Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/lGgzoZLL6PZuyYbGLvEY_CC9Fqw.roa
File: lGgzoZLL6PZuyYbGLvEY_CC9Fqw.roa (raw, json)
Hash identifier: 971ib3v3gpEp5z9U2dqw0ElTlZB9TKIEdiNmDSkDx6Y=
Subject key identifier: 94:68:33:A1:92:CB:E8:F6:6E:C9:86:C6:2E:F1:18:FC:20:BD:16:AC
Certificate issuer: /CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Certificate serial: 08C15C09
Authority key identifier: 36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/lGgzoZLL6PZuyYbGLvEY_CC9Fqw.roa
Signing time: Sat 01 Jan 2022 09:00:25 +0000
ROA not before: Sat 01 Jan 2022 09:00:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204145
IP address blocks: 89.35.179.0/24 maxlen: 24
185.113.64.0/24 maxlen: 24
185.113.65.0/24 maxlen: 24
185.113.66.0/24 maxlen: 24
185.113.67.0/24 maxlen: 24
185.50.73.0/24 maxlen: 24
185.50.74.0/24 maxlen: 24
185.50.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146889737 (0x8c15c09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Validity
Not Before: Jan 1 09:00:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=946833a192cbe8f66ec986c62ef118fc20bd16ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:95:7d:16:b6:ca:41:aa:82:e6:77:8d:da:df:
c5:c3:5a:26:81:52:ec:3c:15:dd:44:c5:68:ad:41:
11:b8:21:8a:30:17:38:7b:b9:ad:a8:0c:0b:3e:3e:
8a:c6:43:87:e0:4f:77:e9:a2:91:70:f4:cd:f3:2d:
76:a8:a2:8a:cf:78:70:8e:bd:60:8f:98:80:2c:ed:
1b:20:46:a7:bf:97:c7:15:f4:6f:10:99:e7:b4:5d:
80:23:4c:d7:38:6d:a2:a9:55:c4:17:fa:18:47:cd:
8d:95:d4:43:39:0c:d6:e0:3c:21:27:f0:49:08:ad:
36:8c:25:54:38:c4:1a:b2:d5:13:75:27:35:51:17:
c6:21:e0:5f:e4:54:c0:d6:a5:6f:04:17:96:46:48:
6e:fa:48:74:07:5b:46:51:69:79:11:7d:52:71:f6:
9e:f8:49:9e:ea:51:cb:db:3a:04:65:47:e6:56:5d:
e6:d2:43:1d:ae:4b:12:48:fd:75:23:30:fc:55:ff:
ea:42:8f:69:cd:8d:b7:96:14:b8:ff:ce:5d:7d:b3:
3e:fb:d9:b7:74:5c:a2:eb:5f:67:71:7c:af:83:43:
39:2f:05:a0:72:ed:e9:38:f9:02:17:0b:e0:d0:a2:
c6:4e:5b:28:37:54:f9:51:b7:dd:f8:e4:22:66:ac:
7b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:68:33:A1:92:CB:E8:F6:6E:C9:86:C6:2E:F1:18:FC:20:BD:16:AC
X509v3 Authority Key Identifier:
keyid:36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/lGgzoZLL6PZuyYbGLvEY_CC9Fqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/NpT8xr9qh0D6eBRkH9nW7I2GLl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.179.0/24
185.50.73.0-185.50.75.255
185.113.64.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:31:59:72:42:ab:7f:04:d0:70:1b:df:cf:f9:93:d7:60:b6:
91:ce:b6:6e:4d:16:1e:38:d6:1b:41:58:9b:b5:48:4c:0e:8a:
44:07:06:e3:45:22:8f:37:32:8f:63:9f:8a:5f:83:ed:0b:74:
13:f1:b9:80:78:90:f8:40:9c:6a:56:f6:5f:ee:21:a6:2f:95:
59:e5:3e:a8:9a:e7:0e:67:7a:a6:fb:28:13:40:95:c8:c4:af:
a8:94:5e:3a:c6:25:7d:22:b9:f5:d3:71:dd:2a:2d:43:29:d7:
d8:db:a4:ad:3e:4f:e2:64:57:25:dc:2d:bd:51:1f:c7:8e:d5:
ab:7f:16:70:22:9a:5a:bf:ab:d7:f9:a1:c0:00:f4:5f:89:67:
fc:6d:61:82:e3:d9:bc:c8:40:5f:19:9e:7d:a6:36:30:58:6e:
b7:9a:76:d3:dd:28:b8:71:b5:2b:32:79:c5:d6:b5:50:c1:44:
82:35:12:71:6f:26:2d:8b:ea:5b:65:6c:3c:60:af:fc:73:e9:
15:7b:2e:e9:97:98:2b:30:ac:32:f7:31:6d:05:f0:6b:21:2c:
14:ce:14:61:b7:49:dd:35:44:10:9f:bb:9b:3f:25:de:c4:b7:
f7:b4:80:42:3b:89:87:bd:2f:52:38:35:33:a7:97:a9:0d:7d:
64:d6:e5:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECMFcCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Njk0ZmNjNmJmNmE4NzQwZmE3ODE0NjQxZmQ5ZDZlYzhkODYyZTVmMB4XDTIyMDEw
MTA5MDAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQ2ODMzYTE5MmNi
ZThmNjZlYzk4NmM2MmVmMTE4ZmMyMGJkMTZhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSVfRa2ykGqguZ3jdrfxcNaJoFS7DwV3UTFaK1BEbghijAX
OHu5ragMCz4+isZDh+BPd+mikXD0zfMtdqiiis94cI69YI+YgCztGyBGp7+XxxX0
bxCZ57RdgCNM1zhtoqlVxBf6GEfNjZXUQzkM1uA8ISfwSQitNowlVDjEGrLVE3Un
NVEXxiHgX+RUwNalbwQXlkZIbvpIdAdbRlFpeRF9UnH2nvhJnupRy9s6BGVH5lZd
5tJDHa5LEkj9dSMw/FX/6kKPac2Nt5YUuP/OXX2zPvvZt3RcoutfZ3F8r4NDOS8F
oHLt6Tj5AhcL4NCixk5bKDdU+VG33fjkImase10CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSUaDOhksvo9m7JhsYu8Rj8IL0WrDAfBgNVHSMEGDAWgBQ2lPzGv2qHQPp4
FGQf2dbsjYYuXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05wVDh4cjlxaDBENmVCUmtIOW5XN0kyR0xsOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvYThkZDllLTcxZjItNGY3Ny1iNTc1LTBkM2ZjZTQyOWJkZS8x
L2xHZ3pvWkxMNlBadXlZYkdMdkVZX0NDOUZxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
YThkZDllLTcxZjItNGY3Ny1iNTc1LTBkM2ZjZTQyOWJkZS8xL05wVDh4cjlxaDBE
NmVCUmtIOW5XN0kyR0xsOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAFkjszAMAwQAuTJJAwQCuTJIAwQC
uXFAMA0GCSqGSIb3DQEBCwUAA4IBAQCuMVlyQqt/BNBwG9/P+ZPXYLaRzrZuTRYe
ONYbQVibtUhMDopEBwbjRSKPNzKPY5+KX4PtC3QT8bmAeJD4QJxqVvZf7iGmL5VZ
5T6omucOZ3qm+ygTQJXIxK+olF46xiV9Irn103HdKi1DKdfY26StPk/iZFcl3C29
UR/HjtWrfxZwIppav6vX+aHAAPRfiWf8bWGC49m8yEBfGZ59pjYwWG63mnbT3Si4
cbUrMnnF1rVQwUSCNRJxbyYti+pbZWw8YK/8c+kVey7pl5grMKwy9zFtBfBrISwU
zhRht0ndNUQQn7ubPyXexLf3tIBCO4mHvS9SODUzp5epDX1k1uUV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:47 2025 by rpki-client