Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/2wHwx53AaZsSYQj4wKw1mI2KXko.roa
File: 2wHwx53AaZsSYQj4wKw1mI2KXko.roa (raw, json)
Hash identifier: FPJ8G3x34zRheQnxxBbWNrXDtbCK8yRNdqk0WZl8ook=
Subject key identifier: DB:01:F0:C7:9D:C0:69:9B:12:61:08:F8:C0:AC:35:98:8D:8A:5E:4A
Certificate issuer: /CN=c8f6f5dec09bc7a1203045699ba058295d38e346
Certificate serial: 01857227C9F777A330C41D1C480886DB49A8
Authority key identifier: C8:F6:F5:DE:C0:9B:C7:A1:20:30:45:69:9B:A0:58:29:5D:38:E3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPb13sCbx6EgMEVpm6BYKV0440Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/2wHwx53AaZsSYQj4wKw1mI2KXko.roa
Signing time: Mon 02 Jan 2023 11:04:48 +0000
ROA not before: Mon 02 Jan 2023 11:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31484
IP address blocks: 80.246.240.0/20 maxlen: 20
185.7.200.0/22 maxlen: 22
176.221.11.0/24 maxlen: 24
176.221.8.0/21 maxlen: 21
176.221.14.0/24 maxlen: 24
83.136.240.0/21 maxlen: 21
2a03:cf80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:c9:f7:77:a3:30:c4:1d:1c:48:08:86:db:49:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f6f5dec09bc7a1203045699ba058295d38e346
Validity
Not Before: Jan 2 11:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db01f0c79dc0699b126108f8c0ac35988d8a5e4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:38:9f:ee:0b:1b:b1:a7:d7:68:a1:77:6d:bc:
93:e0:25:9a:9d:68:ef:0f:d5:bf:90:00:5b:4c:4d:
d9:17:ea:ea:d7:9c:da:2e:82:dc:df:d7:91:bc:f1:
17:31:3f:67:56:13:ef:8f:46:03:e1:78:dc:76:11:
e5:3f:f1:5d:40:f1:74:e3:c3:9f:5d:63:97:f9:3e:
e3:34:32:cb:f2:83:b5:c2:fe:10:2d:ae:8b:b6:6b:
a5:db:79:da:8a:54:89:0e:12:f6:ed:ed:fb:97:1c:
9d:f3:eb:fc:99:2e:5e:7f:cf:fc:38:48:cc:81:6d:
39:06:43:d5:eb:5f:0d:c4:3b:ba:b0:e4:cc:39:a0:
01:38:f6:1b:29:f8:28:03:c0:07:1e:a7:47:bc:f2:
56:f3:9e:9f:d1:8f:c0:32:46:2d:02:d6:8a:c9:5a:
9a:c0:07:66:82:f0:0f:88:1f:72:64:14:64:a5:a1:
26:a5:d3:2b:e3:ea:ed:b3:39:fa:93:9e:de:af:78:
3a:03:16:ff:5c:0f:96:79:1c:5e:e9:47:25:d7:c4:
3e:df:55:e2:68:1d:0c:7b:f3:87:20:99:6e:0d:48:
79:c1:1a:e5:1b:18:f3:35:0b:6b:6c:cc:4c:06:62:
20:dc:c4:aa:d0:17:40:73:4b:f2:b0:43:b3:b2:bb:
cd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:01:F0:C7:9D:C0:69:9B:12:61:08:F8:C0:AC:35:98:8D:8A:5E:4A
X509v3 Authority Key Identifier:
keyid:C8:F6:F5:DE:C0:9B:C7:A1:20:30:45:69:9B:A0:58:29:5D:38:E3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPb13sCbx6EgMEVpm6BYKV0440Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/2wHwx53AaZsSYQj4wKw1mI2KXko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/yPb13sCbx6EgMEVpm6BYKV0440Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.246.240.0/20
83.136.240.0/21
176.221.8.0/21
185.7.200.0/22
IPv6:
2a03:cf80::/32
Signature Algorithm: sha256WithRSAEncryption
8c:ce:35:34:b0:39:ab:a3:72:65:d8:9c:12:0a:39:16:1e:9a:
93:84:8c:fd:36:28:e8:63:18:16:d1:be:91:1a:f3:56:d4:38:
d4:7e:0e:de:99:82:33:28:b6:40:12:11:ed:9d:1a:51:1a:6c:
fb:1c:34:2a:95:ba:bb:4f:3d:6b:37:37:1e:50:81:fc:8b:eb:
8a:7e:b4:54:80:b2:1e:ff:a1:b9:73:dc:ad:34:17:fa:70:61:
d3:af:b4:9e:d4:83:09:44:14:02:b5:d5:5b:22:38:a0:16:8b:
e0:a1:9b:78:05:cb:41:19:94:8a:36:84:d3:5d:95:eb:d3:5c:
26:51:9c:a7:30:61:0c:17:43:f0:aa:b1:1d:55:a6:4f:c9:c8:
2c:01:b3:bf:eb:f5:06:67:94:1d:08:82:db:65:29:a0:0f:e9:
6d:18:91:ce:0b:1b:d1:a1:d2:32:a6:17:b3:00:74:94:59:5c:
7a:65:77:93:0a:07:d2:3d:1b:8b:0e:71:e4:c2:bc:1c:50:2c:
6b:d9:31:43:46:70:43:c1:3e:2a:29:c8:b9:92:3e:89:34:fe:
b7:54:a7:27:30:e1:8d:5a:e8:84:3b:a0:32:73:66:a9:4e:b4:
71:c0:c8:d3:ea:96:e5:c1:14:90:58:80:b0:fe:e4:b9:80:d9:
e7:0c:1f:9a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVyJ8n3d6MwxB0cSAiG20moMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjZmNWRlYzA5YmM3YTEyMDMwNDU2OTliYTA1ODI5NWQz
OGUzNDYwHhcNMjMwMTAyMTEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjAxZjBjNzlkYzA2OTliMTI2MTA4ZjhjMGFjMzU5ODhkOGE1ZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjif7gsbsafXaKF3bbyT4CWanWjv
D9W/kABbTE3ZF+rq15zaLoLc39eRvPEXMT9nVhPvj0YD4XjcdhHlP/FdQPF048Of
XWOX+T7jNDLL8oO1wv4QLa6Ltmul23nailSJDhL27e37lxyd8+v8mS5ef8/8OEjM
gW05BkPV618NxDu6sOTMOaABOPYbKfgoA8AHHqdHvPJW856f0Y/AMkYtAtaKyVqa
wAdmgvAPiB9yZBRkpaEmpdMr4+rtszn6k57er3g6Axb/XA+WeRxe6Ucl18Q+31Xi
aB0Me/OHIJluDUh5wRrlGxjzNQtrbMxMBmIg3MSq0BdAc0vysEOzsrvNaQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNsB8MedwGmbEmEI+MCsNZiNil5KMB8GA1UdIwQY
MBaAFMj29d7Am8ehIDBFaZugWCldOONGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBiMTNzQ2J4NkVnTUVWcG02QllLVjA0NDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS80OGNiODYtMjc1MC00ZDZhLThhNzEt
MWJlNTI1NTc2ODYzLzEvMndId3g1M0FhWnNTWVFqNHdLdzFtSTJLWGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS80OGNiODYtMjc1MC00ZDZhLThhNzEtMWJlNTI1NTc2ODYz
LzEveVBiMTNzQ2J4NkVnTUVWcG02QllLVjA0NDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUPbwAwQD
U4jwAwQDsN0IAwQCuQfIMA0EAgACMAcDBQAqA8+AMA0GCSqGSIb3DQEBCwUAA4IB
AQCMzjU0sDmro3Jl2JwSCjkWHpqThIz9NijoYxgW0b6RGvNW1DjUfg7emYIzKLZA
EhHtnRpRGmz7HDQqlbq7Tz1rNzceUIH8i+uKfrRUgLIe/6G5c9ytNBf6cGHTr7Se
1IMJRBQCtdVbIjigFovgoZt4BctBGZSKNoTTXZXr01wmUZynMGEMF0PwqrEdVaZP
ycgsAbO/6/UGZ5QdCILbZSmgD+ltGJHOCxvRodIyphezAHSUWVx6ZXeTCgfSPRuL
DnHkwrwcUCxr2TFDRnBDwT4qKci5kj6JNP63VKcnMOGNWuiEO6Ayc2apTrRxwMjT
6pblwRSQWICw/uS5gNnnDB+a
-----END CERTIFICATE-----
Generated at Fri Apr 18 18:35:03 2025 by rpki-client