Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3fba05-daed-43b7-b870-fa02c1265d5e/1/8e6EuYvdvJ1TbEt2w_l--VFTSVE.roa
File: 8e6EuYvdvJ1TbEt2w_l--VFTSVE.roa (raw, json)
Hash identifier: lEOGzvYRz251FXAafldpzBiZsWV7u1gV99thpvyYuY4=
Subject key identifier: F1:EE:84:B9:8B:DD:BC:9D:53:6C:4B:76:C3:F9:7E:F9:51:53:49:51
Certificate issuer: /CN=e20f87dab96b50f76eea49b181ea94d26a205327
Certificate serial: 019420D60B91D85FC79968CA1EE755B5850D
Authority key identifier: E2:0F:87:DA:B9:6B:50:F7:6E:EA:49:B1:81:EA:94:D2:6A:20:53:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4g-H2rlrUPdu6kmxgeqU0mogUyc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3fba05-daed-43b7-b870-fa02c1265d5e/1/8e6EuYvdvJ1TbEt2w_l--VFTSVE.roa
Signing time: Wed 01 Jan 2025 07:48:06 +0000
ROA not before: Wed 01 Jan 2025 07:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29148
IP address blocks: 87.239.56.0/21 maxlen: 21
91.221.110.0/23 maxlen: 23
91.221.110.0/24 maxlen: 24
91.221.111.0/24 maxlen: 24
185.228.212.0/23 maxlen: 23
185.228.212.0/24 maxlen: 24
185.228.213.0/24 maxlen: 24
185.228.214.0/23 maxlen: 23
185.228.214.0/24 maxlen: 24
185.228.215.0/24 maxlen: 24
2a0d:4a00::/32 maxlen: 36
2a0d:4a00:a000::/36 maxlen: 36
2a0d:4a00:b000::/36 maxlen: 36
2a0d:4a00:c000::/36 maxlen: 36
2a0d:4a00:d000::/36 maxlen: 36
2a0d:4a00:e000::/36 maxlen: 36
2a0d:4a00:f000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:0b:91:d8:5f:c7:99:68:ca:1e:e7:55:b5:85:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e20f87dab96b50f76eea49b181ea94d26a205327
Validity
Not Before: Jan 1 07:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1ee84b98bddbc9d536c4b76c3f97ef951534951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2c:65:5d:d6:0c:29:b2:9c:b0:2b:9d:f5:de:
29:ae:e7:d2:a8:77:f7:2a:94:b3:2a:5c:d4:ab:cb:
35:65:e8:ea:2d:d1:55:1b:4e:c3:56:bc:2b:f8:c3:
b4:d6:6a:df:3e:8e:ea:d4:93:09:e1:15:c9:3a:60:
c0:8c:21:e1:f6:0c:13:84:9c:d0:11:ed:c0:54:52:
34:d6:2e:d0:05:bf:83:be:9d:80:13:ec:43:53:cf:
56:13:f9:a7:b0:6a:7d:4b:ba:b1:32:7f:c2:47:bd:
97:d3:1a:bb:5a:3a:32:36:46:ba:c3:b3:bf:97:9f:
f1:10:3e:80:8d:93:f2:f4:27:fd:2b:9f:9e:28:9b:
c7:73:57:4a:f1:fd:b9:dd:92:5f:57:67:05:b8:f0:
ee:91:b9:6f:30:23:31:9b:97:9d:2b:c9:22:4d:ce:
78:94:6a:a8:63:4f:d5:b0:fc:25:39:77:c2:84:1e:
1c:ed:96:93:15:ad:76:51:fe:bc:37:06:0b:d2:be:
6f:55:d7:50:fc:2d:92:4c:1d:3d:e1:2b:f6:db:0c:
29:f9:73:03:4b:b9:27:2e:7d:b2:af:47:32:75:17:
73:20:57:12:cc:b6:b4:b1:a4:e2:a0:21:4d:ea:88:
38:aa:62:ef:8b:99:e6:9c:55:41:32:8c:c0:db:ad:
d6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:EE:84:B9:8B:DD:BC:9D:53:6C:4B:76:C3:F9:7E:F9:51:53:49:51
X509v3 Authority Key Identifier:
keyid:E2:0F:87:DA:B9:6B:50:F7:6E:EA:49:B1:81:EA:94:D2:6A:20:53:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4g-H2rlrUPdu6kmxgeqU0mogUyc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3fba05-daed-43b7-b870-fa02c1265d5e/1/8e6EuYvdvJ1TbEt2w_l--VFTSVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3fba05-daed-43b7-b870-fa02c1265d5e/1/4g-H2rlrUPdu6kmxgeqU0mogUyc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.56.0/21
91.221.110.0/23
185.228.212.0/22
IPv6:
2a0d:4a00::/32
Signature Algorithm: sha256WithRSAEncryption
5b:15:0b:6d:db:35:66:c6:3f:ba:9a:f0:27:75:10:f2:97:18:
f4:b7:69:8f:07:12:3d:d9:55:a4:d0:22:d5:30:22:62:7c:b9:
ef:00:5e:9f:0f:bf:94:a1:60:46:8c:45:21:29:4a:d1:50:b5:
83:de:1e:09:71:4b:b2:e7:9f:df:00:69:35:e0:68:eb:85:e2:
7f:9d:20:14:3f:4e:9e:e0:38:c8:25:4c:32:04:39:d4:05:5e:
62:72:a4:0d:c3:5e:9b:4e:27:81:81:51:36:e5:e0:78:f3:b3:
d0:e4:db:ad:b1:3e:3b:80:09:ce:65:7e:61:a7:cd:96:2b:f9:
9f:87:ae:ae:42:3c:84:e2:ac:4e:fa:0f:cb:6c:2a:32:4f:04:
30:5f:da:a3:31:f5:d2:10:a8:68:81:c9:ff:c7:73:84:ad:4c:
b3:8f:a3:52:3f:27:f2:5d:e6:2e:f9:db:f8:d9:9b:d9:9a:3e:
5c:23:c4:4b:13:5f:c9:0f:10:a4:a0:13:1a:d1:04:b7:47:7c:
e0:f6:58:0a:48:b7:c6:9b:78:9c:f2:e0:6d:3a:92:1a:e8:6b:
8d:67:07:a5:b4:fc:31:92:39:5d:57:29:c9:c9:88:9b:65:a8:
b8:36:29:c3:2a:24:de:b2:c2:7a:5e:18:85:93:de:7d:e1:61:
00:5d:14:55
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQg1guR2F/HmWjKHudVtYUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMGY4N2RhYjk2YjUwZjc2ZWVhNDliMTgxZWE5NGQyNmEy
MDUzMjcwHhcNMjUwMTAxMDc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWVlODRiOThiZGRiYzlkNTM2YzRiNzZjM2Y5N2VmOTUxNTM0OTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyxlXdYMKbKcsCud9d4prufSqHf3
KpSzKlzUq8s1ZejqLdFVG07DVrwr+MO01mrfPo7q1JMJ4RXJOmDAjCHh9gwThJzQ
Ee3AVFI01i7QBb+Dvp2AE+xDU89WE/mnsGp9S7qxMn/CR72X0xq7WjoyNka6w7O/
l5/xED6AjZPy9Cf9K5+eKJvHc1dK8f253ZJfV2cFuPDukblvMCMxm5edK8kiTc54
lGqoY0/VsPwlOXfChB4c7ZaTFa12Uf68NwYL0r5vVddQ/C2STB094Sv22wwp+XMD
S7knLn2yr0cydRdzIFcSzLa0saTioCFN6og4qmLvi5nmnFVBMozA263WKQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPHuhLmL3bydU2xLdsP5fvlRU0lRMB8GA1UdIwQY
MBaAFOIPh9q5a1D3bupJsYHqlNJqIFMnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGctSDJybHJVUGR1NmtteGdlcVUwbW9nVXljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zZmJhMDUtZGFlZC00M2I3LWI4NzAt
ZmEwMmMxMjY1ZDVlLzEvOGU2RXVZdmR2SjFUYkV0MndfbC0tVkZUU1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8zZmJhMDUtZGFlZC00M2I3LWI4NzAtZmEwMmMxMjY1ZDVl
LzEvNGctSDJybHJVUGR1NmtteGdlcVUwbW9nVXljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDV+84AwQB
W91uAwQCueTUMA0EAgACMAcDBQAqDUoAMA0GCSqGSIb3DQEBCwUAA4IBAQBbFQtt
2zVmxj+6mvAndRDylxj0t2mPBxI92VWk0CLVMCJifLnvAF6fD7+UoWBGjEUhKUrR
ULWD3h4JcUuy55/fAGk14GjrheJ/nSAUP06e4DjIJUwyBDnUBV5icqQNw16bTieB
gVE25eB487PQ5NutsT47gAnOZX5hp82WK/mfh66uQjyE4qxO+g/LbCoyTwQwX9qj
MfXSEKhogcn/x3OErUyzj6NSPyfyXeYu+dv42ZvZmj5cI8RLE1/JDxCkoBMa0QS3
R3zg9lgKSLfGm3ic8uBtOpIa6GuNZweltPwxkjldVynJyYibZai4NinDKiTessJ6
XhiFk9594WEAXRRV
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:56:21 2025 by rpki-client