Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/ApyGylUq9XnJnWFVsfj0zntPv2A.roa
File: ApyGylUq9XnJnWFVsfj0zntPv2A.roa (raw, json)
Hash identifier: J/AU6L4U60tQsws5n8ktoibPaB7afggy7L2/aS0YmuI=
Subject key identifier: 02:9C:86:CA:55:2A:F5:79:C9:9D:61:55:B1:F8:F4:CE:7B:4F:BF:60
Certificate issuer: /CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Certificate serial: 01942369BEA41626D0627EFF30CF52E37E7C
Authority key identifier: 30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/ApyGylUq9XnJnWFVsfj0zntPv2A.roa
Signing time: Wed 01 Jan 2025 19:48:40 +0000
ROA not before: Wed 01 Jan 2025 19:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8916
IP address blocks: 185.56.44.0/22 maxlen: 22
185.87.56.0/22 maxlen: 22
188.246.192.0/19 maxlen: 19
193.108.199.0/24 maxlen: 24
213.5.88.0/21 maxlen: 21
2001:67c:1b8::/48 maxlen: 48
2a03:9800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:be:a4:16:26:d0:62:7e:ff:30:cf:52:e3:7e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Validity
Not Before: Jan 1 19:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=029c86ca552af579c99d6155b1f8f4ce7b4fbf60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4f:2e:00:33:c7:03:3e:e2:9b:be:22:51:11:
fd:66:da:fb:a9:18:50:f3:df:9a:37:4f:19:f8:92:
18:ba:a7:9c:bf:1d:96:aa:99:28:00:6a:f9:62:a1:
eb:ce:f1:3d:9c:71:57:03:4e:94:82:e5:5c:de:ec:
a1:d4:c8:57:f2:37:cb:4e:98:6b:2a:48:64:a1:5b:
ba:37:82:ad:84:fa:68:dc:bc:0f:1e:b1:0b:b0:43:
ad:b8:1f:29:b1:cd:be:a4:32:72:b3:4a:d7:fe:ce:
7b:c1:52:4e:6c:48:46:3e:e7:33:c2:97:c1:cd:94:
82:90:f9:e8:64:3a:b9:7d:1b:ba:76:69:68:37:ec:
d9:fc:35:88:e9:6f:c9:bd:9f:f2:76:51:76:26:13:
8f:da:b3:78:a3:78:41:3a:db:f2:3a:09:cf:ee:00:
04:d8:fe:de:a5:f1:5a:15:79:ca:18:8a:a1:8f:c4:
ea:ab:09:24:b2:39:d6:67:e2:51:b5:16:d6:3b:a6:
a8:17:bc:85:52:a9:64:b2:cc:57:e8:9e:df:a0:1a:
50:5a:29:21:b5:ad:bc:3f:3a:a8:bc:f9:10:b0:e1:
52:ce:28:27:bb:68:84:40:48:42:b6:a7:a4:ba:c2:
4e:62:8b:da:c0:05:b5:17:87:2f:91:3c:11:7f:b9:
f8:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:9C:86:CA:55:2A:F5:79:C9:9D:61:55:B1:F8:F4:CE:7B:4F:BF:60
X509v3 Authority Key Identifier:
keyid:30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/ApyGylUq9XnJnWFVsfj0zntPv2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.44.0/22
185.87.56.0/22
188.246.192.0/19
193.108.199.0/24
213.5.88.0/21
IPv6:
2001:67c:1b8::/48
2a03:9800::/29
Signature Algorithm: sha256WithRSAEncryption
22:ef:75:ca:c5:6c:79:73:a3:cc:5e:22:73:a5:16:8b:a2:b9:
a3:e2:03:dd:8c:1d:99:69:33:7a:f3:b3:2e:5a:9e:12:d6:02:
59:13:1b:21:64:79:30:c9:9b:91:f7:27:d4:be:79:e5:9e:d9:
f7:8d:33:e9:65:9b:00:72:d0:cb:d8:09:62:88:aa:f2:cd:25:
f1:af:63:24:9b:35:d3:c0:22:61:fc:c0:3d:8f:c5:af:c6:0b:
aa:b5:2c:7a:31:47:03:f2:e6:f0:d5:de:c2:e4:62:d4:1e:14:
ba:16:f2:e0:3d:60:e7:09:34:57:65:d5:68:13:9e:c7:db:91:
a1:c0:3e:e3:89:42:c3:ad:aa:54:fa:4d:76:10:28:1b:ca:97:
7a:d6:98:57:9e:47:5a:06:a4:53:ac:d5:39:ea:61:32:7e:b6:
53:00:db:21:ef:89:ad:d5:1d:9f:fd:2e:26:e5:e7:1a:58:62:
62:9b:ad:c1:4b:b3:fe:f1:84:a0:3f:27:68:29:72:25:13:72:
2b:07:5e:ed:da:82:00:ce:d4:20:43:26:dc:c1:26:9a:ba:64:
45:b3:00:f3:ef:2e:f3:fb:b8:ed:ca:4d:88:b4:8b:22:cf:77:
45:65:ce:a5:55:04:25:58:a3:28:14:a7:4d:7a:76:15:eb:2e:
53:ed:33:0e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQjab6kFibQYn7/MM9S4358MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjdhNjMxYmI2NzM4ZWI2OGJiNmVhNmM0MjRlZjRhN2Qx
NGMzY2IwHhcNMjUwMTAxMTk0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjljODZjYTU1MmFmNTc5Yzk5ZDYxNTViMWY4ZjRjZTdiNGZiZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE8uADPHAz7im74iURH9Ztr7qRhQ
89+aN08Z+JIYuqecvx2WqpkoAGr5YqHrzvE9nHFXA06UguVc3uyh1MhX8jfLTphr
KkhkoVu6N4KthPpo3LwPHrELsEOtuB8psc2+pDJys0rX/s57wVJObEhGPuczwpfB
zZSCkPnoZDq5fRu6dmloN+zZ/DWI6W/JvZ/ydlF2JhOP2rN4o3hBOtvyOgnP7gAE
2P7epfFaFXnKGIqhj8TqqwkksjnWZ+JRtRbWO6aoF7yFUqlkssxX6J7foBpQWikh
ta28PzqovPkQsOFSzignu2iEQEhCtqekusJOYovawAW1F4cvkTwRf7n42QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAKchspVKvV5yZ1hVbH49M57T79gMB8GA1UdIwQY
MBaAFDAnpjG7ZzjraLtupsQk70p9FMPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYt
MWRkNmQyODFjODhhLzEvQXB5R3lsVXE5WG5KbldGVnNmajB6bnRQdjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYtMWRkNmQyODFjODhh
LzEvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQCuTgsAwQC
uVc4AwQFvPbAAwQAwWzHAwQD1QVYMBYEAgACMBADBwAgAQZ8AbgDBQMqA5gAMA0G
CSqGSIb3DQEBCwUAA4IBAQAi73XKxWx5c6PMXiJzpRaLormj4gPdjB2ZaTN687Mu
Wp4S1gJZExshZHkwyZuR9yfUvnnlntn3jTPpZZsActDL2AliiKryzSXxr2MkmzXT
wCJh/MA9j8WvxguqtSx6MUcD8ubw1d7C5GLUHhS6FvLgPWDnCTRXZdVoE57H25Gh
wD7jiULDrapU+k12ECgbypd61phXnkdaBqRTrNU56mEyfrZTANsh74mt1R2f/S4m
5ecaWGJim63BS7P+8YSgPydoKXIlE3IrB17t2oIAztQgQybcwSaaumRFswDz7y7z
+7jtyk2ItIsiz3dFZc6lVQQlWKMoFKdNenYV6y5T7TMO
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:03:54 2025 by rpki-client