Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/gZ1FhnFtpLTPuY9azcrZRGx5Hqc.roa
File: gZ1FhnFtpLTPuY9azcrZRGx5Hqc.roa (raw, json)
Hash identifier: L5YlUEOpoSEypGlsqLuJ/bMpvZBGZ9xNe8DU0oLvUww=
Subject key identifier: 81:9D:45:86:71:6D:A4:B4:CF:B9:8F:5A:CD:CA:D9:44:6C:79:1E:A7
Certificate issuer: /CN=2c94d70cfb7e69019a2e01c87d0a5d545a599b52
Certificate serial: 0194228D4F683273312256393234280D8AB1
Authority key identifier: 2C:94:D7:0C:FB:7E:69:01:9A:2E:01:C8:7D:0A:5D:54:5A:59:9B:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJTXDPt-aQGaLgHIfQpdVFpZm1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/gZ1FhnFtpLTPuY9azcrZRGx5Hqc.roa
Signing time: Wed 01 Jan 2025 15:47:53 +0000
ROA not before: Wed 01 Jan 2025 15:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206049
IP address blocks: 185.197.56.0/22 maxlen: 24
212.11.67.0/24 maxlen: 24
212.11.76.0/24 maxlen: 24
2a0a:7640::/29 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:4f:68:32:73:31:22:56:39:32:34:28:0d:8a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c94d70cfb7e69019a2e01c87d0a5d545a599b52
Validity
Not Before: Jan 1 15:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=819d4586716da4b4cfb98f5acdcad9446c791ea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4e:50:12:df:0e:b7:bd:f4:6e:90:a1:40:af:
8d:06:92:50:36:f0:7a:48:b6:bb:ff:30:8d:cf:d4:
b5:bc:e9:9e:b1:a9:34:d7:3f:cb:2a:83:9a:83:9f:
b1:5f:e5:1b:72:11:57:c3:85:5a:69:02:42:1e:73:
97:90:ec:f2:9e:01:45:6e:cf:5e:2b:b6:4f:42:02:
98:fe:18:c2:44:c2:b6:db:a0:0a:e6:18:17:03:d6:
44:2b:a0:a8:4c:95:b9:d3:a5:97:d8:51:20:ed:77:
c1:91:6e:55:4b:d0:2a:1d:4b:62:8e:ab:54:27:b0:
83:07:17:d3:11:67:d4:09:52:b8:86:ec:e2:b8:6c:
0c:1c:7e:46:f6:27:47:da:39:5b:9c:55:14:40:fa:
5f:d3:ab:cd:55:d8:2e:5c:91:40:28:35:3d:10:55:
ad:b0:f2:5b:77:1e:c5:86:f8:04:fe:f9:fc:61:ef:
4f:3f:2c:61:da:ce:f2:24:fc:2e:23:a4:bc:93:85:
b4:48:fd:17:81:a4:5f:23:6f:0b:0b:76:d5:c2:56:
65:e0:9f:85:e9:b4:a5:0b:76:c9:0f:a6:46:a8:69:
b2:6b:22:30:4c:4f:9f:4b:f5:3c:a6:eb:dd:af:dc:
84:6b:30:b4:0e:fe:4a:a5:a2:d9:c9:85:ae:42:6c:
49:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:9D:45:86:71:6D:A4:B4:CF:B9:8F:5A:CD:CA:D9:44:6C:79:1E:A7
X509v3 Authority Key Identifier:
keyid:2C:94:D7:0C:FB:7E:69:01:9A:2E:01:C8:7D:0A:5D:54:5A:59:9B:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJTXDPt-aQGaLgHIfQpdVFpZm1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/gZ1FhnFtpLTPuY9azcrZRGx5Hqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/LJTXDPt-aQGaLgHIfQpdVFpZm1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.56.0/22
212.11.67.0/24
212.11.76.0/24
IPv6:
2a0a:7640::/29
Signature Algorithm: sha256WithRSAEncryption
b1:ab:1c:f7:cd:7a:8b:23:db:54:64:59:ca:75:78:fb:61:40:
73:3c:de:c3:8c:56:15:97:e7:98:c5:73:68:ad:e4:10:60:c1:
9c:64:0d:e1:1c:d2:09:bf:1d:92:13:f2:cc:93:4e:a5:b3:35:
f3:53:6c:34:a8:30:38:89:88:e5:64:f5:72:1d:e0:1c:c7:47:
86:fb:53:04:42:28:7d:21:ab:c9:bd:1a:a6:83:5a:22:b6:cf:
87:5b:6d:2a:08:d7:68:4f:4c:3e:e0:be:90:2d:90:44:24:e4:
51:b6:25:31:f3:f4:68:8c:21:ed:1e:06:ab:2d:2f:8f:9d:55:
79:e1:04:fd:4d:56:45:71:17:95:a9:6b:dd:07:b7:c3:a2:39:
82:80:94:36:52:2e:74:fb:97:d7:58:ea:02:ba:79:23:d7:01:
9e:44:77:d2:85:58:2d:ad:30:13:7e:d8:93:22:b2:a1:5a:b5:
bf:96:fd:fc:3c:a6:87:08:09:9a:fb:b9:b1:21:b5:df:93:c8:
1f:19:d3:af:e1:1c:aa:6e:4a:71:4d:58:e7:97:f5:12:07:85:
50:1b:90:38:4d:8f:61:64:61:b4:2d:3c:64:89:ba:56:05:7f:
a8:dd:f4:72:35:04:f0:9e:af:ed:73:a3:54:4e:fb:dd:b4:83:
19:46:a5:d2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQijU9oMnMxIlY5MjQoDYqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTRkNzBjZmI3ZTY5MDE5YTJlMDFjODdkMGE1ZDU0NWE1
OTliNTIwHhcNMjUwMTAxMTU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTlkNDU4NjcxNmRhNGI0Y2ZiOThmNWFjZGNhZDk0NDZjNzkxZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk5QEt8Ot730bpChQK+NBpJQNvB6
SLa7/zCNz9S1vOmesak01z/LKoOag5+xX+UbchFXw4VaaQJCHnOXkOzyngFFbs9e
K7ZPQgKY/hjCRMK226AK5hgXA9ZEK6CoTJW506WX2FEg7XfBkW5VS9AqHUtijqtU
J7CDBxfTEWfUCVK4huziuGwMHH5G9idH2jlbnFUUQPpf06vNVdguXJFAKDU9EFWt
sPJbdx7FhvgE/vn8Ye9PPyxh2s7yJPwuI6S8k4W0SP0XgaRfI28LC3bVwlZl4J+F
6bSlC3bJD6ZGqGmyayIwTE+fS/U8puvdr9yEazC0Dv5KpaLZyYWuQmxJhwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIGdRYZxbaS0z7mPWs3K2URseR6nMB8GA1UdIwQY
MBaAFCyU1wz7fmkBmi4ByH0KXVRaWZtSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEpUWERQdC1hUUdhTGdISWZRcGRWRnBabTFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xYmRhN2MtOTg1OC00M2Y1LTg2NTkt
NjlmYzA1NmIyNjI1LzEvZ1oxRmhuRnRwTFRQdVk5YXpjclpSR3g1SHFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xYmRhN2MtOTg1OC00M2Y1LTg2NTktNjlmYzA1NmIyNjI1
LzEvTEpUWERQdC1hUUdhTGdISWZRcGRWRnBabTFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCucU4AwQA
1AtDAwQA1AtMMA0EAgACMAcDBQMqCnZAMA0GCSqGSIb3DQEBCwUAA4IBAQCxqxz3
zXqLI9tUZFnKdXj7YUBzPN7DjFYVl+eYxXNoreQQYMGcZA3hHNIJvx2SE/LMk06l
szXzU2w0qDA4iYjlZPVyHeAcx0eG+1MEQih9IavJvRqmg1oits+HW20qCNdoT0w+
4L6QLZBEJORRtiUx8/RojCHtHgarLS+PnVV54QT9TVZFcReVqWvdB7fDojmCgJQ2
Ui50+5fXWOoCunkj1wGeRHfShVgtrTATftiTIrKhWrW/lv38PKaHCAma+7mxIbXf
k8gfGdOv4RyqbkpxTVjnl/USB4VQG5A4TY9hZGG0LTxkibpWBX+o3fRyNQTwnq/t
c6NUTvvdtIMZRqXS
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:40 2025 by rpki-client