Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/aec6e1-a20d-4238-b07d-1d74cf376a1d/1/D1bXeTmtCbqB8Y-YEny9DsOHqM4.roa
File: D1bXeTmtCbqB8Y-YEny9DsOHqM4.roa (raw, json)
Hash identifier: MAZy/eIcURdu/G7isPkzsMTLmj9KJYB689td1O2fcyw=
Subject key identifier: 0F:56:D7:79:39:AD:09:BA:81:F1:8F:98:12:7C:BD:0E:C3:87:A8:CE
Certificate issuer: /CN=ddf048ea02b7551533511bfa9040ddabe11974c6
Certificate serial: 300F8F9E
Authority key identifier: DD:F0:48:EA:02:B7:55:15:33:51:1B:FA:90:40:DD:AB:E1:19:74:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fBI6gK3VRUzURv6kEDdq-EZdMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/aec6e1-a20d-4238-b07d-1d74cf376a1d/1/D1bXeTmtCbqB8Y-YEny9DsOHqM4.roa
Signing time: Tue 04 Jan 2022 12:00:54 +0000
ROA not before: Tue 04 Jan 2022 12:00:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35226
IP address blocks: 89.184.56.0/22 maxlen: 22
185.179.40.0/24 maxlen: 24
89.16.64.0/19 maxlen: 19
109.106.96.0/19 maxlen: 19
78.143.128.0/18 maxlen: 18
89.184.32.0/22 maxlen: 22
89.184.40.0/21 maxlen: 21
89.184.48.0/21 maxlen: 21
2a02:2158::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 806326174 (0x300f8f9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf048ea02b7551533511bfa9040ddabe11974c6
Validity
Not Before: Jan 4 12:00:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f56d77939ad09ba81f18f98127cbd0ec387a8ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e3:c9:93:a0:11:1e:9e:58:78:6f:28:3b:1b:
b3:96:e1:d4:b2:73:51:c9:54:b0:fb:db:20:d8:b7:
9e:c2:a7:20:85:97:7c:63:70:5d:26:d1:4e:cf:0d:
04:7f:8c:61:8b:54:f1:c4:f7:4d:69:b7:c6:31:ea:
f9:79:be:8e:cc:71:ec:e5:48:88:17:00:aa:1a:47:
8f:17:43:d8:8b:8a:64:a5:87:95:a5:18:da:e1:a1:
06:4b:bc:71:59:ae:05:93:a7:86:42:c3:2b:32:3a:
0b:98:8e:0d:fb:fc:1b:75:22:cb:ea:a5:2d:85:e2:
f6:3e:25:82:43:2c:89:de:5a:ed:45:61:31:5e:90:
0e:cb:5e:e1:d6:77:c6:65:be:95:dd:fb:13:4a:65:
8c:34:18:68:72:44:e3:0a:a9:b8:98:37:7a:d8:69:
88:28:5b:77:26:db:45:91:b1:0b:a5:90:2f:70:5d:
da:4e:40:09:72:f2:a5:5b:18:eb:45:09:11:37:05:
f7:8f:23:ad:d3:14:c0:02:ba:2c:6a:34:46:70:2a:
2f:a1:1c:ca:24:13:b5:00:b2:df:f1:b6:86:85:03:
b0:66:99:41:6c:94:0b:3e:4c:9e:49:37:a7:e4:31:
65:7a:e2:e7:bb:43:c4:50:62:4d:54:01:db:c1:5f:
e2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:56:D7:79:39:AD:09:BA:81:F1:8F:98:12:7C:BD:0E:C3:87:A8:CE
X509v3 Authority Key Identifier:
keyid:DD:F0:48:EA:02:B7:55:15:33:51:1B:FA:90:40:DD:AB:E1:19:74:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fBI6gK3VRUzURv6kEDdq-EZdMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/aec6e1-a20d-4238-b07d-1d74cf376a1d/1/D1bXeTmtCbqB8Y-YEny9DsOHqM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/aec6e1-a20d-4238-b07d-1d74cf376a1d/1/3fBI6gK3VRUzURv6kEDdq-EZdMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.128.0/18
89.16.64.0/19
89.184.32.0/22
89.184.40.0-89.184.59.255
109.106.96.0/19
185.179.40.0/24
IPv6:
2a02:2158::/32
Signature Algorithm: sha256WithRSAEncryption
67:52:73:f4:23:75:00:5a:d4:f4:87:6d:c5:11:a9:dc:31:96:
03:99:05:90:ce:16:7d:c3:62:9d:da:cc:f4:65:14:fc:ab:55:
46:9e:2c:24:f4:d7:39:2d:f4:93:c6:a3:aa:b1:12:90:74:f8:
14:28:6a:51:32:6b:ca:52:37:92:cb:3e:5e:6b:35:96:d5:40:
ce:41:fb:6d:89:63:2a:96:1e:3f:d8:31:c2:a9:27:ff:a9:c8:
6b:b4:cb:7a:f2:fe:24:2a:87:97:d1:d6:61:c4:05:8a:55:84:
db:6e:fa:ab:96:05:5c:6f:18:ab:1a:5a:07:bc:3f:e5:e8:b1:
c8:6c:0c:30:9e:21:c5:a7:2c:64:4a:e6:33:ee:42:c4:fb:85:
7a:0b:94:23:91:b5:20:c9:7b:a2:cb:f7:99:39:73:8f:bc:34:
d8:c1:18:34:73:4a:8c:42:da:97:3d:77:54:22:e3:5a:7c:be:
3f:16:72:0b:33:88:1e:ba:49:ec:b9:73:eb:a2:af:60:63:24:
2c:3a:f0:3e:c3:9b:93:0b:63:90:4b:c3:cd:0f:95:75:2d:94:
de:24:98:7e:07:06:8c:c7:eb:d5:b5:c2:2f:b4:e8:ea:6d:00:
df:22:ff:0b:e6:ff:cb:af:22:c5:c1:6f:57:47:62:f6:67:28:
94:2c:b4:eb
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIEMA+PnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZGYwNDhlYTAyYjc1NTE1MzM1MTFiZmE5MDQwZGRhYmUxMTk3NGM2MB4XDTIyMDEw
NDEyMDA1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGY1NmQ3NzkzOWFk
MDliYTgxZjE4Zjk4MTI3Y2JkMGVjMzg3YThjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIrjyZOgER6eWHhvKDsbs5bh1LJzUclUsPvbINi3nsKnIIWX
fGNwXSbRTs8NBH+MYYtU8cT3TWm3xjHq+Xm+jsxx7OVIiBcAqhpHjxdD2IuKZKWH
laUY2uGhBku8cVmuBZOnhkLDKzI6C5iODfv8G3Uiy+qlLYXi9j4lgkMsid5a7UVh
MV6QDste4dZ3xmW+ld37E0pljDQYaHJE4wqpuJg3ethpiChbdybbRZGxC6WQL3Bd
2k5ACXLypVsY60UJETcF948jrdMUwAK6LGo0RnAqL6EcyiQTtQCy3/G2hoUDsGaZ
QWyUCz5Mnkk3p+QxZXri57tDxFBiTVQB28Ff4g8CAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBQPVtd5Oa0JuoHxj5gSfL0Ow4eozjAfBgNVHSMEGDAWgBTd8EjqArdVFTNR
G/qQQN2r4Rl0xjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNmQkk2Z0szVlJVelVSdjZrRURkcS1FWmRNWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvYWVjNmUxLWEyMGQtNDIzOC1iMDdkLTFkNzRjZjM3NmExZC8x
L0QxYlhlVG10Q2JxQjhZLVlFbnk5RHNPSHFNNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
YWVjNmUxLWEyMGQtNDIzOC1iMDdkLTFkNzRjZjM3NmExZC8xLzNmQkk2Z0szVlJV
elVSdjZrRURkcS1FWmRNWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwMgQCAAEwLAMEBk6PgAMEBVkQQAMEAlm4IDAMAwQD
WbgoAwQCWbg4AwQFbWpgAwQAubMoMA0EAgACMAcDBQAqAiFYMA0GCSqGSIb3DQEB
CwUAA4IBAQBnUnP0I3UAWtT0h23FEancMZYDmQWQzhZ9w2Kd2sz0ZRT8q1VGniwk
9Nc5LfSTxqOqsRKQdPgUKGpRMmvKUjeSyz5eazWW1UDOQfttiWMqlh4/2DHCqSf/
qchrtMt68v4kKoeX0dZhxAWKVYTbbvqrlgVcbxirGloHvD/l6LHIbAwwniHFpyxk
SuYz7kLE+4V6C5QjkbUgyXuiy/eZOXOPvDTYwRg0c0qMQtqXPXdUIuNafL4/FnIL
M4geuknsuXProq9gYyQsOvA+w5uTC2OQS8PND5V1LZTeJJh+BwaMx+vVtcIvtOjq
bQDfIv8L5v/LryLFwW9XR2L2ZyiULLTr
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:57:23 2025 by rpki-client