D1D1D193C7E03EBA9624EA662
Authority key identifier: A6:63:AB:D4:79:CB:FF:76:08:23:04:BF:60:D0:3A:DC:31:87:D9:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pmOr1HnL_3YIIwS_YNA63DGH2TY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/lqAZI_o90mNT6sSjt3zbsFQbO-8.roa
Signing time: Fri 13 Jan 2023 18:00:28 +0000
ROA not before: Fri 13 Jan 2023 18:00:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 185.198.89.0/24 maxlen: 24
185.198.90.0/24 maxlen: 24
2a0a:8f40:7::/48 maxlen: 48
2a0a:8f40:a::/48 maxlen: 48
2a0a:8f40:2::/48 maxlen: 48
2a0a:8f40:8::/48 maxlen: 48
2a0a:8f40:3::/48 maxlen: 48
2a0a:8f40:b::/48 maxlen: 48
2a0a:8f40:9::/48 maxlen: 48
2a0a:8f40:c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ac:4a:4b:8d:1d:1d:19:3c:7e:03:eb:a9:62:4e:a6:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a663abd479cbff76082304bf60d03adc3187d936
Validity
Not Before: Jan 13 18:00:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96a01923fa3dd26353eac4a3b77cdbb0541b3bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c5:78:4e:7c:15:92:26:ea:81:30:32:6f:60:
01:39:ff:9d:25:44:c0:99:a9:e1:b3:e6:0d:cf:13:
61:41:b7:e9:f9:69:19:84:b2:8c:53:db:ff:53:2c:
63:18:0c:aa:44:f1:d5:53:4b:7d:45:fa:4d:09:81:
fa:72:88:7f:52:a3:c9:5a:27:a5:a3:4d:21:45:7b:
ae:ec:d3:07:b1:ee:83:3f:2f:88:b5:27:66:78:fb:
8a:c4:84:d5:62:ef:e6:81:1e:db:4a:41:ad:3c:11:
a5:6a:c7:53:6c:85:f9:3a:d7:53:44:3e:e9:31:0f:
2b:83:3c:78:4c:d7:a5:ee:1e:8a:c7:24:29:f5:0d:
44:54:67:e8:18:1e:25:39:29:b1:cb:84:08:0f:da:
05:bf:1a:d0:9e:21:57:20:dc:79:84:8b:ad:63:1f:
e2:eb:72:28:be:03:f3:b2:08:70:f3:c4:ad:3e:02:
f5:7a:57:26:47:90:98:f2:47:49:08:bb:d4:98:66:
bb:07:09:5f:cc:ba:fe:54:f7:d4:da:42:16:17:8b:
6a:b5:51:e9:5d:80:aa:95:7a:27:15:28:a8:9a:b8:
29:c5:34:e3:f1:28:d5:08:16:29:1c:cf:d6:ff:7f:
91:f4:5b:61:99:51:32:e2:92:16:e9:ac:dd:fb:d4:
9e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A0:19:23:FA:3D:D2:63:53:EA:C4:A3:B7:7C:DB:B0:54:1B:3B:EF
X509v3 Authority Key Identifier:
keyid:A6:63:AB:D4:79:CB:FF:76:08:23:04:BF:60:D0:3A:DC:31:87:D9:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pmOr1HnL_3YIIwS_YNA63DGH2TY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/lqAZI_o90mNT6sSjt3zbsFQbO-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/pmOr1HnL_3YIIwS_YNA63DGH2TY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.89.0-185.198.90.255
IPv6:
2a0a:8f40:2::/47
2a0a:8f40:7::-2a0a:8f40:c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
db:ba:bc:9e:c1:ea:c7:c5:0b:31:8f:cb:a6:c7:0a:b2:33:13:
83:14:ff:5e:d0:01:4e:0b:ed:09:b3:a2:8d:7d:19:a1:bf:de:
00:9e:55:96:57:3a:49:2d:b2:64:49:68:69:b3:a3:86:87:85:
cf:1c:76:d9:f2:ac:8d:90:28:f8:84:fb:82:a5:52:af:11:ea:
25:3e:bd:16:aa:d6:83:e4:3b:63:db:ce:b5:44:47:09:61:d9:
2c:26:df:fe:95:40:95:41:04:01:6c:0c:8c:6a:20:62:38:e6:
04:1a:00:d6:05:42:d4:1c:d4:93:e7:13:c0:6e:08:a3:54:fc:
95:b1:55:b3:d4:8a:d0:84:7a:b2:6b:b5:9f:6f:ae:9d:42:47:
52:4b:c5:b8:a7:ab:02:ba:9b:cd:cb:31:a5:6e:08:67:db:a8:
b3:d9:5e:77:7e:d3:44:0f:94:6c:9a:75:f3:a0:4e:4b:8a:e9:
ab:66:17:c1:aa:dc:e4:b5:5e:36:32:b7:c3:d1:23:56:80:47:
c2:6a:1b:8f:91:4d:c5:bc:95:ca:94:f1:b0:66:29:ba:75:e2:
37:5b:d2:f9:0f:e4:62:ff:ef:ea:72:7f:86:ce:0e:61:b7:4d:
83:a8:13:fb:c1:76:fe:0d:29:34:94:49:d3:f0:d8:12:85:a1:
8a:ac:7b:08
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYWsSkuNHR0ZPH4D66liTqZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NjNhYmQ0NzljYmZmNzYwODIzMDRiZjYwZDAzYWRjMzE4
N2Q5MzYwHhcNMjMwMTEzMTgwMDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmEwMTkyM2ZhM2RkMjYzNTNlYWM0YTNiNzdjZGJiMDU0MWIzYmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcV4TnwVkibqgTAyb2ABOf+dJUTA
manhs+YNzxNhQbfp+WkZhLKMU9v/UyxjGAyqRPHVU0t9RfpNCYH6coh/UqPJWiel
o00hRXuu7NMHse6DPy+ItSdmePuKxITVYu/mgR7bSkGtPBGlasdTbIX5OtdTRD7p
MQ8rgzx4TNel7h6KxyQp9Q1EVGfoGB4lOSmxy4QID9oFvxrQniFXINx5hIutYx/i
63IovgPzsghw88StPgL1elcmR5CY8kdJCLvUmGa7BwlfzLr+VPfU2kIWF4tqtVHp
XYCqlXonFSiomrgpxTTj8SjVCBYpHM/W/3+R9FthmVEy4pIW6azd+9Se9QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJagGSP6PdJjU+rEo7d827BUGzvvMB8GA1UdIwQY
MBaAFKZjq9R5y/92CCMEv2DQOtwxh9k2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG1PcjFIbkxfM1lJSXdTX1lOQTYzREdIMlRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9mNDI3MjQtZDAwOS00ODdkLWE3OWMt
YmZhMDRmNmNkZTUwLzEvbHFBWklfbzkwbU5UNnNTanQzemJzRlFiTy04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9mNDI3MjQtZDAwOS00ODdkLWE3OWMtYmZhMDRmNmNkZTUw
LzEvcG1PcjFIbkxfM1lJSXdTX1lOQTYzREdIMlRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAUBAIAATAOMAwDBAC5xlkD
BAC5xlowIwQCAAIwHQMHASoKj0AAAjASAwcAKgqPQAAHAwcAKgqPQAAMMA0GCSqG
SIb3DQEBCwUAA4IBAQDburyewerHxQsxj8umxwqyMxODFP9e0AFOC+0Js6KNfRmh
v94AnlWWVzpJLbJkSWhps6OGh4XPHHbZ8qyNkCj4hPuCpVKvEeolPr0WqtaD5Dtj
2861REcJYdksJt/+lUCVQQQBbAyMaiBiOOYEGgDWBULUHNST5xPAbgijVPyVsVWz
1IrQhHqya7Wfb66dQkdSS8W4p6sCupvNyzGlbghn26iz2V53ftNED5RsmnXzoE5L
iumrZhfBqtzktV42MrfD0SNWgEfCahuPkU3FvJXKlPGwZim6deI3W9L5D+Ri/+/q
cn+Gzg5ht02DqBP7wXb+DSk0lEnT8NgShaGKrHsI
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:15:18 2025 by rpki-client