Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/lJFoGwOfjYG7bpWJkltu5e79TPY.roa
File: lJFoGwOfjYG7bpWJkltu5e79TPY.roa (raw, json)
Hash identifier: a/JvmbooIi2RUBJmFiHrsUi1IesqwE85tvSq7Xkrm58=
Subject key identifier: 94:91:68:1B:03:9F:8D:81:BB:6E:95:89:92:5B:6E:E5:EE:FD:4C:F6
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 0194236971FA0DDF21FB4CDAE44D3F6D4392
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/lJFoGwOfjYG7bpWJkltu5e79TPY.roa
Signing time: Wed 01 Jan 2025 19:48:20 +0000
ROA not before: Wed 01 Jan 2025 19:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200185
IP address blocks: 86.105.48.0/21 maxlen: 24
89.36.216.0/22 maxlen: 24
89.40.116.0/22 maxlen: 24
89.40.124.0/22 maxlen: 24
94.177.224.0/21 maxlen: 24
94.177.244.0/22 maxlen: 24
194.182.104.0/22 maxlen: 24
217.61.0.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:71:fa:0d:df:21:fb:4c:da:e4:4d:3f:6d:43:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 1 19:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9491681b039f8d81bb6e9589925b6ee5eefd4cf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:aa:3e:ba:c5:45:ee:d7:23:db:91:f5:15:21:
36:32:76:3a:95:ad:b3:18:ca:57:45:dc:2b:45:f0:
98:82:7e:4f:0e:78:60:81:dd:5c:13:32:3b:25:ba:
74:84:4b:fe:eb:74:23:ae:5e:07:98:82:ce:43:6e:
76:96:2d:7e:f7:7c:2d:9d:f1:dd:77:d7:8a:7c:f5:
68:88:28:4a:e0:68:c2:67:78:c0:ec:d1:0e:cb:04:
2f:41:9e:7d:7d:1b:02:ef:91:8b:4a:2c:f0:88:07:
64:bf:17:89:57:71:4e:e9:70:65:58:94:53:d1:1a:
cf:68:a9:6a:c2:a2:2e:60:d4:e2:2c:4f:ff:eb:3e:
5d:ec:5c:47:66:3f:f8:76:1c:3d:57:d3:91:f7:31:
f6:bc:40:a1:af:eb:67:76:ed:f6:15:51:a2:29:1f:
52:72:9c:28:ed:e8:6f:2a:fb:ee:e8:01:62:2d:02:
b7:d0:7b:69:d5:13:1a:63:73:fa:42:af:ab:30:4f:
ce:b2:20:98:86:7a:6a:ba:f6:e5:fa:cc:55:5a:04:
44:0d:eb:60:69:2b:5a:a0:50:0c:52:c0:17:3c:fe:
29:33:11:6a:f1:0d:a0:91:e8:52:f4:c8:c7:66:05:
64:58:a9:2c:5c:f9:b4:01:00:c1:7c:46:e0:c5:e2:
9d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:91:68:1B:03:9F:8D:81:BB:6E:95:89:92:5B:6E:E5:EE:FD:4C:F6
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/lJFoGwOfjYG7bpWJkltu5e79TPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.48.0/21
89.36.216.0/22
89.40.116.0/22
89.40.124.0/22
94.177.224.0/21
94.177.244.0/22
194.182.104.0/22
217.61.0.0/21
Signature Algorithm: sha256WithRSAEncryption
42:68:f4:b5:82:40:79:44:3c:ad:91:c4:f9:50:dd:6a:fa:20:
9c:f4:fb:ac:91:4e:ca:00:d7:74:c4:f9:fb:a1:3b:fa:27:57:
67:b9:15:19:5b:be:f3:ef:b5:c7:39:0c:e8:c3:ab:b7:cb:fb:
5e:7a:29:74:1c:73:43:fd:57:26:59:82:eb:cd:a6:8b:cf:7d:
11:65:9c:4a:c4:9d:03:dc:00:1d:25:88:26:54:47:13:40:a9:
9c:6c:a2:1b:d0:a4:a4:31:33:d0:c8:55:41:28:77:97:e8:95:
5f:78:05:aa:b9:cf:28:9f:ad:c3:94:d5:01:79:ca:c4:c5:a3:
06:d3:1a:98:58:72:04:fa:8b:ac:aa:0d:62:33:6c:25:c6:6f:
20:55:58:8f:05:a0:c1:8b:9a:e7:b4:9f:f1:55:8f:71:93:b6:
e6:65:da:a1:6f:a8:4c:d6:3f:08:3e:af:38:21:6b:05:02:b8:
3b:e4:eb:7a:6f:b1:fa:a2:d8:9b:ab:b7:5e:05:80:cd:79:de:
52:a4:6f:ca:4c:75:3c:a9:ef:58:c0:d9:5d:15:48:82:fe:a7:
e3:b2:82:23:ea:9d:f8:68:0a:c7:88:92:29:6c:ea:8a:fa:37:
76:d1:11:6d:cb:3a:fc:60:48:94:00:54:8c:89:98:c7:28:08:
c9:45:d9:c6
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQjaXH6Dd8h+0za5E0/bUOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjUwMTAxMTk0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDkxNjgxYjAzOWY4ZDgxYmI2ZTk1ODk5MjViNmVlNWVlZmQ0Y2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKo+usVF7tcj25H1FSE2MnY6la2z
GMpXRdwrRfCYgn5PDnhggd1cEzI7Jbp0hEv+63Qjrl4HmILOQ252li1+93wtnfHd
d9eKfPVoiChK4GjCZ3jA7NEOywQvQZ59fRsC75GLSizwiAdkvxeJV3FO6XBlWJRT
0RrPaKlqwqIuYNTiLE//6z5d7FxHZj/4dhw9V9OR9zH2vEChr+tndu32FVGiKR9S
cpwo7ehvKvvu6AFiLQK30Htp1RMaY3P6Qq+rME/OsiCYhnpquvbl+sxVWgREDetg
aStaoFAMUsAXPP4pMxFq8Q2gkehS9MjHZgVkWKksXPm0AQDBfEbgxeKd4QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJSRaBsDn42Bu26ViZJbbuXu/Uz2MB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvbEpGb0d3T2ZqWUc3YnBXSmtsdHU1ZTc5VFBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDVmkwAwQC
WSTYAwQCWSh0AwQCWSh8AwQDXrHgAwQCXrH0AwQCwrZoAwQD2T0AMA0GCSqGSIb3
DQEBCwUAA4IBAQBCaPS1gkB5RDytkcT5UN1q+iCc9PuskU7KANd0xPn7oTv6J1dn
uRUZW77z77XHOQzow6u3y/teeil0HHND/VcmWYLrzaaLz30RZZxKxJ0D3AAdJYgm
VEcTQKmcbKIb0KSkMTPQyFVBKHeX6JVfeAWquc8on63DlNUBecrExaMG0xqYWHIE
+ousqg1iM2wlxm8gVViPBaDBi5rntJ/xVY9xk7bmZdqhb6hM1j8IPq84IWsFArg7
5Ot6b7H6otibq7deBYDNed5SpG/KTHU8qe9YwNldFUiC/qfjsoIj6p34aArHiJIp
bOqK+jd20RFtyzr8YEiUAFSMiZjHKAjJRdnG
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:25 2025 by rpki-client