Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/3ce395-67da-4161-aef1-f6697bfd2d4f/1/J2aFBRob52ncKk8n4nzVjUivhn8.roa
File: J2aFBRob52ncKk8n4nzVjUivhn8.roa (raw, json)
Hash identifier: Y3Z5PdhBdJ0Q66PCbZUoSuRuAiD/OxTS3zr0KEdi0Cc=
Subject key identifier: 27:66:85:05:1A:1B:E7:69:DC:2A:4F:27:E2:7C:D5:8D:48:AF:86:7F
Certificate issuer: /CN=a4e786e4809373c1985455858c6b02b30a71ad1b
Certificate serial: 018CC500169C045D1E35FBAFA14A983DD3EF
Authority key identifier: A4:E7:86:E4:80:93:73:C1:98:54:55:85:8C:6B:02:B3:0A:71:AD:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOeG5ICTc8GYVFWFjGsCswpxrRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/3ce395-67da-4161-aef1-f6697bfd2d4f/1/J2aFBRob52ncKk8n4nzVjUivhn8.roa
Signing time: Mon 01 Jan 2024 12:29:26 +0000
ROA not before: Mon 01 Jan 2024 12:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45012
IP address blocks: 185.39.220.0/22 maxlen: 24
91.151.16.0/21 maxlen: 24
178.250.8.0/21 maxlen: 24
37.228.152.0/21 maxlen: 24
85.158.176.0/21 maxlen: 24
185.61.40.0/22 maxlen: 24
77.75.248.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:16:9c:04:5d:1e:35:fb:af:a1:4a:98:3d:d3:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e786e4809373c1985455858c6b02b30a71ad1b
Validity
Not Before: Jan 1 12:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=276685051a1be769dc2a4f27e27cd58d48af867f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cd:8f:89:4e:66:c4:83:e1:53:a5:53:5d:87:
f7:ae:d3:e7:b3:a6:f0:cc:ad:94:3b:f2:5a:d1:4a:
39:a9:35:3e:84:33:73:2f:20:4f:f6:23:49:89:cf:
53:ba:99:ad:42:86:da:72:3a:88:a2:25:62:5e:bb:
f5:fc:27:8b:c3:e3:14:7b:9d:e7:71:db:7b:62:48:
65:ab:a0:9a:d5:96:80:7d:91:8a:e7:91:c8:75:e5:
41:ce:7d:16:46:a2:34:34:ae:14:a2:d8:3f:50:55:
98:65:b3:22:ce:e8:f8:9e:5e:ad:9b:3f:cb:dc:c6:
ee:6c:4b:87:d2:72:da:4b:a5:bf:62:f9:aa:a7:5c:
fd:2b:bc:5d:30:34:6e:3b:f3:0d:d0:65:f0:a9:79:
8c:97:b6:99:17:78:93:05:84:a2:88:c4:11:26:46:
b3:d2:29:22:bc:7f:d5:fa:ef:12:a9:1a:0b:1f:b4:
b3:a9:1c:0f:a8:10:a0:23:f2:e5:00:7a:96:b3:22:
8c:90:81:77:c4:a5:60:9b:04:f8:0f:86:b9:1e:ee:
a5:b0:0b:d9:37:0f:d5:b2:f7:b2:05:6d:dd:54:54:
19:aa:e9:03:d3:ab:03:d9:a9:eb:4f:67:0f:f1:df:
36:05:c3:13:55:af:29:40:1a:f4:70:84:33:89:58:
e1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:66:85:05:1A:1B:E7:69:DC:2A:4F:27:E2:7C:D5:8D:48:AF:86:7F
X509v3 Authority Key Identifier:
keyid:A4:E7:86:E4:80:93:73:C1:98:54:55:85:8C:6B:02:B3:0A:71:AD:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOeG5ICTc8GYVFWFjGsCswpxrRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/3ce395-67da-4161-aef1-f6697bfd2d4f/1/J2aFBRob52ncKk8n4nzVjUivhn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/3ce395-67da-4161-aef1-f6697bfd2d4f/1/pOeG5ICTc8GYVFWFjGsCswpxrRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.152.0/21
77.75.248.0/21
85.158.176.0/21
91.151.16.0/21
178.250.8.0/21
185.39.220.0/22
185.61.40.0/22
Signature Algorithm: sha256WithRSAEncryption
15:14:7b:34:41:5b:4a:9b:cf:42:8e:ff:da:39:fc:90:dc:ff:
20:be:a0:9c:70:56:4d:30:6c:6a:a5:fa:20:7f:8e:ef:3d:32:
28:48:7d:e3:c8:46:47:2d:9b:d1:5e:18:43:54:96:73:8e:d0:
9d:70:65:fc:24:e8:0a:3c:b3:47:e9:23:93:ab:1e:6a:91:6d:
f0:4d:3a:5e:cd:a6:45:36:df:27:d5:ef:37:40:86:02:cd:cf:
c5:f5:7b:af:7b:f8:a6:9c:0a:29:8a:ec:38:f4:37:91:59:8f:
e9:c2:94:9a:43:32:0a:dc:32:3e:9d:80:4e:f6:20:de:6f:13:
02:31:6d:50:74:02:fe:33:08:14:f4:4a:1e:8c:89:d7:95:f1:
ec:a9:a5:f6:2b:bf:c0:ad:8f:e0:0a:90:97:93:63:d2:de:a8:
05:a2:c4:cb:6b:62:58:64:5a:36:69:85:1a:a5:24:42:d6:56:
8b:b2:64:df:7a:e2:79:79:29:b4:af:b6:85:7c:05:68:b0:8e:
69:65:d6:f5:78:67:49:77:1f:c5:4d:d9:df:2d:49:24:40:b8:
b6:77:e5:58:7a:1c:2f:1a:cb:71:26:c4:25:4d:40:08:94:1a:
0b:a4:98:18:50:ba:8e:77:5f:4b:67:64:f6:5e:fb:d7:ec:5f:
17:69:4a:ee
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzFABacBF0eNfuvoUqYPdPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTc4NmU0ODA5MzczYzE5ODU0NTU4NThjNmIwMmIzMGE3
MWFkMWIwHhcNMjQwMTAxMTIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzY2ODUwNTFhMWJlNzY5ZGMyYTRmMjdlMjdjZDU4ZDQ4YWY4NjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu82PiU5mxIPhU6VTXYf3rtPns6bw
zK2UO/Ja0Uo5qTU+hDNzLyBP9iNJic9TupmtQobacjqIoiViXrv1/CeLw+MUe53n
cdt7Ykhlq6Ca1ZaAfZGK55HIdeVBzn0WRqI0NK4Uotg/UFWYZbMizuj4nl6tmz/L
3MbubEuH0nLaS6W/Yvmqp1z9K7xdMDRuO/MN0GXwqXmMl7aZF3iTBYSiiMQRJkaz
0ikivH/V+u8SqRoLH7SzqRwPqBCgI/LlAHqWsyKMkIF3xKVgmwT4D4a5Hu6lsAvZ
Nw/VsveyBW3dVFQZqukD06sD2anrT2cP8d82BcMTVa8pQBr0cIQziVjhGQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCdmhQUaG+dp3CpPJ+J81Y1Ir4Z/MB8GA1UdIwQY
MBaAFKTnhuSAk3PBmFRVhYxrArMKca0bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9lRzVJQ1RjOEdZVkZXRmpHc0Nzd3B4clJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8zY2UzOTUtNjdkYS00MTYxLWFlZjEt
ZjY2OTdiZmQyZDRmLzEvSjJhRkJSb2I1Mm5jS2s4bjRuelZqVWl2aG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8zY2UzOTUtNjdkYS00MTYxLWFlZjEtZjY2OTdiZmQyZDRm
LzEvcE9lRzVJQ1RjOEdZVkZXRmpHc0Nzd3B4clJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDJeSYAwQD
TUv4AwQDVZ6wAwQDW5cQAwQDsvoIAwQCuSfcAwQCuT0oMA0GCSqGSIb3DQEBCwUA
A4IBAQAVFHs0QVtKm89Cjv/aOfyQ3P8gvqCccFZNMGxqpfogf47vPTIoSH3jyEZH
LZvRXhhDVJZzjtCdcGX8JOgKPLNH6SOTqx5qkW3wTTpezaZFNt8n1e83QIYCzc/F
9Xuve/imnAopiuw49DeRWY/pwpSaQzIK3DI+nYBO9iDebxMCMW1QdAL+MwgU9Eoe
jInXlfHsqaX2K7/ArY/gCpCXk2PS3qgFosTLa2JYZFo2aYUapSRC1laLsmTfeuJ5
eSm0r7aFfAVosI5pZdb1eGdJdx/FTdnfLUkkQLi2d+VYehwvGstxJsQlTUAIlBoL
pJgYULqOd19LZ2T2XvvX7F8XaUru
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:17:52 2025 by rpki-client