Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/2H-U_ZgdkD34Ra7EK8I_F3Dmjpc.roa
File: 2H-U_ZgdkD34Ra7EK8I_F3Dmjpc.roa (raw, json)
Hash identifier: Uvt5vjfp7oQBLoTk4CZprVnHayxdZzPZSAHb5beTX0U=
Subject key identifier: D8:7F:94:FD:98:1D:90:3D:F8:45:AE:C4:2B:C2:3F:17:70:E6:8E:97
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 01828B8A71648AD2E1D1FAF7BE08E83F9782
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/2H-U_ZgdkD34Ra7EK8I_F3Dmjpc.roa
Signing time: Thu 11 Aug 2022 06:14:42 +0000
ROA not before: Thu 11 Aug 2022 06:14:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 84.46.170.0/24 maxlen: 24
89.117.101.0/24 maxlen: 24
89.117.111.0/24 maxlen: 24
89.117.215.0/24 maxlen: 24
89.116.158.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.117.27.0/24 maxlen: 24
89.116.190.0/24 maxlen: 24
86.38.214.0/24 maxlen: 24
89.117.167.0/24 maxlen: 24
89.116.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8b:8a:71:64:8a:d2:e1:d1:fa:f7:be:08:e8:3f:97:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 11 06:14:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d87f94fd981d903df845aec42bc23f1770e68e97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:95:18:4d:d1:b4:6a:af:4f:60:f6:b5:95:2a:
c8:6d:dc:26:2b:77:b8:bf:54:18:60:3f:e3:e5:30:
ac:29:25:37:16:05:81:8d:d9:e0:ff:3d:ae:8b:65:
80:03:1e:ae:94:b4:4f:3c:08:aa:60:f4:f4:88:52:
21:1f:f6:ab:22:b9:83:3e:36:c5:5f:06:96:9e:4a:
fe:da:9e:28:ec:4d:99:b2:d3:5e:b6:1e:9d:9a:35:
3d:03:72:cf:ca:07:49:0a:23:9e:0c:9f:d6:38:dd:
8c:34:df:70:12:70:2a:94:03:c1:ea:7a:38:7b:e0:
28:f3:b3:ed:e0:44:35:cb:4f:fd:dd:32:c5:4f:43:
f3:96:07:54:a1:54:ca:a5:31:4f:fb:74:5e:aa:da:
19:e3:b0:b3:da:4a:ce:ef:16:88:f1:5f:72:c1:5d:
bc:7e:ec:52:2e:1b:6c:13:28:e8:20:01:d5:37:75:
0b:58:56:b5:12:90:4d:a9:ae:b8:79:61:93:18:a9:
6e:28:f7:6d:9b:00:c9:fd:c4:e7:ba:f1:0a:29:42:
a2:96:e0:37:d7:92:6e:07:ab:39:00:b3:37:ba:e3:
53:04:e0:08:d1:53:a1:4b:86:97:24:61:cb:03:be:
a6:d7:96:55:94:8a:43:f7:1e:cc:7d:4c:db:34:d9:
c4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:7F:94:FD:98:1D:90:3D:F8:45:AE:C4:2B:C2:3F:17:70:E6:8E:97
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/2H-U_ZgdkD34Ra7EK8I_F3Dmjpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.170.0/24
86.38.214.0/24
89.116.102.0/24
89.116.158.0/24
89.116.163.0/24
89.116.190.0/24
89.117.27.0/24
89.117.101.0/24
89.117.111.0/24
89.117.167.0/24
89.117.215.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:d1:af:26:4e:c5:18:6d:98:cf:15:7e:74:93:58:f0:56:4d:
11:87:27:24:58:d4:2a:4c:98:2d:33:70:c3:0a:60:5f:e0:b7:
bf:ac:c2:4f:57:95:57:bc:fa:f7:17:07:2e:bb:52:04:b8:83:
19:5d:48:8d:4c:ca:77:5b:0b:9e:f1:84:c2:c8:0f:e7:7f:1a:
ca:d2:01:d5:c6:4b:46:45:22:68:bf:70:8b:c4:9e:a3:31:7d:
12:ba:ec:d5:1c:c0:0b:d7:bb:e9:2a:a3:64:7c:f7:a0:01:81:
01:c1:e1:bd:42:39:49:70:12:5c:73:d9:79:1a:b7:56:2a:9e:
05:95:5e:7f:7c:af:74:22:45:b5:7f:4a:99:97:82:e8:a4:85:
e2:8d:7a:44:34:c7:3b:01:52:f9:76:e3:51:ee:43:24:68:0e:
17:5e:15:a1:c6:a5:8b:33:38:71:0e:d9:32:98:75:8b:2e:ae:
e8:42:d4:4c:10:44:4c:f0:cc:6d:99:f8:b6:f4:1f:c4:03:99:
4b:76:12:53:96:22:3e:c2:db:5e:6b:0f:ae:5a:50:b0:d6:a5:
7f:cf:9d:5f:59:cf:3d:56:d5:99:c1:1f:bc:ca:f0:24:0a:0c:
b1:d1:d8:df:92:06:fe:e5:ee:0c:72:06:0b:0f:4e:31:ec:9a:
26:cb:d0:0a
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYKLinFkitLh0fr3vgjoP5eCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODExMDYxNDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODdmOTRmZDk4MWQ5MDNkZjg0NWFlYzQyYmMyM2YxNzcwZTY4ZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5UYTdG0aq9PYPa1lSrIbdwmK3e4
v1QYYD/j5TCsKSU3FgWBjdng/z2ui2WAAx6ulLRPPAiqYPT0iFIhH/arIrmDPjbF
XwaWnkr+2p4o7E2ZstNeth6dmjU9A3LPygdJCiOeDJ/WON2MNN9wEnAqlAPB6no4
e+Ao87Pt4EQ1y0/93TLFT0PzlgdUoVTKpTFP+3ReqtoZ47Cz2krO7xaI8V9ywV28
fuxSLhtsEyjoIAHVN3ULWFa1EpBNqa64eWGTGKluKPdtmwDJ/cTnuvEKKUKiluA3
15JuB6s5ALM3uuNTBOAI0VOhS4aXJGHLA76m15ZVlIpD9x7MfUzbNNnEMQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFNh/lP2YHZA9+EWuxCvCPxdw5o6XMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvMkgtVV9aZ2RrRDM0UmE3RUs4SV9GM0RtanBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAVC6qAwQA
VibWAwQAWXRmAwQAWXSeAwQAWXSjAwQAWXS+AwQAWXUbAwQAWXVlAwQAWXVvAwQA
WXWnAwQAWXXXMA0GCSqGSIb3DQEBCwUAA4IBAQB+0a8mTsUYbZjPFX50k1jwVk0R
hyckWNQqTJgtM3DDCmBf4Le/rMJPV5VXvPr3Fwcuu1IEuIMZXUiNTMp3Wwue8YTC
yA/nfxrK0gHVxktGRSJov3CLxJ6jMX0SuuzVHMAL17vpKqNkfPegAYEBweG9QjlJ
cBJcc9l5GrdWKp4FlV5/fK90IkW1f0qZl4LopIXijXpENMc7AVL5duNR7kMkaA4X
XhWhxqWLMzhxDtkymHWLLq7oQtRMEERM8Mxtmfi29B/EA5lLdhJTliI+wtteaw+u
WlCw1qV/z51fWc89VtWZwR+8yvAkCgyx0djfkgb+5e4McgYLD04x7Jomy9AK
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:01 2025 by rpki-client