Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/gniL_BXA6598YU8gHz1huJZAscA.roa
File: gniL_BXA6598YU8gHz1huJZAscA.roa (raw, json)
Hash identifier: MaG2pCRY0QTimmB2rq/9CHyaNLjDpoggQyNM3hMXUfI=
Subject key identifier: 82:78:8B:FC:15:C0:EB:9F:7C:61:4F:20:1F:3D:61:B8:96:40:B1:C0
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 019422200576A528B8EEF14115208288CD9C
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/gniL_BXA6598YU8gHz1huJZAscA.roa
Signing time: Wed 01 Jan 2025 13:48:31 +0000
ROA not before: Wed 01 Jan 2025 13:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 89.19.57.0/24 maxlen: 24
89.19.58.0/24 maxlen: 24
89.19.59.0/24 maxlen: 24
185.68.245.0/24 maxlen: 24
185.79.51.0/24 maxlen: 24
185.79.79.0/24 maxlen: 24
185.81.172.0/24 maxlen: 24
185.81.173.0/24 maxlen: 24
185.81.174.0/23 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.184.0/23 maxlen: 24
185.81.186.0/23 maxlen: 24
185.89.40.0/24 maxlen: 24
185.89.108.0/22 maxlen: 24
185.95.100.0/23 maxlen: 24
185.95.102.0/23 maxlen: 24
185.96.80.0/24 maxlen: 24
185.96.83.0/24 maxlen: 24
185.97.1.0/24 maxlen: 24
185.97.3.0/24 maxlen: 24
185.101.203.0/24 maxlen: 24
185.104.151.0/24 maxlen: 24
185.112.56.0/23 maxlen: 24
185.175.224.0/24 maxlen: 24
185.175.225.0/24 maxlen: 24
185.185.147.0/24 maxlen: 24
193.221.215.0/24 maxlen: 24
213.170.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:05:76:a5:28:b8:ee:f1:41:15:20:82:88:cd:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 1 13:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82788bfc15c0eb9f7c614f201f3d61b89640b1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:9c:89:6e:85:f9:5a:f6:19:5d:63:00:3a:3a:
c0:91:d2:59:14:01:38:78:2b:a4:29:7b:08:16:37:
a4:7d:ad:92:e6:73:ff:e0:f9:34:3e:22:2b:77:ce:
25:a9:54:40:19:5e:e3:01:17:5b:a1:93:57:69:08:
fd:01:9a:fc:ef:56:83:71:d0:6f:a0:17:ef:5e:a3:
9c:2d:bc:99:d0:66:8d:a0:c1:44:a3:78:b5:bc:d9:
25:ca:0f:64:76:85:86:35:34:56:26:0a:40:fe:e8:
85:b9:94:49:bd:00:fd:89:ca:9b:bb:a4:9e:54:10:
1b:04:21:62:70:c6:51:31:3d:ce:b1:5e:3e:54:13:
17:cb:49:75:18:9a:18:c8:05:37:35:d9:c1:b7:b3:
bc:a3:57:c1:98:00:66:49:36:da:28:6f:e5:4b:32:
2d:8b:dd:98:c3:f0:3f:1c:1b:b2:20:15:e6:58:ee:
5d:2b:bf:4a:f5:32:14:cd:da:3c:11:b2:50:f2:fa:
40:59:8d:bf:fb:63:7b:ea:22:9e:05:09:46:26:9e:
41:93:01:68:3b:48:ad:90:fb:ff:2f:fb:31:f8:a3:
9b:33:41:0a:4b:88:c1:1f:7e:fa:d3:34:2c:df:ad:
0a:80:12:d7:5e:31:9a:b3:11:43:e5:7a:b1:fc:1d:
f8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:78:8B:FC:15:C0:EB:9F:7C:61:4F:20:1F:3D:61:B8:96:40:B1:C0
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/gniL_BXA6598YU8gHz1huJZAscA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.57.0-89.19.59.255
185.68.245.0/24
185.79.51.0/24
185.79.79.0/24
185.81.172.0/22
185.81.184.0/22
185.89.40.0/24
185.89.108.0/22
185.95.100.0/22
185.96.80.0/24
185.96.83.0/24
185.97.1.0/24
185.97.3.0/24
185.101.203.0/24
185.104.151.0/24
185.112.56.0/23
185.175.224.0/23
185.185.147.0/24
193.221.215.0/24
213.170.223.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:0a:42:37:47:59:46:44:ae:ae:3f:dc:5b:a2:44:02:58:06:
ac:96:0c:b4:1c:1b:dc:9d:ed:aa:88:df:cf:54:3a:10:55:43:
6d:c2:76:01:2d:8a:af:ad:ad:52:44:c2:df:1b:ce:85:c0:08:
d1:9a:e4:ab:b5:c7:dd:73:01:33:44:f8:3e:46:52:09:45:6d:
0b:fc:7a:cf:bc:fd:0c:c3:17:f4:8f:96:92:f8:b9:a3:d2:d1:
da:36:9f:3b:d2:dc:7c:65:e7:78:6c:e3:9b:ed:ec:b7:c4:90:
e0:ba:09:2d:c8:4f:36:fe:47:69:b1:67:ef:3a:a4:42:ab:8d:
7a:60:54:cc:be:85:3e:85:f6:d9:93:03:b0:97:84:97:7c:45:
79:42:b2:32:6b:e1:87:31:3a:b3:0f:de:eb:d7:7d:a3:db:bb:
23:7a:1a:42:ac:3f:91:eb:a4:d9:fb:43:4c:fb:26:11:6e:92:
69:59:a9:4b:12:04:41:7f:f0:c3:89:5f:a4:1f:33:48:68:b9:
c9:45:32:42:08:ce:68:83:f9:d5:19:14:ae:cd:b4:15:d5:b6:
36:6b:3c:2b:ce:7c:9f:5a:de:3f:85:99:9a:3b:d2:52:59:a7:
d1:ba:b0:f5:38:cc:06:7a:29:35:67:fd:17:43:d0:22:4e:59:
16:16:68:35
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZQiIAV2pSi47vFBFSCCiM2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwMTAxMTM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjc4OGJmYzE1YzBlYjlmN2M2MTRmMjAxZjNkNjFiODk2NDBiMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9pyJboX5WvYZXWMAOjrAkdJZFAE4
eCukKXsIFjekfa2S5nP/4Pk0PiIrd84lqVRAGV7jARdboZNXaQj9AZr871aDcdBv
oBfvXqOcLbyZ0GaNoMFEo3i1vNklyg9kdoWGNTRWJgpA/uiFuZRJvQD9icqbu6Se
VBAbBCFicMZRMT3OsV4+VBMXy0l1GJoYyAU3NdnBt7O8o1fBmABmSTbaKG/lSzIt
i92Yw/A/HBuyIBXmWO5dK79K9TIUzdo8EbJQ8vpAWY2/+2N76iKeBQlGJp5BkwFo
O0itkPv/L/sx+KObM0EKS4jBH3760zQs360KgBLXXjGasxFD5Xqx/B34swIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFIJ4i/wVwOuffGFPIB89YbiWQLHAMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvZ25pTF9CWEE2NTk4WVU4Z0h6MWh1SlpBc2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYAwDAME
AFkTOQMEAlkTOAMEALlE9QMEALlPMwMEALlPTwMEArlRrAMEArlRuAMEALlZKAME
ArlZbAMEArlfZAMEALlgUAMEALlgUwMEALlhAQMEALlhAwMEALllywMEALlolwME
AblwOAMEAbmv4AMEALm5kwMEAMHd1wMEANWq3zANBgkqhkiG9w0BAQsFAAOCAQEA
pgpCN0dZRkSurj/cW6JEAlgGrJYMtBwb3J3tqojfz1Q6EFVDbcJ2AS2Kr62tUkTC
3xvOhcAI0Zrkq7XH3XMBM0T4PkZSCUVtC/x6z7z9DMMX9I+Wkvi5o9LR2jafO9Lc
fGXneGzjm+3st8SQ4LoJLchPNv5HabFn7zqkQquNemBUzL6FPoX22ZMDsJeEl3xF
eUKyMmvhhzE6sw/e69d9o9u7I3oaQqw/keuk2ftDTPsmEW6SaVmpSxIEQX/ww4lf
pB8zSGi5yUUyQgjOaIP51RkUrs20FdW2Nms8K858n1reP4WZmjvSUlmn0bqw9TjM
BnopNWf9F0PQIk5ZFhZoNQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:54:18 2025 by rpki-client