Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/l7K1-X2CKNqiD-SZrijBuoCOX60.roa
File: l7K1-X2CKNqiD-SZrijBuoCOX60.roa (raw, json)
Hash identifier: xUjgT1s8rqPJmAfRkW4+x3s7tmGeUo8qmyMj66Hua6I=
Subject key identifier: 97:B2:B5:F9:7D:82:28:DA:A2:0F:E4:99:AE:28:C1:BA:80:8E:5F:AD
Certificate issuer: /CN=0b1b318e5057a1c10341607cddddadb46d71abf5
Certificate serial: 018CC8DCCB234CF40A087CB2736B5766788E
Authority key identifier: 0B:1B:31:8E:50:57:A1:C1:03:41:60:7C:DD:DD:AD:B4:6D:71:AB:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxsxjlBXocEDQWB83d2ttG1xq_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/l7K1-X2CKNqiD-SZrijBuoCOX60.roa
Signing time: Tue 02 Jan 2024 06:29:22 +0000
ROA not before: Tue 02 Jan 2024 06:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42160
IP address blocks: 81.95.112.0/24 maxlen: 24
81.95.112.0/22 maxlen: 24
81.95.118.0/23 maxlen: 23
81.95.117.0/24 maxlen: 24
81.95.116.0/24 maxlen: 24
81.95.112.0/20 maxlen: 20
81.95.124.0/22 maxlen: 22
81.95.122.0/23 maxlen: 23
81.95.120.0/23 maxlen: 23
185.55.92.0/22 maxlen: 22
193.110.248.0/23 maxlen: 23
193.110.248.0/21 maxlen: 21
193.110.252.0/22 maxlen: 22
193.110.250.0/23 maxlen: 23
2a02:5940::/32 maxlen: 34
2a02:5940:c000::/34 maxlen: 34
2a02:5940:8000::/34 maxlen: 34
2a02:5940:4000::/34 maxlen: 34
2a02:5940::/34 maxlen: 34
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:cb:23:4c:f4:0a:08:7c:b2:73:6b:57:66:78:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1b318e5057a1c10341607cddddadb46d71abf5
Validity
Not Before: Jan 2 06:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97b2b5f97d8228daa20fe499ae28c1ba808e5fad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e1:6c:80:9f:65:71:1e:92:a0:4e:6f:36:94:
fd:8a:0e:44:b4:62:43:aa:a7:3c:ef:a5:c1:74:36:
2c:d9:75:e1:05:c5:20:07:79:10:bc:9d:64:cf:ae:
30:2f:b1:d5:57:d3:db:78:6b:c9:1b:f3:b1:98:de:
8a:08:dd:ab:d3:47:13:71:af:10:9b:b6:78:fb:5f:
85:72:c2:0d:cc:c5:23:6c:6d:19:68:9b:99:8d:02:
00:46:39:59:10:aa:de:ac:c2:40:84:ff:6e:7a:6f:
df:13:e7:ff:52:9b:d3:8a:0f:ed:42:c0:5e:3c:49:
b6:aa:0c:fe:a0:c0:6a:e0:3b:b4:02:f1:28:ba:c1:
c7:45:91:b4:0d:ee:fc:74:02:6f:cd:d3:53:c4:e2:
ac:7f:21:1c:3c:1d:35:79:c6:36:84:0c:76:96:e0:
00:99:14:82:76:d4:08:b1:db:c5:6d:07:ee:e4:e3:
50:1d:bc:62:c4:1f:48:9f:6e:c8:a7:94:f4:9e:68:
46:92:26:d6:1f:f6:30:81:50:23:b3:af:04:6a:9a:
18:bb:a7:f7:1c:fe:8a:01:3f:38:e6:f3:51:00:38:
15:f6:d3:5c:26:e3:53:15:a3:77:95:30:6f:1c:26:
b5:b9:12:e5:6c:47:fe:8a:9d:6c:2b:74:36:5d:9c:
66:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B2:B5:F9:7D:82:28:DA:A2:0F:E4:99:AE:28:C1:BA:80:8E:5F:AD
X509v3 Authority Key Identifier:
keyid:0B:1B:31:8E:50:57:A1:C1:03:41:60:7C:DD:DD:AD:B4:6D:71:AB:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxsxjlBXocEDQWB83d2ttG1xq_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/l7K1-X2CKNqiD-SZrijBuoCOX60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/CxsxjlBXocEDQWB83d2ttG1xq_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.112.0/20
185.55.92.0/22
193.110.248.0/21
IPv6:
2a02:5940::/32
Signature Algorithm: sha256WithRSAEncryption
62:1c:07:15:28:8f:d1:7f:ae:c5:aa:72:2a:ab:ff:fc:70:35:
35:c6:c9:75:9f:57:d7:37:8e:b2:e9:28:4c:a5:48:3f:31:09:
8f:5d:bd:28:5e:10:ec:ce:17:51:d7:98:86:bf:f2:e0:23:19:
0a:23:65:30:89:f8:de:10:c8:69:e1:7b:63:ac:72:e3:7d:e4:
1b:34:df:d9:da:88:02:2d:80:d2:6c:05:e9:69:e3:67:ef:bd:
37:60:60:e9:93:7c:30:8f:4c:04:0e:d6:e8:85:ef:11:07:7c:
ed:3a:b6:8f:29:0c:15:6c:ac:ac:0b:80:01:9e:2a:59:1e:c9:
09:bc:97:fd:10:a4:74:48:12:65:c5:03:b3:cd:3f:b6:db:b7:
6d:0f:57:f7:31:9b:0c:be:41:38:ea:ab:80:aa:75:7d:b3:b1:
75:35:3c:23:f5:94:d4:9a:d8:34:9e:8e:da:23:68:c5:80:72:
e5:ff:0a:02:c0:0d:8d:34:08:77:dc:a2:d4:9f:3e:d9:00:92:
cc:2c:d7:4f:e8:38:d9:ee:93:aa:e5:24:28:39:cf:9f:90:1b:
64:db:4c:ee:1b:30:0b:69:4c:c2:fa:9a:5e:68:4f:47:41:ac:
c6:24:36:2c:11:c9:9d:5a:f2:06:60:ac:69:35:cb:49:e7:c5:
20:85:12:f2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzI3MsjTPQKCHyyc2tXZniOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWIzMThlNTA1N2ExYzEwMzQxNjA3Y2RkZGRhZGI0NmQ3
MWFiZjUwHhcNMjQwMTAyMDYyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2IyYjVmOTdkODIyOGRhYTIwZmU0OTlhZTI4YzFiYTgwOGU1ZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguFsgJ9lcR6SoE5vNpT9ig5EtGJD
qqc876XBdDYs2XXhBcUgB3kQvJ1kz64wL7HVV9PbeGvJG/OxmN6KCN2r00cTca8Q
m7Z4+1+FcsINzMUjbG0ZaJuZjQIARjlZEKrerMJAhP9uem/fE+f/UpvTig/tQsBe
PEm2qgz+oMBq4Du0AvEousHHRZG0De78dAJvzdNTxOKsfyEcPB01ecY2hAx2luAA
mRSCdtQIsdvFbQfu5ONQHbxixB9In27Ip5T0nmhGkibWH/YwgVAjs68EapoYu6f3
HP6KAT845vNRADgV9tNcJuNTFaN3lTBvHCa1uRLlbEf+ip1sK3Q2XZxmQQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJeytfl9gijaog/kma4owbqAjl+tMB8GA1UdIwQY
MBaAFAsbMY5QV6HBA0FgfN3drbRtcav1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3hzeGpsQlhvY0VEUVdCODNkMnR0RzF4cV9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YjRkZjctZDcyYi00NzRmLTk2M2Yt
NTllNmE2ZDRkNTc2LzEvbDdLMS1YMkNLTnFpRC1TWnJpakJ1b0NPWDYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YjRkZjctZDcyYi00NzRmLTk2M2YtNTllNmE2ZDRkNTc2
LzEvQ3hzeGpsQlhvY0VEUVdCODNkMnR0RzF4cV9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUV9wAwQC
uTdcAwQDwW74MA0EAgACMAcDBQAqAllAMA0GCSqGSIb3DQEBCwUAA4IBAQBiHAcV
KI/Rf67FqnIqq//8cDU1xsl1n1fXN46y6ShMpUg/MQmPXb0oXhDszhdR15iGv/Lg
IxkKI2UwifjeEMhp4XtjrHLjfeQbNN/Z2ogCLYDSbAXpaeNn7703YGDpk3wwj0wE
Dtbohe8RB3ztOraPKQwVbKysC4ABnipZHskJvJf9EKR0SBJlxQOzzT+227dtD1f3
MZsMvkE46quAqnV9s7F1NTwj9ZTUmtg0no7aI2jFgHLl/woCwA2NNAh33KLUnz7Z
AJLMLNdP6DjZ7pOq5SQoOc+fkBtk20zuGzALaUzC+ppeaE9HQazGJDYsEcmdWvIG
YKxpNctJ58UghRLy
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:14:04 2025 by rpki-client