Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Rl7v47sxjG-fxJlqj_00i12YNCM.roa
File: Rl7v47sxjG-fxJlqj_00i12YNCM.roa (raw, json)
Hash identifier: +riE7cGI77/Bx77RCJzuYH0wyILsJ8JamTbrd5NHpfc=
Subject key identifier: 46:5E:EF:E3:BB:31:8C:6F:9F:C4:99:6A:8F:FD:34:8B:5D:98:34:23
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 0188FF9075EA300D5450CB1E6354C69968A2
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Rl7v47sxjG-fxJlqj_00i12YNCM.roa
Signing time: Wed 28 Jun 2023 01:13:57 +0000
ROA not before: Wed 28 Jun 2023 01:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.38.134.0/24 maxlen: 24
89.47.94.0/24 maxlen: 24
85.204.26.0/24 maxlen: 24
85.204.247.0/24 maxlen: 24
89.39.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ff:90:75:ea:30:0d:54:50:cb:1e:63:54:c6:99:68:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Jun 28 01:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=465eefe3bb318c6f9fc4996a8ffd348b5d983423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f7:92:58:ed:0f:09:fa:31:5e:18:bd:4f:b9:
e8:c3:8a:85:7f:4c:3f:d8:df:29:ce:ea:fc:30:d6:
c9:7a:95:2f:78:fc:15:ab:88:0c:76:55:67:5a:ec:
24:9f:2a:c6:02:2d:da:79:48:22:dc:d2:06:72:41:
88:9e:26:1b:c6:d0:f8:b7:59:53:c4:61:18:d7:c5:
fe:1c:cc:85:48:be:45:41:7a:7c:b1:76:e4:88:80:
5b:ad:3d:bd:d2:00:9c:c1:6e:83:67:17:5b:7a:cf:
27:ff:bc:8e:f0:92:cb:90:9d:08:2b:91:2a:98:4e:
ea:d2:38:fe:c4:d5:6f:10:58:82:34:3a:f6:29:38:
dc:f9:36:3d:80:00:8e:86:ae:5f:1f:25:4d:a0:f6:
08:d6:bd:1d:85:d4:ee:e9:cb:27:c9:9c:ce:a4:c6:
f8:70:7c:39:13:a4:c7:c2:6e:9f:66:29:01:5b:90:
99:e9:24:22:7d:ff:02:a9:e2:2d:9b:11:15:72:57:
d5:93:62:88:b6:a6:f2:55:63:80:3c:9e:50:ff:35:
ae:18:1e:ab:34:66:d5:db:4b:23:9e:5b:bb:90:17:
49:8d:75:73:e3:6e:c2:1c:af:f1:cf:5b:28:3b:13:
f7:46:1f:9c:5c:f2:90:80:19:12:43:f1:e8:17:e9:
6f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:5E:EF:E3:BB:31:8C:6F:9F:C4:99:6A:8F:FD:34:8B:5D:98:34:23
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Rl7v47sxjG-fxJlqj_00i12YNCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.26.0/24
85.204.247.0/24
89.38.134.0/24
89.39.91.0/24
89.47.94.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:45:8f:9d:bd:fa:c7:dd:bf:73:86:65:ba:c7:fc:30:dc:f4:
ae:3b:4f:dc:f1:eb:5d:97:57:5b:68:e6:9f:6a:29:2e:27:3a:
8d:c7:c3:6c:5f:3c:e3:78:1d:cb:ef:17:f8:ee:75:fc:e0:9d:
ec:46:72:f8:91:a6:96:0b:f3:0f:00:d1:30:b8:c5:23:33:ff:
64:05:0a:3b:68:36:95:bf:03:cf:71:45:e1:db:11:d9:f8:79:
9a:31:fb:0b:32:4d:80:c9:4c:1c:06:1a:37:2a:cc:cf:8d:03:
cd:3a:d2:e6:2d:f0:2d:46:97:cf:26:0d:d0:82:b1:23:74:dc:
05:9d:8e:fe:a5:aa:a8:ea:fb:b5:a6:76:84:b0:7f:2b:4b:9c:
16:23:1c:6b:4f:ea:41:cd:8b:8a:6c:ca:ed:c1:99:19:de:a1:
27:c4:fb:55:80:9c:53:96:b6:21:37:ef:64:a7:1a:60:33:41:
a4:28:ff:77:d8:3f:45:db:78:5a:cc:1d:ec:18:6f:ac:94:cb:
0e:b0:a8:b2:c1:e0:5b:f6:a5:7b:f1:ce:ae:d5:d7:db:c3:33:
97:49:f7:df:ce:df:3b:a1:ad:42:d2:19:24:26:28:96:56:8f:
75:8a:5a:2b:71:77:13:eb:39:1e:2d:d3:14:a4:3c:85:a9:cd:
af:c0:d9:03
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYj/kHXqMA1UUMseY1TGmWiiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjMwNjI4MDExMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjVlZWZlM2JiMzE4YzZmOWZjNDk5NmE4ZmZkMzQ4YjVkOTgzNDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxveSWO0PCfoxXhi9T7now4qFf0w/
2N8pzur8MNbJepUvePwVq4gMdlVnWuwknyrGAi3aeUgi3NIGckGIniYbxtD4t1lT
xGEY18X+HMyFSL5FQXp8sXbkiIBbrT290gCcwW6DZxdbes8n/7yO8JLLkJ0IK5Eq
mE7q0jj+xNVvEFiCNDr2KTjc+TY9gACOhq5fHyVNoPYI1r0dhdTu6csnyZzOpMb4
cHw5E6THwm6fZikBW5CZ6SQiff8CqeItmxEVclfVk2KItqbyVWOAPJ5Q/zWuGB6r
NGbV20sjnlu7kBdJjXVz427CHK/xz1soOxP3Rh+cXPKQgBkSQ/HoF+lvZwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEZe7+O7MYxvn8SZao/9NItdmDQjMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvUmw3djQ3c3hqRy1meEpscWpfMDBpMTJZTkNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVcwaAwQA
Vcz3AwQAWSaGAwQAWSdbAwQAWS9eMA0GCSqGSIb3DQEBCwUAA4IBAQCMRY+dvfrH
3b9zhmW6x/ww3PSuO0/c8etdl1dbaOafaikuJzqNx8NsXzzjeB3L7xf47nX84J3s
RnL4kaaWC/MPANEwuMUjM/9kBQo7aDaVvwPPcUXh2xHZ+HmaMfsLMk2AyUwcBho3
KszPjQPNOtLmLfAtRpfPJg3QgrEjdNwFnY7+paqo6vu1pnaEsH8rS5wWIxxrT+pB
zYuKbMrtwZkZ3qEnxPtVgJxTlrYhN+9kpxpgM0GkKP932D9F23hazB3sGG+slMsO
sKiyweBb9qV78c6u1dfbwzOXSfffzt87oa1C0hkkJiiWVo91ilorcXcT6zkeLdMU
pDyFqc2vwNkD
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:58 2025 by rpki-client