Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/_rGOoLombdqZx64ZxDfzpaqjTrg.roa
File: _rGOoLombdqZx64ZxDfzpaqjTrg.roa (raw, json)
Hash identifier: dApbReBYXmLZrFYcB/cQX8tI6KM0yzgxOVCRPmnuLoY=
Subject key identifier: FE:B1:8E:A0:BA:26:6D:DA:99:C7:AE:19:C4:37:F3:A5:AA:A3:4E:B8
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B8E0E0DE22DD10CCC90AC754AD9F8
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/_rGOoLombdqZx64ZxDfzpaqjTrg.roa
Signing time: Thu 02 Jan 2025 09:49:30 +0000
ROA not before: Thu 02 Jan 2025 09:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48990
IP address blocks: 78.136.72.0/24 maxlen: 24
78.136.73.0/24 maxlen: 24
78.136.74.0/24 maxlen: 24
78.136.78.0/24 maxlen: 24
84.236.194.0/23 maxlen: 23
88.148.65.0/24 maxlen: 24
94.76.185.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:8e:0e:0d:e2:2d:d1:0c:cc:90:ac:75:4a:d9:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=feb18ea0ba266dda99c7ae19c437f3a5aaa34eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c8:e3:70:61:58:44:1e:24:9a:37:72:ac:8d:
3c:24:41:7c:be:b7:43:55:9b:48:fb:af:ad:fa:c1:
01:63:02:ac:94:9f:15:a1:49:a0:ee:83:a3:19:14:
f4:f6:4f:41:74:b5:bf:3f:7c:09:f5:28:c0:25:46:
2b:d4:8e:23:a4:98:e4:0a:88:ce:f5:5d:c4:f1:1b:
e4:c2:9c:e2:d1:e4:b8:fb:33:9f:a4:e3:d9:e4:01:
53:26:cd:77:f7:b3:1c:f2:54:f3:94:3b:b1:7b:4b:
1e:2a:f8:9f:2e:eb:ad:6e:76:6a:c7:1f:fc:ae:1b:
f0:2c:16:a6:ec:14:de:75:4b:f5:50:fc:a1:b1:84:
bf:90:a6:19:66:b7:3a:99:5b:f8:6e:34:6d:d3:f7:
25:9d:a9:96:93:df:29:e1:74:0f:fc:ae:24:e3:96:
1f:3e:45:8a:b6:0f:aa:3a:93:8f:e1:a0:c2:d6:da:
c6:fa:d2:4c:98:71:e4:f3:5c:db:33:b9:4f:f4:39:
53:43:2f:10:01:d8:03:4b:9b:2f:c1:f7:b9:3b:04:
1b:d8:1e:cc:a5:1a:82:4b:0e:88:92:91:8c:48:16:
48:66:c7:20:2d:fe:e7:11:fc:05:26:e2:03:21:ac:
a7:1e:83:26:1b:94:fe:32:da:34:ea:d6:ed:34:3b:
ff:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B1:8E:A0:BA:26:6D:DA:99:C7:AE:19:C4:37:F3:A5:AA:A3:4E:B8
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/_rGOoLombdqZx64ZxDfzpaqjTrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.72.0-78.136.74.255
78.136.78.0/24
84.236.194.0/23
88.148.65.0/24
94.76.185.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:db:1c:cf:8b:30:24:b8:27:43:11:f8:8d:f8:73:75:fa:76:
d5:d7:2b:72:a1:65:3c:b2:15:87:88:ad:30:84:ea:40:75:e7:
87:6d:74:83:01:73:92:53:7e:1f:e6:84:0f:0d:11:2c:ec:1b:
5f:c6:4c:85:d7:7c:a9:e9:ed:e9:b6:76:fd:0f:27:53:b3:20:
07:2f:89:85:73:c7:18:e0:49:db:0c:d9:ae:4e:b5:b2:d0:fe:
09:8e:d5:d7:79:0f:b3:12:60:35:e6:cf:33:b9:c8:8f:ce:18:
85:fe:43:e6:ff:2c:22:20:9e:32:1c:65:dc:da:c2:f7:36:c4:
24:83:a3:07:3c:a2:6d:08:0a:38:0e:65:06:71:74:87:5e:4f:
d5:20:46:06:1f:a3:82:a0:97:aa:28:6c:2c:ab:df:0e:ca:ea:
60:65:3a:a6:dd:4e:8d:60:7b:d2:e4:a1:66:d8:50:0f:67:a8:
1f:54:2c:f0:9b:8c:d1:0a:90:77:b2:d1:7d:31:4c:8e:75:58:
30:c7:bc:6d:ab:ad:be:aa:2c:16:d5:c3:a5:1c:34:bc:6e:a4:
8f:9b:12:a5:b9:1d:b4:c3:0b:2e:5f:cf:ae:f0:a2:4f:52:86:
a5:9d:b8:cb:56:ef:e9:17:e6:d1:28:3c:7d:45:02:6a:12:ef:
e2:84:85:ba
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQma44ODeIt0QzMkKx1Stn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWIxOGVhMGJhMjY2ZGRhOTljN2FlMTljNDM3ZjNhNWFhYTM0ZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8jjcGFYRB4kmjdyrI08JEF8vrdD
VZtI+6+t+sEBYwKslJ8VoUmg7oOjGRT09k9BdLW/P3wJ9SjAJUYr1I4jpJjkCojO
9V3E8Rvkwpzi0eS4+zOfpOPZ5AFTJs1397Mc8lTzlDuxe0seKvifLuutbnZqxx/8
rhvwLBam7BTedUv1UPyhsYS/kKYZZrc6mVv4bjRt0/clnamWk98p4XQP/K4k45Yf
PkWKtg+qOpOP4aDC1trG+tJMmHHk81zbM7lP9DlTQy8QAdgDS5svwfe5OwQb2B7M
pRqCSw6IkpGMSBZIZscgLf7nEfwFJuIDIaynHoMmG5T+Mto06tbtNDv/TwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFP6xjqC6Jm3amceuGcQ386Wqo064MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvX3JHT29Mb21iZHFaeDY0WnhEZnpwYXFqVHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBANOiEgD
BABOiEoDBABOiE4DBAFU7MIDBABYlEEDBABeTLkwDQYJKoZIhvcNAQELBQADggEB
AMHbHM+LMCS4J0MR+I34c3X6dtXXK3KhZTyyFYeIrTCE6kB154dtdIMBc5JTfh/m
hA8NESzsG1/GTIXXfKnp7em2dv0PJ1OzIAcviYVzxxjgSdsM2a5OtbLQ/gmO1dd5
D7MSYDXmzzO5yI/OGIX+Q+b/LCIgnjIcZdzawvc2xCSDowc8om0ICjgOZQZxdIde
T9UgRgYfo4Kgl6oobCyr3w7K6mBlOqbdTo1ge9LkoWbYUA9nqB9ULPCbjNEKkHey
0X0xTI51WDDHvG2rrb6qLBbVw6UcNLxupI+bEqW5HbTDCy5fz67wok9ShqWduMtW
7+kX5tEoPH1FAmoS7+KEhbo=
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:19:19 2025 by rpki-client