Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/I8snnHVknYJRBzewd72cz_AQ3SA.roa
File: I8snnHVknYJRBzewd72cz_AQ3SA.roa (raw, json)
Hash identifier: Ue3kiXbHbB+lm3OZl8V7nZb77QPpD5nZUE4f581WhzA=
Subject key identifier: 23:CB:27:9C:75:64:9D:82:51:07:37:B0:77:BD:9C:CF:F0:10:DD:20
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01889DACDDEA368BBB40C4A211822B2DA07C
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/I8snnHVknYJRBzewd72cz_AQ3SA.roa
Signing time: Fri 09 Jun 2023 01:02:11 +0000
ROA not before: Fri 09 Jun 2023 01:02:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.240.83.0/24 maxlen: 24
89.37.128.0/24 maxlen: 24
62.112.30.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
89.40.43.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9d:ac:dd:ea:36:8b:bb:40:c4:a2:11:82:2b:2d:a0:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jun 9 01:02:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23cb279c75649d82510737b077bd9ccff010dd20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fa:d7:31:d5:87:05:f0:f9:6c:1f:e9:3a:ef:
49:5f:1e:81:76:f0:f7:17:e0:06:85:cb:f0:1a:d8:
52:6a:db:c7:8c:cc:cd:06:99:a3:f3:e8:55:28:d1:
41:2a:e6:fc:d4:5b:08:f9:b0:3d:cd:49:79:35:a0:
5d:2f:e6:aa:6d:48:41:28:9a:fb:28:2f:a4:6f:68:
24:b2:cb:30:36:83:74:00:f4:37:1d:57:5d:39:aa:
94:d6:70:b4:36:90:9d:89:01:14:7a:aa:f8:82:f7:
a2:67:d4:92:b4:01:da:0c:9b:26:ac:76:bb:7f:90:
89:1d:b0:21:7b:3d:3c:97:58:e1:06:e9:48:c2:96:
87:43:29:26:e1:82:b4:2f:c5:32:6f:48:af:9d:1c:
b6:7a:c3:a4:1e:79:6e:fe:e8:a1:a3:ed:f1:43:fa:
d4:ac:01:4e:e5:dd:de:b3:8f:ea:d1:64:a0:3e:76:
38:cb:b6:da:16:45:b5:b9:f5:7c:a3:05:bd:27:9c:
19:bf:ae:d5:04:a3:b2:08:c7:97:99:80:e8:aa:dc:
43:72:6d:8e:c2:0a:be:34:e0:3d:6f:d8:c2:8b:be:
35:dc:99:5c:f6:bd:cc:c5:20:43:04:b2:39:f4:3b:
dc:88:d2:d2:43:ef:c8:f0:c2:f9:33:af:f8:d1:a2:
f7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:CB:27:9C:75:64:9D:82:51:07:37:B0:77:BD:9C:CF:F0:10:DD:20
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/I8snnHVknYJRBzewd72cz_AQ3SA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.30.0/24
89.37.128.0/24
89.40.43.0/24
93.114.69.0/24
94.177.113.0/24
94.177.118.0/24
188.211.249.0/24
188.240.83.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:e2:63:bc:68:47:f6:46:b8:95:24:d3:24:3f:d1:90:5c:47:
5f:23:44:36:33:41:36:f7:67:81:b3:82:e3:be:9c:ef:e2:aa:
42:a8:57:2b:a0:09:11:57:e8:25:f8:a6:0f:17:d0:34:fc:d6:
b5:6f:da:7d:fd:21:3d:5a:49:bb:8a:1a:6f:64:62:8f:5b:5c:
86:f1:e4:f9:f1:45:3d:74:39:6a:6f:ba:b6:79:c9:25:6a:77:
c8:b1:45:9d:91:31:07:e4:37:d2:17:2f:9f:a0:ba:78:0b:6c:
53:0e:32:f6:d5:38:95:d5:20:90:4f:90:1d:ee:e5:9b:03:b0:
80:dc:58:75:c7:20:2d:5e:8b:4e:ec:03:b8:b6:a6:79:f1:6e:
4d:ed:f4:50:8c:c2:ac:16:1e:b3:eb:8f:93:a1:89:6a:d9:dd:
dd:6b:31:bc:38:92:6b:18:b9:16:30:62:a3:c9:0f:35:4d:53:
77:5a:3c:19:4b:65:5c:4b:56:6d:b5:2e:5f:d9:8a:04:6d:6d:
25:c0:9c:dd:7b:1d:5c:d1:93:89:c9:d6:cb:38:8f:78:1a:54:
a1:4f:a9:fa:6f:61:29:54:31:98:f9:22:d4:3d:4f:85:ad:62:
1b:28:cd:15:6a:84:6f:65:6c:05:e8:c4:85:43:81:a3:b9:2d:
37:2f:c5:31
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYidrN3qNou7QMSiEYIrLaB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNjA5MDEwMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2NiMjc5Yzc1NjQ5ZDgyNTEwNzM3YjA3N2JkOWNjZmYwMTBkZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivrXMdWHBfD5bB/pOu9JXx6BdvD3
F+AGhcvwGthSatvHjMzNBpmj8+hVKNFBKub81FsI+bA9zUl5NaBdL+aqbUhBKJr7
KC+kb2gkssswNoN0APQ3HVddOaqU1nC0NpCdiQEUeqr4gveiZ9SStAHaDJsmrHa7
f5CJHbAhez08l1jhBulIwpaHQykm4YK0L8Uyb0ivnRy2esOkHnlu/uiho+3xQ/rU
rAFO5d3es4/q0WSgPnY4y7baFkW1ufV8owW9J5wZv67VBKOyCMeXmYDoqtxDcm2O
wgq+NOA9b9jCi7413Jlc9r3MxSBDBLI59DvciNLSQ+/I8ML5M6/40aL3tQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCPLJ5x1ZJ2CUQc3sHe9nM/wEN0gMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvSThzbm5IVmtuWUpSQnpld2Q3MmN6X0FRM1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAPnAeAwQA
WSWAAwQAWSgrAwQAXXJFAwQAXrFxAwQAXrF2AwQAvNP5AwQAvPBTMA0GCSqGSIb3
DQEBCwUAA4IBAQAP4mO8aEf2RriVJNMkP9GQXEdfI0Q2M0E292eBs4Ljvpzv4qpC
qFcroAkRV+gl+KYPF9A0/Na1b9p9/SE9Wkm7ihpvZGKPW1yG8eT58UU9dDlqb7q2
ecklanfIsUWdkTEH5DfSFy+foLp4C2xTDjL21TiV1SCQT5Ad7uWbA7CA3Fh1xyAt
XotO7AO4tqZ58W5N7fRQjMKsFh6z64+ToYlq2d3dazG8OJJrGLkWMGKjyQ81TVN3
WjwZS2VcS1ZttS5f2YoEbW0lwJzdex1c0ZOJydbLOI94GlShT6n6b2EpVDGY+SLU
PU+FrWIbKM0VaoRvZWwF6MSFQ4GjuS03L8Ux
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:05 2025 by rpki-client