Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/vY38gDLjFKiK75NJGeaz0i6stfk.roa
File: vY38gDLjFKiK75NJGeaz0i6stfk.roa (raw, json)
Hash identifier: uuSdHdX31krOryeonad43D65auaiUMJP9di9S2Ue1wE=
Subject key identifier: BD:8D:FC:80:32:E3:14:A8:8A:EF:93:49:19:E6:B3:D2:2E:AC:B5:F9
Certificate issuer: /CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Certificate serial: 019421B16E519FD827BAAC76D2EDA95082E1
Authority key identifier: 89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/vY38gDLjFKiK75NJGeaz0i6stfk.roa
Signing time: Wed 01 Jan 2025 11:47:43 +0000
ROA not before: Wed 01 Jan 2025 11:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8412
IP address blocks: 62.178.0.0/16 maxlen: 17
80.108.0.0/15 maxlen: 16
80.110.0.0/16 maxlen: 17
80.110.64.0/23 maxlen: 23
80.241.16.0/20 maxlen: 21
84.112.0.0/14 maxlen: 15
84.115.208.0/20 maxlen: 20
84.115.224.0/20 maxlen: 20
185.35.152.0/22 maxlen: 23
195.34.128.0/23 maxlen: 24
195.34.131.0/24 maxlen: 24
195.34.136.0/21 maxlen: 22
195.34.144.0/20 maxlen: 21
212.17.64.0/18 maxlen: 19
212.186.0.0/16 maxlen: 17
213.47.0.0/17 maxlen: 18
213.47.128.0/18 maxlen: 19
213.47.192.0/20 maxlen: 21
213.47.208.0/21 maxlen: 22
213.47.216.0/22 maxlen: 23
213.47.224.0/19 maxlen: 20
217.25.112.0/20 maxlen: 22
217.25.122.0/23 maxlen: 23
2a00:e360::/32 maxlen: 33
2a02:8380::/28 maxlen: 29
2a02:8380::/30 maxlen: 33
2a02:8384::/31 maxlen: 32
2a02:8388::/29 maxlen: 30
2a02:8388::/31 maxlen: 36
2a02:8389:c000::/36 maxlen: 36
2a02:838a::/41 maxlen: 44
2a02:838c::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:6e:51:9f:d8:27:ba:ac:76:d2:ed:a9:50:82:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Validity
Not Before: Jan 1 11:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd8dfc8032e314a88aef934919e6b3d22eacb5f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ff:21:78:48:51:c7:01:91:06:bd:92:ff:68:
e0:a7:f4:bf:5d:e6:e9:c7:e7:9d:75:e8:e6:7e:05:
39:17:84:73:6d:f2:4d:25:b7:6e:75:c0:e4:70:2f:
8b:d4:62:fa:7d:af:0c:4e:85:d8:25:8c:6d:85:b0:
5c:3a:4b:c7:b0:d4:25:cc:01:b8:0e:ce:23:c5:d7:
d0:c7:55:bd:75:f7:57:b6:31:16:81:2f:f9:ca:28:
de:2c:79:0a:11:c8:06:28:0e:02:b6:e0:c1:3c:32:
4c:80:d2:8f:3e:c1:68:c0:4d:ba:ab:52:45:28:5d:
7c:a5:a6:98:ff:e5:4b:3a:c2:8b:ca:24:9c:25:96:
2b:1e:af:45:45:05:5a:28:e1:e2:54:e6:f0:39:44:
1b:f4:aa:bb:c7:87:19:64:ce:84:9c:bc:89:3b:eb:
26:17:d2:5b:4a:ed:05:9d:0a:51:88:32:6e:db:b3:
b3:17:4e:76:47:b2:28:bd:17:06:2e:05:48:c4:56:
5f:f3:91:94:36:a9:52:ac:05:53:3b:94:bb:1e:ee:
79:2c:d2:78:fd:55:7b:2c:05:1e:99:a3:c1:f8:e7:
5c:61:a7:79:8f:b7:76:18:f6:81:b1:02:6b:4f:2d:
27:16:39:91:c4:70:31:a4:2d:50:88:84:9e:c4:5a:
86:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:8D:FC:80:32:E3:14:A8:8A:EF:93:49:19:E6:B3:D2:2E:AC:B5:F9
X509v3 Authority Key Identifier:
keyid:89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/vY38gDLjFKiK75NJGeaz0i6stfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/ibX60Y3ZEQQToxtNjhh2WifUw_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.178.0.0/16
80.108.0.0-80.110.255.255
80.241.16.0/20
84.112.0.0/14
185.35.152.0/22
195.34.128.0/23
195.34.131.0/24
195.34.136.0-195.34.159.255
212.17.64.0/18
212.186.0.0/16
213.47.0.0-213.47.219.255
213.47.224.0/19
217.25.112.0/20
IPv6:
2a00:e360::/32
2a02:8380::/28
Signature Algorithm: sha256WithRSAEncryption
8a:34:7e:4b:f0:5e:0b:39:ac:8b:79:75:a9:32:0a:b1:7e:0e:
82:77:f8:9f:07:ad:64:59:a3:90:32:af:8b:90:0c:34:97:4b:
3c:e4:ea:2f:fb:1b:d7:84:83:3d:51:69:6f:a6:bf:0b:e3:cb:
24:49:98:a1:92:39:38:c6:a3:46:4a:a0:b0:47:be:05:9f:77:
cf:51:5a:58:c3:09:ce:c9:85:09:4f:9b:d4:ea:36:d3:e7:2f:
3c:03:fd:8b:03:93:d7:43:cf:35:e8:d3:df:ca:53:c8:04:4f:
c9:b3:06:d5:13:54:d8:f2:a7:a4:9d:65:06:03:32:2a:4a:0a:
75:09:f5:7a:f3:da:6d:15:96:1b:2c:67:5f:a9:14:8b:a9:8c:
51:68:c7:52:53:dc:39:e0:0a:3b:bd:35:ae:2a:a5:02:8f:c7:
3c:08:a7:73:be:2a:fe:3f:f4:c9:8c:ff:c8:0d:a8:82:b4:8a:
23:b6:cb:19:c2:d5:f6:06:ad:2f:81:bd:c1:31:ef:86:2c:e6:
5c:99:89:37:b2:c2:10:1c:f7:cd:1e:b8:3e:6c:5f:1c:ed:59:
dc:e0:c5:26:16:d8:ed:3d:59:cc:81:c5:43:7f:e2:3b:d9:3d:
6b:f9:7b:75:bb:bb:44:9b:6b:83:85:98:fb:42:dc:8c:68:cb:
78:a8:ad:93
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZQhsW5Rn9gnuqx20u2pUILhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YjVmYWQxOGRkOTExMDQxM2EzMWI0ZDhlMTg3NjVhMjdk
NGMzZjEwHhcNMjUwMTAxMTE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDhkZmM4MDMyZTMxNGE4OGFlZjkzNDkxOWU2YjNkMjJlYWNiNWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyv8heEhRxwGRBr2S/2jgp/S/Xebp
x+eddejmfgU5F4RzbfJNJbdudcDkcC+L1GL6fa8MToXYJYxthbBcOkvHsNQlzAG4
Ds4jxdfQx1W9dfdXtjEWgS/5yijeLHkKEcgGKA4CtuDBPDJMgNKPPsFowE26q1JF
KF18paaY/+VLOsKLyiScJZYrHq9FRQVaKOHiVObwOUQb9Kq7x4cZZM6EnLyJO+sm
F9JbSu0FnQpRiDJu27OzF052R7IovRcGLgVIxFZf85GUNqlSrAVTO5S7Hu55LNJ4
/VV7LAUemaPB+OdcYad5j7d2GPaBsQJrTy0nFjmRxHAxpC1QiISexFqGxQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFL2N/IAy4xSoiu+TSRnms9IurLX5MB8GA1UdIwQY
MBaAFIm1+tGN2REEE6MbTY4Ydlon1MPxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAt
NDI1MGNlNTUxN2Q5LzEvdlkzOGdETGpGS2lLNzVOSkdlYXowaTZzdGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAtNDI1MGNlNTUxN2Q5
LzEvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADAwA+sjAK
AwMCUGwDAwBQbgMEBFDxEAMDAlRwAwQCuSOYAwQBwyKAAwQAwyKDMAwDBAPDIogD
BAXDIoADBAbUEUADAwDUujALAwMA1S8DBALVL9gDBAXVL+ADBATZGXAwFAQCAAIw
DgMFACoA42ADBQQqAoOAMA0GCSqGSIb3DQEBCwUAA4IBAQCKNH5L8F4LOayLeXWp
Mgqxfg6Cd/ifB61kWaOQMq+LkAw0l0s85Oov+xvXhIM9UWlvpr8L48skSZihkjk4
xqNGSqCwR74Fn3fPUVpYwwnOyYUJT5vU6jbT5y88A/2LA5PXQ8816NPfylPIBE/J
swbVE1TY8qeknWUGAzIqSgp1CfV689ptFZYbLGdfqRSLqYxRaMdSU9w54Ao7vTWu
KqUCj8c8CKdzvir+P/TJjP/IDaiCtIojtssZwtX2Bq0vgb3BMe+GLOZcmYk3ssIQ
HPfNHrg+bF8c7Vnc4MUmFtjtPVnMgcVDf+I72T1r+Xt1u7tEm2uDhZj7QtyMaMt4
qK2T
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:10:39 2025 by rpki-client