Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/P6lZVFQNuWZWCrjr4qFNrONbSZc.roa
File: P6lZVFQNuWZWCrjr4qFNrONbSZc.roa (raw, json)
Hash identifier: 5k5wVMaRaBZX1In06UmugTBBPkPWpVNQTrCW4Xd2mbs=
Subject key identifier: 3F:A9:59:54:54:0D:B9:66:56:0A:B8:EB:E2:A1:4D:AC:E3:5B:49:97
Certificate issuer: /CN=21b410a17440fcab1cdc90afa6fcb724c80c82a9
Certificate serial: 294AC2C9
Authority key identifier: 21:B4:10:A1:74:40:FC:AB:1C:DC:90:AF:A6:FC:B7:24:C8:0C:82:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbQQoXRA_Ksc3JCvpvy3JMgMgqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/P6lZVFQNuWZWCrjr4qFNrONbSZc.roa
Signing time: Tue 22 Feb 2022 12:34:00 +0000
ROA not before: Tue 22 Feb 2022 12:34:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 89.32.195.0/24 maxlen: 24
89.32.194.0/23 maxlen: 23
89.32.194.0/24 maxlen: 24
89.42.237.0/24 maxlen: 24
188.247.171.0/24 maxlen: 24
188.247.170.0/24 maxlen: 24
188.247.169.0/24 maxlen: 24
188.247.168.0/22 maxlen: 24
188.247.168.0/24 maxlen: 24
188.208.26.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 692765385 (0x294ac2c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21b410a17440fcab1cdc90afa6fcb724c80c82a9
Validity
Not Before: Feb 22 12:34:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3fa95954540db966560ab8ebe2a14dace35b4997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7f:63:b1:14:cf:1a:b9:e0:bb:1a:46:09:4a:
ed:d4:18:3e:05:5a:4c:d4:f1:da:ee:ef:6a:05:69:
18:da:7c:e7:de:4b:50:75:12:63:dc:b4:81:25:ff:
e1:ad:2e:9d:89:b2:b0:01:8b:63:78:a5:89:d6:c2:
8f:1f:37:bc:bc:9b:b7:fa:cf:94:d7:6c:8d:a0:86:
82:ab:1e:41:4b:a8:aa:e6:9e:ad:84:ac:10:71:4f:
79:c1:fc:38:76:0d:d4:4a:07:ef:d3:83:da:62:2a:
df:fa:12:70:06:05:d8:5a:5d:43:1a:89:d6:0e:96:
7a:fe:52:6a:95:2d:ac:45:d0:3f:94:b0:ef:be:8b:
dd:db:19:28:66:7f:63:77:64:01:4d:ae:e3:33:19:
31:c2:ad:76:3e:a5:d5:b3:03:0c:1a:59:17:75:9b:
60:c2:f1:be:c1:68:b3:6a:95:aa:20:a2:5b:d7:e4:
f2:4f:d3:59:74:26:bd:b9:90:40:86:ad:fb:40:01:
aa:2c:66:60:bf:05:64:a8:82:f3:9d:13:12:74:a6:
aa:ba:3f:27:2d:ef:67:0a:2f:86:5a:98:25:05:b0:
55:fa:97:d6:a5:81:9b:c5:47:db:f8:b8:49:6c:b2:
5d:b9:0e:fa:cb:03:ca:69:33:15:8d:ce:0a:a7:31:
f1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A9:59:54:54:0D:B9:66:56:0A:B8:EB:E2:A1:4D:AC:E3:5B:49:97
X509v3 Authority Key Identifier:
keyid:21:B4:10:A1:74:40:FC:AB:1C:DC:90:AF:A6:FC:B7:24:C8:0C:82:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbQQoXRA_Ksc3JCvpvy3JMgMgqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/P6lZVFQNuWZWCrjr4qFNrONbSZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/IbQQoXRA_Ksc3JCvpvy3JMgMgqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.194.0/23
89.42.237.0/24
188.208.26.0/24
188.247.168.0/22
Signature Algorithm: sha256WithRSAEncryption
06:f5:1a:f2:c5:47:a4:c9:a7:f4:db:a3:7a:89:70:b3:13:50:
9f:76:14:e9:7c:bb:92:3f:c7:76:39:e1:80:01:df:59:84:33:
8c:ae:c8:c6:f8:6e:b1:f4:e4:36:14:a3:cc:fa:d1:75:12:c7:
72:b1:f2:eb:b7:a7:31:62:67:b4:b1:2f:4d:83:7d:16:43:76:
82:0d:a3:5c:71:79:b2:bf:8f:08:f0:9b:e7:48:3f:f6:c8:67:
d7:6e:b1:ab:64:b4:25:90:b1:5b:01:cd:3d:57:6b:92:22:f0:
2b:8a:d8:47:ab:aa:75:42:0e:0d:e6:49:9e:6a:54:04:a3:96:
5f:31:89:da:89:83:bb:7c:3b:3a:9f:34:de:74:8f:9c:2e:36:
dd:1c:3b:4b:d8:7c:fc:16:ef:5e:e5:8c:2b:07:ef:9f:cd:26:
d4:df:b6:c5:83:bc:31:98:16:6a:0d:5d:bc:44:ce:fa:16:f3:
e7:ff:9b:e9:03:92:55:bd:36:d9:ac:bd:89:8c:be:79:b7:f2:
67:93:57:f6:35:38:d1:9c:90:70:eb:14:ef:38:c1:2e:74:41:
9d:97:4f:31:e9:96:7a:65:8b:74:33:7a:4c:23:53:85:3d:0a:
29:b2:35:fc:54:5d:c9:7c:e0:36:80:ad:0a:cd:a9:29:20:13:
dd:ba:47:7f
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEKUrCyTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MWI0MTBhMTc0NDBmY2FiMWNkYzkwYWZhNmZjYjcyNGM4MGM4MmE5MB4XDTIyMDIy
MjEyMzQwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ZhOTU5NTQ1NDBk
Yjk2NjU2MGFiOGViZTJhMTRkYWNlMzViNDk5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJx/Y7EUzxq54LsaRglK7dQYPgVaTNTx2u7vagVpGNp8595L
UHUSY9y0gSX/4a0unYmysAGLY3ilidbCjx83vLybt/rPlNdsjaCGgqseQUuoquae
rYSsEHFPecH8OHYN1EoH79OD2mIq3/oScAYF2FpdQxqJ1g6Wev5SapUtrEXQP5Sw
776L3dsZKGZ/Y3dkAU2u4zMZMcKtdj6l1bMDDBpZF3WbYMLxvsFos2qVqiCiW9fk
8k/TWXQmvbmQQIat+0ABqixmYL8FZKiC850TEnSmqro/Jy3vZwovhlqYJQWwVfqX
1qWBm8VH2/i4SWyyXbkO+ssDymkzFY3OCqcx8d0CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ/qVlUVA25ZlYKuOvioU2s41tJlzAfBgNVHSMEGDAWgBQhtBChdED8qxzc
kK+m/LckyAyCqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0liUVFvWFJBX0tzYzNKQ3ZwdnkzSk1nTWdxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvZWEyYjc2LWI1YjgtNDBlZi05NTAwLTQ5NmUyNTZjYzZiMS8x
L1A2bFpWRlFOdVdaV0NyanI0cUZOck9OYlNaYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
ZWEyYjc2LWI1YjgtNDBlZi05NTAwLTQ5NmUyNTZjYzZiMS8xL0liUVFvWFJBX0tz
YzNKQ3ZwdnkzSk1nTWdxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAVkgwgMEAFkq7QMEALzQGgMEArz3
qDANBgkqhkiG9w0BAQsFAAOCAQEABvUa8sVHpMmn9NujeolwsxNQn3YU6Xy7kj/H
djnhgAHfWYQzjK7IxvhusfTkNhSjzPrRdRLHcrHy67enMWJntLEvTYN9FkN2gg2j
XHF5sr+PCPCb50g/9shn126xq2S0JZCxWwHNPVdrkiLwK4rYR6uqdUIODeZJnmpU
BKOWXzGJ2omDu3w7Op803nSPnC423Rw7S9h8/BbvXuWMKwfvn80m1N+2xYO8MZgW
ag1dvETO+hbz5/+b6QOSVb022ay9iYy+ebfyZ5NX9jU40ZyQcOsU7zjBLnRBnZdP
MemWemWLdDN6TCNThT0KKbI1/FRdyXzgNoCtCs2pKSAT3bpHfw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:11 2025 by rpki-client