Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/Ce9ATPnHKBSut2E16MiT_h9c9KY.roa
File: Ce9ATPnHKBSut2E16MiT_h9c9KY.roa (raw, json)
Hash identifier: ONmJTuYbl+CrOGxDT2WE11IuAxAZnslUrJKNWz0Zapk=
Subject key identifier: 09:EF:40:4C:F9:C7:28:14:AE:B7:61:35:E8:C8:93:FE:1F:5C:F4:A6
Certificate issuer: /CN=4944680c20d1af01f169b18ac9c77d9877133cde
Certificate serial: 0186989E756CE5CD96B5A6B08F7F913D856D
Authority key identifier: 49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/Ce9ATPnHKBSut2E16MiT_h9c9KY.roa
Signing time: Tue 28 Feb 2023 15:22:46 +0000
ROA not before: Tue 28 Feb 2023 15:22:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 85.255.125.0/24 maxlen: 24
85.255.123.0/24 maxlen: 24
85.255.122.0/24 maxlen: 24
85.255.121.0/24 maxlen: 24
85.255.120.0/24 maxlen: 24
85.255.126.0/24 maxlen: 24
85.255.127.0/24 maxlen: 24
178.212.205.0/24 maxlen: 24
178.212.204.0/24 maxlen: 24
178.212.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:98:9e:75:6c:e5:cd:96:b5:a6:b0:8f:7f:91:3d:85:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4944680c20d1af01f169b18ac9c77d9877133cde
Validity
Not Before: Feb 28 15:22:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09ef404cf9c72814aeb76135e8c893fe1f5cf4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:dc:52:3a:c4:9f:6d:e2:53:79:fc:76:d0:46:
c4:34:83:61:ba:28:4a:e3:a2:a1:e5:61:01:7f:fa:
bb:0c:23:a7:50:e7:33:19:5a:63:63:99:69:80:29:
e0:93:f3:8d:52:51:ba:f1:60:de:07:06:eb:c9:e8:
ff:07:8b:8b:03:32:f4:ad:13:4b:b4:fb:45:46:22:
cf:db:0e:90:27:0d:b6:dc:2d:27:f0:eb:d4:8d:aa:
ae:33:68:d1:88:9a:e1:8f:64:47:ff:16:13:4c:c6:
6c:d2:b5:b7:95:d0:14:f6:0e:3a:1e:cd:22:27:4b:
59:59:b7:20:c8:d4:aa:ce:c5:81:c9:2a:1f:4d:5a:
dc:03:95:ad:d2:d2:85:e6:a9:67:3e:6c:7e:8d:44:
4e:05:ea:17:d5:4c:54:1c:1e:0f:1d:2d:94:a9:7d:
da:24:ec:fc:c2:ba:7d:c9:34:7f:67:15:f2:63:6d:
ef:b2:c8:29:87:23:f0:91:77:de:13:77:de:5f:97:
78:40:03:ee:fc:48:65:ff:61:8f:39:26:71:c3:2c:
c9:45:e0:96:00:71:2f:ce:c7:dc:d0:a6:69:36:9f:
46:07:ec:34:3d:39:2e:23:a3:c6:2a:0d:3a:98:3f:
f8:77:0f:6b:f4:e5:e5:48:e6:95:65:5b:0d:cb:da:
cd:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EF:40:4C:F9:C7:28:14:AE:B7:61:35:E8:C8:93:FE:1F:5C:F4:A6
X509v3 Authority Key Identifier:
keyid:49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/Ce9ATPnHKBSut2E16MiT_h9c9KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SURoDCDRrwHxabGKycd9mHcTPN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.120.0/22
85.255.125.0-85.255.127.255
178.212.203.0-178.212.205.255
Signature Algorithm: sha256WithRSAEncryption
63:51:71:de:4c:c4:8c:75:bc:f3:6c:24:5e:72:a1:28:1b:5d:
c5:c2:ef:28:41:95:82:c2:4a:da:5e:13:0d:0e:7c:5d:74:57:
fe:72:61:5a:18:b5:95:36:fc:55:e8:03:6c:f0:60:df:f5:68:
44:db:c0:22:5f:81:ba:c0:50:c4:98:12:79:0d:8d:b4:2d:7b:
16:04:10:97:55:44:b8:20:29:2c:e3:7c:cf:90:74:83:1a:44:
8f:ee:fc:10:a8:36:99:27:59:fa:18:ac:98:11:91:f8:f7:37:
69:eb:c2:e7:ba:7f:37:26:ac:b0:48:69:80:a3:79:20:f8:63:
3e:64:90:c9:c4:89:ae:14:3d:60:7d:27:13:4a:1a:d2:54:c4:
b8:ba:32:0c:7f:52:10:60:19:53:78:7a:8c:73:c3:07:a6:7e:
33:0f:e8:4e:5f:2f:96:68:76:46:e0:c7:10:5d:6a:30:e7:9a:
2f:a8:02:36:ae:73:1b:d9:bd:6a:35:a3:15:3c:07:9f:87:e2:
c1:2c:f6:91:41:53:01:9e:b0:91:2b:2d:b5:44:31:b1:ae:c6:
7e:d0:30:93:da:79:73:63:65:73:b5:53:87:03:f1:c4:24:ba:
94:bf:34:aa:29:dd:97:0a:92:49:fb:b1:7c:76:bb:8c:c6:46:
ce:b3:18:37
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYaYnnVs5c2Wtaawj3+RPYVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NDQ2ODBjMjBkMWFmMDFmMTY5YjE4YWM5Yzc3ZDk4Nzcx
MzNjZGUwHhcNMjMwMjI4MTUyMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWVmNDA0Y2Y5YzcyODE0YWViNzYxMzVlOGM4OTNmZTFmNWNmNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9xSOsSfbeJTefx20EbENINhuihK
46Kh5WEBf/q7DCOnUOczGVpjY5lpgCngk/ONUlG68WDeBwbryej/B4uLAzL0rRNL
tPtFRiLP2w6QJw223C0n8OvUjaquM2jRiJrhj2RH/xYTTMZs0rW3ldAU9g46Hs0i
J0tZWbcgyNSqzsWBySofTVrcA5Wt0tKF5qlnPmx+jUROBeoX1UxUHB4PHS2UqX3a
JOz8wrp9yTR/ZxXyY23vssgphyPwkXfeE3feX5d4QAPu/Ehl/2GPOSZxwyzJReCW
AHEvzsfc0KZpNp9GB+w0PTkuI6PGKg06mD/4dw9r9OXlSOaVZVsNy9rN0QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFAnvQEz5xygUrrdhNejIk/4fXPSmMB8GA1UdIwQY
MBaAFElEaAwg0a8B8WmxisnHfZh3EzzeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTIt
ZWJkY2MwMmZiYWU5LzEvQ2U5QVRQbkhLQlN1dDJFMTZNaVRfaDljOUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTItZWJkY2MwMmZiYWU5
LzEvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCVf94MAwD
BABV/30DBAdV/wAwDAMEALLUywMEAbLUzDANBgkqhkiG9w0BAQsFAAOCAQEAY1Fx
3kzEjHW882wkXnKhKBtdxcLvKEGVgsJK2l4TDQ58XXRX/nJhWhi1lTb8VegDbPBg
3/VoRNvAIl+BusBQxJgSeQ2NtC17FgQQl1VEuCApLON8z5B0gxpEj+78EKg2mSdZ
+hismBGR+Pc3aevC57p/NyassEhpgKN5IPhjPmSQycSJrhQ9YH0nE0oa0lTEuLoy
DH9SEGAZU3h6jHPDB6Z+Mw/oTl8vlmh2RuDHEF1qMOeaL6gCNq5zG9m9ajWjFTwH
n4fiwSz2kUFTAZ6wkSsttUQxsa7GftAwk9p5c2Nlc7VThwPxxCS6lL80qindlwqS
SfuxfHa7jMZGzrMYNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:52 2024 by rpki-client on console-fra.rpki-client.org