Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6e74e6-2603-4711-ace1-75ae1e6d9c31/1/M5Obk9gFoZSu1l7_1VpHK4cE7Aw.roa
File: M5Obk9gFoZSu1l7_1VpHK4cE7Aw.roa (raw, json)
Hash identifier: afT4e+ISfMgpDRntADTapn4Ce5J5Tb8thd3YmM1TKZY=
Subject key identifier: 33:93:9B:93:D8:05:A1:94:AE:D6:5E:FF:D5:5A:47:2B:87:04:EC:0C
Certificate issuer: /CN=c3ab8f44fc356096b8e656fc8739871ec00d1f12
Certificate serial: 0190F96B6A3FC65A437E304E06B695AA9536
Authority key identifier: C3:AB:8F:44:FC:35:60:96:B8:E6:56:FC:87:39:87:1E:C0:0D:1F:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6uPRPw1YJa45lb8hzmHHsANHxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6e74e6-2603-4711-ace1-75ae1e6d9c31/1/M5Obk9gFoZSu1l7_1VpHK4cE7Aw.roa
Signing time: Sun 28 Jul 2024 12:58:04 +0000
ROA not before: Sun 28 Jul 2024 12:58:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8903
IP address blocks: 176.98.220.0/24 maxlen: 24
176.98.223.0/24 maxlen: 24
185.155.64.0/24 maxlen: 24
185.155.67.0/24 maxlen: 24
185.187.180.0/24 maxlen: 24
185.187.181.0/24 maxlen: 24
185.187.182.0/24 maxlen: 24
185.187.183.0/24 maxlen: 24
2a0d:59c0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f9:6b:6a:3f:c6:5a:43:7e:30:4e:06:b6:95:aa:95:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3ab8f44fc356096b8e656fc8739871ec00d1f12
Validity
Not Before: Jul 28 12:58:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33939b93d805a194aed65effd55a472b8704ec0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c3:60:11:51:42:5d:40:53:5a:15:d0:a6:cb:
a2:e9:2d:99:11:7d:94:be:99:28:89:c3:45:ff:a4:
c6:e4:4b:11:5e:36:67:43:0f:18:f4:a1:66:aa:99:
b8:8c:b6:39:cd:f8:b7:d6:50:94:b3:07:64:f1:68:
85:f2:35:79:6e:9f:37:59:a9:61:be:ce:39:1d:87:
ad:66:2c:85:73:4c:97:1b:40:38:b9:bd:f9:cf:4a:
0f:f7:5a:75:7c:51:fa:6d:3c:4e:f6:c7:f5:6c:16:
e3:32:61:2c:a3:ac:e5:2a:a8:ca:ea:0c:6e:78:7d:
ce:4c:e7:ea:ab:36:ba:2c:5a:f1:6c:8d:e1:2f:43:
c1:03:72:69:2b:ac:1b:24:00:43:7e:20:3a:12:77:
4c:7f:f8:79:65:cf:e4:06:e2:1d:3a:c4:7b:2e:d9:
a2:75:32:ee:e9:e2:5d:01:99:eb:a1:71:fd:76:3d:
61:91:26:7a:7d:1a:e1:9b:0c:15:7f:ab:e9:60:cf:
52:20:fa:89:f9:ff:5e:ac:03:bd:d7:5e:0a:5d:49:
de:9f:4d:58:52:00:90:32:2a:78:16:50:ea:07:62:
28:b4:9e:27:51:4a:54:73:76:b9:f4:aa:13:c9:da:
a1:1e:d5:f8:59:05:00:62:73:13:9d:b1:43:11:99:
19:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:93:9B:93:D8:05:A1:94:AE:D6:5E:FF:D5:5A:47:2B:87:04:EC:0C
X509v3 Authority Key Identifier:
keyid:C3:AB:8F:44:FC:35:60:96:B8:E6:56:FC:87:39:87:1E:C0:0D:1F:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6uPRPw1YJa45lb8hzmHHsANHxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6e74e6-2603-4711-ace1-75ae1e6d9c31/1/M5Obk9gFoZSu1l7_1VpHK4cE7Aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6e74e6-2603-4711-ace1-75ae1e6d9c31/1/w6uPRPw1YJa45lb8hzmHHsANHxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.98.220.0/24
176.98.223.0/24
185.155.64.0/24
185.155.67.0/24
185.187.180.0/22
IPv6:
2a0d:59c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:8f:4f:b1:92:4a:50:8e:45:1e:0e:3a:fe:91:2b:a2:aa:37:
8a:62:71:c6:34:f4:d6:fe:3c:3e:14:45:f1:79:9d:ca:b6:e2:
34:19:be:82:91:e1:9c:39:b4:6c:e9:bc:50:7e:b0:b4:c0:d2:
f2:a1:d8:27:fd:d1:ed:18:1b:2f:65:c8:c9:96:dd:a5:b8:5e:
f1:3d:e8:d2:64:7a:03:33:e0:e9:a7:56:94:61:e3:b4:f4:ca:
ba:f1:78:a2:ae:c4:f9:86:a4:98:72:48:0c:02:a6:79:85:f0:
4d:69:b3:0e:de:39:f4:4c:aa:bd:45:3c:97:ba:39:fa:7a:ca:
32:c0:af:0f:1b:26:4f:0f:41:c5:fa:ca:79:a5:69:bd:34:43:
8a:67:e0:13:68:24:d7:b0:2f:14:29:5f:db:ed:4e:43:c0:30:
f5:db:02:61:66:13:89:54:01:b3:ab:cd:0e:e4:c1:0e:35:64:
1b:11:39:e2:b6:a5:a5:0d:82:34:ef:cc:aa:6d:d2:d8:f6:21:
b1:46:00:68:d4:40:ca:fc:44:82:f9:73:a1:ec:36:52:eb:dd:
06:43:05:5f:6d:a3:a7:31:a6:70:1b:c4:fe:05:25:43:25:25:
2f:a7:ed:cd:b5:32:83:81:8e:47:29:3a:a9:f4:eb:d4:dd:ce:
88:88:e8:66
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZD5a2o/xlpDfjBOBraVqpU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYWI4ZjQ0ZmMzNTYwOTZiOGU2NTZmYzg3Mzk4NzFlYzAw
ZDFmMTIwHhcNMjQwNzI4MTI1ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzkzOWI5M2Q4MDVhMTk0YWVkNjVlZmZkNTVhNDcyYjg3MDRlYzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcNgEVFCXUBTWhXQpsui6S2ZEX2U
vpkoicNF/6TG5EsRXjZnQw8Y9KFmqpm4jLY5zfi31lCUswdk8WiF8jV5bp83Walh
vs45HYetZiyFc0yXG0A4ub35z0oP91p1fFH6bTxO9sf1bBbjMmEso6zlKqjK6gxu
eH3OTOfqqza6LFrxbI3hL0PBA3JpK6wbJABDfiA6EndMf/h5Zc/kBuIdOsR7Ltmi
dTLu6eJdAZnroXH9dj1hkSZ6fRrhmwwVf6vpYM9SIPqJ+f9erAO9114KXUnen01Y
UgCQMip4FlDqB2IotJ4nUUpUc3a59KoTydqhHtX4WQUAYnMTnbFDEZkZtwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDOTm5PYBaGUrtZe/9VaRyuHBOwMMB8GA1UdIwQY
MBaAFMOrj0T8NWCWuOZW/Ic5hx7ADR8SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZ1UFJQdzFZSmE0NWxiOGh6bUhIc0FOSHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZTc0ZTYtMjYwMy00NzExLWFjZTEt
NzVhZTFlNmQ5YzMxLzEvTTVPYms5Z0ZvWlN1MWw3XzFWcEhLNGNFN0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZTc0ZTYtMjYwMy00NzExLWFjZTEtNzVhZTFlNmQ5YzMx
LzEvdzZ1UFJQdzFZSmE0NWxiOGh6bUhIc0FOSHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAsGLcAwQA
sGLfAwQAuZtAAwQAuZtDAwQCubu0MA0EAgACMAcDBQMqDVnAMA0GCSqGSIb3DQEB
CwUAA4IBAQAAj0+xkkpQjkUeDjr+kSuiqjeKYnHGNPTW/jw+FEXxeZ3KtuI0Gb6C
keGcObRs6bxQfrC0wNLyodgn/dHtGBsvZcjJlt2luF7xPejSZHoDM+Dpp1aUYeO0
9Mq68XiirsT5hqSYckgMAqZ5hfBNabMO3jn0TKq9RTyXujn6esoywK8PGyZPD0HF
+sp5pWm9NEOKZ+ATaCTXsC8UKV/b7U5DwDD12wJhZhOJVAGzq80O5MEONWQbETni
tqWlDYI078yqbdLY9iGxRgBo1EDK/ESC+XOh7DZS690GQwVfbaOnMaZwG8T+BSVD
JSUvp+3NtTKDgY5HKTqp9OvU3c6IiOhm
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:33 2025 by rpki-client