Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/lBerpTJ98D45Yqm8ji1_UE25QXA.roa
File: lBerpTJ98D45Yqm8ji1_UE25QXA.roa (raw, json)
Hash identifier: c3FPrWiZpuTCYsgDDcbuo6F/oitD54ZS/Jql5w56f68=
Subject key identifier: 94:17:AB:A5:32:7D:F0:3E:39:62:A9:BC:8E:2D:7F:50:4D:B9:41:70
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0A63764E
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/lBerpTJ98D45Yqm8ji1_UE25QXA.roa
Signing time: Sun 17 Apr 2022 08:35:18 +0000
ROA not before: Sun 17 Apr 2022 08:35:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 89.116.236.0/24 maxlen: 24
89.116.234.0/24 maxlen: 24
89.116.244.0/24 maxlen: 24
89.116.241.0/24 maxlen: 24
84.46.170.0/24 maxlen: 24
89.117.15.0/24 maxlen: 24
89.117.35.0/24 maxlen: 24
89.116.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174290510 (0xa63764e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Apr 17 08:35:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9417aba5327df03e3962a9bc8e2d7f504db94170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e9:0b:e9:de:64:eb:fd:99:c4:b7:f2:1a:08:
28:f5:a4:80:c5:3b:ca:f1:63:86:a5:4d:6c:09:af:
00:79:15:f6:2e:b8:93:64:7f:4a:ba:a2:52:aa:66:
61:92:2d:2d:aa:ef:ae:e6:0b:58:ad:d4:b0:e0:5d:
70:af:3e:c3:bc:0d:81:12:da:37:12:bf:46:32:a8:
52:da:8c:5b:fa:da:e4:52:bc:cd:96:87:00:8a:58:
45:d2:4f:da:b0:cc:76:8b:14:3d:25:d8:c0:c2:81:
c1:bb:e5:01:fd:39:d6:68:3c:ed:1c:d5:4e:d3:04:
18:d6:28:7e:77:9f:e4:5a:05:84:5f:af:a7:7b:c9:
43:e8:04:61:16:d8:fd:b1:a5:8d:84:6e:6b:c2:e9:
9e:24:89:01:fe:f2:aa:ef:71:7f:c9:62:82:1a:9e:
ff:01:e2:ce:f2:0a:e1:d5:f8:be:3c:57:7f:01:eb:
3d:2b:15:e6:44:e3:5b:69:a6:67:a1:31:75:13:a1:
be:f9:b8:c7:43:89:96:fc:18:6f:61:72:e0:34:79:
f6:a7:c6:e0:e9:60:72:6f:59:56:61:c9:09:5a:df:
b4:7d:46:05:5b:c3:c2:00:fe:1e:e7:54:fb:b1:3d:
49:26:78:ad:37:b4:f4:8e:ee:81:f8:5c:1b:da:38:
06:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:17:AB:A5:32:7D:F0:3E:39:62:A9:BC:8E:2D:7F:50:4D:B9:41:70
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/lBerpTJ98D45Yqm8ji1_UE25QXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.170.0/24
89.116.102.0/24
89.116.234.0/24
89.116.236.0/24
89.116.241.0/24
89.116.244.0/24
89.117.15.0/24
89.117.35.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:b9:c4:10:de:93:e7:6f:2d:df:69:78:b6:2b:4c:3d:1f:92:
6a:1c:d3:01:2b:59:2f:79:c8:2c:21:08:9e:bf:6d:f4:f3:c9:
ef:10:df:8f:ef:a5:ae:a9:85:cf:15:a7:00:31:60:ff:8c:93:
0b:d1:45:05:e1:50:b0:fb:ad:5b:37:d5:62:3d:fc:a6:ee:d2:
76:e1:1c:b9:ad:44:e3:b4:22:92:f4:e1:24:99:8d:89:32:78:
d2:9a:a8:db:75:ff:f2:d1:36:88:94:5f:78:72:6f:6f:5c:a5:
50:ba:6d:09:18:7e:de:48:63:2b:63:1d:35:24:85:e6:fb:76:
0c:74:d2:90:33:99:7f:85:34:62:ec:e3:36:d1:c7:a5:f1:94:
80:d6:68:5e:22:b2:4c:0d:5c:ac:48:c9:a0:d9:3e:d2:31:61:
32:73:02:a2:e8:c1:b3:41:2d:06:3b:74:48:e7:07:4e:47:01:
98:9f:d3:da:15:a2:5a:68:ba:82:fc:15:05:27:4e:86:27:25:
aa:ba:74:82:54:cc:be:f5:07:da:4b:c6:58:e0:d2:b1:bb:35:
c2:0d:0e:c6:b6:14:be:53:f4:e8:e0:64:a1:36:8c:95:a4:1c:
f8:f0:7a:94:ad:be:58:04:88:ea:76:e5:39:d5:4e:7a:85:b5:
fd:3d:70:5d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIECmN2TjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDQx
NzA4MzUxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQxN2FiYTUzMjdk
ZjAzZTM5NjJhOWJjOGUyZDdmNTA0ZGI5NDE3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDpC+neZOv9mcS38hoIKPWkgMU7yvFjhqVNbAmvAHkV9i64
k2R/SrqiUqpmYZItLarvruYLWK3UsOBdcK8+w7wNgRLaNxK/RjKoUtqMW/ra5FK8
zZaHAIpYRdJP2rDMdosUPSXYwMKBwbvlAf051mg87RzVTtMEGNYofnef5FoFhF+v
p3vJQ+gEYRbY/bGljYRua8LpniSJAf7yqu9xf8lighqe/wHizvIK4dX4vjxXfwHr
PSsV5kTjW2mmZ6ExdROhvvm4x0OJlvwYb2Fy4DR59qfG4Olgcm9ZVmHJCVrftH1G
BVvDwgD+HudU+7E9SSZ4rTe09I7ugfhcG9o4BgUCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBSUF6ulMn3wPjliqbyOLX9QTblBcDAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L2xCZXJwVEo5OEQ0NVlxbThqaTFfVUUyNVFYQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAFQuqgMEAFl0ZgMEAFl06gMEAFl0
7AMEAFl08QMEAFl09AMEAFl1DwMEAFl1IzANBgkqhkiG9w0BAQsFAAOCAQEAj7nE
EN6T528t32l4titMPR+SahzTAStZL3nILCEInr9t9PPJ7xDfj++lrqmFzxWnADFg
/4yTC9FFBeFQsPutWzfVYj38pu7SduEcua1E47QikvThJJmNiTJ40pqo23X/8tE2
iJRfeHJvb1ylULptCRh+3khjK2MdNSSF5vt2DHTSkDOZf4U0YuzjNtHHpfGUgNZo
XiKyTA1crEjJoNk+0jFhMnMCoujBs0EtBjt0SOcHTkcBmJ/T2hWiWmi6gvwVBSdO
hiclqrp0glTMvvUH2kvGWODSsbs1wg0OxrYUvlP06OBkoTaMlaQc+PB6lK2+WASI
6nblOdVOeoW1/T1wXQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:05:55 2025 by rpki-client