Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/R9zcBJOX4I8NdmFP7bb9uWUOjqI.roa
File: R9zcBJOX4I8NdmFP7bb9uWUOjqI.roa (raw, json)
Hash identifier: hSJGTBzubAfk3/KG3OTaNNgrcLENJa672uUwvJ4IpWc=
Subject key identifier: 47:DC:DC:04:93:97:E0:8F:0D:76:61:4F:ED:B6:FD:B9:65:0E:8E:A2
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CD68350971F2B369863E69A97EE18F8B7
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/R9zcBJOX4I8NdmFP7bb9uWUOjqI.roa
Signing time: Thu 04 Jan 2024 22:06:19 +0000
ROA not before: Thu 04 Jan 2024 22:06:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 193.124.20.0/23 maxlen: 24
5.35.192.0/21 maxlen: 24
84.234.16.0/20 maxlen: 24
194.88.96.0/21 maxlen: 24
89.34.124.0/23 maxlen: 24
194.135.26.0/23 maxlen: 24
85.204.160.0/22 maxlen: 24
194.88.112.0/20 maxlen: 24
86.107.108.0/23 maxlen: 24
89.39.172.0/23 maxlen: 24
188.211.250.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d6:83:50:97:1f:2b:36:98:63:e6:9a:97:ee:18:f8:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 4 22:06:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47dcdc049397e08f0d76614fedb6fdb9650e8ea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e9:22:9a:8c:7d:6e:8f:ff:57:a2:48:9c:65:
68:9c:74:65:9d:1a:a4:12:5b:05:97:4e:1c:82:40:
62:de:fc:a9:2c:4f:2b:07:8d:4e:e4:e8:4b:5e:b4:
d0:e8:54:66:ab:0a:42:b8:23:51:63:ae:b3:4c:e2:
2a:f2:20:8c:aa:3f:88:ca:d8:b9:b3:47:c0:bc:1e:
67:35:b4:f5:42:2d:44:22:8a:5d:90:d3:a3:40:fd:
15:ac:e1:2a:fc:9c:37:44:a2:a8:fb:83:e2:66:08:
c4:03:82:78:5c:77:0f:2f:20:5f:ae:50:b8:d9:94:
40:38:e4:2b:64:41:cd:cf:8f:fb:02:a3:35:a0:ab:
28:b1:76:b2:87:54:5b:a0:aa:71:d3:0f:1d:49:71:
d8:1d:fa:26:5e:ff:4f:91:69:31:27:ab:89:99:37:
85:19:8d:37:da:a5:46:ca:98:13:f0:57:c2:fa:4a:
ea:74:7e:56:48:84:cf:a5:31:11:6f:a6:bd:67:d6:
8d:ef:8d:b7:0f:05:3e:05:a5:81:2a:4d:d2:02:ce:
d9:5e:04:a7:4c:70:55:2c:60:12:85:17:f5:a6:5a:
d5:aa:7e:25:c0:35:e2:f5:9d:e6:91:28:ec:44:9e:
f9:c3:63:57:a7:bf:2e:45:5b:0d:87:e6:14:8b:77:
1d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:DC:DC:04:93:97:E0:8F:0D:76:61:4F:ED:B6:FD:B9:65:0E:8E:A2
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/R9zcBJOX4I8NdmFP7bb9uWUOjqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
84.234.16.0/20
85.204.160.0/22
86.107.108.0/23
89.34.124.0/23
89.39.172.0/23
188.211.250.0/23
193.124.20.0/23
194.88.96.0/21
194.88.112.0/20
194.135.26.0/23
Signature Algorithm: sha256WithRSAEncryption
42:5c:e4:3f:99:cb:0d:9b:13:17:9f:04:cc:84:6f:86:0b:b8:
89:d3:2d:1e:dd:9a:9d:07:17:37:f5:d3:c9:4d:6a:4e:d6:d6:
2d:57:a9:39:60:f9:79:e5:e5:64:ea:05:99:84:bb:9e:1f:27:
64:4c:7b:7d:6f:ed:2d:6f:46:9a:ca:a3:b7:30:44:c0:be:72:
41:07:c1:ab:5e:64:6f:c2:a8:c2:f7:4f:cb:99:09:77:36:30:
21:54:1b:c3:9d:9c:17:1f:e0:b2:e5:fb:f9:b9:46:88:dd:0e:
b5:99:c5:60:86:b9:74:05:35:31:94:b2:45:a6:35:46:42:f4:
83:3a:db:d6:95:06:fa:e3:81:0f:b0:ed:2f:de:e3:cc:1b:fc:
75:96:68:fe:b5:89:2f:2b:8e:0a:fd:07:da:ea:8b:df:af:db:
0c:eb:a7:4b:b0:ad:d8:53:17:84:9b:ef:f9:73:24:56:00:35:
9f:38:f9:49:8d:fc:7c:9f:d6:ce:5a:7a:46:30:cf:9c:b9:98:
2e:66:05:98:55:ae:b2:c7:ff:04:a7:67:12:09:12:ff:c6:91:
f8:19:c3:fd:2d:3c:17:cb:53:1e:f2:7f:fd:0e:61:2c:82:ab:
0d:61:0f:19:fb:d8:2c:4c:d9:16:bc:a8:cc:87:70:b4:66:1c:
59:d8:40:f5
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYzWg1CXHys2mGPmmpfuGPi3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTA0MjIwNjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2RjZGMwNDkzOTdlMDhmMGQ3NjYxNGZlZGI2ZmRiOTY1MGU4ZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsukimox9bo//V6JInGVonHRlnRqk
ElsFl04cgkBi3vypLE8rB41O5OhLXrTQ6FRmqwpCuCNRY66zTOIq8iCMqj+Iyti5
s0fAvB5nNbT1Qi1EIopdkNOjQP0VrOEq/Jw3RKKo+4PiZgjEA4J4XHcPLyBfrlC4
2ZRAOOQrZEHNz4/7AqM1oKsosXayh1RboKpx0w8dSXHYHfomXv9PkWkxJ6uJmTeF
GY032qVGypgT8FfC+krqdH5WSITPpTERb6a9Z9aN7423DwU+BaWBKk3SAs7ZXgSn
THBVLGAShRf1plrVqn4lwDXi9Z3mkSjsRJ75w2NXp78uRVsNh+YUi3cd0QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFEfc3ASTl+CPDXZhT+22/bllDo6iMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvUjl6Y0JKT1g0SThOZG1GUDdiYjl1V1VPanFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQDBSPAAwQE
VOoQAwQCVcygAwQBVmtsAwQBWSJ8AwQBWSesAwQBvNP6AwQBwXwUAwQDwlhgAwQE
wlhwAwQBwocaMA0GCSqGSIb3DQEBCwUAA4IBAQBCXOQ/mcsNmxMXnwTMhG+GC7iJ
0y0e3ZqdBxc39dPJTWpO1tYtV6k5YPl55eVk6gWZhLueHydkTHt9b+0tb0aayqO3
METAvnJBB8GrXmRvwqjC90/LmQl3NjAhVBvDnZwXH+Cy5fv5uUaI3Q61mcVghrl0
BTUxlLJFpjVGQvSDOtvWlQb644EPsO0v3uPMG/x1lmj+tYkvK44K/Qfa6ovfr9sM
66dLsK3YUxeEm+/5cyRWADWfOPlJjfx8n9bOWnpGMM+cuZguZgWYVa6yx/8Ep2cS
CRL/xpH4GcP9LTwXy1Me8n/9DmEsgqsNYQ8Z+9gsTNkWvKjMh3C0ZhxZ2ED1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:28 2025 by rpki-client