Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/pfXJYYyC3LMjBSIBaQQYDerpzDI.roa
File: pfXJYYyC3LMjBSIBaQQYDerpzDI.roa (raw, json)
Hash identifier: YTe1VjvERo2xWe2UY56Mn6dhFIeRoBau9ZN03YpmacA=
Subject key identifier: A5:F5:C9:61:8C:82:DC:B3:23:05:22:01:69:04:18:0D:EA:E9:CC:32
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018B89E7905755FFD5154BC249B33F1DC34B
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/pfXJYYyC3LMjBSIBaQQYDerpzDI.roa
Signing time: Wed 01 Nov 2023 08:02:16 +0000
ROA not before: Wed 01 Nov 2023 08:02:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 195.133.202.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
89.37.216.0/23 maxlen: 24
84.234.24.0/22 maxlen: 24
62.112.12.0/23 maxlen: 24
194.58.64.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:89:e7:90:57:55:ff:d5:15:4b:c2:49:b3:3f:1d:c3:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Nov 1 08:02:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5f5c9618c82dcb3230522016904180deae9cc32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:48:ca:bd:d1:81:fa:23:e6:1e:69:40:f8:22:
c0:17:c1:6b:46:b1:8a:c1:8b:06:a5:bc:37:52:d5:
0e:78:31:cb:41:63:9e:f3:89:94:13:d1:d4:e2:c1:
54:5b:7b:3f:91:fa:c1:c6:c7:ba:c6:b7:14:eb:86:
a8:f3:08:29:34:57:ca:a4:d8:68:0e:1f:dd:47:f2:
59:99:3b:ed:63:b7:26:11:70:60:53:c3:a6:40:ea:
bb:61:d9:a9:04:a8:1a:24:3d:83:53:02:b9:8a:1f:
a0:a9:f9:bc:20:f7:ec:f2:85:b8:e9:00:98:ff:ff:
6a:91:37:9d:47:73:63:cf:52:6a:2c:6a:a6:55:d3:
bd:1c:1c:a0:a9:19:6a:c7:43:9a:a2:49:de:7f:ea:
35:d7:f6:f2:8b:b8:15:61:7c:9a:68:6a:68:14:9e:
e5:61:f4:b9:5e:1a:06:42:cd:76:57:3b:f2:18:bd:
63:6c:82:70:b1:03:2f:0a:05:35:9b:a9:5c:43:9a:
18:f9:72:fd:3a:00:ad:e1:65:f8:b2:fb:33:8b:d9:
10:e0:f7:c0:b0:3a:9f:12:2c:63:f4:fa:c7:1d:07:
fc:67:05:dc:e0:f4:f8:b6:ce:4f:1c:a8:64:45:5b:
9f:bc:a8:30:79:8e:32:f2:bc:ea:af:a6:0b:d3:69:
5a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F5:C9:61:8C:82:DC:B3:23:05:22:01:69:04:18:0D:EA:E9:CC:32
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/pfXJYYyC3LMjBSIBaQQYDerpzDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.12.0/23
84.234.24.0/22
89.37.216.0/23
194.58.64.0/23
194.88.96.0/21
195.133.202.0/23
Signature Algorithm: sha256WithRSAEncryption
63:0c:2d:bf:40:cb:47:75:a2:ee:62:17:fc:3d:74:8c:57:c3:
b1:35:be:1c:23:e5:6b:be:98:9d:5c:74:4b:c4:89:b4:41:cd:
c4:62:36:ee:29:57:5c:de:1f:a1:26:3f:15:5e:f0:f8:40:78:
5e:1b:bf:2a:18:1c:37:11:8d:1a:9c:94:58:db:f5:fc:fe:d5:
00:c4:ac:2c:e6:59:54:1c:08:57:2b:84:60:b2:73:ff:82:61:
14:71:05:0c:15:fa:d8:42:3b:4d:54:a1:ac:80:0e:2d:cf:66:
85:56:81:9b:0f:b7:bb:9d:0b:85:6e:9b:e5:df:a0:f4:d4:b2:
99:f0:64:fd:be:3b:86:03:b8:5d:3d:f9:7c:e0:da:3e:2f:79:
10:82:c9:25:57:47:e8:5b:2c:61:b8:ca:17:5f:e3:9f:f8:70:
f9:bf:83:8c:55:27:70:f9:34:b2:92:2a:b7:65:91:23:9e:53:
f5:3f:a5:f6:23:19:07:b2:53:85:dc:22:be:b3:d3:11:25:be:
05:ba:d3:35:f4:7a:e5:f9:0c:8a:fe:16:04:84:ca:35:55:da:
6c:3a:f4:52:54:06:ca:11:b2:6b:2e:ae:2b:59:a5:cc:63:96:
be:b0:c1:10:6a:4f:2c:74:30:7f:9c:bf:0b:ee:27:0b:c2:1c:
34:3c:2a:df
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYuJ55BXVf/VFUvCSbM/HcNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMTAxMDgwMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWY1Yzk2MThjODJkY2IzMjMwNTIyMDE2OTA0MTgwZGVhZTljYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkjKvdGB+iPmHmlA+CLAF8FrRrGK
wYsGpbw3UtUOeDHLQWOe84mUE9HU4sFUW3s/kfrBxse6xrcU64ao8wgpNFfKpNho
Dh/dR/JZmTvtY7cmEXBgU8OmQOq7YdmpBKgaJD2DUwK5ih+gqfm8IPfs8oW46QCY
//9qkTedR3Njz1JqLGqmVdO9HBygqRlqx0Oaoknef+o11/byi7gVYXyaaGpoFJ7l
YfS5XhoGQs12VzvyGL1jbIJwsQMvCgU1m6lcQ5oY+XL9OgCt4WX4svszi9kQ4PfA
sDqfEixj9PrHHQf8ZwXc4PT4ts5PHKhkRVufvKgweY4y8rzqr6YL02la5QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKX1yWGMgtyzIwUiAWkEGA3q6cwyMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvcGZYSllZeUMzTE1qQlNJQmFRUVlEZXJwekRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBPnAMAwQC
VOoYAwQBWSXYAwQBwjpAAwQDwlhgAwQBw4XKMA0GCSqGSIb3DQEBCwUAA4IBAQBj
DC2/QMtHdaLuYhf8PXSMV8OxNb4cI+VrvpidXHRLxIm0Qc3EYjbuKVdc3h+hJj8V
XvD4QHheG78qGBw3EY0anJRY2/X8/tUAxKws5llUHAhXK4RgsnP/gmEUcQUMFfrY
QjtNVKGsgA4tz2aFVoGbD7e7nQuFbpvl36D01LKZ8GT9vjuGA7hdPfl84No+L3kQ
gsklV0foWyxhuMoXX+Of+HD5v4OMVSdw+TSykiq3ZZEjnlP1P6X2IxkHslOF3CK+
s9MRJb4FutM19Hrl+QyK/hYEhMo1VdpsOvRSVAbKEbJrLq4rWaXMY5a+sMEQak8s
dDB/nL8L7icLwhw0PCrf
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:03 2025 by rpki-client