Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/4Z1qIWMwOAMlHFP-sDeKn3ncv68.roa
File: 4Z1qIWMwOAMlHFP-sDeKn3ncv68.roa (raw, json)
Hash identifier: Cc/ITPpY5ZCl6cqqvemf3EU8EuTldz4M89wdeUZEEs4=
Subject key identifier: E1:9D:6A:21:63:30:38:03:25:1C:53:FE:B0:37:8A:9F:79:DC:BF:AF
Certificate issuer: /CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Certificate serial: 0194228DB00C6168947BFDCC954B29A9C4C4
Authority key identifier: F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/4Z1qIWMwOAMlHFP-sDeKn3ncv68.roa
Signing time: Wed 01 Jan 2025 15:48:18 +0000
ROA not before: Wed 01 Jan 2025 15:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 85.198.36.0/24 maxlen: 24
85.198.41.0/24 maxlen: 24
85.198.46.0/24 maxlen: 24
91.123.9.0/24 maxlen: 24
190.106.176.0/24 maxlen: 24
206.195.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:b0:0c:61:68:94:7b:fd:cc:95:4b:29:a9:c4:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Validity
Not Before: Jan 1 15:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e19d6a2163303803251c53feb0378a9f79dcbfaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8d:3e:4e:f8:c8:a2:1d:c1:07:99:af:34:fc:
ea:91:d9:9d:77:02:bf:cf:0d:0f:6c:8d:69:71:18:
ff:f2:3e:e8:79:a8:9e:33:9e:76:8c:6f:09:38:87:
bd:28:ad:1b:d3:7f:bd:ac:95:34:fe:cd:19:7a:8f:
d1:89:87:78:6c:97:9f:07:3c:0a:91:a5:d5:f0:b1:
f6:77:3a:70:af:8a:85:25:6b:07:c5:dc:32:9b:35:
78:b3:4c:9d:2b:c0:c0:f8:df:e1:41:eb:c5:41:02:
9c:09:fc:c4:21:93:0d:d9:15:5f:d1:21:3d:94:0b:
8f:db:ae:a1:f7:ef:13:7d:f4:40:76:88:10:97:7d:
6f:86:33:46:4f:80:c4:87:05:9f:c3:d7:7a:fd:6c:
11:99:42:3b:91:14:18:65:91:46:97:70:fb:c1:10:
f3:14:4c:b9:71:9f:1a:7b:d9:1e:a8:86:c9:97:a8:
8d:7b:93:74:6e:d9:32:bd:49:b7:1b:aa:08:9c:d5:
81:ce:b9:91:d8:9b:45:ce:99:33:1a:3c:35:9b:ab:
e1:b0:6e:d4:81:75:3a:50:2d:e5:4a:cb:6c:4c:66:
ec:bc:40:c0:43:b4:89:d6:62:34:da:51:a1:65:1b:
08:e0:75:95:7e:9a:73:71:c7:97:cc:f6:a4:04:71:
9e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9D:6A:21:63:30:38:03:25:1C:53:FE:B0:37:8A:9F:79:DC:BF:AF
X509v3 Authority Key Identifier:
keyid:F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/4Z1qIWMwOAMlHFP-sDeKn3ncv68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.36.0/24
85.198.41.0/24
85.198.46.0/24
91.123.9.0/24
190.106.176.0/24
206.195.143.0/24
Signature Algorithm: sha256WithRSAEncryption
38:88:00:9f:9e:4b:83:70:70:da:67:2e:a1:4d:d1:8f:6e:38:
ef:68:a0:58:4b:69:f5:82:c5:e1:77:5e:af:c5:22:ae:46:8f:
c8:1e:75:42:f0:47:c2:f3:31:88:a7:16:c3:c5:3f:c8:22:44:
55:f0:19:eb:47:4d:c6:fc:e3:d9:53:4c:2e:9d:16:16:1b:c7:
84:3a:f2:9f:3b:01:55:30:ca:7a:b5:36:96:b2:ee:28:1e:fe:
56:f7:19:0a:a7:2e:77:6e:27:06:d7:ac:43:f0:8c:25:d1:56:
50:3e:73:cf:7f:65:c1:29:93:2b:78:85:4d:ca:31:13:d3:fa:
ef:66:be:c9:64:03:b2:53:7c:cf:84:ad:e4:de:df:0f:06:c6:
1f:48:22:15:df:54:4d:2a:7f:13:89:9a:73:a7:25:94:2c:fd:
7d:af:ea:30:c7:57:6d:2b:b9:9f:fb:36:d8:1c:d0:b1:c9:c9:
fd:b0:21:3d:8b:97:43:31:cf:b6:27:08:50:13:19:d8:40:75:
99:99:a7:2c:81:c8:a3:8f:86:10:42:6f:e9:31:ce:12:04:8b:
fb:82:a6:a4:17:69:81:9f:e0:09:00:2b:ee:48:16:68:56:62:
b0:1e:83:ef:54:24:b6:35:f2:83:a5:0a:27:9c:99:91:24:e7:
fa:d8:bc:c3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQijbAMYWiUe/3MlUspqcTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2M3YTQ0NzQ4MmU1N2IwNjA0YmFiYjgyYTUyNDA5Y2Rl
M2IzNmQwHhcNMjUwMTAxMTU0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTlkNmEyMTYzMzAzODAzMjUxYzUzZmViMDM3OGE5Zjc5ZGNiZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi40+TvjIoh3BB5mvNPzqkdmddwK/
zw0PbI1pcRj/8j7oeaieM552jG8JOIe9KK0b03+9rJU0/s0Zeo/RiYd4bJefBzwK
kaXV8LH2dzpwr4qFJWsHxdwymzV4s0ydK8DA+N/hQevFQQKcCfzEIZMN2RVf0SE9
lAuP266h9+8TffRAdogQl31vhjNGT4DEhwWfw9d6/WwRmUI7kRQYZZFGl3D7wRDz
FEy5cZ8ae9keqIbJl6iNe5N0btkyvUm3G6oInNWBzrmR2JtFzpkzGjw1m6vhsG7U
gXU6UC3lSstsTGbsvEDAQ7SJ1mI02lGhZRsI4HWVfppzcceXzPakBHGeyQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOGdaiFjMDgDJRxT/rA3ip953L+vMB8GA1UdIwQY
MBaAFPDMekR0guV7BgS6u4KlJAnN47NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUt
ZmEzMmQyZDUyOTY4LzEvNFoxcUlXTXdPQU1sSEZQLXNEZUtuM25jdjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUtZmEzMmQyZDUyOTY4
LzEvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVcYkAwQA
VcYpAwQAVcYuAwQAW3sJAwQAvmqwAwQAzsOPMA0GCSqGSIb3DQEBCwUAA4IBAQA4
iACfnkuDcHDaZy6hTdGPbjjvaKBYS2n1gsXhd16vxSKuRo/IHnVC8EfC8zGIpxbD
xT/IIkRV8BnrR03G/OPZU0wunRYWG8eEOvKfOwFVMMp6tTaWsu4oHv5W9xkKpy53
bicG16xD8Iwl0VZQPnPPf2XBKZMreIVNyjET0/rvZr7JZAOyU3zPhK3k3t8PBsYf
SCIV31RNKn8TiZpzpyWULP19r+owx1dtK7mf+zbYHNCxycn9sCE9i5dDMc+2JwhQ
ExnYQHWZmacsgcijj4YQQm/pMc4SBIv7gqakF2mBn+AJACvuSBZoVmKwHoPvVCS2
NfKDpQonnJmRJOf62LzD
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:58 2025 by rpki-client