Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/2QGgdfs_kTYTmfhAOzt-CsP6h_Y.roa
File: 2QGgdfs_kTYTmfhAOzt-CsP6h_Y.roa (raw, json)
Hash identifier: +OJo+w/EHrgF9BQil8Md4YKcecX46okErx47PXpMjwU=
Subject key identifier: D9:01:A0:75:FB:3F:91:36:13:99:F8:40:3B:3B:7E:0A:C3:FA:87:F6
Certificate issuer: /CN=c8f6f5dec09bc7a1203045699ba058295d38e346
Certificate serial: 03DC8FB7
Authority key identifier: C8:F6:F5:DE:C0:9B:C7:A1:20:30:45:69:9B:A0:58:29:5D:38:E3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPb13sCbx6EgMEVpm6BYKV0440Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/2QGgdfs_kTYTmfhAOzt-CsP6h_Y.roa
Signing time: Sat 01 Jan 2022 00:57:08 +0000
ROA not before: Sat 01 Jan 2022 00:57:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31484
IP address blocks: 80.246.240.0/20 maxlen: 20
185.7.200.0/22 maxlen: 22
176.221.8.0/21 maxlen: 21
83.136.240.0/21 maxlen: 21
2a03:cf80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64786359 (0x3dc8fb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f6f5dec09bc7a1203045699ba058295d38e346
Validity
Not Before: Jan 1 00:57:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d901a075fb3f91361399f8403b3b7e0ac3fa87f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:91:2e:68:2e:d8:ba:c5:ee:b1:0a:b9:60:73:
d9:55:36:8a:f8:08:95:da:78:06:02:82:be:3d:4d:
b7:55:1e:89:da:ee:41:f8:cd:8f:4d:e8:13:6d:eb:
bc:10:17:13:cb:9e:f2:15:82:be:84:2c:67:6f:cd:
46:10:b4:4c:e8:fd:06:55:d1:6a:aa:2b:7a:c7:0b:
53:58:bb:a9:e8:e3:57:12:b8:23:22:32:bf:e5:f8:
bb:9c:4f:53:76:85:06:bb:70:ac:85:fb:02:52:dc:
f3:a2:5e:f4:56:ab:10:b2:85:b3:a5:44:e0:cb:c8:
c0:4c:58:f6:7c:50:b4:08:49:7f:ef:17:4c:7b:97:
17:c6:61:aa:84:ca:b2:65:f9:30:13:46:18:3f:72:
c8:ce:36:15:f8:73:d6:a7:2a:14:d3:37:0d:68:f7:
b4:ba:c5:7c:5b:20:d8:ae:a3:71:de:d9:91:76:d0:
7b:7f:95:f0:8e:c8:a4:bc:7d:fb:61:96:a4:7f:d4:
0a:f0:c4:7a:fb:9c:e4:67:21:f9:31:cf:78:70:d1:
e6:51:18:cc:89:24:7d:44:34:90:06:8b:bc:ef:6b:
11:ef:f8:b9:e5:6a:8f:e4:4f:8d:b8:78:24:c3:88:
b7:b1:24:72:35:e2:9d:d5:e4:a2:f1:6b:67:7e:04:
0a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:01:A0:75:FB:3F:91:36:13:99:F8:40:3B:3B:7E:0A:C3:FA:87:F6
X509v3 Authority Key Identifier:
keyid:C8:F6:F5:DE:C0:9B:C7:A1:20:30:45:69:9B:A0:58:29:5D:38:E3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPb13sCbx6EgMEVpm6BYKV0440Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/2QGgdfs_kTYTmfhAOzt-CsP6h_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/yPb13sCbx6EgMEVpm6BYKV0440Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.246.240.0/20
83.136.240.0/21
176.221.8.0/21
185.7.200.0/22
IPv6:
2a03:cf80::/32
Signature Algorithm: sha256WithRSAEncryption
90:1b:42:a8:a3:ca:4a:5d:a8:21:f1:eb:f2:79:9a:b6:42:c3:
56:fe:88:9b:fa:d5:b9:b5:3f:89:40:8a:f6:2a:e9:cc:fb:6b:
4c:13:3b:da:f6:79:cf:7c:d1:e9:eb:25:3f:27:75:04:2d:a4:
42:00:f9:7f:47:38:b9:7d:30:18:d5:b9:66:a4:e8:31:c6:cc:
d1:bb:9f:9d:c5:01:4e:7b:64:4f:e9:dd:9d:e7:b5:64:a0:fa:
f0:db:3d:b6:5f:1a:7c:30:31:6d:1f:88:d8:0c:d2:bd:fc:c2:
3a:62:e7:6c:d1:40:a1:14:96:15:6d:03:8e:24:20:16:0f:0c:
42:82:c6:86:31:38:c1:88:77:21:98:93:81:d9:47:2a:18:23:
0e:b5:9b:af:be:ef:ae:58:b3:f2:f3:0c:e2:34:0f:d2:6d:1c:
39:b4:8c:f1:59:97:85:7f:01:b1:46:60:1a:a8:ba:e2:03:56:
f9:14:b9:c9:a4:05:cb:59:63:12:9e:c0:79:25:e0:d4:50:95:
7b:94:84:a1:6a:73:40:79:90:fa:6d:d2:e1:79:c2:ba:98:cf:
ad:8d:fe:4e:9b:59:dd:f4:c9:f4:53:a0:1d:12:ea:54:f9:ed:
c9:55:d7:ee:2a:7e:38:63:80:1a:66:62:a9:73:30:7c:44:b4:
14:64:f7:af
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEA9yPtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OGY2ZjVkZWMwOWJjN2ExMjAzMDQ1Njk5YmEwNTgyOTVkMzhlMzQ2MB4XDTIyMDEw
MTAwNTcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDkwMWEwNzVmYjNm
OTEzNjEzOTlmODQwM2IzYjdlMGFjM2ZhODdmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeRLmgu2LrF7rEKuWBz2VU2ivgIldp4BgKCvj1Nt1Ueidru
QfjNj03oE23rvBAXE8ue8hWCvoQsZ2/NRhC0TOj9BlXRaqorescLU1i7qejjVxK4
IyIyv+X4u5xPU3aFBrtwrIX7AlLc86Je9FarELKFs6VE4MvIwExY9nxQtAhJf+8X
THuXF8ZhqoTKsmX5MBNGGD9yyM42Ffhz1qcqFNM3DWj3tLrFfFsg2K6jcd7ZkXbQ
e3+V8I7IpLx9+2GWpH/UCvDEevuc5Gch+THPeHDR5lEYzIkkfUQ0kAaLvO9rEe/4
ueVqj+RPjbh4JMOIt7EkcjXindXkovFrZ34EClMCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTZAaB1+z+RNhOZ+EA7O34Kw/qH9jAfBgNVHSMEGDAWgBTI9vXewJvHoSAw
RWmboFgpXTjjRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lQYjEzc0NieDZFZ01FVnBtNkJZS1YwNDQwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvNDhjYjg2LTI3NTAtNGQ2YS04YTcxLTFiZTUyNTU3Njg2My8x
LzJRR2dkZnNfa1RZVG1maEFPenQtQ3NQNmhfWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
NDhjYjg2LTI3NTAtNGQ2YS04YTcxLTFiZTUyNTU3Njg2My8xL3lQYjEzc0NieDZF
Z01FVnBtNkJZS1YwNDQwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBFD28AMEA1OI8AMEA7DdCAMEArkH
yDANBAIAAjAHAwUAKgPPgDANBgkqhkiG9w0BAQsFAAOCAQEAkBtCqKPKSl2oIfHr
8nmatkLDVv6Im/rVubU/iUCK9irpzPtrTBM72vZ5z3zR6eslPyd1BC2kQgD5f0c4
uX0wGNW5ZqToMcbM0bufncUBTntkT+ndnee1ZKD68Ns9tl8afDAxbR+I2AzSvfzC
OmLnbNFAoRSWFW0DjiQgFg8MQoLGhjE4wYh3IZiTgdlHKhgjDrWbr77vrliz8vMM
4jQP0m0cObSM8VmXhX8BsUZgGqi64gNW+RS5yaQFy1ljEp7AeSXg1FCVe5SEoWpz
QHmQ+m3S4XnCupjPrY3+TptZ3fTJ9FOgHRLqVPntyVXX7ip+OGOAGmZiqXMwfES0
FGT3rw==
-----END CERTIFICATE-----
Generated at Fri Apr 18 18:39:40 2025 by rpki-client