Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/cRbQbZI4caSihSJdxBwTOdI7jHI.roa
File: cRbQbZI4caSihSJdxBwTOdI7jHI.roa (raw, json)
Hash identifier: l064fVVkmmooFHUiz4jiDmBf7OxJUiTNePDan7lSIBE=
Subject key identifier: 71:16:D0:6D:92:38:71:A4:A2:85:22:5D:C4:1C:13:39:D2:3B:8C:72
Certificate issuer: /CN=61b534437503668815add93cd17d0ad3e1b1a877
Certificate serial: 0194228DEEBDB8CECBE0ECD93791F1DA2D5A
Authority key identifier: 61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/cRbQbZI4caSihSJdxBwTOdI7jHI.roa
Signing time: Wed 01 Jan 2025 15:48:34 +0000
ROA not before: Wed 01 Jan 2025 15:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31615
IP address blocks: 84.241.192.0/18 maxlen: 24
89.205.128.0/17 maxlen: 24
91.141.128.0/17 maxlen: 24
95.98.0.0/15 maxlen: 24
178.224.0.0/13 maxlen: 24
188.88.0.0/14 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ee:bd:b8:ce:cb:e0:ec:d9:37:91:f1:da:2d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b534437503668815add93cd17d0ad3e1b1a877
Validity
Not Before: Jan 1 15:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7116d06d923871a4a285225dc41c1339d23b8c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f7:d0:1b:76:a9:2f:54:07:fa:ff:98:4d:7f:
8a:5a:54:26:48:d5:4f:9a:7b:de:03:5f:b5:bd:5e:
10:7c:40:d2:40:4e:5e:6b:9f:af:8e:32:75:68:e4:
59:16:72:44:82:35:e5:e3:6a:09:fc:6b:f0:70:05:
60:13:14:da:9e:cb:f0:5c:05:5e:f1:da:fc:71:99:
ff:c6:02:8f:cd:3d:ff:a1:a9:a8:7f:3d:9b:e8:c0:
06:dd:0b:3c:c3:07:4e:7f:49:61:5b:b1:82:82:00:
16:b2:4f:d2:02:a7:90:d9:3c:08:41:80:21:a7:be:
69:e3:5b:af:2a:ab:41:19:cb:55:60:4c:cb:4b:89:
27:d6:c5:36:c0:7e:8f:d3:a6:4d:df:15:ac:f2:4f:
75:16:31:6d:7b:b2:1b:81:77:c8:8d:47:5f:f7:77:
7f:f1:5d:e0:6f:24:b5:12:7c:db:41:90:44:13:2c:
01:d6:bf:51:96:a9:a7:6c:33:d8:c3:e4:ce:b6:31:
0f:b3:89:64:48:f1:5a:f2:a0:23:f9:b6:df:79:60:
d1:e1:88:05:0b:ea:35:00:45:bb:a6:72:ee:f1:73:
c5:90:4e:14:19:97:7b:33:7d:76:60:51:57:65:f4:
7c:25:4c:a7:6b:61:a9:45:bd:d7:f0:9f:d0:0b:16:
ea:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:16:D0:6D:92:38:71:A4:A2:85:22:5D:C4:1C:13:39:D2:3B:8C:72
X509v3 Authority Key Identifier:
keyid:61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/cRbQbZI4caSihSJdxBwTOdI7jHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.241.192.0/18
89.205.128.0/17
91.141.128.0/17
95.98.0.0/15
178.224.0.0/13
188.88.0.0/14
Signature Algorithm: sha256WithRSAEncryption
44:47:33:f8:76:03:75:e7:de:63:2e:27:fa:b7:83:37:c8:31:
5e:44:31:ae:28:8d:3b:0b:1f:d6:36:68:ab:27:7b:f6:de:9c:
bd:31:6c:49:83:f0:66:b2:c8:eb:89:14:9d:b0:6c:a0:62:dc:
eb:8e:47:e2:df:79:76:27:1c:b3:ba:09:48:20:88:f0:33:9e:
05:14:24:23:7d:50:f5:d2:1a:a7:6b:3a:26:56:d0:fe:b0:9d:
8c:81:39:ae:a9:55:25:a1:fd:b9:7d:80:90:2c:8b:ff:c1:49:
16:ca:73:38:9e:52:e6:4b:c6:d4:0d:71:1e:7b:26:d6:da:f1:
d8:11:39:93:63:a5:2e:ac:12:e1:0e:7a:8e:51:a4:a3:6f:80:
43:9b:c1:51:9c:6e:90:c3:20:f3:c0:0c:62:a1:32:f7:51:04:
83:8d:66:f9:2f:ac:1c:28:f7:c5:ce:65:1a:e8:c8:32:5a:a3:
ee:95:38:42:3e:ed:16:6b:98:a0:86:3e:ef:70:1f:76:ac:6a:
50:3b:d0:ab:19:69:2f:b5:7a:21:86:63:3f:4e:72:b1:ee:b7:
38:dc:e0:c8:34:d5:16:e4:7f:2f:ce:34:a6:1a:87:73:83:6b:
1f:b5:d7:8c:81:3a:42:73:09:56:c0:32:9d:16:87:63:ae:b1:
4c:1f:dd:42
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQije69uM7L4OzZN5Hx2i1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjUzNDQzNzUwMzY2ODgxNWFkZDkzY2QxN2QwYWQzZTFi
MWE4NzcwHhcNMjUwMTAxMTU0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTE2ZDA2ZDkyMzg3MWE0YTI4NTIyNWRjNDFjMTMzOWQyM2I4YzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuffQG3apL1QH+v+YTX+KWlQmSNVP
mnveA1+1vV4QfEDSQE5ea5+vjjJ1aORZFnJEgjXl42oJ/GvwcAVgExTansvwXAVe
8dr8cZn/xgKPzT3/oamofz2b6MAG3Qs8wwdOf0lhW7GCggAWsk/SAqeQ2TwIQYAh
p75p41uvKqtBGctVYEzLS4kn1sU2wH6P06ZN3xWs8k91FjFte7IbgXfIjUdf93d/
8V3gbyS1EnzbQZBEEywB1r9RlqmnbDPYw+TOtjEPs4lkSPFa8qAj+bbfeWDR4YgF
C+o1AEW7pnLu8XPFkE4UGZd7M312YFFXZfR8JUyna2GpRb3X8J/QCxbqTQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHEW0G2SOHGkooUiXcQcEznSO4xyMB8GA1UdIwQY
MBaAFGG1NEN1A2aIFa3ZPNF9CtPhsah3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYt
ZjU1NWUyZTY4YTEwLzEvY1JiUWJaSTRjYVNpaFNKZHhCd1RPZEk3akhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYtZjU1NWUyZTY4YTEw
LzEvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhAwQGVPHAAwQH
Wc2AAwQHW42AAwMBX2IDAwOy4AMDArxYMA0GCSqGSIb3DQEBCwUAA4IBAQBERzP4
dgN1595jLif6t4M3yDFeRDGuKI07Cx/WNmirJ3v23py9MWxJg/BmssjriRSdsGyg
Ytzrjkfi33l2JxyzuglIIIjwM54FFCQjfVD10hqnazomVtD+sJ2MgTmuqVUlof25
fYCQLIv/wUkWynM4nlLmS8bUDXEeeybW2vHYETmTY6UurBLhDnqOUaSjb4BDm8FR
nG6QwyDzwAxioTL3UQSDjWb5L6wcKPfFzmUa6MgyWqPulThCPu0Wa5ighj7vcB92
rGpQO9CrGWkvtXohhmM/TnKx7rc43ODINNUW5H8vzjSmGodzg2sftdeMgTpCcwlW
wDKdFodjrrFMH91C
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:34:45 2025 by rpki-client