Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/2As0Mp8svkA_acr8TjpzRvXcyRw.roa
File: 2As0Mp8svkA_acr8TjpzRvXcyRw.roa (raw, json)
Hash identifier: x7SMSN6/Nb1zQXVVEV5INFQjFMZ3I+mES8tTWRbKxME=
Subject key identifier: D8:0B:34:32:9F:2C:BE:40:3F:69:CA:FC:4E:3A:73:46:F5:DC:C9:1C
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 019421B1E4C45930BBD771ABCFEF595AAC42
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/2As0Mp8svkA_acr8TjpzRvXcyRw.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3316
IP address blocks: 86.62.49.0/24 maxlen: 24
193.232.85.0/24 maxlen: 24
193.232.131.0/24 maxlen: 24
194.85.105.0/24 maxlen: 24
194.85.106.0/24 maxlen: 24
194.85.117.0/24 maxlen: 24
194.85.118.0/24 maxlen: 24
194.85.119.0/24 maxlen: 24
194.190.132.0/22 maxlen: 22
194.190.132.0/24 maxlen: 24
194.190.134.0/24 maxlen: 24
194.190.138.0/24 maxlen: 24
194.190.141.0/24 maxlen: 24
194.190.142.0/24 maxlen: 24
194.190.145.0/24 maxlen: 24
194.190.148.0/24 maxlen: 24
194.226.29.0/24 maxlen: 24
194.226.44.0/24 maxlen: 24
194.226.46.0/23 maxlen: 23
195.19.26.0/24 maxlen: 24
195.208.22.0/23 maxlen: 23
195.209.4.0/24 maxlen: 24
195.209.8.0/24 maxlen: 24
195.209.16.0/24 maxlen: 24
195.209.146.0/24 maxlen: 24
212.193.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e4:c4:59:30:bb:d7:71:ab:cf:ef:59:5a:ac:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d80b34329f2cbe403f69cafc4e3a7346f5dcc91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:27:55:a0:5a:3c:2a:b6:41:ca:ab:e9:10:dc:
e3:03:13:d1:b9:2c:10:31:ac:9a:19:7d:2a:81:f1:
46:7c:3c:69:91:f7:16:17:51:4e:cd:9c:3f:12:ed:
83:fd:08:12:42:25:10:85:ae:ea:97:a6:9a:85:1d:
f6:32:25:78:b0:de:74:16:6c:e3:43:d4:85:87:e6:
d4:f8:e6:d7:10:0d:13:f6:1a:35:42:68:e6:99:ba:
67:0f:1d:88:8e:8a:62:2a:8c:7b:7d:9f:08:92:13:
a9:44:c7:ed:41:ac:8e:55:e5:34:10:38:df:26:b8:
8c:0c:e9:86:64:41:21:d9:af:42:26:f3:7f:1a:94:
97:c5:93:0c:58:24:fb:a7:17:e0:e1:2d:eb:64:68:
3c:15:4e:d4:3c:a0:76:42:52:e9:bc:63:c8:74:2a:
d9:a0:91:81:35:f2:45:e4:12:16:54:9e:98:d0:69:
f2:44:96:1e:10:81:67:a1:5b:27:92:de:ee:bf:3f:
5a:05:7f:c7:42:b5:90:78:d5:a8:bd:9e:46:c6:7d:
0c:21:26:21:ad:0a:f2:21:42:ef:72:b4:c1:3e:50:
a7:f1:99:28:ce:af:5b:b2:e1:18:8b:61:f1:e0:fb:
d8:19:a2:a6:f1:a7:81:74:e1:cd:b0:14:da:63:3c:
5f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:0B:34:32:9F:2C:BE:40:3F:69:CA:FC:4E:3A:73:46:F5:DC:C9:1C
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/2As0Mp8svkA_acr8TjpzRvXcyRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.49.0/24
193.232.85.0/24
193.232.131.0/24
194.85.105.0-194.85.106.255
194.85.117.0-194.85.119.255
194.190.132.0/22
194.190.138.0/24
194.190.141.0-194.190.142.255
194.190.145.0/24
194.190.148.0/24
194.226.29.0/24
194.226.44.0/24
194.226.46.0/23
195.19.26.0/24
195.208.22.0/23
195.209.4.0/24
195.209.8.0/24
195.209.16.0/24
195.209.146.0/24
212.193.118.0/24
Signature Algorithm: sha256WithRSAEncryption
39:45:f9:93:e9:73:90:d6:3b:85:66:83:2f:84:10:0b:51:78:
44:8f:fe:d9:88:33:a8:42:d0:e1:e7:95:c2:59:86:37:c6:62:
ce:4d:95:64:b3:4f:26:3a:9f:3a:62:6d:0c:aa:ae:6f:ef:c8:
5e:f5:4b:83:ba:63:a9:ba:35:dc:62:9d:7a:54:27:54:2a:49:
af:75:ba:fa:8f:95:30:66:3c:15:8a:07:8b:1e:e2:1f:46:84:
a7:3b:c1:7e:a4:05:98:64:ff:6a:68:f0:41:84:a4:6b:54:e9:
36:ab:0d:81:de:5a:30:d6:a5:93:6c:5c:a4:bd:15:d4:4b:4b:
3f:e6:43:19:a8:02:94:5a:44:fc:62:49:4d:7b:89:59:89:0f:
87:84:53:a3:16:09:d3:83:69:a6:ce:bd:66:60:51:59:a5:8e:
19:29:1e:f1:5b:12:fd:7b:57:b7:16:45:29:20:eb:c0:66:80:
06:19:b3:85:9a:f6:a3:f4:45:b5:03:34:24:a0:a5:9b:32:cd:
f4:61:2e:67:a8:b9:6f:a7:8b:8f:64:50:c0:0e:0f:72:47:e3:
09:7b:e8:9a:55:83:5d:0d:41:0a:11:ff:dc:3b:13:29:32:03:
c6:9a:c1:f7:e7:6a:c1:2b:cd:49:2b:13:36:1b:7a:b3:39:53:
30:f9:b4:7f
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZQhseTEWTC713Grz+9ZWqxCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODBiMzQzMjlmMmNiZTQwM2Y2OWNhZmM0ZTNhNzM0NmY1ZGNjOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSdVoFo8KrZByqvpENzjAxPRuSwQ
MayaGX0qgfFGfDxpkfcWF1FOzZw/Eu2D/QgSQiUQha7ql6aahR32MiV4sN50Fmzj
Q9SFh+bU+ObXEA0T9ho1QmjmmbpnDx2IjopiKox7fZ8IkhOpRMftQayOVeU0EDjf
JriMDOmGZEEh2a9CJvN/GpSXxZMMWCT7pxfg4S3rZGg8FU7UPKB2QlLpvGPIdCrZ
oJGBNfJF5BIWVJ6Y0GnyRJYeEIFnoVsnkt7uvz9aBX/HQrWQeNWovZ5Gxn0MISYh
rQryIULvcrTBPlCn8Zkozq9bsuEYi2Hx4PvYGaKm8aeBdOHNsBTaYzxfmwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFNgLNDKfLL5AP2nK/E46c0b13MkcMB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvMkFzME1wOHN2a0FfYWNyOFRqcHpSdlhjeVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBABW
PjEDBADB6FUDBADB6IMwDAMEAMJVaQMEAMJVajAMAwQAwlV1AwQDwlVwAwQCwr6E
AwQAwr6KMAwDBADCvo0DBADCvo4DBADCvpEDBADCvpQDBADC4h0DBADC4iwDBAHC
4i4DBADDExoDBAHD0BYDBADD0QQDBADD0QgDBADD0RADBADD0ZIDBADUwXYwDQYJ
KoZIhvcNAQELBQADggEBADlF+ZPpc5DWO4Vmgy+EEAtReESP/tmIM6hC0OHnlcJZ
hjfGYs5NlWSzTyY6nzpibQyqrm/vyF71S4O6Y6m6NdxinXpUJ1QqSa91uvqPlTBm
PBWKB4se4h9GhKc7wX6kBZhk/2po8EGEpGtU6TarDYHeWjDWpZNsXKS9FdRLSz/m
QxmoApRaRPxiSU17iVmJD4eEU6MWCdODaabOvWZgUVmljhkpHvFbEv17V7cWRSkg
68BmgAYZs4Wa9qP0RbUDNCSgpZsyzfRhLmeouW+ni49kUMAOD3JH4wl76JpVg10N
QQoR/9w7EykyA8aawffnasErzUkrEzYberM5UzD5tH8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:01:51 2025 by rpki-client