Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/8e09fe-a5c0-497d-a5bb-c277b4cf7c67/1/PrJSKd0Pg1MWeHQenk518dFfvqE.roa
File: PrJSKd0Pg1MWeHQenk518dFfvqE.roa (raw, json)
Hash identifier: oluctWM8m0ueFkiO0W9tzYGrnRhqaXAvKVcwbYJApAc=
Subject key identifier: 3E:B2:52:29:DD:0F:83:53:16:78:74:1E:9E:4E:75:F1:D1:5F:BE:A1
Certificate issuer: /CN=45248dc088485d78dcf81ada9a18d5ff9d2f906c
Certificate serial: 0185718C16A07D32AB418E1F2920A4319717
Authority key identifier: 45:24:8D:C0:88:48:5D:78:DC:F8:1A:DA:9A:18:D5:FF:9D:2F:90:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RSSNwIhIXXjc-BramhjV_50vkGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/8e09fe-a5c0-497d-a5bb-c277b4cf7c67/1/PrJSKd0Pg1MWeHQenk518dFfvqE.roa
Signing time: Mon 02 Jan 2023 08:14:44 +0000
ROA not before: Mon 02 Jan 2023 08:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51030
IP address blocks: 185.121.227.0/24 maxlen: 24
185.188.140.0/24 maxlen: 24
185.188.140.0/22 maxlen: 24
185.188.143.0/24 maxlen: 24
185.188.142.0/24 maxlen: 24
185.188.141.0/24 maxlen: 24
185.121.226.0/24 maxlen: 24
185.121.225.0/24 maxlen: 24
185.121.224.0/22 maxlen: 24
185.121.224.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:16:a0:7d:32:ab:41:8e:1f:29:20:a4:31:97:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45248dc088485d78dcf81ada9a18d5ff9d2f906c
Validity
Not Before: Jan 2 08:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3eb25229dd0f83531678741e9e4e75f1d15fbea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:df:91:36:d8:90:ec:27:b6:78:78:3a:22:91:
11:b6:31:dc:0d:1b:fa:db:56:81:fb:50:b6:c4:1b:
45:4b:57:05:c2:c0:4a:28:3f:f9:10:77:7b:8b:8b:
a8:2d:18:af:54:d2:0a:5e:3f:45:03:5d:ab:d5:8c:
dd:9a:37:11:7d:4f:54:94:8e:80:80:39:05:81:76:
45:5b:cb:6b:71:4b:be:02:cc:d2:ad:f6:be:cb:6a:
dc:7c:00:d5:58:d0:58:e2:e1:7f:c9:1d:ff:bb:fe:
f7:54:fd:bd:ee:fa:fe:07:dc:fa:7b:fc:5d:02:15:
08:3f:c6:d1:6a:c3:27:5f:dd:59:b3:06:a4:61:fc:
2b:3a:dd:ce:b1:e1:9e:e8:1d:59:46:2e:06:a0:40:
28:5f:b2:e8:46:80:7b:fd:7d:52:5b:9c:cd:e0:1e:
fa:aa:36:59:05:9a:6f:45:cf:aa:0c:5b:44:ed:c4:
e4:37:0e:97:f5:61:b2:39:95:ea:f6:5a:4e:5f:62:
ab:b9:d7:3d:b2:89:8a:97:b4:5c:37:b8:5d:d1:26:
5a:5f:23:f7:57:56:29:50:fd:7e:78:cb:16:a2:f4:
ba:44:b2:03:9d:d2:87:bf:85:67:8a:c7:d2:a3:6f:
86:9c:8b:68:8e:a7:12:c5:af:98:06:18:ee:52:f7:
b2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B2:52:29:DD:0F:83:53:16:78:74:1E:9E:4E:75:F1:D1:5F:BE:A1
X509v3 Authority Key Identifier:
keyid:45:24:8D:C0:88:48:5D:78:DC:F8:1A:DA:9A:18:D5:FF:9D:2F:90:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RSSNwIhIXXjc-BramhjV_50vkGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8e09fe-a5c0-497d-a5bb-c277b4cf7c67/1/PrJSKd0Pg1MWeHQenk518dFfvqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8e09fe-a5c0-497d-a5bb-c277b4cf7c67/1/RSSNwIhIXXjc-BramhjV_50vkGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.224.0/22
185.188.140.0/22
Signature Algorithm: sha256WithRSAEncryption
31:b1:c2:e6:72:98:94:21:6b:ec:d8:7b:f9:79:93:67:33:7c:
a5:be:9b:34:b0:f7:5c:1a:32:53:3f:b1:b7:aa:aa:eb:fc:13:
45:62:08:5e:9c:9e:44:c5:23:1a:b1:5b:1f:62:f7:04:97:f4:
5c:9e:fa:89:78:80:67:3b:0c:75:aa:2c:93:30:f2:f6:c9:71:
85:3b:77:2d:c7:5a:7a:54:6a:d2:7f:12:74:73:cf:69:6c:bd:
a6:a8:e3:6b:f8:ab:d0:9f:7b:cd:80:6b:cd:10:86:bd:da:5d:
02:76:ac:1d:0b:49:87:1b:c3:c7:e7:c8:e8:96:2e:e6:c4:f1:
9b:ae:e0:ab:5a:bf:a5:83:3d:c9:24:28:2e:ab:0c:85:84:78:
f5:ab:8e:09:7d:0d:5c:4f:82:91:14:1c:2b:e3:da:34:ce:29:
fc:48:6d:b4:a0:99:4b:6f:b4:0f:c7:2a:15:6c:d8:20:00:81:
4c:95:54:29:33:9f:cb:3e:ab:2e:a2:37:20:f3:0e:00:aa:de:
c3:6f:26:39:ea:11:94:74:7c:b2:94:43:26:33:7e:9d:14:dc:
87:81:e5:12:90:ea:62:72:1d:78:bd:72:1e:e2:36:b6:0b:86:
51:83:44:f1:d2:9c:3b:c3:bf:0a:56:d8:f4:45:0d:6c:0a:2a:
3a:d3:f5:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxjBagfTKrQY4fKSCkMZcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MjQ4ZGMwODg0ODVkNzhkY2Y4MWFkYTlhMThkNWZmOWQy
ZjkwNmMwHhcNMjMwMTAyMDgxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWIyNTIyOWRkMGY4MzUzMTY3ODc0MWU5ZTRlNzVmMWQxNWZiZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1t+RNtiQ7Ce2eHg6IpERtjHcDRv6
21aB+1C2xBtFS1cFwsBKKD/5EHd7i4uoLRivVNIKXj9FA12r1YzdmjcRfU9UlI6A
gDkFgXZFW8trcUu+AszSrfa+y2rcfADVWNBY4uF/yR3/u/73VP297vr+B9z6e/xd
AhUIP8bRasMnX91ZswakYfwrOt3OseGe6B1ZRi4GoEAoX7LoRoB7/X1SW5zN4B76
qjZZBZpvRc+qDFtE7cTkNw6X9WGyOZXq9lpOX2Krudc9somKl7RcN7hd0SZaXyP3
V1YpUP1+eMsWovS6RLIDndKHv4VnisfSo2+GnItojqcSxa+YBhjuUvey6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD6yUindD4NTFnh0Hp5OdfHRX76hMB8GA1UdIwQY
MBaAFEUkjcCISF143Pga2poY1f+dL5BsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlNTTndJaElYWGpjLUJyYW1oalZfNTB2a0d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC84ZTA5ZmUtYTVjMC00OTdkLWE1YmIt
YzI3N2I0Y2Y3YzY3LzEvUHJKU0tkMFBnMU1XZUhRZW5rNTE4ZEZmdnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC84ZTA5ZmUtYTVjMC00OTdkLWE1YmItYzI3N2I0Y2Y3YzY3
LzEvUlNTTndJaElYWGpjLUJyYW1oalZfNTB2a0d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXngAwQC
ubyMMA0GCSqGSIb3DQEBCwUAA4IBAQAxscLmcpiUIWvs2Hv5eZNnM3ylvps0sPdc
GjJTP7G3qqrr/BNFYghenJ5ExSMasVsfYvcEl/RcnvqJeIBnOwx1qiyTMPL2yXGF
O3ctx1p6VGrSfxJ0c89pbL2mqONr+KvQn3vNgGvNEIa92l0CdqwdC0mHG8PH58jo
li7mxPGbruCrWr+lgz3JJCguqwyFhHj1q44JfQ1cT4KRFBwr49o0zin8SG20oJlL
b7QPxyoVbNggAIFMlVQpM5/LPqsuojcg8w4Aqt7DbyY56hGUdHyylEMmM36dFNyH
geUSkOpich14vXIe4ja2C4ZRg0Tx0pw7w78KVtj0RQ1sCio60/U3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:09 2025 by rpki-client