Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/50d48e-494f-4d14-9f05-e753cf768c14/1/2bRBlMS8mkEOsT7iLZp1HMc84Xo.roa
File: 2bRBlMS8mkEOsT7iLZp1HMc84Xo.roa (raw, json)
Hash identifier: CRan8iZGqQIXvLKVDuE31EVqd8lIF+Eg5+VWJIeFz/I=
Subject key identifier: D9:B4:41:94:C4:BC:9A:41:0E:B1:3E:E2:2D:9A:75:1C:C7:3C:E1:7A
Certificate issuer: /CN=c587b9cda75603eb0d9e377167bf7e0c8e440403
Certificate serial: 01942068491706E613B8C1C24DFFC08F27FC
Authority key identifier: C5:87:B9:CD:A7:56:03:EB:0D:9E:37:71:67:BF:7E:0C:8E:44:04:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xYe5zadWA-sNnjdxZ79-DI5EBAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/50d48e-494f-4d14-9f05-e753cf768c14/1/2bRBlMS8mkEOsT7iLZp1HMc84Xo.roa
Signing time: Wed 01 Jan 2025 05:48:12 +0000
ROA not before: Wed 01 Jan 2025 05:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35673
IP address blocks: 82.115.36.0/24 maxlen: 24
194.187.244.0/24 maxlen: 24
194.187.245.0/24 maxlen: 24
194.187.246.0/24 maxlen: 24
194.187.247.0/24 maxlen: 24
2a11:aa80::/48 maxlen: 48
2a11:aa80:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:49:17:06:e6:13:b8:c1:c2:4d:ff:c0:8f:27:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c587b9cda75603eb0d9e377167bf7e0c8e440403
Validity
Not Before: Jan 1 05:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9b44194c4bc9a410eb13ee22d9a751cc73ce17a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e6:30:b7:cd:d6:dc:1d:36:ec:d6:0e:d2:ee:
93:a8:42:8f:f5:e7:db:1b:d0:57:76:b9:02:53:07:
f1:30:58:e2:2a:e3:9a:7b:db:23:cc:57:46:dc:81:
6d:19:6b:82:cd:b7:22:0d:73:f0:27:d0:e1:d1:98:
4b:99:78:bc:6d:e3:3f:f1:cf:88:6d:7d:bf:31:3c:
0b:b5:20:85:44:fc:a2:04:1d:5f:7c:21:65:64:8a:
25:73:1e:ff:3d:06:83:ee:2b:e8:49:93:c9:87:40:
c0:29:a5:5f:af:4e:be:82:c7:fb:79:2d:6f:45:c2:
01:18:24:2d:f6:49:73:10:77:17:55:ad:68:4b:cd:
b5:7b:61:e3:3b:13:f6:5e:d7:50:9b:96:c8:06:22:
b5:26:31:99:74:f7:6e:25:23:40:cd:e5:d0:f4:41:
e9:33:52:4a:60:df:b1:95:3c:5e:1f:7e:db:1a:55:
77:16:90:8f:f5:aa:21:23:fd:e2:d9:2d:b4:97:be:
01:64:05:bc:02:05:5d:9c:80:31:12:0d:d0:47:45:
9b:8a:4a:68:a9:ab:01:bc:99:0c:ab:8c:cf:d8:7f:
7e:be:d4:ea:8f:54:74:85:22:cd:17:dc:5b:c6:c4:
b4:46:91:d9:5a:d8:54:65:36:36:23:ba:2e:69:ef:
03:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B4:41:94:C4:BC:9A:41:0E:B1:3E:E2:2D:9A:75:1C:C7:3C:E1:7A
X509v3 Authority Key Identifier:
keyid:C5:87:B9:CD:A7:56:03:EB:0D:9E:37:71:67:BF:7E:0C:8E:44:04:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xYe5zadWA-sNnjdxZ79-DI5EBAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/50d48e-494f-4d14-9f05-e753cf768c14/1/2bRBlMS8mkEOsT7iLZp1HMc84Xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/50d48e-494f-4d14-9f05-e753cf768c14/1/xYe5zadWA-sNnjdxZ79-DI5EBAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.36.0/24
194.187.244.0/22
IPv6:
2a11:aa80::/47
Signature Algorithm: sha256WithRSAEncryption
89:16:6e:cd:8a:43:f7:66:15:07:0d:06:4a:5d:ae:e4:ff:a2:
fa:9f:c2:be:f7:cd:a5:3c:90:13:63:45:60:50:73:c1:7c:74:
39:94:b9:42:5c:6a:29:c4:e1:a3:51:04:29:07:3d:1e:f9:65:
46:28:e8:49:1b:4b:a1:ab:04:11:25:62:58:96:6b:fa:3c:f2:
08:d8:c2:e0:64:12:28:6c:77:a4:f9:a6:64:2c:36:10:1a:c1:
5c:fb:03:20:cc:5f:0d:88:df:73:6e:12:ef:df:1f:ff:93:e2:
e0:fc:23:64:f3:6e:bc:8b:49:7e:22:69:e0:83:f0:65:4e:c3:
84:25:dd:18:d3:3b:fb:e1:e4:67:0e:b4:85:48:dd:fc:8a:3f:
4b:fb:99:3f:7b:0c:91:63:65:7f:ac:2b:7f:59:5f:05:3d:7c:
a6:57:a5:fc:67:2d:b7:5b:a7:e5:d7:fc:e1:03:78:62:cd:3a:
4a:e4:aa:91:85:5b:77:c6:ae:d5:ce:cc:fe:fb:b0:69:f5:f6:
be:a3:4f:ba:fd:51:02:7d:72:5c:aa:ed:c2:3a:b6:fa:91:5d:
8c:36:ce:94:c6:46:c5:e1:bb:ad:7c:d5:07:40:e6:4b:89:9b:
42:08:32:bb:9d:f4:53:a8:bb:5a:ca:44:80:90:20:c9:58:88:
c5:9a:fe:76
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQgaEkXBuYTuMHCTf/Ajyf8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ODdiOWNkYTc1NjAzZWIwZDllMzc3MTY3YmY3ZTBjOGU0
NDA0MDMwHhcNMjUwMTAxMDU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWI0NDE5NGM0YmM5YTQxMGViMTNlZTIyZDlhNzUxY2M3M2NlMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+Ywt83W3B027NYO0u6TqEKP9efb
G9BXdrkCUwfxMFjiKuOae9sjzFdG3IFtGWuCzbciDXPwJ9Dh0ZhLmXi8beM/8c+I
bX2/MTwLtSCFRPyiBB1ffCFlZIolcx7/PQaD7ivoSZPJh0DAKaVfr06+gsf7eS1v
RcIBGCQt9klzEHcXVa1oS821e2HjOxP2XtdQm5bIBiK1JjGZdPduJSNAzeXQ9EHp
M1JKYN+xlTxeH37bGlV3FpCP9aohI/3i2S20l74BZAW8AgVdnIAxEg3QR0Wbikpo
qasBvJkMq4zP2H9+vtTqj1R0hSLNF9xbxsS0RpHZWthUZTY2I7ouae8DdQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNm0QZTEvJpBDrE+4i2adRzHPOF6MB8GA1UdIwQY
MBaAFMWHuc2nVgPrDZ43cWe/fgyORAQDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFllNXphZFdBLXNObmpkeFo3OS1ESTVFQkFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi81MGQ0OGUtNDk0Zi00ZDE0LTlmMDUt
ZTc1M2NmNzY4YzE0LzEvMmJSQmxNUzhta0VPc1Q3aUxacDFITWM4NFhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi81MGQ0OGUtNDk0Zi00ZDE0LTlmMDUtZTc1M2NmNzY4YzE0
LzEveFllNXphZFdBLXNObmpkeFo3OS1ESTVFQkFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAUnMkAwQC
wrv0MA8EAgACMAkDBwEqEaqAAAAwDQYJKoZIhvcNAQELBQADggEBAIkWbs2KQ/dm
FQcNBkpdruT/ovqfwr73zaU8kBNjRWBQc8F8dDmUuUJcainE4aNRBCkHPR75ZUYo
6EkbS6GrBBElYliWa/o88gjYwuBkEihsd6T5pmQsNhAawVz7AyDMXw2I33NuEu/f
H/+T4uD8I2TzbryLSX4iaeCD8GVOw4Ql3RjTO/vh5GcOtIVI3fyKP0v7mT97DJFj
ZX+sK39ZXwU9fKZXpfxnLbdbp+XX/OEDeGLNOkrkqpGFW3fGrtXOzP77sGn19r6j
T7r9UQJ9clyq7cI6tvqRXYw2zpTGRsXhu6181QdA5kuJm0IIMrud9FOou1rKRICQ
IMlYiMWa/nY=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:55:18 2025 by rpki-client