Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/8klptFTAXoo0Br2h-7hPWl2P-II.roa
File: 8klptFTAXoo0Br2h-7hPWl2P-II.roa (raw, json)
Hash identifier: fUInXuFQbcrYdzWQgECUc+0Kl6eTFJM8leE2oUSrCL8=
Subject key identifier: F2:49:69:B4:54:C0:5E:8A:34:06:BD:A1:FB:B8:4F:5A:5D:8F:F8:82
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018C1EA46D646ABBC14D0241D95B4BC27E73
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/8klptFTAXoo0Br2h-7hPWl2P-II.roa
Signing time: Thu 30 Nov 2023 05:12:21 +0000
ROA not before: Thu 30 Nov 2023 05:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.247.20.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
62.112.30.0/24 maxlen: 24
89.34.171.0/24 maxlen: 24
89.36.231.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
46.102.174.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
89.40.43.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1e:a4:6d:64:6a:bb:c1:4d:02:41:d9:5b:4b:c2:7e:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Nov 30 05:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f24969b454c05e8a3406bda1fbb84f5a5d8ff882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9f:cb:8d:98:cd:2c:43:74:da:93:1f:41:cf:
59:9b:bc:72:0a:4e:ed:9e:bb:72:55:b0:de:8b:06:
11:fb:73:9b:cb:2f:80:14:d8:d0:11:5e:a8:a2:8d:
cb:8c:f8:7b:db:d8:e6:49:e6:e3:9e:d3:ef:5a:14:
f2:c7:2d:7f:57:6a:16:53:a2:f8:86:9e:a8:f5:f5:
5d:9b:da:27:e6:83:db:c5:cf:64:fd:42:0e:85:67:
52:98:1a:c5:6c:71:ed:72:5c:09:a8:25:6c:22:1e:
28:14:4a:20:2d:56:33:d5:4d:d8:56:9d:ec:73:92:
03:66:5a:90:8b:a4:b6:c7:0f:81:ce:67:0a:b8:10:
75:46:cb:fd:b1:8f:a3:67:c7:d4:b1:14:1c:cc:24:
c7:4a:8e:f0:e2:e8:88:46:5b:29:e0:da:07:0c:68:
8e:32:f8:bf:fc:90:45:43:1f:35:07:31:23:84:ec:
ae:37:9b:3b:a6:0b:b0:59:ba:a9:d5:27:48:25:69:
03:9b:3c:98:40:cc:9b:fb:4e:9f:e2:f2:ea:99:49:
c8:2d:fa:67:e4:00:04:2b:d1:6a:d5:44:44:1a:4d:
fc:46:06:22:b2:a2:18:d9:b9:b2:b4:f9:f2:2c:30:
a1:8c:15:cd:6e:ea:3b:43:1d:75:b4:b1:c3:b3:a4:
4d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:49:69:B4:54:C0:5E:8A:34:06:BD:A1:FB:B8:4F:5A:5D:8F:F8:82
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/8klptFTAXoo0Br2h-7hPWl2P-II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.174.0/24
62.112.30.0/24
84.247.20.0/24
89.34.171.0/24
89.36.231.0/24
89.37.106.0/24
89.40.43.0/24
89.42.40.0/24
89.42.213.0/24
93.114.69.0/24
94.177.113.0/24
94.177.118.0/24
188.211.249.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:3d:cf:ae:29:ce:83:93:ee:02:e2:32:d2:9e:44:71:07:38:
b9:f8:00:1b:bc:36:a0:05:1d:4f:98:9f:2a:19:38:05:f2:64:
2c:6d:ce:8d:a9:47:f4:f6:b5:06:65:b7:07:aa:5f:6d:a9:88:
9f:35:58:c0:97:6d:51:6e:b5:77:98:07:07:17:c3:40:cb:03:
d5:6c:f4:ac:ac:9b:d4:e8:92:22:15:88:05:02:64:10:04:a2:
ce:ea:c4:c2:13:87:79:2f:b0:a3:53:a4:a1:83:6d:d7:1f:e5:
0a:c6:74:2b:f0:56:03:05:df:cd:10:eb:09:ed:4e:8b:ba:a4:
1f:a4:ba:03:8d:ca:27:2f:30:81:22:2f:0d:83:70:bd:c8:3e:
22:2a:f5:ee:a3:4e:9f:18:80:72:df:08:ed:3b:05:cb:93:f4:
ac:1d:51:39:a5:f9:09:cc:1b:52:a5:4e:55:be:3a:6a:a2:31:
f3:af:29:db:91:17:e6:71:30:c6:a7:ba:17:63:d8:04:fe:56:
a5:35:3f:93:c3:5f:be:6a:da:c4:39:3c:18:b7:ca:7a:c9:74:
65:d4:94:4a:5f:26:b3:10:03:0b:0a:cf:9f:98:86:67:c1:57:
a5:b4:7b:80:03:c6:a8:77:a4:9d:ea:f9:18:ed:63:be:f1:43:
84:62:0d:c5
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYwepG1karvBTQJB2VtLwn5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMTMwMDUxMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjQ5NjliNDU0YzA1ZThhMzQwNmJkYTFmYmI4NGY1YTVkOGZmODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZ/LjZjNLEN02pMfQc9Zm7xyCk7t
nrtyVbDeiwYR+3Obyy+AFNjQEV6ooo3LjPh729jmSebjntPvWhTyxy1/V2oWU6L4
hp6o9fVdm9on5oPbxc9k/UIOhWdSmBrFbHHtclwJqCVsIh4oFEogLVYz1U3YVp3s
c5IDZlqQi6S2xw+BzmcKuBB1Rsv9sY+jZ8fUsRQczCTHSo7w4uiIRlsp4NoHDGiO
Mvi//JBFQx81BzEjhOyuN5s7pguwWbqp1SdIJWkDmzyYQMyb+06f4vLqmUnILfpn
5AAEK9Fq1UREGk38RgYisqIY2bmytPnyLDChjBXNbuo7Qx11tLHDs6RN1QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFPJJabRUwF6KNAa9ofu4T1pdj/iCMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvOGtscHRGVEFYb28wQnIyaC03aFBXbDJQLUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALmauAwQA
PnAeAwQAVPcUAwQAWSKrAwQAWSTnAwQAWSVqAwQAWSgrAwQAWSooAwQAWSrVAwQA
XXJFAwQAXrFxAwQAXrF2AwQAvNP5MA0GCSqGSIb3DQEBCwUAA4IBAQB/Pc+uKc6D
k+4C4jLSnkRxBzi5+AAbvDagBR1PmJ8qGTgF8mQsbc6NqUf09rUGZbcHql9tqYif
NVjAl21RbrV3mAcHF8NAywPVbPSsrJvU6JIiFYgFAmQQBKLO6sTCE4d5L7CjU6Sh
g23XH+UKxnQr8FYDBd/NEOsJ7U6LuqQfpLoDjconLzCBIi8Ng3C9yD4iKvXuo06f
GIBy3wjtOwXLk/SsHVE5pfkJzBtSpU5VvjpqojHzrynbkRfmcTDGp7oXY9gE/lal
NT+Tw1++atrEOTwYt8p6yXRl1JRKXyazEAMLCs+fmIZnwVeltHuAA8aod6Sd6vkY
7WO+8UOEYg3F
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:30 2025 by rpki-client