Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/gFCLz6WxkyMONp_jqclnYYAYnz0.roa
File: gFCLz6WxkyMONp_jqclnYYAYnz0.roa (raw, json)
Hash identifier: HeUsJhQcjZfbE3cVOL45gpsLqFyYg3Fs6k3fY2SJmAE=
Subject key identifier: 80:50:8B:CF:A5:B1:93:23:0E:36:9F:E3:A9:C9:67:61:80:18:9F:3D
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018F62CF0B5AFE40F4ABD0B4309CEC51F71D
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/gFCLz6WxkyMONp_jqclnYYAYnz0.roa
Signing time: Fri 10 May 2024 14:01:26 +0000
ROA not before: Fri 10 May 2024 14:01:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208913
IP address blocks: 46.102.105.0/24 maxlen: 24
46.247.144.0/20 maxlen: 24
86.105.241.0/24 maxlen: 24
89.32.125.0/24 maxlen: 24
89.37.58.0/24 maxlen: 24
89.40.41.0/24 maxlen: 24
89.47.43.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
91.198.23.0/24 maxlen: 24
91.216.138.0/24 maxlen: 24
91.227.33.0/24 maxlen: 24
91.229.228.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
93.114.84.0/24 maxlen: 24
93.180.208.0/22 maxlen: 24
94.177.23.0/24 maxlen: 24
188.210.254.0/24 maxlen: 24
188.214.89.0/24 maxlen: 24
188.241.59.0/24 maxlen: 24
193.37.136.0/24 maxlen: 24
193.39.119.0/24 maxlen: 24
193.93.40.0/22 maxlen: 24
193.105.176.0/24 maxlen: 24
193.169.8.0/23 maxlen: 24
193.192.52.0/23 maxlen: 24
193.239.172.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
194.8.81.0/24 maxlen: 24
194.24.234.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
194.88.134.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
194.140.235.0/24 maxlen: 24
194.246.106.0/23 maxlen: 24
195.2.196.0/23 maxlen: 24
195.13.48.0/23 maxlen: 24
195.34.80.0/23 maxlen: 24
195.93.140.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
195.189.176.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
195.210.44.0/23 maxlen: 24
195.254.140.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:62:cf:0b:5a:fe:40:f4:ab:d0:b4:30:9c:ec:51:f7:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: May 10 14:01:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80508bcfa5b193230e369fe3a9c9676180189f3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0e:2f:b9:8e:9c:e8:d1:b5:36:43:1e:02:b2:
61:9b:84:86:3c:3d:3d:51:07:51:bc:24:ea:b6:6e:
d7:2b:68:f8:d5:24:f9:03:fb:d1:41:71:f5:ea:af:
7f:41:cf:4d:6f:99:90:f6:a6:f2:ed:9d:b0:7b:03:
c9:65:f9:56:74:6e:9a:0c:38:08:6e:de:03:db:84:
d2:f9:dc:57:dd:04:6f:7a:df:a9:f7:ec:a5:bf:65:
70:3b:55:c7:20:fb:98:94:27:cf:18:1a:5b:cb:25:
c2:27:71:d3:47:66:37:90:d7:51:35:24:18:8d:33:
47:ab:77:36:0c:42:d0:e2:e8:dc:bf:06:54:c8:d8:
80:bf:21:f8:11:5e:a8:c3:c1:49:43:40:5c:30:6b:
10:10:7a:ae:b4:5d:ef:9c:ad:53:b8:c9:15:e9:67:
c8:c5:ee:5b:7e:08:44:6a:ef:4b:89:87:6a:68:c4:
db:1f:9e:83:8c:44:7d:0b:90:5e:e3:3f:9c:31:b9:
46:7c:ee:3f:f0:34:e8:18:90:89:f3:25:73:f1:5b:
4e:19:9d:9e:9d:96:a8:cb:e8:b9:67:8e:41:9c:60:
9d:dd:29:56:b3:ea:2d:7b:bc:bb:59:45:b4:a5:9e:
bc:4e:69:8e:81:d2:35:e2:f8:c4:8e:2a:83:10:5c:
d7:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:50:8B:CF:A5:B1:93:23:0E:36:9F:E3:A9:C9:67:61:80:18:9F:3D
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/gFCLz6WxkyMONp_jqclnYYAYnz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.105.0/24
46.247.144.0/20
86.105.241.0/24
89.32.125.0/24
89.37.58.0/24
89.40.41.0/24
89.47.43.0/24
89.200.240.0/23
91.198.23.0/24
91.216.138.0/24
91.227.33.0/24
91.229.228.0/24
91.238.148.0/23
93.114.84.0/24
93.180.208.0/22
94.177.23.0/24
188.210.254.0/24
188.214.89.0/24
188.241.59.0/24
193.37.136.0/24
193.39.119.0/24
193.93.40.0/22
193.105.176.0/24
193.169.8.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.8.81.0/24
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.212.0/23
194.140.235.0/24
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.176.0/24
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
65:c5:49:46:26:da:38:6a:11:04:a0:54:99:2d:31:ea:c1:26:
3d:79:73:7b:d4:02:56:92:ee:ff:e5:aa:3c:0c:c8:20:cf:bb:
89:fe:91:bc:ef:cf:79:54:ab:a2:52:30:25:89:4d:10:07:f1:
e9:58:84:1b:eb:d1:20:3e:36:7e:d0:63:c7:a9:e1:44:b2:87:
0a:f3:30:33:5e:9a:8a:98:e9:df:bc:db:b1:f9:52:dc:6d:07:
1a:f3:74:5e:e4:3a:5e:07:70:05:eb:1b:f1:25:c3:33:c6:fb:
f1:51:01:9d:7b:2e:df:d7:2c:40:3a:41:b4:b4:42:da:66:26:
96:c3:df:ff:7f:0b:4c:0c:fb:aa:b4:92:5a:b7:e8:3c:30:5d:
2b:3e:a5:97:50:b6:e8:42:37:eb:bb:21:91:41:c0:f0:f6:ce:
86:68:60:b6:20:57:72:ec:ec:ee:21:09:38:0f:e1:34:28:a3:
a1:13:7e:f0:72:51:86:3f:69:a3:96:40:c5:6f:d3:c1:8c:a4:
9b:22:16:f0:dd:87:30:f9:a4:70:fc:68:5a:7a:79:76:d9:1f:
fe:5c:71:3f:cd:de:2f:a5:1b:e4:d2:8c:d5:9b:9d:d5:cf:ae:
7b:75:9b:d2:5f:5c:d7:e9:28:b3:df:89:45:2b:df:cd:3c:f9:
01:a7:10:ea
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAY9izwta/kD0q9C0MJzsUfcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwNTEwMTQwMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDUwOGJjZmE1YjE5MzIzMGUzNjlmZTNhOWM5Njc2MTgwMTg5ZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnw4vuY6c6NG1NkMeArJhm4SGPD09
UQdRvCTqtm7XK2j41ST5A/vRQXH16q9/Qc9Nb5mQ9qby7Z2wewPJZflWdG6aDDgI
bt4D24TS+dxX3QRvet+p9+ylv2VwO1XHIPuYlCfPGBpbyyXCJ3HTR2Y3kNdRNSQY
jTNHq3c2DELQ4ujcvwZUyNiAvyH4EV6ow8FJQ0BcMGsQEHqutF3vnK1TuMkV6WfI
xe5bfghEau9LiYdqaMTbH56DjER9C5Be4z+cMblGfO4/8DToGJCJ8yVz8VtOGZ2e
nZaoy+i5Z45BnGCd3SlWs+ote7y7WUW0pZ68TmmOgdI14vjEjiqDEFzXSwIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFIBQi8+lsZMjDjaf46nJZ2GAGJ89MB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvZ0ZDTHo2V3hreU1PTnBfanFjbG5ZWUFZbnowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAC5maQMEBC73kAMEAFZp8QMEAFkgfQMEAFklOgMEAFkoKQMEAFkvKwMEAVnI
8AMEAFvGFwMEAFvYigMEAFvjIQMEAFvl5AMEAVvulAMEAF1yVAMEAl200AMEAF6x
FwMEALzS/gMEALzWWQMEALzxOwMEAMEliAMEAMEndwMEAsFdKAMEAMFpsAMEAcGp
CAMEAcHANAMEAcHvrAMEAcHv9gMEAMIIUQMEAcIY6gMEAcIqZAMEAcJYhgMEAcJq
1AMEAMKM6wMEAcL2agMEAcMCxAMEAcMNMAMEAcMiUAMEAcNdjAMEAcOAvAMEAcOH
wAMEAMO9sAMEAcO9ugMEAcO9+gMEAcPSLAMEAcP+jDANBgkqhkiG9w0BAQsFAAOC
AQEAZcVJRibaOGoRBKBUmS0x6sEmPXlze9QCVpLu/+WqPAzIIM+7if6RvO/PeVSr
olIwJYlNEAfx6ViEG+vRID42ftBjx6nhRLKHCvMwM16aipjp37zbsflS3G0HGvN0
XuQ6XgdwBesb8SXDM8b78VEBnXsu39csQDpBtLRC2mYmlsPf/38LTAz7qrSSWrfo
PDBdKz6ll1C26EI367shkUHA8PbOhmhgtiBXcuzs7iEJOA/hNCijoRN+8HJRhj9p
o5ZAxW/TwYykmyIW8N2HMPmkcPxoWnp5dtkf/lxxP83eL6Ub5NKM1Zud1c+ue3Wb
0l9c1+kos9+JRSvfzTz5AacQ6g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:04 2025 by rpki-client