Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/AVkM8pQNQe4Lv2gygeYw_iwNR8o.roa
File: AVkM8pQNQe4Lv2gygeYw_iwNR8o.roa (raw, json)
Hash identifier: eBDfXYDOLbSmgkFxViph+uhEyXOWfI38ugg/5BV4TtY=
Subject key identifier: 01:59:0C:F2:94:0D:41:EE:0B:BF:68:32:81:E6:30:FE:2C:0D:47:CA
Certificate issuer: /CN=34d519247402bcfbdf0ece9020ad64622e9d3bae
Certificate serial: 0194236A20F1CB02B68909EFF46919AE74FB
Authority key identifier: 34:D5:19:24:74:02:BC:FB:DF:0E:CE:90:20:AD:64:62:2E:9D:3B:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNUZJHQCvPvfDs6QIK1kYi6dO64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/AVkM8pQNQe4Lv2gygeYw_iwNR8o.roa
Signing time: Wed 01 Jan 2025 19:49:05 +0000
ROA not before: Wed 01 Jan 2025 19:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197152
IP address blocks: 185.120.88.0/22 maxlen: 22
185.120.88.0/23 maxlen: 23
185.120.90.0/23 maxlen: 23
195.54.42.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:20:f1:cb:02:b6:89:09:ef:f4:69:19:ae:74:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d519247402bcfbdf0ece9020ad64622e9d3bae
Validity
Not Before: Jan 1 19:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01590cf2940d41ee0bbf683281e630fe2c0d47ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cf:4d:12:04:56:59:eb:7e:51:6c:b6:6c:77:
7d:34:0f:51:f6:62:44:77:01:84:fc:5c:12:30:f1:
05:92:f2:ec:d7:c4:c4:46:c8:e5:36:09:69:65:52:
53:c0:b9:d7:af:a3:aa:97:ef:ac:73:e0:10:b3:4d:
6b:8c:75:70:7d:59:93:c5:dd:32:de:74:68:e6:86:
05:a7:51:1f:5b:d9:4c:f1:e6:bd:b7:40:ee:b0:42:
5d:d8:96:13:01:21:9a:2a:51:02:ff:2f:56:03:3a:
31:7b:c7:73:65:65:b3:56:78:14:a8:83:20:0e:59:
86:5b:04:d3:ac:de:2a:f7:fa:e6:88:90:90:5e:af:
69:6d:15:f8:2b:ae:6a:8b:f9:dd:9b:5f:81:c7:39:
df:1e:4c:4c:6d:5c:be:28:18:44:5a:73:e2:eb:d0:
5f:74:1f:ae:47:52:01:fa:12:bb:df:26:a1:94:f8:
cd:5b:cd:dc:77:43:31:8b:ae:6d:b6:29:29:c2:fd:
96:eb:9c:c8:41:39:d6:12:02:5f:a1:76:cc:43:aa:
4d:82:5a:39:4a:cb:01:5e:b7:22:9c:11:f0:b6:a3:
06:69:42:3d:85:08:30:bf:29:5e:a1:fe:65:d9:45:
99:f4:a8:a6:95:58:db:7a:01:d4:2a:a3:8f:18:db:
3a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:59:0C:F2:94:0D:41:EE:0B:BF:68:32:81:E6:30:FE:2C:0D:47:CA
X509v3 Authority Key Identifier:
keyid:34:D5:19:24:74:02:BC:FB:DF:0E:CE:90:20:AD:64:62:2E:9D:3B:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNUZJHQCvPvfDs6QIK1kYi6dO64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/AVkM8pQNQe4Lv2gygeYw_iwNR8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/NNUZJHQCvPvfDs6QIK1kYi6dO64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.88.0/22
195.54.42.0/23
Signature Algorithm: sha256WithRSAEncryption
76:40:8b:dd:39:c2:05:c2:f3:e9:f7:0e:bb:6b:f1:75:30:e6:
1c:a8:1a:32:ee:63:0b:51:38:8b:f1:26:95:b4:9d:a6:a2:d6:
8c:99:17:eb:71:66:89:9a:4f:18:dc:63:03:aa:8b:50:70:e3:
21:53:2e:df:d2:95:d0:98:54:04:15:50:2e:3c:03:32:68:f8:
77:df:09:a1:71:6f:75:e9:0d:05:4e:06:7f:f0:63:39:14:dd:
08:5a:29:c7:9d:ed:e3:70:0c:ff:62:71:62:a5:e3:ee:d6:e6:
04:8d:b2:0a:2a:82:d0:55:ac:67:8c:51:1d:c2:53:d5:dc:55:
76:f2:9e:76:36:0b:56:18:90:a7:10:80:d9:2a:ba:78:45:4f:
99:50:5f:65:08:a0:6d:6b:e0:b2:18:dc:5f:a8:22:d8:00:3f:
24:22:70:b0:e3:ed:59:6e:07:eb:23:1c:bb:50:74:55:63:b1:
7e:da:49:35:77:ff:9b:a8:ff:66:9e:0e:94:29:a3:ca:ca:a6:
83:d6:2b:8e:e3:a7:f4:8c:c4:a9:8b:3a:78:33:5e:db:a0:60:
d4:0b:66:35:a5:f9:1b:fa:1e:d2:6c:1a:b5:8e:b5:66:76:9f:
9a:c7:1f:c1:e7:76:6a:5f:e2:4b:da:61:9f:4a:cc:c3:ce:23:
bd:25:99:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjaiDxywK2iQnv9GkZrnT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZDUxOTI0NzQwMmJjZmJkZjBlY2U5MDIwYWQ2NDYyMmU5
ZDNiYWUwHhcNMjUwMTAxMTk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTU5MGNmMjk0MGQ0MWVlMGJiZjY4MzI4MWU2MzBmZTJjMGQ0N2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq89NEgRWWet+UWy2bHd9NA9R9mJE
dwGE/FwSMPEFkvLs18TERsjlNglpZVJTwLnXr6Oql++sc+AQs01rjHVwfVmTxd0y
3nRo5oYFp1EfW9lM8ea9t0DusEJd2JYTASGaKlEC/y9WAzoxe8dzZWWzVngUqIMg
DlmGWwTTrN4q9/rmiJCQXq9pbRX4K65qi/ndm1+BxznfHkxMbVy+KBhEWnPi69Bf
dB+uR1IB+hK73yahlPjNW83cd0Mxi65ttikpwv2W65zIQTnWEgJfoXbMQ6pNglo5
SssBXrcinBHwtqMGaUI9hQgwvyleof5l2UWZ9KimlVjbegHUKqOPGNs6vQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAFZDPKUDUHuC79oMoHmMP4sDUfKMB8GA1UdIwQY
MBaAFDTVGSR0Arz73w7OkCCtZGIunTuuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5VWkpIUUN2UHZmRHM2UUlLMWtZaTZkTzY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zMDgxNzktYmU2OS00YzEwLTg2OTQt
ZmJkMzk5YTQ0NzVlLzEvQVZrTThwUU5RZTRMdjJneWdlWXdfaXdOUjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zMDgxNzktYmU2OS00YzEwLTg2OTQtZmJkMzk5YTQ0NzVl
LzEvTk5VWkpIUUN2UHZmRHM2UUlLMWtZaTZkTzY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXhYAwQB
wzYqMA0GCSqGSIb3DQEBCwUAA4IBAQB2QIvdOcIFwvPp9w67a/F1MOYcqBoy7mML
UTiL8SaVtJ2motaMmRfrcWaJmk8Y3GMDqotQcOMhUy7f0pXQmFQEFVAuPAMyaPh3
3wmhcW916Q0FTgZ/8GM5FN0IWinHne3jcAz/YnFipePu1uYEjbIKKoLQVaxnjFEd
wlPV3FV28p52NgtWGJCnEIDZKrp4RU+ZUF9lCKBta+CyGNxfqCLYAD8kInCw4+1Z
bgfrIxy7UHRVY7F+2kk1d/+bqP9mng6UKaPKyqaD1iuO46f0jMSpizp4M17boGDU
C2Y1pfkb+h7SbBq1jrVmdp+axx/B53ZqX+JL2mGfSszDziO9JZlm
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:06:48 2025 by rpki-client