Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/2q94tQhBigjUvhiaO47yvddKChU.roa
File: 2q94tQhBigjUvhiaO47yvddKChU.roa (raw, json)
Hash identifier: /L+t1Ugw2rwNTaIxOx28M0PuDDhu+2spYe0pJ11Wm+s=
Subject key identifier: DA:AF:78:B5:08:41:8A:08:D4:BE:18:9A:3B:8E:F2:BD:D7:4A:0A:15
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 0188003194541C7280F1AB434A6FC121F923
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/2q94tQhBigjUvhiaO47yvddKChU.roa
Signing time: Tue 09 May 2023 11:07:09 +0000
ROA not before: Tue 09 May 2023 11:07:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133499
IP address blocks: 77.95.116.0/22 maxlen: 32
89.44.245.0/24 maxlen: 32
89.34.7.0/24 maxlen: 32
94.177.52.0/22 maxlen: 32
185.221.221.0/24 maxlen: 32
94.176.216.0/22 maxlen: 32
78.138.30.0/24 maxlen: 32
185.243.108.0/22 maxlen: 32
185.223.58.0/23 maxlen: 32
103.204.212.0/22 maxlen: 32
94.176.163.0/24 maxlen: 32
89.44.115.0/24 maxlen: 32
78.138.16.0/24 maxlen: 32
89.41.62.0/24 maxlen: 32
188.214.93.0/24 maxlen: 32
89.32.129.0/24 maxlen: 32
31.14.219.0/24 maxlen: 32
185.225.104.0/22 maxlen: 32
31.14.236.0/23 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:00:31:94:54:1c:72:80:f1:ab:43:4a:6f:c1:21:f9:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: May 9 11:07:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=daaf78b508418a08d4be189a3b8ef2bdd74a0a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:94:29:a1:5f:70:e0:44:63:01:1e:a5:27:dc:
b2:f8:40:f6:92:95:6c:83:cc:05:11:c0:3c:85:39:
32:5e:cc:bc:84:b9:b8:71:c3:29:b4:b2:30:80:9e:
f0:02:63:a6:d0:54:3c:63:41:8d:9c:96:59:32:40:
7e:b5:41:fb:54:a2:c8:e2:23:56:82:72:83:79:89:
df:45:21:fa:fb:e5:b8:f3:69:6c:8c:78:07:9f:60:
41:2e:c4:ce:d7:1e:83:c2:3b:fa:99:fc:9e:f7:b5:
db:62:b1:6b:94:e9:56:60:19:5e:c2:f2:5b:ce:14:
99:0f:be:81:d5:16:ee:d1:8f:7b:0c:d3:89:fa:a8:
47:6b:18:83:66:3b:3a:49:86:ca:82:13:f6:6e:77:
4f:77:9b:4e:64:bf:3a:13:d6:eb:eb:cc:5f:14:d5:
96:a2:53:de:3b:e5:70:ec:94:a5:65:b6:8b:a6:ac:
00:7b:08:c3:64:87:ff:bd:e0:59:c8:a8:cd:ec:73:
39:d9:06:64:1d:7e:96:6e:b8:ab:83:66:05:63:e6:
19:e4:c5:21:e1:b6:02:5b:09:71:eb:c9:49:0d:7e:
fb:5a:4e:22:9c:10:82:99:26:cc:60:8d:3b:88:42:
86:cf:ea:b1:b6:78:c9:23:fd:ac:49:ed:62:82:67:
52:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AF:78:B5:08:41:8A:08:D4:BE:18:9A:3B:8E:F2:BD:D7:4A:0A:15
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/2q94tQhBigjUvhiaO47yvddKChU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.219.0/24
31.14.236.0/23
77.95.116.0/22
78.138.16.0/24
78.138.30.0/24
89.32.129.0/24
89.34.7.0/24
89.41.62.0/24
89.44.115.0/24
89.44.245.0/24
94.176.163.0/24
94.176.216.0/22
94.177.52.0/22
103.204.212.0/22
185.221.221.0/24
185.223.58.0/23
185.225.104.0/22
185.243.108.0/22
188.214.93.0/24
Signature Algorithm: sha256WithRSAEncryption
97:eb:fb:18:50:cd:77:47:0e:9f:e7:ed:b8:f5:ad:3b:f6:fc:
d1:cc:af:ee:bb:d2:85:cf:33:5c:29:72:a0:d0:aa:ab:d2:c0:
de:7d:c7:39:ac:fb:7d:15:26:12:89:ff:63:9c:0c:0b:fb:51:
b3:fe:a9:de:e6:65:ae:f1:e5:64:15:ea:64:c1:81:37:3c:3d:
a4:04:fd:d2:db:bf:2f:bb:ef:07:23:94:37:68:ea:80:8e:ff:
75:df:37:c9:5f:ff:b2:5c:da:35:f8:8a:c7:14:c1:b0:fb:d8:
67:c8:03:59:c7:89:73:b1:ba:83:16:48:68:1b:fa:cc:fc:f7:
4a:17:12:5f:39:cc:be:13:d2:0c:c3:8f:87:c7:ff:c0:af:d4:
dd:eb:73:70:4a:2a:ed:8d:ea:32:1e:78:90:c4:12:06:94:76:
ee:01:29:f5:2e:0b:80:b6:99:19:43:5b:97:70:aa:96:52:ba:
de:22:99:8f:db:f4:9c:2c:e3:5b:9e:59:68:ee:bd:5d:da:52:
03:fe:12:3a:fe:6b:48:83:78:48:ee:a6:76:f9:24:96:51:f5:
68:3c:20:bf:6d:81:9e:2a:bc:91:fb:5f:43:d5:6b:16:e6:33:
9f:9a:3f:9f:55:6b:c4:8b:c3:db:a6:18:bb:65:25:1c:c2:7e:
30:42:cc:23
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYgAMZRUHHKA8atDSm/BIfkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjMwNTA5MTEwNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWFmNzhiNTA4NDE4YTA4ZDRiZTE4OWEzYjhlZjJiZGQ3NGEwYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJQpoV9w4ERjAR6lJ9yy+ED2kpVs
g8wFEcA8hTkyXsy8hLm4ccMptLIwgJ7wAmOm0FQ8Y0GNnJZZMkB+tUH7VKLI4iNW
gnKDeYnfRSH6++W482lsjHgHn2BBLsTO1x6Dwjv6mfye97XbYrFrlOlWYBlewvJb
zhSZD76B1Rbu0Y97DNOJ+qhHaxiDZjs6SYbKghP2bndPd5tOZL86E9br68xfFNWW
olPeO+Vw7JSlZbaLpqwAewjDZIf/veBZyKjN7HM52QZkHX6Wbrirg2YFY+YZ5MUh
4bYCWwlx68lJDX77Wk4inBCCmSbMYI07iEKGz+qxtnjJI/2sSe1igmdSfQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFNqveLUIQYoI1L4YmjuO8r3XSgoVMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvMnE5NHRRaEJpZ2pVdmhpYU80N3l2ZGRLQ2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAB8O2wME
AR8O7AMEAk1fdAMEAE6KEAMEAE6KHgMEAFkggQMEAFkiBwMEAFkpPgMEAFkscwME
AFks9QMEAF6wowMEAl6w2AMEAl6xNAMEAmfM1AMEALnd3QMEAbnfOgMEArnhaAME
ArnzbAMEALzWXTANBgkqhkiG9w0BAQsFAAOCAQEAl+v7GFDNd0cOn+ftuPWtO/b8
0cyv7rvShc8zXClyoNCqq9LA3n3HOaz7fRUmEon/Y5wMC/tRs/6p3uZlrvHlZBXq
ZMGBNzw9pAT90tu/L7vvByOUN2jqgI7/dd83yV//slzaNfiKxxTBsPvYZ8gDWceJ
c7G6gxZIaBv6zPz3ShcSXznMvhPSDMOPh8f/wK/U3etzcEoq7Y3qMh54kMQSBpR2
7gEp9S4LgLaZGUNbl3CqllK63iKZj9v0nCzjW55ZaO69XdpSA/4SOv5rSIN4SO6m
dvkkllH1aDwgv22Bniq8kftfQ9VrFuYzn5o/n1VrxIvD26YYu2UlHMJ+MELMIw==
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:31:09 2025 by rpki-client