Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/B4B8AwhPN8nqkqsJIWnt25RI8P4.roa
File: B4B8AwhPN8nqkqsJIWnt25RI8P4.roa (raw, json)
Hash identifier: tKZvSD+J2/9HuzhNNVSD82woMs4APG13o6f6vUOg094=
Subject key identifier: 07:80:7C:03:08:4F:37:C9:EA:92:AB:09:21:69:ED:DB:94:48:F0:FE
Certificate issuer: /CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Certificate serial: 01941FFA1EB31F86A2B59FA0ECCE9C1A928B
Authority key identifier: 5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/B4B8AwhPN8nqkqsJIWnt25RI8P4.roa
Signing time: Wed 01 Jan 2025 03:47:53 +0000
ROA not before: Wed 01 Jan 2025 03:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48348
IP address blocks: 89.248.96.0/20 maxlen: 24
89.248.96.0/24 maxlen: 24
89.248.97.0/24 maxlen: 24
89.248.98.0/24 maxlen: 24
89.248.99.0/24 maxlen: 24
89.248.100.0/24 maxlen: 24
89.248.101.0/24 maxlen: 24
89.248.102.0/24 maxlen: 24
89.248.103.0/24 maxlen: 24
89.248.104.0/24 maxlen: 24
89.248.105.0/24 maxlen: 24
89.248.106.0/24 maxlen: 24
89.248.107.0/24 maxlen: 24
89.248.108.0/24 maxlen: 24
89.248.109.0/24 maxlen: 24
89.248.110.0/24 maxlen: 24
93.174.0.0/21 maxlen: 24
93.174.1.0/24 maxlen: 24
93.174.2.0/24 maxlen: 24
93.174.3.0/24 maxlen: 24
93.174.4.0/24 maxlen: 24
93.174.5.0/24 maxlen: 24
93.174.6.0/24 maxlen: 24
93.174.7.0/24 maxlen: 24
185.15.76.0/22 maxlen: 24
185.15.76.0/24 maxlen: 24
185.15.77.0/24 maxlen: 24
185.80.4.0/22 maxlen: 24
185.80.4.0/24 maxlen: 24
185.80.5.0/24 maxlen: 24
185.80.6.0/24 maxlen: 24
185.80.7.0/24 maxlen: 24
185.86.248.0/22 maxlen: 22
2a05:7900::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:1e:b3:1f:86:a2:b5:9f:a0:ec:ce:9c:1a:92:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Validity
Not Before: Jan 1 03:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07807c03084f37c9ea92ab092169eddb9448f0fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:46:6a:36:74:a1:3b:37:16:ec:69:86:da:11:
79:ad:6c:b6:8c:4b:dd:ae:e4:a3:90:43:25:c3:83:
66:d9:0a:d4:b3:4f:8b:59:90:29:08:62:b4:0e:b1:
a8:94:91:92:a3:2f:9f:b7:e1:df:3b:a4:21:97:b6:
90:34:42:35:34:b9:6d:21:1c:35:7c:88:b4:91:a6:
df:90:bd:ce:2e:d2:ee:39:14:b7:a0:aa:c7:2b:75:
b6:54:b1:8b:7e:25:0a:0f:77:ff:90:9e:df:39:9f:
e5:51:fc:18:cc:73:fa:d5:80:8f:83:42:02:69:6e:
e2:ef:74:94:4c:6f:cd:e1:f7:e9:7e:ea:87:57:a2:
c6:37:a9:10:8d:80:f1:d4:69:d1:a3:d0:49:0d:5f:
c6:4c:6d:3c:d1:dc:0c:6f:a5:fd:36:5e:64:79:4c:
cb:e3:7b:45:4f:46:2a:27:1c:14:25:54:84:73:1d:
46:ad:17:49:0a:51:87:91:53:cd:df:ac:0e:61:7c:
37:bf:be:32:6f:05:08:18:d6:7c:32:64:33:0c:92:
24:2e:f8:25:ed:c6:3f:f8:20:eb:84:a2:41:cc:f4:
d4:8a:03:c7:c5:f0:48:6e:ee:09:cb:26:90:e9:82:
45:7f:0f:74:2d:76:8f:69:6a:51:90:81:a3:06:2b:
12:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:80:7C:03:08:4F:37:C9:EA:92:AB:09:21:69:ED:DB:94:48:F0:FE
X509v3 Authority Key Identifier:
keyid:5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/B4B8AwhPN8nqkqsJIWnt25RI8P4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/XrQquN6Yvhx3HwqYaFgvz5XcSsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.96.0/20
93.174.0.0/21
185.15.76.0/22
185.80.4.0/22
185.86.248.0/22
IPv6:
2a05:7900::/29
Signature Algorithm: sha256WithRSAEncryption
61:b3:71:49:d5:03:b9:2f:41:cc:36:2a:4c:31:6f:b4:11:db:
dc:3b:d4:1c:10:be:a1:d5:c8:5f:d7:0a:e6:63:b8:14:2a:75:
9d:68:9c:58:35:fc:8a:c9:f5:5a:4a:48:a7:1e:a3:80:7e:98:
90:c9:df:01:33:00:dc:a1:a1:80:c5:8c:c6:41:3d:4f:9c:f3:
91:b5:60:3f:23:ff:45:04:ef:be:b9:16:ff:ff:9c:51:08:e2:
38:53:82:ac:64:75:c3:ec:a2:a5:6b:1d:0c:7f:1d:19:54:ba:
f5:77:06:8f:a9:8d:df:e2:e7:d9:4a:0b:36:40:84:a3:97:bb:
8b:d2:c7:9e:88:60:ad:c1:f2:c0:33:0e:6e:51:5c:8e:51:dd:
64:f3:fd:8d:78:7e:73:b3:bd:b0:1d:de:93:c4:e6:82:32:6a:
10:a5:4d:60:a8:d5:7a:8c:73:a7:5d:8a:fa:e8:75:3c:ec:60:
f6:41:c1:70:9f:af:1e:4e:fb:d6:7c:df:ec:53:f8:92:15:f0:
0b:c6:08:c0:41:b0:eb:f7:f6:3c:36:54:79:71:ef:67:39:ca:
6d:9f:b7:34:8b:49:92:9b:30:85:c3:58:b1:42:a6:dd:ce:11:
7a:e1:03:8d:b3:a2:03:d2:2c:c2:06:00:39:1f:a4:0d:7d:40:
d0:f5:73:85
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQf+h6zH4aitZ+g7M6cGpKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYjQyYWI4ZGU5OGJlMWM3NzFmMGE5ODY4NTgyZmNmOTVk
YzRhYzYwHhcNMjUwMTAxMDM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzgwN2MwMzA4NGYzN2M5ZWE5MmFiMDkyMTY5ZWRkYjk0NDhmMGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEZqNnShOzcW7GmG2hF5rWy2jEvd
ruSjkEMlw4Nm2QrUs0+LWZApCGK0DrGolJGSoy+ft+HfO6Qhl7aQNEI1NLltIRw1
fIi0kabfkL3OLtLuORS3oKrHK3W2VLGLfiUKD3f/kJ7fOZ/lUfwYzHP61YCPg0IC
aW7i73SUTG/N4ffpfuqHV6LGN6kQjYDx1GnRo9BJDV/GTG080dwMb6X9Nl5keUzL
43tFT0YqJxwUJVSEcx1GrRdJClGHkVPN36wOYXw3v74ybwUIGNZ8MmQzDJIkLvgl
7cY/+CDrhKJBzPTUigPHxfBIbu4JyyaQ6YJFfw90LXaPaWpRkIGjBisSiQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAeAfAMITzfJ6pKrCSFp7duUSPD+MB8GA1UdIwQY
MBaAFF60KrjemL4cdx8KmGhYL8+V3ErGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQt
NzczYzBiM2M4OTM1LzEvQjRCOEF3aFBOOG5xa3FzSklXbnQyNVJJOFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQtNzczYzBiM2M4OTM1
LzEvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEWfhgAwQD
Xa4AAwQCuQ9MAwQCuVAEAwQCuVb4MA0EAgACMAcDBQMqBXkAMA0GCSqGSIb3DQEB
CwUAA4IBAQBhs3FJ1QO5L0HMNipMMW+0EdvcO9QcEL6h1chf1wrmY7gUKnWdaJxY
NfyKyfVaSkinHqOAfpiQyd8BMwDcoaGAxYzGQT1PnPORtWA/I/9FBO++uRb//5xR
COI4U4KsZHXD7KKlax0Mfx0ZVLr1dwaPqY3f4ufZSgs2QISjl7uL0seeiGCtwfLA
Mw5uUVyOUd1k8/2NeH5zs72wHd6TxOaCMmoQpU1gqNV6jHOnXYr66HU87GD2QcFw
n68eTvvWfN/sU/iSFfALxgjAQbDr9/Y8NlR5ce9nOcptn7c0i0mSmzCFw1ixQqbd
zhF64QONs6ID0izCBgA5H6QNfUDQ9XOF
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:26 2025 by rpki-client