Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/bfbe5f-97c8-4347-8a8c-e01bb48863a9/1/1q4LCLkaSSYGrRtktX7eW-QeilM.roa
File: 1q4LCLkaSSYGrRtktX7eW-QeilM.roa (raw, json)
Hash identifier: UUGTWUmG7aNsP7QamPbKA5pGEEC3zLn4G1Hp5S7qmFg=
Subject key identifier: D6:AE:0B:08:B9:1A:49:26:06:AD:1B:64:B5:7E:DE:5B:E4:1E:8A:53
Certificate issuer: /CN=ef8c33a8a6201d40a60220bd639b5d352212673e
Certificate serial: 01856F8B6E4564EA233A4CB4D05AF65DD557
Authority key identifier: EF:8C:33:A8:A6:20:1D:40:A6:02:20:BD:63:9B:5D:35:22:12:67:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/74wzqKYgHUCmAiC9Y5tdNSISZz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/bfbe5f-97c8-4347-8a8c-e01bb48863a9/1/1q4LCLkaSSYGrRtktX7eW-QeilM.roa
Signing time: Sun 01 Jan 2023 22:54:46 +0000
ROA not before: Sun 01 Jan 2023 22:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21040
IP address blocks: 185.71.112.0/22 maxlen: 22
213.196.128.0/18 maxlen: 18
109.205.200.0/21 maxlen: 21
185.71.16.0/22 maxlen: 22
185.178.120.0/22 maxlen: 22
84.20.56.0/21 maxlen: 21
185.19.120.0/22 maxlen: 22
37.203.248.0/21 maxlen: 21
2a02:24e8::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:6e:45:64:ea:23:3a:4c:b4:d0:5a:f6:5d:d5:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef8c33a8a6201d40a60220bd639b5d352212673e
Validity
Not Before: Jan 1 22:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6ae0b08b91a492606ad1b64b57ede5be41e8a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cf:29:f8:10:ef:35:c4:9a:b6:6c:1e:dd:f6:
bd:c0:35:25:ab:6e:d5:f1:e8:c4:a0:eb:48:73:e8:
79:d4:d0:09:48:a8:3d:ef:b5:cb:76:81:06:0e:a4:
2f:fa:70:79:2a:cf:7b:ce:43:b2:1e:fc:8e:74:fa:
9c:1f:44:7c:09:98:17:00:78:0d:ef:8b:eb:48:2a:
7d:b7:f1:e0:cc:fa:64:55:56:ed:f9:59:c7:09:2f:
e9:62:27:21:8a:d9:8f:05:c0:a6:39:1c:49:6e:98:
80:aa:0b:11:22:c6:c9:42:83:e1:e8:43:b2:95:e4:
b7:83:6c:dc:c8:4c:fe:29:e8:4c:11:58:3f:2c:2c:
b0:6a:5f:e7:a6:6e:01:0a:2a:54:4d:89:43:e9:9e:
8f:76:25:e5:cd:d3:b7:4a:c6:53:01:9c:d8:3c:20:
c7:34:a5:e9:c0:4f:f9:ba:45:14:21:6c:eb:73:d6:
ba:a3:9c:de:f2:7b:4f:30:97:ba:8f:89:f4:04:eb:
75:c1:37:41:1a:fc:f3:10:19:4e:32:81:26:ef:e5:
bd:55:19:0a:82:03:f0:0a:56:26:33:2d:80:52:cf:
76:9e:f3:fd:1d:eb:10:c6:39:3b:e6:87:81:bb:9e:
4f:eb:2f:ca:fb:b1:eb:c4:3b:50:b1:41:9e:e4:58:
7b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:AE:0B:08:B9:1A:49:26:06:AD:1B:64:B5:7E:DE:5B:E4:1E:8A:53
X509v3 Authority Key Identifier:
keyid:EF:8C:33:A8:A6:20:1D:40:A6:02:20:BD:63:9B:5D:35:22:12:67:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/74wzqKYgHUCmAiC9Y5tdNSISZz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/bfbe5f-97c8-4347-8a8c-e01bb48863a9/1/1q4LCLkaSSYGrRtktX7eW-QeilM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/bfbe5f-97c8-4347-8a8c-e01bb48863a9/1/74wzqKYgHUCmAiC9Y5tdNSISZz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.248.0/21
84.20.56.0/21
109.205.200.0/21
185.19.120.0/22
185.71.16.0/22
185.71.112.0/22
185.178.120.0/22
213.196.128.0/18
IPv6:
2a02:24e8::/29
Signature Algorithm: sha256WithRSAEncryption
58:63:f4:30:2c:78:71:dc:3b:df:31:16:e5:29:1f:14:39:56:
7c:1b:79:dc:c7:dc:4d:e0:6b:91:aa:05:e5:5d:76:36:4e:99:
29:64:a3:bb:ee:29:e5:7b:f2:83:8e:a4:2f:07:ca:cc:98:a6:
3a:d8:b2:a3:79:ae:4d:2f:26:40:54:ab:d7:6d:9e:81:6e:e9:
db:06:1b:42:dc:d7:c3:79:10:c9:0b:86:a3:83:c7:5f:3c:82:
03:b3:66:d6:91:9e:d4:e9:c1:d4:24:76:be:32:29:ff:24:ad:
8a:4a:4b:3e:cf:92:44:a9:80:ce:0d:fe:10:22:10:bd:5b:de:
1b:3c:3b:80:b3:65:e9:35:75:a5:39:b7:d7:da:0e:af:71:35:
d3:8c:24:64:5e:47:43:3f:e1:6b:a1:96:7f:1d:e9:ed:38:9c:
c4:ad:6f:f0:0c:f5:f6:60:b0:a9:05:85:85:27:b7:b6:5f:91:
44:60:13:f9:f8:9e:77:34:de:8b:e2:ef:e4:55:89:75:00:cb:
77:93:a6:b7:ee:dd:c6:b0:b2:8c:1b:32:86:b0:b7:a9:9f:a8:
92:13:b5:6b:1a:61:c3:ff:4f:d7:5e:d4:88:70:d2:ca:8d:e0:
8a:ad:98:b5:a3:8e:b2:c2:0f:39:0f:0a:56:48:5b:ee:b4:8e:
84:03:d7:ba
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVvi25FZOojOky00Fr2XdVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmOGMzM2E4YTYyMDFkNDBhNjAyMjBiZDYzOWI1ZDM1MjIx
MjY3M2UwHhcNMjMwMTAxMjI1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmFlMGIwOGI5MWE0OTI2MDZhZDFiNjRiNTdlZGU1YmU0MWU4YTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM8p+BDvNcSatmwe3fa9wDUlq27V
8ejEoOtIc+h51NAJSKg977XLdoEGDqQv+nB5Ks97zkOyHvyOdPqcH0R8CZgXAHgN
74vrSCp9t/HgzPpkVVbt+VnHCS/pYichitmPBcCmORxJbpiAqgsRIsbJQoPh6EOy
leS3g2zcyEz+KehMEVg/LCywal/npm4BCipUTYlD6Z6PdiXlzdO3SsZTAZzYPCDH
NKXpwE/5ukUUIWzrc9a6o5ze8ntPMJe6j4n0BOt1wTdBGvzzEBlOMoEm7+W9VRkK
ggPwClYmMy2AUs92nvP9HesQxjk75oeBu55P6y/K+7HrxDtQsUGe5Fh7eQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNauCwi5GkkmBq0bZLV+3lvkHopTMB8GA1UdIwQY
MBaAFO+MM6imIB1ApgIgvWObXTUiEmc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzR3enFLWWdIVUNtQWlDOVk1dGROU0lTWno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9iZmJlNWYtOTdjOC00MzQ3LThhOGMt
ZTAxYmI0ODg2M2E5LzEvMXE0TENMa2FTU1lHclJ0a3RYN2VXLVFlaWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9iZmJlNWYtOTdjOC00MzQ3LThhOGMtZTAxYmI0ODg2M2E5
LzEvNzR3enFLWWdIVUNtQWlDOVk1dGROU0lTWno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJcv4AwQD
VBQ4AwQDbc3IAwQCuRN4AwQCuUcQAwQCuUdwAwQCubJ4AwQG1cSAMA0EAgACMAcD
BQMqAiToMA0GCSqGSIb3DQEBCwUAA4IBAQBYY/QwLHhx3DvfMRblKR8UOVZ8G3nc
x9xN4GuRqgXlXXY2TpkpZKO77inle/KDjqQvB8rMmKY62LKjea5NLyZAVKvXbZ6B
bunbBhtC3NfDeRDJC4ajg8dfPIIDs2bWkZ7U6cHUJHa+Min/JK2KSks+z5JEqYDO
Df4QIhC9W94bPDuAs2XpNXWlObfX2g6vcTXTjCRkXkdDP+FroZZ/HentOJzErW/w
DPX2YLCpBYWFJ7e2X5FEYBP5+J53NN6L4u/kVYl1AMt3k6a37t3GsLKMGzKGsLep
n6iSE7VrGmHD/0/XXtSIcNLKjeCKrZi1o46ywg85DwpWSFvutI6EA9e6
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:56 2025 by rpki-client