Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/I-PPAOt-YKUBgDp6l0tkZ2d7eYY.roa
File: I-PPAOt-YKUBgDp6l0tkZ2d7eYY.roa (raw, json)
Hash identifier: W0cC5ZLdlKPvP0lZjgJP0XpZcTOKChfvHR1OJxNvQww=
Subject key identifier: 23:E3:CF:00:EB:7E:60:A5:01:80:3A:7A:97:4B:64:67:67:7B:79:86
Certificate issuer: /CN=2b8966d0f14fd59993ca4878e774fa4779036694
Certificate serial: 018CC2DAB1C130D04D9E6ECF6747928DD9D1
Authority key identifier: 2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/I-PPAOt-YKUBgDp6l0tkZ2d7eYY.roa
Signing time: Mon 01 Jan 2024 02:29:21 +0000
ROA not before: Mon 01 Jan 2024 02:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39405
IP address blocks: 185.117.16.0/22 maxlen: 24
185.117.16.0/24 maxlen: 24
185.227.0.0/22 maxlen: 24
185.247.86.0/23 maxlen: 24
185.116.130.0/24 maxlen: 24
185.116.128.0/22 maxlen: 24
193.84.73.0/24 maxlen: 24
185.244.73.0/24 maxlen: 24
185.244.72.0/22 maxlen: 24
45.153.92.0/22 maxlen: 24
185.253.92.0/22 maxlen: 24
141.0.206.0/24 maxlen: 24
141.0.205.0/24 maxlen: 24
141.0.202.0/24 maxlen: 24
141.0.200.0/24 maxlen: 24
141.0.200.0/21 maxlen: 24
185.249.184.0/24 maxlen: 24
185.249.184.0/22 maxlen: 24
185.246.96.0/22 maxlen: 24
93.93.40.0/21 maxlen: 24
93.93.40.0/24 maxlen: 24
93.93.47.0/24 maxlen: 24
93.93.45.0/24 maxlen: 24
2a01:6600::/32 maxlen: 32
2a0c:4400::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b1:c1:30:d0:4d:9e:6e:cf:67:47:92:8d:d9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b8966d0f14fd59993ca4878e774fa4779036694
Validity
Not Before: Jan 1 02:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23e3cf00eb7e60a501803a7a974b6467677b7986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:61:d3:40:c3:6f:75:34:80:98:12:d6:e1:27:
33:70:51:2f:a9:09:3f:44:0f:77:a9:9f:61:c3:0a:
53:72:37:20:6c:9c:67:73:a4:f5:6c:20:92:9c:b2:
b3:09:7e:50:e9:5e:0d:8f:3b:8d:d7:02:6b:5f:fb:
aa:fa:dc:51:99:86:97:b8:b7:a3:11:4a:49:16:ae:
86:df:8c:b1:49:0d:a6:a7:c4:f9:ec:cd:0e:5e:bf:
48:98:e2:eb:8c:83:7b:f6:1a:6c:a0:bf:87:da:88:
9d:b9:10:24:b7:ce:1e:c7:ea:54:ad:71:bf:d2:c3:
78:0a:e4:17:d3:c4:48:06:29:cc:c8:5c:2e:35:8f:
1d:fb:06:9c:ee:63:bf:ad:7e:f0:2f:bb:63:7c:d9:
68:cf:b7:7f:ae:df:32:90:13:ca:8f:39:f3:ca:74:
aa:55:c1:13:15:54:9d:27:4b:eb:44:0e:fe:1b:fe:
2c:86:fb:b5:f6:f9:e2:87:db:7c:24:99:7c:ea:d9:
62:3a:1e:72:a1:64:50:c3:77:a2:62:64:e3:b4:ce:
01:80:c1:16:9b:bc:e1:d2:90:c1:37:97:37:11:ee:
83:87:78:0e:65:ed:51:8b:42:87:16:54:fd:6c:ce:
fe:03:8d:a3:00:e6:6b:58:2e:a5:f9:03:14:c5:a0:
3f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E3:CF:00:EB:7E:60:A5:01:80:3A:7A:97:4B:64:67:67:7B:79:86
X509v3 Authority Key Identifier:
keyid:2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/I-PPAOt-YKUBgDp6l0tkZ2d7eYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/K4lm0PFP1ZmTykh453T6R3kDZpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.92.0/22
93.93.40.0/21
141.0.200.0/21
185.116.128.0/22
185.117.16.0/22
185.227.0.0/22
185.244.72.0/22
185.246.96.0/22
185.247.86.0/23
185.249.184.0/22
185.253.92.0/22
193.84.73.0/24
IPv6:
2a01:6600::/32
2a0c:4400::/32
Signature Algorithm: sha256WithRSAEncryption
39:95:d4:32:e3:42:77:f2:6c:3c:cc:07:79:b8:ab:a3:f7:0d:
24:e2:8d:20:f9:31:a3:c4:3e:5f:1d:e3:f4:91:b7:2d:4b:5f:
48:43:76:b7:72:a4:8f:e1:e1:9a:78:b5:5c:e9:89:96:ae:cb:
85:38:09:f5:94:d2:a7:33:61:0b:df:2d:96:b8:a8:4c:60:1c:
b5:17:d9:28:d3:67:0f:f8:d0:c3:c5:ac:24:73:18:0b:4d:e2:
ab:1a:91:25:13:59:81:25:5a:03:f2:2d:df:b9:e1:55:1d:7a:
b4:ba:5d:cf:ed:34:86:f0:47:2d:44:df:74:c6:ec:11:e0:61:
7c:2a:12:0f:09:63:be:39:ed:9a:08:22:3b:99:14:62:4a:c9:
3e:a4:b6:27:5d:37:e2:25:9c:29:cb:24:7b:64:a7:b5:49:f5:
20:9c:86:3c:92:9e:3a:ee:45:fc:67:5f:0b:1f:34:64:3a:80:
1b:06:dc:a8:bf:8c:56:fd:09:96:14:2f:cc:23:97:ea:a5:8f:
27:49:aa:8b:0e:1f:54:93:07:af:24:9c:3d:e5:4f:17:0c:bc:
17:a6:b1:8e:3b:57:5b:43:4f:0c:a2:4b:28:ff:14:33:63:59:
ab:c8:89:68:66:40:4b:ba:3e:4a:3e:87:26:53:1e:20:a4:0f:
ca:45:56:93
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYzC2rHBMNBNnm7PZ0eSjdnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiODk2NmQwZjE0ZmQ1OTk5M2NhNDg3OGU3NzRmYTQ3Nzkw
MzY2OTQwHhcNMjQwMTAxMDIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2UzY2YwMGViN2U2MGE1MDE4MDNhN2E5NzRiNjQ2NzY3N2I3OTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWHTQMNvdTSAmBLW4SczcFEvqQk/
RA93qZ9hwwpTcjcgbJxnc6T1bCCSnLKzCX5Q6V4NjzuN1wJrX/uq+txRmYaXuLej
EUpJFq6G34yxSQ2mp8T57M0OXr9ImOLrjIN79hpsoL+H2oiduRAkt84ex+pUrXG/
0sN4CuQX08RIBinMyFwuNY8d+wac7mO/rX7wL7tjfNloz7d/rt8ykBPKjznzynSq
VcETFVSdJ0vrRA7+G/4shvu19vnih9t8JJl86tliOh5yoWRQw3eiYmTjtM4BgMEW
m7zh0pDBN5c3Ee6Dh3gOZe1Ri0KHFlT9bM7+A42jAOZrWC6l+QMUxaA/kQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFCPjzwDrfmClAYA6epdLZGdne3mGMB8GA1UdIwQY
MBaAFCuJZtDxT9WZk8pIeOd0+kd5A2aUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvSS1QUEFPdC1ZS1VCZ0RwNmwwdGtaMmQ3ZVlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQCLZlcAwQD
XV0oAwQDjQDIAwQCuXSAAwQCuXUQAwQCueMAAwQCufRIAwQCufZgAwQBufdWAwQC
ufm4AwQCuf1cAwQAwVRJMBQEAgACMA4DBQAqAWYAAwUAKgxEADANBgkqhkiG9w0B
AQsFAAOCAQEAOZXUMuNCd/JsPMwHebiro/cNJOKNIPkxo8Q+Xx3j9JG3LUtfSEN2
t3Kkj+Hhmni1XOmJlq7LhTgJ9ZTSpzNhC98tlrioTGActRfZKNNnD/jQw8WsJHMY
C03iqxqRJRNZgSVaA/It37nhVR16tLpdz+00hvBHLUTfdMbsEeBhfCoSDwljvjnt
mggiO5kUYkrJPqS2J1034iWcKcske2SntUn1IJyGPJKeOu5F/GdfCx80ZDqAGwbc
qL+MVv0JlhQvzCOX6qWPJ0mqiw4fVJMHryScPeVPFwy8F6axjjtXW0NPDKJLKP8U
M2NZq8iJaGZAS7o+Sj6HJlMeIKQPykVWkw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:19 2025 by rpki-client