Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/GYRwcjqTETegF41hura7BaNj5vc.roa
File: GYRwcjqTETegF41hura7BaNj5vc.roa (raw, json)
Hash identifier: VlPwakLeb4k/IBFqzMbY3q2f436gqKOiwAEMEKeTAGk=
Subject key identifier: 19:84:70:72:3A:93:11:37:A0:17:8D:61:BA:B6:BB:05:A3:63:E6:F7
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 01856D2F382E25CAAC39550AD5743DF0CE3B
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/GYRwcjqTETegF41hura7BaNj5vc.roa
Signing time: Sun 01 Jan 2023 11:54:49 +0000
ROA not before: Sun 01 Jan 2023 11:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21294
IP address blocks: 84.239.53.0/24 maxlen: 24
84.239.16.0/23 maxlen: 23
84.239.24.0/24 maxlen: 24
84.239.23.0/24 maxlen: 24
84.239.22.0/24 maxlen: 24
84.239.20.0/24 maxlen: 24
84.239.19.0/24 maxlen: 24
84.239.31.0/24 maxlen: 24
84.239.30.0/24 maxlen: 24
84.239.29.0/24 maxlen: 24
84.239.28.0/24 maxlen: 24
84.239.26.0/24 maxlen: 24
84.239.25.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:38:2e:25:ca:ac:39:55:0a:d5:74:3d:f0:ce:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jan 1 11:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=198470723a931137a0178d61bab6bb05a363e6f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:43:8f:6e:00:e2:db:8a:b4:71:6f:30:48:cf:
28:84:6e:3a:e3:b9:96:20:57:6c:30:10:9c:06:f9:
aa:29:6f:04:85:66:d1:b3:79:f6:e1:ec:33:22:10:
fe:a0:f8:05:3e:1c:9e:c9:ac:c6:da:b7:5e:6e:f6:
76:5f:52:21:78:50:c2:d4:30:02:d7:2a:69:be:11:
fc:4e:e8:fe:8e:04:ab:23:4b:63:c6:d1:a8:fb:41:
9e:a3:6b:54:3b:d0:80:a9:42:9c:a8:9c:7f:ba:7a:
06:b5:90:05:04:09:19:de:06:54:b9:d2:a2:2c:00:
14:40:6f:10:29:29:fc:9d:93:36:ac:17:a9:69:a7:
0f:d9:cd:b9:24:67:5c:a9:49:ee:dd:00:83:03:45:
9c:2f:5c:43:33:1f:09:85:e7:cb:8f:01:41:56:03:
66:e4:96:d6:61:58:a3:84:ce:aa:3d:2e:4e:17:d6:
8b:3c:be:df:2c:76:44:c7:6d:47:0e:56:5a:9b:da:
3c:30:83:16:99:29:1a:ad:d9:99:12:b9:0f:1b:dd:
70:cf:8a:c3:41:5c:24:ab:84:60:d2:44:c5:16:ac:
a9:13:3f:9d:60:d7:4d:e4:94:9e:85:c1:e0:16:d3:
27:5b:cc:cd:3f:41:e5:c2:46:40:67:ce:a6:47:be:
3c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:84:70:72:3A:93:11:37:A0:17:8D:61:BA:B6:BB:05:A3:63:E6:F7
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/GYRwcjqTETegF41hura7BaNj5vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.16.0/23
84.239.19.0-84.239.20.255
84.239.22.0-84.239.26.255
84.239.28.0/22
84.239.53.0/24
Signature Algorithm: sha256WithRSAEncryption
20:85:b7:c6:7d:fe:61:47:ee:4d:15:35:b8:79:3f:61:58:a6:
7e:70:03:3c:e9:fa:b7:e5:c1:4f:74:ee:26:c2:ba:22:fe:7a:
9d:ec:b4:4f:a1:8e:7c:bb:64:a7:57:77:a8:13:25:b7:7c:9f:
0b:7e:7a:9c:eb:7c:9e:c4:77:b1:ce:45:b8:d8:45:b4:5b:c9:
31:69:fe:08:00:b4:ea:b4:80:cf:58:6b:79:e2:52:b2:42:a2:
5f:6f:85:78:ff:6f:81:95:8f:fe:2c:9f:04:01:2e:35:82:db:
2e:35:e1:26:aa:5d:cb:52:e9:26:bc:17:be:da:b9:53:59:86:
78:87:da:57:ad:47:a2:73:52:27:26:5a:5a:56:c7:de:20:99:
9a:e4:dd:05:28:7f:ad:75:d4:bd:75:2c:0f:d4:8d:d8:3a:7f:
7f:c9:4a:38:b2:ac:f1:13:ce:98:70:1b:74:7a:9d:5d:09:a5:
fa:e3:4c:05:cb:19:95:1c:7f:d3:ab:ed:e9:48:03:91:ea:8c:
43:04:ea:9b:3a:9a:e1:43:e8:47:30:26:04:99:d9:b3:14:45:
64:34:e6:72:ab:4e:0c:bf:2e:46:a8:80:09:3b:c7:6e:6e:b4:
2d:3f:ac:af:22:a0:26:dc:5b:b8:9d:8e:00:b1:f6:6e:d5:34:
18:75:1a:6e
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVtLzguJcqsOVUK1XQ98M47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjMwMTAxMTE1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTg0NzA3MjNhOTMxMTM3YTAxNzhkNjFiYWI2YmIwNWEzNjNlNmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUOPbgDi24q0cW8wSM8ohG4647mW
IFdsMBCcBvmqKW8EhWbRs3n24ewzIhD+oPgFPhyeyazG2rdebvZ2X1IheFDC1DAC
1yppvhH8Tuj+jgSrI0tjxtGo+0Geo2tUO9CAqUKcqJx/unoGtZAFBAkZ3gZUudKi
LAAUQG8QKSn8nZM2rBepaacP2c25JGdcqUnu3QCDA0WcL1xDMx8JhefLjwFBVgNm
5JbWYVijhM6qPS5OF9aLPL7fLHZEx21HDlZam9o8MIMWmSkardmZErkPG91wz4rD
QVwkq4Rg0kTFFqypEz+dYNdN5JSehcHgFtMnW8zNP0HlwkZAZ86mR748hQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBmEcHI6kxE3oBeNYbq2uwWjY+b3MB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvR1lSd2NqcVRFVGVnRjQxaHVyYTdCYU5qNXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBVO8QMAwD
BABU7xMDBABU7xQwDAMEAVTvFgMEAFTvGgMEAlTvHAMEAFTvNTANBgkqhkiG9w0B
AQsFAAOCAQEAIIW3xn3+YUfuTRU1uHk/YVimfnADPOn6t+XBT3TuJsK6Iv56ney0
T6GOfLtkp1d3qBMlt3yfC356nOt8nsR3sc5FuNhFtFvJMWn+CAC06rSAz1hreeJS
skKiX2+FeP9vgZWP/iyfBAEuNYLbLjXhJqpdy1LpJrwXvtq5U1mGeIfaV61HonNS
JyZaWlbH3iCZmuTdBSh/rXXUvXUsD9SN2Dp/f8lKOLKs8RPOmHAbdHqdXQml+uNM
BcsZlRx/06vt6UgDkeqMQwTqmzqa4UPoRzAmBJnZsxRFZDTmcqtODL8uRqiACTvH
bm60LT+sryKgJtxbuJ2OALH2btU0GHUabg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:23 2025 by rpki-client