Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/hMPHyyxd0Ggkk5V5WC4xAU_Pgos.roa
File: hMPHyyxd0Ggkk5V5WC4xAU_Pgos.roa (raw, json)
Hash identifier: wet/Lf0Hgqkty7l3QoO0LxZq9eQL/UvJWj3IZKhhDwc=
Subject key identifier: 84:C3:C7:CB:2C:5D:D0:68:24:93:95:79:58:2E:31:01:4F:CF:82:8B
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018CC94E3176D935FF690F8AFE503869E6F1
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/hMPHyyxd0Ggkk5V5WC4xAU_Pgos.roa
Signing time: Tue 02 Jan 2024 08:33:13 +0000
ROA not before: Tue 02 Jan 2024 08:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34383
IP address blocks: 89.170.0.0/16 maxlen: 16
85.192.192.0/18 maxlen: 18
85.117.128.0/19 maxlen: 19
95.136.128.0/17 maxlen: 17
2a00:5e80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:31:76:d9:35:ff:69:0f:8a:fe:50:38:69:e6:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 08:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84c3c7cb2c5dd06824939579582e31014fcf828b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f4:4e:64:b7:a5:bb:7b:9c:e6:58:88:89:53:
09:12:ed:b1:60:d8:ea:c3:e7:81:4f:2a:35:cb:f4:
1f:7a:cc:b4:74:41:1f:ec:02:7e:c4:18:84:77:38:
48:e1:eb:25:b0:8e:15:ca:8e:66:1f:47:fd:00:e2:
35:4d:c7:c5:3a:e8:e4:02:26:69:b1:ab:02:ce:ba:
3e:59:34:2f:31:32:fa:97:be:87:25:38:de:b9:ba:
54:af:8e:f4:fe:15:43:8b:98:14:08:fe:af:39:72:
1d:cd:dd:67:ae:d0:5b:7c:82:5f:db:b4:94:d8:7b:
27:dc:a6:e7:4e:df:ef:69:63:87:0e:5c:69:3d:0e:
8d:06:b4:c8:91:95:a6:f6:64:66:44:f0:b5:22:5f:
21:63:ef:d3:25:c9:ad:b7:5b:2a:1e:40:77:33:73:
26:4c:60:29:7f:db:9f:b6:dc:b5:2a:c2:3c:47:86:
20:11:a6:a9:30:51:15:7e:fe:10:8b:81:29:33:b8:
5a:a5:b8:7e:b0:7a:54:9b:11:60:1c:f7:9a:d4:f9:
2a:db:34:d7:c0:f0:1c:77:01:3e:ab:39:dd:cd:be:
0c:38:e8:6a:0f:3b:74:61:0f:6a:90:88:f0:ff:30:
d4:b1:62:bd:9f:c8:c9:da:09:af:c7:d4:e0:58:95:
42:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C3:C7:CB:2C:5D:D0:68:24:93:95:79:58:2E:31:01:4F:CF:82:8B
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/hMPHyyxd0Ggkk5V5WC4xAU_Pgos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.128.0/19
85.192.192.0/18
89.170.0.0/16
95.136.128.0/17
IPv6:
2a00:5e80::/32
Signature Algorithm: sha256WithRSAEncryption
6c:32:69:6a:bf:aa:d7:a4:b1:fb:f1:43:6c:f8:ab:5c:e2:0a:
69:48:8d:ad:ba:36:f2:80:ae:59:4e:68:56:cc:83:96:74:6a:
42:2a:8f:7a:d2:86:23:b8:1b:9b:7f:87:d6:69:6b:ba:04:42:
30:ad:0a:c3:29:3e:e1:50:cc:99:cf:fb:53:ce:55:3f:eb:25:
cc:07:de:d2:45:a7:a8:77:17:dc:b3:dc:4f:5f:80:98:a5:3f:
25:3c:a6:a2:ae:a8:da:5f:ee:73:8f:57:50:b1:42:f0:94:9d:
b0:3a:f2:fb:02:33:92:e9:08:3a:6b:2e:2f:4b:6f:15:fb:c1:
68:46:6c:da:46:26:37:38:7a:fb:3b:03:7d:bb:56:49:8a:81:
d0:b6:dc:c3:63:05:f1:42:db:6f:ea:33:8c:f2:b6:28:7c:da:
30:2d:81:03:95:1a:fd:c9:09:1d:50:7f:cc:55:49:7f:88:67:
3c:b5:22:1f:b4:44:a4:ec:fe:c7:45:50:1b:e9:72:0f:ab:68:
f5:63:7f:91:b4:5f:3f:6a:af:4a:79:95:1f:0d:6a:d0:fb:d2:
11:67:cc:9b:c7:d6:b2:ec:55:55:45:f5:23:2e:7b:43:53:7c:
fa:20:02:57:52:fe:1d:8b:e1:f6:96:74:5e:29:3b:50:05:c2:
85:f5:dd:e8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzJTjF22TX/aQ+K/lA4aebxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwMTAyMDgzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGMzYzdjYjJjNWRkMDY4MjQ5Mzk1Nzk1ODJlMzEwMTRmY2Y4MjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/ROZLelu3uc5liIiVMJEu2xYNjq
w+eBTyo1y/Qfesy0dEEf7AJ+xBiEdzhI4eslsI4Vyo5mH0f9AOI1TcfFOujkAiZp
sasCzro+WTQvMTL6l76HJTjeubpUr470/hVDi5gUCP6vOXIdzd1nrtBbfIJf27SU
2Hsn3KbnTt/vaWOHDlxpPQ6NBrTIkZWm9mRmRPC1Il8hY+/TJcmtt1sqHkB3M3Mm
TGApf9uftty1KsI8R4YgEaapMFEVfv4Qi4EpM7hapbh+sHpUmxFgHPea1Pkq2zTX
wPAcdwE+qzndzb4MOOhqDzt0YQ9qkIjw/zDUsWK9n8jJ2gmvx9TgWJVChwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFITDx8ssXdBoJJOVeVguMQFPz4KLMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvaE1QSHl5eGQwR2drazVWNVdDNHhBVV9QZ29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQFVXWAAwQG
VcDAAwMAWaoDBAdfiIAwDQQCAAIwBwMFACoAXoAwDQYJKoZIhvcNAQELBQADggEB
AGwyaWq/qteksfvxQ2z4q1ziCmlIja26NvKArllOaFbMg5Z0akIqj3rShiO4G5t/
h9Zpa7oEQjCtCsMpPuFQzJnP+1POVT/rJcwH3tJFp6h3F9yz3E9fgJilPyU8pqKu
qNpf7nOPV1CxQvCUnbA68vsCM5LpCDprLi9LbxX7wWhGbNpGJjc4evs7A327VkmK
gdC23MNjBfFC22/qM4zytih82jAtgQOVGv3JCR1Qf8xVSX+IZzy1Ih+0RKTs/sdF
UBvpcg+raPVjf5G0Xz9qr0p5lR8NatD70hFnzJvH1rLsVVVF9SMue0NTfPogAldS
/h2L4faWdF4pO1AFwoX13eg=
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:02:51 2025 by rpki-client