Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/duK8tNyEScBuoxEgrK0Ua-Ixpuw.roa
File: duK8tNyEScBuoxEgrK0Ua-Ixpuw.roa (raw, json)
Hash identifier: 6YLFFq9yO91f3nM9eTjHa4yoEQXqchBF89+9BIypyUE=
Subject key identifier: 76:E2:BC:B4:DC:84:49:C0:6E:A3:11:20:AC:AD:14:6B:E2:31:A6:EC
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018ADCB627E9F86DC8CF99B7C8E1CF6BB36C
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/duK8tNyEScBuoxEgrK0Ua-Ixpuw.roa
Signing time: Thu 28 Sep 2023 16:53:59 +0000
ROA not before: Thu 28 Sep 2023 16:53:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 94.26.90.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dc:b6:27:e9:f8:6d:c8:cf:99:b7:c8:e1:cf:6b:b3:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Sep 28 16:53:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76e2bcb4dc8449c06ea31120acad146be231a6ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ec:69:7a:e6:82:b2:f5:d7:29:6c:02:0c:e5:
17:0d:46:63:97:a3:fb:88:26:a1:2a:26:17:44:83:
06:95:58:bd:f9:55:26:14:97:5b:bb:9a:71:66:0d:
54:36:9a:30:0f:7c:5c:d2:6f:5e:eb:87:bd:c9:b4:
81:16:de:00:55:71:9d:ce:aa:42:6b:11:b0:58:cf:
45:86:24:3e:b3:3a:6c:8f:da:c6:6d:4c:09:23:de:
b8:75:76:43:c5:ec:dc:8e:fd:6b:26:a3:1a:c5:10:
93:de:22:36:ef:85:30:94:cf:ec:d1:6a:ba:9e:cc:
15:21:c1:bf:37:42:7a:56:cd:75:5e:98:53:43:39:
12:18:c0:e5:cd:4b:58:28:0c:12:fa:0a:e2:08:01:
a2:a8:63:e2:7e:0c:3d:e7:33:ab:6c:2d:15:43:1b:
1d:f2:8b:63:ac:3e:9a:5f:2c:c6:a6:08:29:38:a0:
73:c3:7d:c5:46:98:45:f3:a5:38:f6:c1:7d:d4:dc:
79:a7:5b:99:25:dc:b3:ef:78:13:fd:68:1a:de:b8:
63:34:7b:07:f8:4a:c9:5e:92:3f:78:54:ba:d4:a6:
e1:fe:2d:e1:60:c6:b2:af:c0:fd:19:be:70:37:7b:
ce:de:a3:27:6d:5a:9a:9a:60:46:a7:05:76:cb:b4:
00:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E2:BC:B4:DC:84:49:C0:6E:A3:11:20:AC:AD:14:6B:E2:31:A6:EC
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/duK8tNyEScBuoxEgrK0Ua-Ixpuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.234.0/24
78.159.131.0/24
93.152.205.0/24
93.152.208.0/24
93.152.214.0/23
93.152.220.0/23
93.152.225.0/24
94.26.90.0/24
94.190.195.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:3b:13:f9:fd:ea:25:0a:d3:5d:d6:53:b9:b9:d9:6e:1c:26:
22:02:2d:ed:72:e8:23:e9:34:c4:ae:d6:f0:29:6e:50:da:95:
6c:64:a2:46:b0:fa:d0:f5:2d:bd:ca:73:a9:a2:ce:14:02:06:
f5:01:be:6c:62:40:51:5a:fb:f3:52:fd:f9:ff:0e:72:69:84:
57:58:58:14:e2:53:bf:aa:07:0a:59:77:56:53:eb:2e:db:b8:
1a:9c:6d:97:fa:6f:0b:8d:45:4c:49:be:fc:52:f5:88:d6:f8:
c8:73:8a:ae:05:3d:5a:9b:c1:ba:d2:b6:ff:43:6c:82:50:df:
20:54:03:4c:eb:c2:b1:94:e9:1d:d9:b9:14:6c:c2:15:25:8b:
ae:99:c0:cd:cd:ad:2b:25:89:35:19:84:a1:db:04:d1:2e:fb:
7c:22:4a:e3:36:aa:d5:7e:2b:3b:c6:cd:9a:6b:2a:74:f7:de:
aa:86:de:3a:00:cb:a9:b2:64:b6:00:ff:f3:f3:2a:59:7c:31:
78:f1:45:19:16:f6:f3:a1:d9:96:ce:1e:f2:5b:f1:6a:2b:9d:
03:d8:f0:c3:15:dd:0f:f0:33:e0:13:67:f7:c1:01:36:da:89:
75:3b:2d:4d:16:f3:b3:fe:5d:a8:87:d8:f5:ba:30:e2:c6:99:
f7:2d:fc:a7
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYrctifp+G3Iz5m3yOHPa7NsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwOTI4MTY1MzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmUyYmNiNGRjODQ0OWMwNmVhMzExMjBhY2FkMTQ2YmUyMzFhNmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+xpeuaCsvXXKWwCDOUXDUZjl6P7
iCahKiYXRIMGlVi9+VUmFJdbu5pxZg1UNpowD3xc0m9e64e9ybSBFt4AVXGdzqpC
axGwWM9FhiQ+szpsj9rGbUwJI964dXZDxezcjv1rJqMaxRCT3iI274UwlM/s0Wq6
nswVIcG/N0J6Vs11XphTQzkSGMDlzUtYKAwS+griCAGiqGPifgw95zOrbC0VQxsd
8otjrD6aXyzGpggpOKBzw33FRphF86U49sF91Nx5p1uZJdyz73gT/Wga3rhjNHsH
+ErJXpI/eFS61Kbh/i3hYMayr8D9Gb5wN3vO3qMnbVqammBGpwV2y7QAfwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHbivLTchEnAbqMRIKytFGviMabsMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvZHVLOHROeUVTY0J1b3hFZ3JLMFVhLUl4cHV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALY3qAwQA
Tp+DAwQAXZjNAwQAXZjQAwQBXZjWAwQBXZjcAwQAXZjhAwQAXhpaAwQAXr7DMA0G
CSqGSIb3DQEBCwUAA4IBAQCnOxP5/eolCtNd1lO5udluHCYiAi3tcugj6TTErtbw
KW5Q2pVsZKJGsPrQ9S29ynOpos4UAgb1Ab5sYkBRWvvzUv35/w5yaYRXWFgU4lO/
qgcKWXdWU+su27ganG2X+m8LjUVMSb78UvWI1vjIc4quBT1am8G60rb/Q2yCUN8g
VANM68KxlOkd2bkUbMIVJYuumcDNza0rJYk1GYSh2wTRLvt8IkrjNqrVfis7xs2a
ayp0996qht46AMupsmS2AP/z8ypZfDF48UUZFvbzodmWzh7yW/FqK50D2PDDFd0P
8DPgE2f3wQE22ol1Oy1NFvOz/l2oh9j1ujDixpn3Lfyn
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:39:30 2025 by rpki-client