Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/fyKg4abXq-u594ZJJToD2Lh9zGQ.roa
File: fyKg4abXq-u594ZJJToD2Lh9zGQ.roa (raw, json)
Hash identifier: JmKv5OCgUkzgRs+ozN+xluzX6SR3TecqYivfhnCf/rA=
Subject key identifier: 7F:22:A0:E1:A6:D7:AB:EB:B9:F7:86:49:25:3A:03:D8:B8:7D:CC:64
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BF75C47EF0C2A0443ADD62E83D0E276A7
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/fyKg4abXq-u594ZJJToD2Lh9zGQ.roa
Signing time: Wed 22 Nov 2023 14:08:21 +0000
ROA not before: Wed 22 Nov 2023 14:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
89.34.225.0/24 maxlen: 24
89.34.224.0/24 maxlen: 24
89.34.224.0/23 maxlen: 23
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.122.0/24 maxlen: 24
89.47.121.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
89.47.120.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.47.127.0/24 maxlen: 24
89.47.126.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:5c:47:ef:0c:2a:04:43:ad:d6:2e:83:d0:e2:76:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 22 14:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f22a0e1a6d7abebb9f78649253a03d8b87dcc64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c1:f3:ea:c7:dc:28:d5:14:2e:e8:7f:b2:43:
92:40:24:75:e6:3e:4a:ae:46:7c:65:8b:78:08:cd:
34:e2:1f:95:18:8a:8e:95:f8:28:c3:be:49:a9:54:
4e:db:8c:87:83:a0:dd:5a:81:a8:d4:8e:01:fa:85:
2d:ac:79:ed:ce:a9:14:e7:4e:c5:0b:73:62:c3:08:
1e:cc:19:65:18:e6:86:e7:e8:c8:d2:72:3f:b9:27:
40:cd:85:22:cd:b1:89:c1:9d:29:8c:a2:ab:89:ec:
44:3d:03:61:16:6f:ce:b1:fa:5d:c5:ed:60:70:63:
d2:75:5e:fa:e5:ef:eb:a1:aa:21:9d:36:96:f4:fd:
86:5f:e9:6e:a0:6c:e0:19:84:2d:8a:4e:0f:71:51:
fe:7d:51:83:a7:43:07:81:60:3d:1d:ed:d0:b0:d4:
5f:f6:ad:97:27:ce:f0:1d:d9:3b:a1:ea:f9:3a:0a:
bc:37:6b:b9:67:68:ed:4a:77:74:1b:70:14:9b:fa:
61:d1:de:e5:3c:fd:d4:d4:5c:03:15:39:b1:03:59:
aa:81:0a:6f:bb:3e:17:63:9d:28:35:94:38:2e:db:
5e:ee:16:2e:38:ee:96:d6:ad:23:ec:81:3a:70:8e:
81:65:41:e0:7d:71:a0:75:29:f2:78:ac:14:5e:9c:
94:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:22:A0:E1:A6:D7:AB:EB:B9:F7:86:49:25:3A:03:D8:B8:7D:CC:64
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/fyKg4abXq-u594ZJJToD2Lh9zGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.34.224.0/23
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0/19
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
49:cb:80:47:8c:0e:bc:dd:19:7a:f4:b1:b6:93:19:2f:c2:4f:
7d:1c:25:34:df:b4:15:e3:d4:00:cf:56:91:0a:44:4d:cb:fe:
ce:10:81:73:07:18:0c:6c:8b:ee:4f:a2:15:da:f1:24:f8:c0:
89:2f:bc:4f:cb:63:1f:8e:34:d1:41:e6:d0:c7:4d:b2:3c:3d:
5a:7a:d3:03:64:bf:bb:e1:42:88:46:66:41:9b:c7:00:05:90:
f2:70:09:f5:31:c4:52:84:94:17:b8:ff:76:d2:bc:fe:79:04:
1e:77:0e:e9:a2:5d:38:bc:21:04:8b:ee:ac:7f:dc:74:e4:3a:
4f:b2:3b:6b:cf:ea:44:f1:ff:a0:8a:07:b0:18:bd:4a:18:8e:
ab:a1:0e:77:87:a0:97:39:fd:9c:09:3c:49:49:8f:e9:94:9c:
77:6b:b0:51:68:6a:e6:de:d7:ad:36:45:47:b6:bc:91:7c:8a:
5b:2c:04:70:e9:15:84:66:91:4e:67:a1:73:fa:02:61:8a:fd:
a8:b2:a9:5b:3b:7c:53:c7:ce:ac:0b:59:0d:5a:b0:dd:f7:84:
c1:3f:e9:31:28:14:cf:d6:4e:21:c3:8d:bb:40:b9:6d:2f:af:
c5:3d:2c:8e:8a:fb:f7:ff:07:61:b6:09:3e:b9:f4:81:eb:4c:
fd:89:ca:d3
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYv3XEfvDCoEQ63WLoPQ4nanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTIyMTQwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjIyYTBlMWE2ZDdhYmViYjlmNzg2NDkyNTNhMDNkOGI4N2RjYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcHz6sfcKNUULuh/skOSQCR15j5K
rkZ8ZYt4CM004h+VGIqOlfgow75JqVRO24yHg6DdWoGo1I4B+oUtrHntzqkU507F
C3NiwwgezBllGOaG5+jI0nI/uSdAzYUizbGJwZ0pjKKriexEPQNhFm/Osfpdxe1g
cGPSdV765e/roaohnTaW9P2GX+luoGzgGYQtik4PcVH+fVGDp0MHgWA9He3QsNRf
9q2XJ87wHdk7oer5Ogq8N2u5Z2jtSnd0G3AUm/ph0d7lPP3U1FwDFTmxA1mqgQpv
uz4XY50oNZQ4Ltte7hYuOO6W1q0j7IE6cI6BZUHgfXGgdSnyeKwUXpyUdwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFH8ioOGm16vrufeGSSU6A9i4fcxkMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvZnlLZzRhYlhxLXU1OTRaSkpUb0QyTGg5ekdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQAWSIbAwQB
WSLgAwQAWSOeAwQAWSdvAwQAWShDAwQAWS2kAwQFWS9gAwQAXXHMAwQAXXJPAwQA
XXLCAwQCwRPAAwQBwxwCMA0EAgACMAcDBQAgAU0YMA0GCSqGSIb3DQEBCwUAA4IB
AQBJy4BHjA683Rl69LG2kxkvwk99HCU037QV49QAz1aRCkRNy/7OEIFzBxgMbIvu
T6IV2vEk+MCJL7xPy2MfjjTRQebQx02yPD1aetMDZL+74UKIRmZBm8cABZDycAn1
McRShJQXuP920rz+eQQedw7pol04vCEEi+6sf9x05DpPsjtrz+pE8f+gigewGL1K
GI6roQ53h6CXOf2cCTxJSY/plJx3a7BRaGrm3tetNkVHtryRfIpbLARw6RWEZpFO
Z6Fz+gJhiv2osqlbO3xTx86sC1kNWrDd94TBP+kxKBTP1k4hw427QLltL6/FPSyO
ivv3/wdhtgk+ufSB60z9icrT
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:47:41 2025 by rpki-client