Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/fI3NusZkrqWO5jLO3fTZ5z39Yl0.roa
File: fI3NusZkrqWO5jLO3fTZ5z39Yl0.roa (raw, json)
Hash identifier: KILLD4GBsSEpBwdB72CBo4dP3KtsyWxUfk3vFU0iOuU=
Subject key identifier: 7C:8D:CD:BA:C6:64:AE:A5:8E:E6:32:CE:DD:F4:D9:E7:3D:FD:62:5D
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 0195283F294979EB56CC29AE88DD58A1F495
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/fI3NusZkrqWO5jLO3fTZ5z39Yl0.roa
Signing time: Fri 21 Feb 2025 11:23:02 +0000
ROA not before: Fri 21 Feb 2025 11:23:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24852
IP address blocks: 79.132.160.0/20 maxlen: 20
84.55.32.0/24 maxlen: 24
84.55.33.0/24 maxlen: 24
84.55.34.0/23 maxlen: 23
84.55.36.0/23 maxlen: 23
84.55.48.0/21 maxlen: 21
84.55.56.0/23 maxlen: 23
84.55.58.0/23 maxlen: 23
84.55.60.0/23 maxlen: 23
84.55.62.0/23 maxlen: 23
88.223.0.0/18 maxlen: 18
88.223.96.0/22 maxlen: 22
88.223.104.0/21 maxlen: 21
88.223.112.0/20 maxlen: 20
88.223.128.0/22 maxlen: 22
88.223.144.0/21 maxlen: 21
88.223.152.0/24 maxlen: 24
88.223.153.0/24 maxlen: 24
88.223.160.0/22 maxlen: 22
88.223.192.0/20 maxlen: 20
95.173.32.0/23 maxlen: 23
185.104.176.0/22 maxlen: 22
213.164.112.0/22 maxlen: 22
213.164.116.0/23 maxlen: 23
213.164.118.0/24 maxlen: 24
217.147.34.0/24 maxlen: 24
217.147.35.0/24 maxlen: 24
217.147.36.0/23 maxlen: 23
217.147.38.0/24 maxlen: 24
217.147.40.0/24 maxlen: 24
217.147.41.0/24 maxlen: 24
217.147.44.0/23 maxlen: 23
217.147.46.0/24 maxlen: 24
217.147.47.0/24 maxlen: 24
2a01:7c80::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:3f:29:49:79:eb:56:cc:29:ae:88:dd:58:a1:f4:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Feb 21 11:23:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c8dcdbac664aea58ee632ceddf4d9e73dfd625d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:58:8b:47:f7:b6:98:0c:13:51:68:b9:1f:49:
2d:69:f0:32:30:c5:24:ba:8d:39:73:44:b6:21:32:
99:ed:10:17:e8:57:a8:93:73:aa:b0:64:99:a6:68:
eb:ae:0b:3a:fb:2d:c3:40:47:f8:81:0f:9b:8f:c6:
41:3d:9c:6f:6f:82:d0:9e:32:04:38:2e:a5:89:f9:
73:85:a7:86:9f:f7:41:da:86:f9:75:31:9e:51:87:
c4:fb:3a:29:35:f9:f8:0a:22:57:5a:84:d6:5f:a8:
23:a0:06:da:d2:fb:b5:19:03:bd:4f:59:4c:8e:6b:
5f:79:7f:e5:91:a8:45:ac:33:1c:dd:99:1c:0a:ed:
a5:01:50:a1:5f:c1:fe:3f:b1:60:ad:ad:d0:45:a5:
ed:36:5a:98:0d:ca:4a:f4:79:ee:28:86:b3:93:ee:
f0:0f:d7:02:46:ea:b4:d4:f4:a8:b8:2d:81:20:61:
61:9a:74:02:a0:78:e7:14:86:fb:94:73:6a:8c:3c:
bd:18:72:6e:9c:41:ac:21:3f:90:2d:cb:90:88:ab:
47:98:e4:63:94:44:3f:b3:25:79:29:d6:4f:f5:bd:
66:6f:f1:92:6c:ab:4c:38:42:78:9c:41:c1:c9:a6:
52:e8:a1:b9:bf:63:e5:15:00:b7:d5:e0:cd:93:1e:
c0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:8D:CD:BA:C6:64:AE:A5:8E:E6:32:CE:DD:F4:D9:E7:3D:FD:62:5D
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/fI3NusZkrqWO5jLO3fTZ5z39Yl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.160.0/20
84.55.32.0-84.55.37.255
84.55.48.0/20
88.223.0.0/18
88.223.96.0/22
88.223.104.0-88.223.131.255
88.223.144.0-88.223.153.255
88.223.160.0/22
88.223.192.0/20
95.173.32.0/23
185.104.176.0/22
213.164.112.0-213.164.118.255
217.147.34.0-217.147.38.255
217.147.40.0/23
217.147.44.0/22
IPv6:
2a01:7c80::/33
Signature Algorithm: sha256WithRSAEncryption
82:46:e8:b6:e0:87:5a:cd:c3:e1:e6:96:25:ce:34:6f:a9:f9:
5b:78:c3:06:f7:ec:b3:a5:90:fc:78:98:e0:39:49:ff:3b:73:
4b:fa:58:68:ea:51:ec:b0:9e:67:98:be:45:5b:4d:28:4d:f9:
a3:9b:19:23:25:ee:7b:b5:b4:53:31:22:d7:b2:63:89:86:48:
fe:38:31:51:6f:93:ac:4d:52:23:cf:ec:45:07:c4:46:6e:22:
78:4e:55:15:f5:8d:28:d4:15:bf:09:12:71:ec:70:a1:76:46:
7c:60:6d:db:8c:42:b4:f0:0d:d2:d6:2a:7f:30:2f:1f:f1:70:
aa:53:fd:bd:7d:cb:b9:01:bb:ca:bd:d9:50:dc:29:df:e7:c8:
ea:68:f0:d0:a2:ea:3b:70:3d:28:43:3a:dd:44:bf:67:a7:10:
25:e1:64:bb:11:37:86:14:25:68:69:79:f2:78:ec:d1:1b:16:
24:fe:64:1d:bd:c9:36:c2:ce:f9:72:93:4c:6b:79:35:98:89:
9a:63:51:ff:34:3d:36:be:10:29:a9:c5:62:c8:f7:3b:dc:7b:
de:1a:07:67:5e:10:7b:36:79:17:fe:68:a6:4c:36:35:9d:6f:
e2:6f:e6:78:02:9f:d3:a8:fe:8e:8d:ee:75:88:d6:1f:37:ef:
ff:a0:dd:5d
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZUoPylJeetWzCmuiN1YofSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjUwMjIxMTEyMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzhkY2RiYWM2NjRhZWE1OGVlNjMyY2VkZGY0ZDllNzNkZmQ2MjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1iLR/e2mAwTUWi5H0ktafAyMMUk
uo05c0S2ITKZ7RAX6Feok3OqsGSZpmjrrgs6+y3DQEf4gQ+bj8ZBPZxvb4LQnjIE
OC6liflzhaeGn/dB2ob5dTGeUYfE+zopNfn4CiJXWoTWX6gjoAba0vu1GQO9T1lM
jmtfeX/lkahFrDMc3ZkcCu2lAVChX8H+P7Fgra3QRaXtNlqYDcpK9HnuKIazk+7w
D9cCRuq01PSouC2BIGFhmnQCoHjnFIb7lHNqjDy9GHJunEGsIT+QLcuQiKtHmORj
lEQ/syV5KdZP9b1mb/GSbKtMOEJ4nEHByaZS6KG5v2PlFQC31eDNkx7AjwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFHyNzbrGZK6ljuYyzt302ec9/WJdMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvZkkzTnVzWmtycVdPNWpMTzNmVFo1ejM5WWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBiQQCAAEwgYIDBARP
hKAwDAMEBVQ3IAMEAVQ3JAMEBFQ3MAMEBljfAAMEAljfYDAMAwQDWN9oAwQCWN+A
MAwDBARY35ADBAFY35gDBAJY36ADBARY38ADBAFfrSADBAK5aLAwDAMEBNWkcAME
ANWkdjAMAwQB2ZMiAwQA2ZMmAwQB2ZMoAwQC2ZMsMA4EAgACMAgDBgcqAXyAADAN
BgkqhkiG9w0BAQsFAAOCAQEAgkbotuCHWs3D4eaWJc40b6n5W3jDBvfss6WQ/HiY
4DlJ/ztzS/pYaOpR7LCeZ5i+RVtNKE35o5sZIyXue7W0UzEi17JjiYZI/jgxUW+T
rE1SI8/sRQfERm4ieE5VFfWNKNQVvwkScexwoXZGfGBt24xCtPAN0tYqfzAvH/Fw
qlP9vX3LuQG7yr3ZUNwp3+fI6mjw0KLqO3A9KEM63US/Z6cQJeFkuxE3hhQlaGl5
8njs0RsWJP5kHb3JNsLO+XKTTGt5NZiJmmNR/zQ9Nr4QKanFYsj3O9x73hoHZ14Q
ezZ5F/5opkw2NZ1v4m/meAKf06j+jo3udYjWHzfv/6DdXQ==
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:49:12 2025 by rpki-client