Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/EA53v_pWR7kr9w6LVpzVQJM_4Ho.roa
File: EA53v_pWR7kr9w6LVpzVQJM_4Ho.roa (raw, json)
Hash identifier: XEc8jnrHM1YfzG14emk+ERsXbSatNlvkSvc84QCEnuI=
Subject key identifier: 10:0E:77:BF:FA:56:47:B9:2B:F7:0E:8B:56:9C:D5:40:93:3F:E0:7A
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018570FB917A184BC6ACA9405605B38142C8
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/EA53v_pWR7kr9w6LVpzVQJM_4Ho.roa
Signing time: Mon 02 Jan 2023 05:36:52 +0000
ROA not before: Mon 02 Jan 2023 05:36:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33823
IP address blocks: 212.87.200.0/22 maxlen: 24
89.39.203.0/24 maxlen: 24
95.214.38.0/23 maxlen: 24
193.168.186.0/24 maxlen: 24
2a0e:4844::/32 maxlen: 48
2a0e:4840::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:91:7a:18:4b:c6:ac:a9:40:56:05:b3:81:42:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 2 05:36:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=100e77bffa5647b92bf70e8b569cd540933fe07a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fd:de:49:84:72:51:fd:4d:10:98:e1:03:19:
4e:2d:bd:ab:1b:8d:43:39:70:93:61:f1:2b:32:2a:
58:65:ce:4e:fd:9e:5c:29:3a:d5:9f:e8:fe:18:dc:
02:be:ed:33:5a:d9:e5:52:38:c7:4f:4b:5d:25:96:
46:66:3d:6f:a4:49:0d:44:17:63:ab:15:f2:91:06:
4a:6e:91:6c:e2:7c:f8:0c:b1:28:35:5d:e8:8b:14:
3e:bc:d4:f2:ca:a0:05:29:4f:61:24:37:bb:1b:ee:
db:32:c0:c3:09:f5:e0:cc:24:04:d9:93:cc:89:24:
12:ef:d3:6b:ae:67:50:a1:2b:2c:b1:79:70:aa:48:
75:8a:05:e3:da:12:ea:11:ff:e2:0e:0e:69:e2:80:
48:3e:f4:50:49:22:22:cf:f8:a1:5f:4b:84:15:71:
7f:ce:f3:84:77:d8:00:b9:43:56:79:42:63:fb:46:
eb:be:4d:ce:2d:e0:c4:0e:09:05:5d:a3:fa:37:1c:
8a:8a:bd:c6:31:c1:43:e8:54:92:e3:1b:63:35:1b:
20:75:f3:aa:c1:34:ae:d0:ff:75:6d:ae:26:b1:71:
85:ff:75:10:38:1d:8a:5a:52:df:f3:35:b4:c2:2f:
0b:5f:6a:5c:c5:0c:c0:21:0e:ce:ed:f2:ff:4d:ee:
af:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:0E:77:BF:FA:56:47:B9:2B:F7:0E:8B:56:9C:D5:40:93:3F:E0:7A
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/EA53v_pWR7kr9w6LVpzVQJM_4Ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.203.0/24
95.214.38.0/23
193.168.186.0/24
212.87.200.0/22
IPv6:
2a0e:4840::/32
2a0e:4844::/32
Signature Algorithm: sha256WithRSAEncryption
82:65:25:28:9c:ec:a0:64:5f:fb:64:9d:59:e8:92:36:92:ec:
16:cd:3a:8c:78:46:ce:c2:e7:bd:04:65:c4:79:21:0d:41:85:
1b:4b:c7:8c:51:b5:cb:6d:d9:1c:44:e6:c3:74:b7:b1:bf:ad:
3f:d3:7f:d3:7a:c1:cd:87:67:b9:a5:68:2a:7a:95:e4:2a:b4:
e7:4b:68:63:8f:47:4b:23:b6:2c:95:18:53:92:4b:66:64:f4:
cd:1b:86:3d:d0:b8:33:ff:63:93:bd:3a:29:a3:f7:7b:33:25:
7f:31:b1:f2:32:19:1d:af:4d:e2:12:04:88:45:32:d5:9b:f8:
b2:a4:24:3d:a2:12:09:e9:33:3e:da:3e:f6:5b:2a:36:36:1f:
d7:94:7c:08:8a:04:f3:47:72:c3:aa:8d:0e:ec:88:2f:9a:b6:
e0:01:2f:dd:36:a5:5b:19:5e:ed:63:4e:77:94:1a:2c:25:6a:
ee:d4:69:53:b3:18:40:16:cd:0e:c9:ae:61:5e:5d:fc:73:bc:
5e:fb:db:6f:b1:f0:da:ed:19:1e:7c:b4:15:f8:7b:06:82:45:
13:98:4e:6c:92:81:36:a8:97:5f:38:9d:f2:01:6a:d6:4e:4a:
1d:1c:7c:ac:f7:6e:52:66:33:2d:c3:50:9a:f8:06:92:2e:10:
2b:bc:7a:2d
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVw+5F6GEvGrKlAVgWzgULIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjMwMTAyMDUzNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDBlNzdiZmZhNTY0N2I5MmJmNzBlOGI1NjljZDU0MDkzM2ZlMDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv3eSYRyUf1NEJjhAxlOLb2rG41D
OXCTYfErMipYZc5O/Z5cKTrVn+j+GNwCvu0zWtnlUjjHT0tdJZZGZj1vpEkNRBdj
qxXykQZKbpFs4nz4DLEoNV3oixQ+vNTyyqAFKU9hJDe7G+7bMsDDCfXgzCQE2ZPM
iSQS79NrrmdQoSsssXlwqkh1igXj2hLqEf/iDg5p4oBIPvRQSSIiz/ihX0uEFXF/
zvOEd9gAuUNWeUJj+0brvk3OLeDEDgkFXaP6NxyKir3GMcFD6FSS4xtjNRsgdfOq
wTSu0P91ba4msXGF/3UQOB2KWlLf8zW0wi8LX2pcxQzAIQ7O7fL/Te6viwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBAOd7/6Vke5K/cOi1ac1UCTP+B6MB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvRUE1M3ZfcFdSN2tyOXc2TFZwelZRSk1fNEhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAWSfLAwQB
X9YmAwQAwai6AwQC1FfIMBQEAgACMA4DBQAqDkhAAwUAKg5IRDANBgkqhkiG9w0B
AQsFAAOCAQEAgmUlKJzsoGRf+2SdWeiSNpLsFs06jHhGzsLnvQRlxHkhDUGFG0vH
jFG1y23ZHETmw3S3sb+tP9N/03rBzYdnuaVoKnqV5Cq050toY49HSyO2LJUYU5JL
ZmT0zRuGPdC4M/9jk706KaP3ezMlfzGx8jIZHa9N4hIEiEUy1Zv4sqQkPaISCekz
Pto+9lsqNjYf15R8CIoE80dyw6qNDuyIL5q24AEv3TalWxle7WNOd5QaLCVq7tRp
U7MYQBbNDsmuYV5d/HO8Xvvbb7Hw2u0ZHny0Ffh7BoJFE5hObJKBNqiXXzid8gFq
1k5KHRx8rPduUmYzLcNQmvgGki4QK7x6LQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:46 2025 by rpki-client