Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/pBUunOuIAtLYaRe2KC21As6LJXs.roa
File: pBUunOuIAtLYaRe2KC21As6LJXs.roa (raw, json)
Hash identifier: SZuRXvYzc858UtkwHUjSw44EL80O54Pv+Rumw7Eufdg=
Subject key identifier: A4:15:2E:9C:EB:88:02:D2:D8:69:17:B6:28:2D:B5:02:CE:8B:25:7B
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018BCB1D006638E254270A0CE392613B8654
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/pBUunOuIAtLYaRe2KC21As6LJXs.roa
Signing time: Mon 13 Nov 2023 23:55:57 +0000
ROA not before: Mon 13 Nov 2023 23:55:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 88.135.96.0/20 maxlen: 24
213.159.136.0/21 maxlen: 24
141.136.16.0/20 maxlen: 24
91.227.240.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cb:1d:00:66:38:e2:54:27:0a:0c:e3:92:61:3b:86:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Nov 13 23:55:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4152e9ceb8802d2d86917b6282db502ce8b257b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fa:41:cc:18:ae:65:53:c1:14:3c:d5:8d:61:
98:59:8e:86:a7:70:95:89:26:7f:57:24:6b:37:dc:
69:07:70:46:77:df:85:9a:0e:5f:82:54:cf:06:90:
7e:94:b1:ce:ba:ab:42:8f:ed:c1:a1:13:4d:26:da:
bb:41:e1:47:3a:4a:db:24:d7:3f:6e:d3:0a:7e:3a:
43:bb:d3:6b:56:42:d1:5e:c5:19:8b:6b:ce:af:03:
3f:56:e2:17:51:f9:b6:9c:d8:5b:e2:ca:e9:cb:de:
d5:eb:56:a0:2a:d1:30:f0:3f:a6:b7:66:b5:4e:41:
d3:75:c0:e1:5c:45:60:c8:92:2a:37:ca:3e:dc:35:
be:c8:38:95:10:2d:29:a5:55:e1:b2:1e:d0:06:cd:
7e:15:47:71:83:fc:c2:8c:e8:8d:eb:70:09:72:91:
ae:53:11:1c:60:2e:2b:04:51:e5:6f:cb:30:b9:aa:
7a:40:48:90:66:6f:f0:cb:26:2e:c5:f5:a2:d7:39:
60:12:df:3f:5c:51:e3:44:83:a9:d4:8e:eb:35:25:
8c:f5:85:0f:26:9e:6a:bf:70:c4:92:7b:21:30:70:
68:f8:23:00:cf:58:5d:2c:5e:22:96:47:9c:18:45:
b3:0e:c7:a2:0e:0a:02:41:aa:55:34:08:cd:8c:1e:
a4:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:15:2E:9C:EB:88:02:D2:D8:69:17:B6:28:2D:B5:02:CE:8B:25:7B
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/pBUunOuIAtLYaRe2KC21As6LJXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.96.0/20
91.227.240.0/23
141.136.16.0/20
213.159.136.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:3d:25:b6:57:9c:d8:19:67:5d:7d:7c:ce:a2:98:4c:06:a4:
a1:51:96:3a:cb:dc:76:e6:d5:cb:77:ae:82:61:bf:71:0d:e1:
07:e6:66:00:58:c8:1c:4d:37:01:21:79:3d:7a:d7:12:dd:f5:
05:4f:d4:a0:2f:54:d6:85:0b:02:4f:46:16:40:db:b0:0d:fa:
ec:a0:5b:98:83:9c:07:0e:da:4c:e0:33:e2:09:20:79:21:b2:
f7:95:8b:ab:0c:9c:bf:75:fc:cd:15:c5:1f:42:54:2f:6c:f0:
90:37:60:ef:95:66:5c:a8:f8:dc:87:1e:39:b7:2a:3d:4d:72:
5b:01:a7:e3:a9:14:dc:9f:3e:68:3c:ed:33:f9:38:4d:64:62:
e2:a6:57:98:60:52:3a:f8:1d:0e:02:98:c1:bd:7b:83:f5:7f:
8d:ee:70:c2:ac:82:6e:44:e9:7e:06:de:8b:27:ce:7b:6c:9e:
11:f9:e0:71:57:eb:1f:38:8c:d3:bd:0c:34:bd:af:19:5a:84:
b3:2c:f8:5c:6c:6e:28:9c:83:d1:0f:01:44:96:a6:84:54:bb:
ce:74:4a:06:73:e5:64:92:32:84:b3:46:16:3b:20:3c:ef:bd:
a0:d8:28:60:b2:e5:ed:a0:9a:7c:1a:f0:b2:4f:fb:29:06:2e:
5d:a4:93:b9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvLHQBmOOJUJwoM45JhO4ZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjMxMTEzMjM1NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDE1MmU5Y2ViODgwMmQyZDg2OTE3YjYyODJkYjUwMmNlOGIyNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufpBzBiuZVPBFDzVjWGYWY6Gp3CV
iSZ/VyRrN9xpB3BGd9+Fmg5fglTPBpB+lLHOuqtCj+3BoRNNJtq7QeFHOkrbJNc/
btMKfjpDu9NrVkLRXsUZi2vOrwM/VuIXUfm2nNhb4srpy97V61agKtEw8D+mt2a1
TkHTdcDhXEVgyJIqN8o+3DW+yDiVEC0ppVXhsh7QBs1+FUdxg/zCjOiN63AJcpGu
UxEcYC4rBFHlb8swuap6QEiQZm/wyyYuxfWi1zlgEt8/XFHjRIOp1I7rNSWM9YUP
Jp5qv3DEknshMHBo+CMAz1hdLF4ilkecGEWzDseiDgoCQapVNAjNjB6kxwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKQVLpzriALS2GkXtigttQLOiyV7MB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvcEJVdW5PdUlBdExZYVJlMktDMjFBczZMSlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEWIdgAwQB
W+PwAwQEjYgQAwQD1Z+IMA0GCSqGSIb3DQEBCwUAA4IBAQALPSW2V5zYGWddfXzO
ophMBqShUZY6y9x25tXLd66CYb9xDeEH5mYAWMgcTTcBIXk9etcS3fUFT9SgL1TW
hQsCT0YWQNuwDfrsoFuYg5wHDtpM4DPiCSB5IbL3lYurDJy/dfzNFcUfQlQvbPCQ
N2DvlWZcqPjchx45tyo9TXJbAafjqRTcnz5oPO0z+ThNZGLipleYYFI6+B0OApjB
vXuD9X+N7nDCrIJuROl+Bt6LJ857bJ4R+eBxV+sfOIzTvQw0va8ZWoSzLPhcbG4o
nIPRDwFElqaEVLvOdEoGc+VkkjKEs0YWOyA8772g2ChgsuXtoJp8GvCyT/spBi5d
pJO5
-----END CERTIFICATE-----
Generated at Wed Mar 12 06:43:42 2025 by rpki-client