Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/67f631-7f07-4d8e-9e96-1f471428b363/1/1-yaC8qQ20Z2_Bpq7yu2InkiaYFM.roa
File: 1-yaC8qQ20Z2_Bpq7yu2InkiaYFM.roa (raw, json)
Hash identifier: TfkobCBqjf8MpnbrhUGl1HVR5xQ5nq1l8df5IUU3I1w=
Subject key identifier: FB:26:82:F2:A4:36:D1:9D:BF:06:9A:BB:CA:ED:88:9E:48:9A:60:53
Certificate issuer: /CN=8a304af55353c03146f7f3a60c6ab5804dda5ce1
Certificate serial: 01941FFAA70C48D64F8BFE7DF1F36B835FEF
Authority key identifier: 8A:30:4A:F5:53:53:C0:31:46:F7:F3:A6:0C:6A:B5:80:4D:DA:5C:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ijBK9VNTwDFG9_OmDGq1gE3aXOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/67f631-7f07-4d8e-9e96-1f471428b363/1/1-yaC8qQ20Z2_Bpq7yu2InkiaYFM.roa
Signing time: Wed 01 Jan 2025 03:48:27 +0000
ROA not before: Wed 01 Jan 2025 03:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13105
IP address blocks: 82.118.128.0/23 maxlen: 23
82.118.134.0/24 maxlen: 24
82.118.146.0/23 maxlen: 23
82.118.148.0/24 maxlen: 24
82.118.149.0/24 maxlen: 24
82.118.158.0/23 maxlen: 23
95.171.224.0/24 maxlen: 24
95.171.227.0/24 maxlen: 24
95.171.248.0/24 maxlen: 24
212.38.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a7:0c:48:d6:4f:8b:fe:7d:f1:f3:6b:83:5f:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a304af55353c03146f7f3a60c6ab5804dda5ce1
Validity
Not Before: Jan 1 03:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb2682f2a436d19dbf069abbcaed889e489a6053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5b:cf:ab:b2:9a:47:50:a3:80:58:a1:ae:d3:
ec:e1:fa:6e:76:b7:30:41:ad:6e:65:6f:8b:e3:4b:
66:19:9f:a9:71:36:4d:b1:e0:ac:ef:40:0d:d7:f2:
65:bb:e9:c2:8d:91:3c:ef:54:de:5f:46:18:cb:c4:
e8:c1:12:1b:6d:4c:50:93:47:e5:c8:a0:31:6f:77:
7c:00:99:0f:66:de:33:cd:fc:7a:23:99:f5:14:91:
48:fd:49:d3:a4:d4:3b:9c:c2:13:bf:cb:17:47:24:
e0:89:8e:a3:d1:b9:f4:55:1b:f2:52:3c:80:f2:31:
e5:65:a1:82:c4:46:3d:e7:64:76:4f:15:6d:06:4f:
c9:c3:bb:85:8d:f1:70:af:cb:c7:f4:e0:5d:26:35:
fc:24:8f:e4:2d:08:68:4d:2a:7c:80:7e:3e:67:5d:
a7:ec:16:40:86:32:28:43:db:ac:32:35:a0:db:04:
c7:54:8c:db:4e:42:29:8e:c1:fe:6d:0c:7a:88:28:
09:40:b5:46:e2:fb:88:7d:07:60:f7:9d:39:4a:4b:
93:be:d8:7f:3f:bb:ed:9e:31:5a:dc:c5:af:98:12:
7d:78:c4:b8:9c:68:09:60:5b:37:09:99:81:26:1b:
c3:75:9c:08:a5:d5:a2:68:57:fd:52:04:df:c8:d9:
93:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:26:82:F2:A4:36:D1:9D:BF:06:9A:BB:CA:ED:88:9E:48:9A:60:53
X509v3 Authority Key Identifier:
keyid:8A:30:4A:F5:53:53:C0:31:46:F7:F3:A6:0C:6A:B5:80:4D:DA:5C:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ijBK9VNTwDFG9_OmDGq1gE3aXOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/67f631-7f07-4d8e-9e96-1f471428b363/1/1-yaC8qQ20Z2_Bpq7yu2InkiaYFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/67f631-7f07-4d8e-9e96-1f471428b363/1/ijBK9VNTwDFG9_OmDGq1gE3aXOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.128.0/23
82.118.134.0/24
82.118.146.0-82.118.149.255
82.118.158.0/23
95.171.224.0/24
95.171.227.0/24
95.171.248.0/24
212.38.102.0/24
Signature Algorithm: sha256WithRSAEncryption
53:79:b1:87:2a:3b:55:4e:da:f8:62:5f:da:c5:4d:81:f7:20:
3e:b7:39:29:b7:fe:82:62:f8:88:cb:c9:00:9d:ae:85:0f:b5:
d2:6a:19:02:c7:fd:e1:22:7f:5a:c4:29:36:c6:7c:94:20:02:
86:af:76:b7:0e:9e:f4:1e:4d:06:0d:dc:05:c9:0a:33:8e:c3:
95:98:4c:78:46:40:35:56:c1:df:de:19:c9:d4:a5:3b:a2:d7:
42:36:f1:31:71:3c:fa:6e:99:ea:bb:a2:2d:83:71:7f:53:1c:
27:f8:08:3b:bd:95:fa:5a:93:ed:d1:f5:46:9e:99:fa:7e:fa:
1f:6e:7c:f1:30:f9:35:d0:67:ce:63:b4:e7:2d:25:2e:7d:c1:
4d:ad:6f:ee:e5:ed:d0:cf:7b:c1:04:c4:be:14:f1:9d:00:17:
ce:9f:22:77:8d:8b:ae:62:3a:67:b7:81:04:f3:89:64:e0:4e:
2d:0f:10:b6:3f:66:95:db:98:3e:42:52:db:86:21:48:dc:2f:
df:85:2f:8d:b0:48:97:66:b8:3a:ed:43:67:43:6a:76:f8:f0:
21:05:0c:5c:f0:27:5a:98:d0:ca:ef:78:bc:3e:a1:07:2f:51:
4e:17:c0:43:6f:60:71:3e:06:71:51:4a:24:f1:84:ca:8a:8c:
a0:f1:8c:fa
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQf+qcMSNZPi/598fNrg1/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMzA0YWY1NTM1M2MwMzE0NmY3ZjNhNjBjNmFiNTgwNGRk
YTVjZTEwHhcNMjUwMTAxMDM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjI2ODJmMmE0MzZkMTlkYmYwNjlhYmJjYWVkODg5ZTQ4OWE2MDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFvPq7KaR1CjgFihrtPs4fpudrcw
Qa1uZW+L40tmGZ+pcTZNseCs70AN1/Jlu+nCjZE871TeX0YYy8TowRIbbUxQk0fl
yKAxb3d8AJkPZt4zzfx6I5n1FJFI/UnTpNQ7nMITv8sXRyTgiY6j0bn0VRvyUjyA
8jHlZaGCxEY952R2TxVtBk/Jw7uFjfFwr8vH9OBdJjX8JI/kLQhoTSp8gH4+Z12n
7BZAhjIoQ9usMjWg2wTHVIzbTkIpjsH+bQx6iCgJQLVG4vuIfQdg9505SkuTvth/
P7vtnjFa3MWvmBJ9eMS4nGgJYFs3CZmBJhvDdZwIpdWiaFf9UgTfyNmT6wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFPsmgvKkNtGdvwaau8rtiJ5ImmBTMB8GA1UdIwQY
MBaAFIowSvVTU8AxRvfzpgxqtYBN2lzhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWpCSzlWTlR3REZHOV9PbURHcTFnRTNhWE9FLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC82N2Y2MzEtN2YwNy00ZDhlLTllOTYt
MWY0NzE0MjhiMzYzLzEvMS15YUM4cVEyMFoyX0JwcTd5dTJJbmtpYVlGTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvNjdmNjMxLTdmMDctNGQ4ZS05ZTk2LTFmNDcxNDI4YjM2
My8xL2lqQks5Vk5Ud0RGRzlfT21ER3ExZ0UzYVhPRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBRBggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAVJ2gAME
AFJ2hjAMAwQBUnaSAwQBUnaUAwQBUnaeAwQAX6vgAwQAX6vjAwQAX6v4AwQA1CZm
MA0GCSqGSIb3DQEBCwUAA4IBAQBTebGHKjtVTtr4Yl/axU2B9yA+tzkpt/6CYviI
y8kAna6FD7XSahkCx/3hIn9axCk2xnyUIAKGr3a3Dp70Hk0GDdwFyQozjsOVmEx4
RkA1VsHf3hnJ1KU7otdCNvExcTz6bpnqu6Itg3F/Uxwn+Ag7vZX6WpPt0fVGnpn6
fvofbnzxMPk10GfOY7TnLSUufcFNrW/u5e3Qz3vBBMS+FPGdABfOnyJ3jYuuYjpn
t4EE84lk4E4tDxC2P2aV25g+QlLbhiFI3C/fhS+NsEiXZrg67UNnQ2p2+PAhBQxc
8CdamNDK73i8PqEHL1FOF8BDb2BxPgZxUUok8YTKioyg8Yz6
-----END CERTIFICATE-----
Generated at Tue Apr 29 16:21:46 2025 by rpki-client