Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/tMKvXdEQ7jsbUUm1VzejaSOmJPc.roa
File: tMKvXdEQ7jsbUUm1VzejaSOmJPc.roa (raw, json)
Hash identifier: jxmFn7bm5GI2M+zpw68PrLAgVl7bERNQcWjip2s9Hhk=
Subject key identifier: B4:C2:AF:5D:D1:10:EE:3B:1B:51:49:B5:57:37:A3:69:23:A6:24:F7
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018CC56EC6B47A66B38E38B320A618FFA0FC
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/tMKvXdEQ7jsbUUm1VzejaSOmJPc.roa
Signing time: Mon 01 Jan 2024 14:30:20 +0000
ROA not before: Mon 01 Jan 2024 14:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 88.135.104.0/21 maxlen: 24
88.135.100.0/22 maxlen: 24
213.159.136.0/21 maxlen: 24
141.136.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c6:b4:7a:66:b3:8e:38:b3:20:a6:18:ff:a0:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Jan 1 14:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4c2af5dd110ee3b1b5149b55737a36923a624f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b9:57:9b:20:5d:9e:79:3a:ae:74:49:d8:d7:
24:81:f3:bc:78:7e:43:d2:e7:6e:79:2c:11:e7:25:
76:84:a8:96:78:d7:ef:9a:95:95:88:f9:e7:d7:d3:
59:83:f7:db:32:6d:15:53:27:fb:25:00:04:eb:7e:
97:f3:d6:cc:7d:84:20:52:e0:f5:2e:ec:f1:cc:2e:
26:96:77:fc:e6:e6:eb:21:a3:24:67:62:c0:8e:79:
91:71:8e:a0:b5:99:7c:31:53:94:1d:88:1d:f4:7d:
56:87:cf:c0:7f:70:25:ca:b1:32:55:02:5a:34:8b:
ae:5d:51:70:cd:17:72:27:42:9e:c7:c6:ca:f6:1f:
4b:55:56:17:23:5a:49:1e:23:45:29:34:cd:90:6e:
7b:1c:9a:8b:f7:43:26:c7:67:41:18:46:d0:95:12:
27:40:a0:1b:17:ce:44:d2:d4:82:3c:6e:16:1f:24:
9d:81:48:ec:ca:62:a5:45:b6:d5:73:f3:32:3f:be:
54:1a:9f:59:fc:09:7e:f2:fd:b6:ec:db:17:6e:0b:
bc:17:41:4b:64:2d:5e:c9:a7:4b:74:49:26:d4:6f:
2c:40:b3:02:80:96:47:60:cd:24:07:b8:d2:e0:17:
38:ba:f7:5d:af:bc:9d:02:68:65:6c:57:23:08:25:
f8:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C2:AF:5D:D1:10:EE:3B:1B:51:49:B5:57:37:A3:69:23:A6:24:F7
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/tMKvXdEQ7jsbUUm1VzejaSOmJPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.100.0-88.135.111.255
141.136.16.0/20
213.159.136.0/21
Signature Algorithm: sha256WithRSAEncryption
bb:a5:c7:e0:cd:f6:13:e3:c1:9b:d4:76:6c:71:be:a0:e9:e2:
77:12:14:2a:a9:23:16:1d:0a:3f:5c:ec:6e:09:2c:ec:62:2c:
30:27:3d:5a:50:5a:7d:fd:15:8b:b5:17:91:f4:69:02:ec:cf:
3c:c1:2a:7a:57:1a:b7:e1:40:32:43:63:cf:ad:a8:50:49:b5:
37:e0:f8:48:ae:36:bb:4f:c1:43:6b:47:1a:d7:ed:36:3d:2b:
d6:21:35:f2:f8:56:d5:ed:f2:ff:57:15:cc:e2:5c:39:07:e2:
dc:ce:f9:7d:3e:52:d2:6c:06:82:fd:26:8b:73:d9:80:70:a9:
f3:67:8f:e7:63:89:ec:c2:ea:0b:85:23:ab:3e:55:07:f1:d4:
a6:84:61:f2:0a:45:cf:72:5a:85:c1:d2:6d:f5:d4:d5:53:93:
f6:db:3b:be:20:28:7b:a2:21:96:88:61:1c:a9:49:8e:fa:10:
3a:d4:71:54:73:46:5b:c6:1d:ab:01:5e:37:c8:5f:23:90:5b:
be:1a:84:5e:a3:fb:f5:fc:74:a7:01:fc:9c:0c:da:ef:00:bb:
18:dc:dc:8f:70:02:ba:0d:26:f6:59:b0:85:5d:ec:bb:7c:28:
04:a7:91:ed:5a:bd:24:be:bb:cc:f4:16:7b:69:58:c7:03:8f:
91:bc:f9:e9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzFbsa0emazjjizIKYY/6D8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjQwMTAxMTQzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGMyYWY1ZGQxMTBlZTNiMWI1MTQ5YjU1NzM3YTM2OTIzYTYyNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7lXmyBdnnk6rnRJ2NckgfO8eH5D
0udueSwR5yV2hKiWeNfvmpWViPnn19NZg/fbMm0VUyf7JQAE636X89bMfYQgUuD1
LuzxzC4mlnf85ubrIaMkZ2LAjnmRcY6gtZl8MVOUHYgd9H1Wh8/Af3AlyrEyVQJa
NIuuXVFwzRdyJ0Kex8bK9h9LVVYXI1pJHiNFKTTNkG57HJqL90Mmx2dBGEbQlRIn
QKAbF85E0tSCPG4WHySdgUjsymKlRbbVc/MyP75UGp9Z/Al+8v227NsXbgu8F0FL
ZC1eyadLdEkm1G8sQLMCgJZHYM0kB7jS4Bc4uvddr7ydAmhlbFcjCCX4VwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLTCr13REO47G1FJtVc3o2kjpiT3MB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvdE1LdlhkRVE3anNiVVVtMVZ6ZWphU09tSlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAJYh2QD
BARYh2ADBASNiBADBAPVn4gwDQYJKoZIhvcNAQELBQADggEBALulx+DN9hPjwZvU
dmxxvqDp4ncSFCqpIxYdCj9c7G4JLOxiLDAnPVpQWn39FYu1F5H0aQLszzzBKnpX
GrfhQDJDY8+tqFBJtTfg+EiuNrtPwUNrRxrX7TY9K9YhNfL4VtXt8v9XFcziXDkH
4tzO+X0+UtJsBoL9Jotz2YBwqfNnj+djiezC6guFI6s+VQfx1KaEYfIKRc9yWoXB
0m311NVTk/bbO74gKHuiIZaIYRypSY76EDrUcVRzRlvGHasBXjfIXyOQW74ahF6j
+/X8dKcB/JwM2u8Auxjc3I9wAroNJvZZsIVd7Lt8KASnke1avSS+u8z0FntpWMcD
j5G8+ek=
-----END CERTIFICATE-----
Generated at Wed Mar 12 07:01:08 2025 by rpki-client