Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/EIn7EucLGwpV_Zp5i3VjUrdNBvQ.roa
File: EIn7EucLGwpV_Zp5i3VjUrdNBvQ.roa (raw, json)
Hash identifier: VPbH/Rx8XwgzWw4FjzZCZpUIC0oD0mZMzAfdStUkCbc=
Subject key identifier: 10:89:FB:12:E7:0B:1B:0A:55:FD:9A:79:8B:75:63:52:B7:4D:06:F4
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 018CCA2A0870B337306B390225364AA59262
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/EIn7EucLGwpV_Zp5i3VjUrdNBvQ.roa
Signing time: Tue 02 Jan 2024 12:33:21 +0000
ROA not before: Tue 02 Jan 2024 12:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60118
IP address blocks: 176.126.252.0/22 maxlen: 22
185.233.149.0/24 maxlen: 24
185.233.148.0/24 maxlen: 24
185.57.83.0/24 maxlen: 24
185.57.82.0/24 maxlen: 24
185.57.80.0/24 maxlen: 24
185.57.81.0/24 maxlen: 24
176.126.236.0/22 maxlen: 22
2a02:59e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:08:70:b3:37:30:6b:39:02:25:36:4a:a5:92:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jan 2 12:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1089fb12e70b1b0a55fd9a798b756352b74d06f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e2:c8:35:bf:b8:47:39:d0:2c:e4:21:3b:12:
71:5c:8e:43:97:86:a7:58:75:50:e9:fd:f0:1c:8f:
5e:42:5e:ed:ee:c1:ed:cf:6d:22:a4:0d:f0:0e:3f:
21:cd:f7:a3:2f:95:73:67:21:0f:90:2d:83:f7:40:
af:4b:2f:96:3d:ed:13:f5:d0:d1:25:34:8a:c0:b7:
53:bc:08:59:5d:95:04:5d:cc:fe:d2:07:25:a6:4b:
c5:8b:59:04:ad:9c:22:91:77:50:86:6d:33:6d:e5:
a7:65:d3:ef:9e:8e:26:8f:96:80:d5:81:21:4a:51:
13:ee:f8:6e:56:2f:ff:6f:5b:f8:49:72:85:e4:c8:
f0:b6:74:6e:8f:4a:3a:2d:9e:d1:b2:c9:ae:82:2b:
e3:62:3b:4d:99:59:26:fd:34:bf:20:6b:72:af:95:
d4:ee:65:fa:4c:8b:43:b0:0d:d1:34:4b:cf:b5:ce:
9e:e0:f8:32:e1:86:95:68:5e:15:ba:2e:27:c2:87:
df:76:d8:36:a8:6d:03:b8:fc:ce:a9:10:25:01:dd:
6a:09:94:00:da:3e:15:90:1d:90:d6:c5:c5:4c:d0:
34:dd:14:c0:9f:37:cf:e5:bc:19:d6:47:5f:29:29:
7b:fe:57:c6:c2:d5:cb:09:f8:07:72:03:e1:ea:bf:
04:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:89:FB:12:E7:0B:1B:0A:55:FD:9A:79:8B:75:63:52:B7:4D:06:F4
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/EIn7EucLGwpV_Zp5i3VjUrdNBvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.236.0/22
176.126.252.0/22
185.57.80.0/22
185.233.148.0/23
IPv6:
2a02:59e0::/48
Signature Algorithm: sha256WithRSAEncryption
05:41:0d:d1:5b:5b:08:12:df:b6:81:5c:07:76:cb:fa:f0:db:
58:5d:f5:38:75:9a:2c:8c:48:17:4d:86:20:98:5a:50:7f:21:
ac:3c:6a:31:db:0a:e7:72:d9:07:64:1f:9d:c1:f4:88:c5:a5:
39:2a:d6:9e:bd:6e:09:00:04:49:de:cb:a4:71:c6:12:19:33:
74:6a:e6:c5:5f:ae:03:01:34:74:94:ca:b1:51:3c:dc:9f:30:
97:1e:29:c4:34:4e:a1:1e:5e:f9:47:43:fc:c7:f8:e9:e7:59:
8f:f4:60:62:4a:2a:d1:cc:ec:25:1a:95:69:ff:69:76:f5:9e:
29:ca:97:c1:ff:40:65:c3:d1:33:59:c7:26:d6:09:dc:2b:32:
ed:c8:f5:eb:81:e9:99:66:07:0f:b4:7c:a4:aa:e1:c4:7a:b2:
f5:7b:31:da:6a:08:c4:22:16:a7:f0:e9:6c:73:e0:56:e3:5d:
cf:87:a1:3d:4d:a4:d1:b4:67:59:53:09:d5:03:4c:e6:f3:1b:
8a:78:fa:48:03:c6:2b:df:ef:31:66:be:46:31:d8:45:eb:02:
38:9a:96:62:da:b6:2c:26:f4:58:2b:02:dc:cd:b3:a0:8c:9c:
a4:8c:8b:bd:9d:2e:72:4c:bd:6c:1c:4a:fa:12:91:43:bb:82:
b7:66:99:e6
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzKKghwszcwazkCJTZKpZJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjQwMTAyMTIzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDg5ZmIxMmU3MGIxYjBhNTVmZDlhNzk4Yjc1NjM1MmI3NGQwNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouLINb+4RznQLOQhOxJxXI5Dl4an
WHVQ6f3wHI9eQl7t7sHtz20ipA3wDj8hzfejL5VzZyEPkC2D90CvSy+WPe0T9dDR
JTSKwLdTvAhZXZUEXcz+0gclpkvFi1kErZwikXdQhm0zbeWnZdPvno4mj5aA1YEh
SlET7vhuVi//b1v4SXKF5MjwtnRuj0o6LZ7RssmugivjYjtNmVkm/TS/IGtyr5XU
7mX6TItDsA3RNEvPtc6e4Pgy4YaVaF4Vui4nwoffdtg2qG0DuPzOqRAlAd1qCZQA
2j4VkB2Q1sXFTNA03RTAnzfP5bwZ1kdfKSl7/lfGwtXLCfgHcgPh6r8EjwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBCJ+xLnCxsKVf2aeYt1Y1K3TQb0MB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvRUluN0V1Y0xHd3BWX1pwNWkzVmpVcmROQnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCsH7sAwQC
sH78AwQCuTlQAwQBuemUMA8EAgACMAkDBwAqAlngAAAwDQYJKoZIhvcNAQELBQAD
ggEBAAVBDdFbWwgS37aBXAd2y/rw21hd9Th1miyMSBdNhiCYWlB/Iaw8ajHbCudy
2QdkH53B9IjFpTkq1p69bgkABEney6RxxhIZM3Rq5sVfrgMBNHSUyrFRPNyfMJce
KcQ0TqEeXvlHQ/zH+OnnWY/0YGJKKtHM7CUalWn/aXb1ninKl8H/QGXD0TNZxybW
CdwrMu3I9euB6ZlmBw+0fKSq4cR6svV7MdpqCMQiFqfw6Wxz4FbjXc+HoT1NpNG0
Z1lTCdUDTObzG4p4+kgDxivf7zFmvkYx2EXrAjialmLatiwm9FgrAtzNs6CMnKSM
i72dLnJMvWwcSvoSkUO7grdmmeY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:53 2025 by rpki-client