Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/66f07d-adca-40b0-a0a0-e761819f475e/1/hTnUv0N90doM0ZMOLyyFEOW9iK0.roa
File: hTnUv0N90doM0ZMOLyyFEOW9iK0.roa (raw, json)
Hash identifier: YJzqmH02+AW23mfkqCHZcxj82Owa829HDO8rFi0lEGA=
Subject key identifier: 85:39:D4:BF:43:7D:D1:DA:0C:D1:93:0E:2F:2C:85:10:E5:BD:88:AD
Certificate issuer: /CN=3296d853639bc0192994293ebde09805d2d622a4
Certificate serial: 019427480878DAAE4AC5A1A874C29FA30E70
Authority key identifier: 32:96:D8:53:63:9B:C0:19:29:94:29:3E:BD:E0:98:05:D2:D6:22:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MpbYU2ObwBkplCk-veCYBdLWIqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/66f07d-adca-40b0-a0a0-e761819f475e/1/hTnUv0N90doM0ZMOLyyFEOW9iK0.roa
Signing time: Thu 02 Jan 2025 13:50:19 +0000
ROA not before: Thu 02 Jan 2025 13:50:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62009
IP address blocks: 95.214.88.0/22 maxlen: 22
185.51.136.0/22 maxlen: 22
2a04:c240::/29 maxlen: 29
2a0f:8a80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:08:78:da:ae:4a:c5:a1:a8:74:c2:9f:a3:0e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3296d853639bc0192994293ebde09805d2d622a4
Validity
Not Before: Jan 2 13:50:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8539d4bf437dd1da0cd1930e2f2c8510e5bd88ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fb:db:46:24:0c:d9:b7:0a:f2:ef:91:89:6d:
81:ea:d2:2d:89:1d:e8:eb:85:d5:ea:d9:36:89:73:
d1:80:13:9a:a5:12:af:a8:c4:8a:52:96:a5:b4:74:
39:74:2e:94:44:72:d3:36:55:4d:54:b2:30:4e:79:
a3:33:6f:e4:20:fd:ab:88:0f:d3:e1:39:84:68:1b:
73:51:08:0a:22:1b:b2:77:13:81:96:9a:09:53:02:
bf:86:a9:bb:63:b7:26:1d:cd:07:df:42:9b:2e:5b:
8e:64:d0:43:98:a7:ae:34:b7:db:85:ae:34:a8:56:
59:28:49:de:d7:71:50:8a:e8:b9:4b:80:cc:50:e8:
c3:e8:d8:9e:9e:cc:d0:c9:9b:5d:e4:fe:c0:25:63:
2f:a5:bf:94:82:7a:03:25:8d:e0:ff:be:76:ec:cd:
c1:df:33:42:06:48:3b:8d:19:c8:15:e4:3b:12:73:
fc:13:32:b3:1f:31:34:01:a6:9b:c1:94:de:0b:82:
4b:da:7c:e6:d3:d2:5a:35:47:21:a4:22:65:0f:88:
ff:0b:c0:8a:12:a0:a9:7f:ba:dd:9b:a8:62:68:76:
c9:fc:2a:11:9e:10:d6:63:c0:b3:b8:d6:2f:07:86:
51:20:2d:74:5a:d0:fb:11:7d:2d:95:ef:81:d6:1a:
70:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:39:D4:BF:43:7D:D1:DA:0C:D1:93:0E:2F:2C:85:10:E5:BD:88:AD
X509v3 Authority Key Identifier:
keyid:32:96:D8:53:63:9B:C0:19:29:94:29:3E:BD:E0:98:05:D2:D6:22:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MpbYU2ObwBkplCk-veCYBdLWIqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/66f07d-adca-40b0-a0a0-e761819f475e/1/hTnUv0N90doM0ZMOLyyFEOW9iK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/66f07d-adca-40b0-a0a0-e761819f475e/1/MpbYU2ObwBkplCk-veCYBdLWIqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.88.0/22
185.51.136.0/22
IPv6:
2a04:c240::/29
2a0f:8a80::/29
Signature Algorithm: sha256WithRSAEncryption
93:42:23:2f:f9:7e:47:03:e6:33:43:47:c0:06:22:8e:a1:7d:
7a:84:e3:ec:86:0f:17:cc:fd:89:6a:05:78:8f:c8:1a:f7:90:
03:b5:1b:22:83:6d:36:dd:ef:b0:31:ba:d5:5d:6e:9f:c7:6c:
a4:a2:47:45:bc:33:4e:93:97:25:65:03:41:42:dd:17:92:60:
22:e4:38:01:81:93:cf:af:82:f1:9d:69:1d:58:76:c3:0c:9f:
29:f8:af:ae:40:7f:b8:5f:ce:13:d4:50:fd:5a:ec:52:f4:21:
76:2e:a2:60:5e:86:4f:94:a6:d6:9f:f6:59:86:c6:99:f2:43:
cb:a0:66:a8:bf:82:17:b7:29:07:72:8b:1c:18:01:e0:c1:2b:
ed:b3:98:d2:85:f5:11:ca:f9:bd:ce:50:bf:ae:31:d5:49:79:
af:59:a3:d6:28:92:c7:39:50:30:fa:89:fa:f4:06:ad:6d:87:
ed:96:18:d6:e6:48:c3:76:44:fa:c3:d6:9c:b7:cd:41:5a:d1:
5f:8f:34:91:52:92:fb:7d:f4:10:88:22:b7:e9:30:d9:ab:90:
a5:21:b6:0c:06:9a:5e:e1:78:0e:4d:c3:a3:b7:42:e3:84:9c:
fd:91:12:47:86:23:ad:62:6f:12:1c:31:bd:30:2f:eb:37:9c:
12:4b:f3:58
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQnSAh42q5KxaGodMKfow5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyOTZkODUzNjM5YmMwMTkyOTk0MjkzZWJkZTA5ODA1ZDJk
NjIyYTQwHhcNMjUwMTAyMTM1MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTM5ZDRiZjQzN2RkMWRhMGNkMTkzMGUyZjJjODUxMGU1YmQ4OGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvvbRiQM2bcK8u+RiW2B6tItiR3o
64XV6tk2iXPRgBOapRKvqMSKUpaltHQ5dC6URHLTNlVNVLIwTnmjM2/kIP2riA/T
4TmEaBtzUQgKIhuydxOBlpoJUwK/hqm7Y7cmHc0H30KbLluOZNBDmKeuNLfbha40
qFZZKEne13FQiui5S4DMUOjD6NienszQyZtd5P7AJWMvpb+UgnoDJY3g/7527M3B
3zNCBkg7jRnIFeQ7EnP8EzKzHzE0AaabwZTeC4JL2nzm09JaNUchpCJlD4j/C8CK
EqCpf7rdm6hiaHbJ/CoRnhDWY8CzuNYvB4ZRIC10WtD7EX0tle+B1hpw0wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIU51L9DfdHaDNGTDi8shRDlvYitMB8GA1UdIwQY
MBaAFDKW2FNjm8AZKZQpPr3gmAXS1iKkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXBiWVUyT2J3QmtwbENrLXZlQ1lCZExXSXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS82NmYwN2QtYWRjYS00MGIwLWEwYTAt
ZTc2MTgxOWY0NzVlLzEvaFRuVXYwTjkwZG9NMFpNT0x5eUZFT1c5aUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS82NmYwN2QtYWRjYS00MGIwLWEwYTAtZTc2MTgxOWY0NzVl
LzEvTXBiWVUyT2J3QmtwbENrLXZlQ1lCZExXSXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCX9ZYAwQC
uTOIMBQEAgACMA4DBQMqBMJAAwUDKg+KgDANBgkqhkiG9w0BAQsFAAOCAQEAk0Ij
L/l+RwPmM0NHwAYijqF9eoTj7IYPF8z9iWoFeI/IGveQA7UbIoNtNt3vsDG61V1u
n8dspKJHRbwzTpOXJWUDQULdF5JgIuQ4AYGTz6+C8Z1pHVh2wwyfKfivrkB/uF/O
E9RQ/VrsUvQhdi6iYF6GT5Sm1p/2WYbGmfJDy6BmqL+CF7cpB3KLHBgB4MEr7bOY
0oX1Ecr5vc5Qv64x1Ul5r1mj1iiSxzlQMPqJ+vQGrW2H7ZYY1uZIw3ZE+sPWnLfN
QVrRX480kVKS+330EIgit+kw2auQpSG2DAaaXuF4Dk3Do7dC44Sc/ZESR4YjrWJv
EhwxvTAv6zecEkvzWA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:24 2025 by rpki-client