Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/gx1SCX17EN8yNFFOaZKqHyy38bg.roa
File: gx1SCX17EN8yNFFOaZKqHyy38bg.roa (raw, json)
Hash identifier: y86l006aIRQbh6g6sMv1/V04L9sTmUKHfB0xrZAQk4Q=
Subject key identifier: 83:1D:52:09:7D:7B:10:DF:32:34:51:4E:69:92:AA:1F:2C:B7:F1:B8
Certificate issuer: /CN=8a552a86e31b69e5d5320ede81d34bb128a45cee
Certificate serial: 0194266A12645B594634379B9B39DA7E063B
Authority key identifier: 8A:55:2A:86:E3:1B:69:E5:D5:32:0E:DE:81:D3:4B:B1:28:A4:5C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ilUqhuMbaeXVMg7egdNLsSikXO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/gx1SCX17EN8yNFFOaZKqHyy38bg.roa
Signing time: Thu 02 Jan 2025 09:47:53 +0000
ROA not before: Thu 02 Jan 2025 09:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60950
IP address blocks: 185.23.24.0/22 maxlen: 22
185.23.24.0/24 maxlen: 24
185.23.25.0/24 maxlen: 24
185.23.26.0/24 maxlen: 24
185.23.27.0/24 maxlen: 24
185.100.128.0/22 maxlen: 22
185.100.128.0/24 maxlen: 24
185.100.129.0/24 maxlen: 24
185.100.130.0/24 maxlen: 24
185.100.131.0/24 maxlen: 24
2a00:6960::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:12:64:5b:59:46:34:37:9b:9b:39:da:7e:06:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a552a86e31b69e5d5320ede81d34bb128a45cee
Validity
Not Before: Jan 2 09:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=831d52097d7b10df3234514e6992aa1f2cb7f1b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:93:9f:a3:98:ab:b3:4f:f3:c4:f6:3e:73:57:
cc:12:d8:3b:75:02:7f:51:16:c4:a7:fa:2d:55:5c:
d8:b9:13:ae:a9:02:c1:55:6a:d1:e6:12:90:7a:1b:
13:06:b4:b8:07:3f:99:74:e9:32:e2:62:4b:67:0a:
cf:ad:03:6e:38:ea:16:68:7e:d8:2d:95:11:f7:50:
17:2d:36:a4:c4:03:68:bb:ce:91:8b:5a:cd:15:b4:
ed:41:39:8c:e8:a4:4a:79:66:65:b7:3d:8a:16:ad:
22:40:74:06:60:0d:c6:62:48:9a:cf:27:c1:c2:5b:
36:f5:c0:ea:b5:03:02:ff:72:04:0b:7a:1b:1e:e6:
b0:f7:96:5d:79:66:8d:e7:65:83:55:c9:c8:fc:0e:
df:75:b6:8a:d3:51:1f:ec:f6:5a:76:d6:5b:3e:17:
0d:a2:c3:fb:fb:ac:a5:90:2e:a9:b6:58:d6:a4:b6:
77:42:f5:e0:1f:46:46:ef:71:07:cb:83:8f:22:60:
68:c1:af:c6:dc:d2:8e:0b:1d:a4:67:32:46:05:5e:
d1:00:db:d2:90:eb:32:fc:b9:8a:ea:ba:bc:17:98:
3a:e4:a1:a8:7a:3e:49:d5:88:f8:f5:00:87:67:42:
8d:67:ae:34:3d:72:20:84:88:61:18:18:00:0d:af:
8c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:1D:52:09:7D:7B:10:DF:32:34:51:4E:69:92:AA:1F:2C:B7:F1:B8
X509v3 Authority Key Identifier:
keyid:8A:55:2A:86:E3:1B:69:E5:D5:32:0E:DE:81:D3:4B:B1:28:A4:5C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilUqhuMbaeXVMg7egdNLsSikXO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/gx1SCX17EN8yNFFOaZKqHyy38bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/ilUqhuMbaeXVMg7egdNLsSikXO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.24.0/22
185.100.128.0/22
IPv6:
2a00:6960::/32
Signature Algorithm: sha256WithRSAEncryption
50:22:85:a6:14:a3:bd:9a:fd:42:ee:6f:72:bc:80:e0:92:e2:
4f:c8:bf:c1:9d:e1:b7:51:f3:d6:fb:f7:29:1d:b8:4e:71:b4:
0f:1e:a4:f9:ef:90:84:3a:93:26:e4:28:10:02:ea:b5:77:98:
17:57:22:10:30:44:4b:6b:3c:b4:66:e0:62:c4:f5:91:7e:fe:
91:65:c6:44:b0:58:d8:d1:ef:c9:74:5a:b0:f3:8e:18:11:d6:
b1:ea:29:9c:40:50:61:2a:25:f4:21:be:ed:94:55:ae:f6:87:
74:2f:72:4e:87:6a:5e:d8:a5:05:e4:c4:b2:ea:90:c1:53:1b:
f8:f5:b9:0d:04:82:1b:7e:4e:34:48:9b:74:22:24:56:3b:65:
cf:3a:3f:b9:1f:8d:c2:eb:f4:d3:4f:a0:31:65:bc:43:2b:7f:
16:ec:c6:77:ed:51:6c:59:d4:b4:c6:8d:b2:1a:53:21:db:db:
ea:97:d6:32:bc:42:c4:63:69:82:ba:52:35:d5:e6:3d:13:03:
39:04:40:ab:06:ca:50:61:f3:5d:d2:5b:7b:19:9b:be:f8:1d:
dd:78:b5:4d:14:e7:f4:1c:61:fc:70:70:bb:a1:05:7f:ea:e5:
88:7a:6e:11:ce:e5:2f:5c:d6:6c:b0:69:53:5b:8d:5a:46:40:
48:90:78:1a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQmahJkW1lGNDebmznafgY7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNTUyYTg2ZTMxYjY5ZTVkNTMyMGVkZTgxZDM0YmIxMjhh
NDVjZWUwHhcNMjUwMTAyMDk0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzFkNTIwOTdkN2IxMGRmMzIzNDUxNGU2OTkyYWExZjJjYjdmMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpOfo5irs0/zxPY+c1fMEtg7dQJ/
URbEp/otVVzYuROuqQLBVWrR5hKQehsTBrS4Bz+ZdOky4mJLZwrPrQNuOOoWaH7Y
LZUR91AXLTakxANou86Ri1rNFbTtQTmM6KRKeWZltz2KFq0iQHQGYA3GYkiazyfB
wls29cDqtQMC/3IEC3obHuaw95ZdeWaN52WDVcnI/A7fdbaK01Ef7PZadtZbPhcN
osP7+6ylkC6ptljWpLZ3QvXgH0ZG73EHy4OPImBowa/G3NKOCx2kZzJGBV7RANvS
kOsy/LmK6rq8F5g65KGoej5J1Yj49QCHZ0KNZ640PXIghIhhGBgADa+M8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIMdUgl9exDfMjRRTmmSqh8st/G4MB8GA1UdIwQY
MBaAFIpVKobjG2nl1TIO3oHTS7EopFzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxVcWh1TWJhZVhWTWc3ZWdkTkxzU2lrWE80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lOTU0YjktODczOC00NDk2LTg5YWQt
NzhhMTI2YmYwYWRjLzEvZ3gxU0NYMTdFTjh5TkZGT2FaS3FIeXkzOGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lOTU0YjktODczOC00NDk2LTg5YWQtNzhhMTI2YmYwYWRj
LzEvaWxVcWh1TWJhZVhWTWc3ZWdkTkxzU2lrWE80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRcYAwQC
uWSAMA0EAgACMAcDBQAqAGlgMA0GCSqGSIb3DQEBCwUAA4IBAQBQIoWmFKO9mv1C
7m9yvIDgkuJPyL/BneG3UfPW+/cpHbhOcbQPHqT575CEOpMm5CgQAuq1d5gXVyIQ
MERLazy0ZuBixPWRfv6RZcZEsFjY0e/JdFqw844YEdax6imcQFBhKiX0Ib7tlFWu
9od0L3JOh2pe2KUF5MSy6pDBUxv49bkNBIIbfk40SJt0IiRWO2XPOj+5H43C6/TT
T6AxZbxDK38W7MZ37VFsWdS0xo2yGlMh29vql9YyvELEY2mCulI11eY9EwM5BECr
BspQYfNd0lt7GZu++B3deLVNFOf0HGH8cHC7oQV/6uWIem4RzuUvXNZssGlTW41a
RkBIkHga
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:02 2025 by rpki-client