Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/4k1OS7dRf3iSaRumOiOziEUCmEA.roa
File: 4k1OS7dRf3iSaRumOiOziEUCmEA.roa (raw, json)
Hash identifier: gD8lB9/zUSjeK3l8tJpj7M0/fQ8+RFjCtcypRw8tksE=
Subject key identifier: E2:4D:4E:4B:B7:51:7F:78:92:69:1B:A6:3A:23:B3:88:45:02:98:40
Certificate issuer: /CN=c089423af1be03027196d1f81df22992978cda6e
Certificate serial: 01895308C81F6818A25C9552839D0754FB1A
Authority key identifier: C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/4k1OS7dRf3iSaRumOiOziEUCmEA.roa
Signing time: Fri 14 Jul 2023 06:13:51 +0000
ROA not before: Fri 14 Jul 2023 06:13:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55933
IP address blocks: 185.242.232.0/22 maxlen: 24
185.245.40.0/22 maxlen: 24
93.187.128.0/22 maxlen: 24
185.239.84.0/23 maxlen: 23
185.239.84.0/22 maxlen: 24
185.239.86.0/23 maxlen: 23
84.252.102.0/23 maxlen: 24
2a0d:2480::/29 maxlen: 29
2a0c:f480::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:53:08:c8:1f:68:18:a2:5c:95:52:83:9d:07:54:fb:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c089423af1be03027196d1f81df22992978cda6e
Validity
Not Before: Jul 14 06:13:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e24d4e4bb7517f7892691ba63a23b38845029840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:12:be:bd:e0:ae:8a:0d:b7:e8:92:4c:3c:06:
24:02:76:d3:00:f0:14:1c:22:5c:b9:67:47:a7:74:
8c:09:ab:e7:c2:91:cf:2c:4e:2e:92:eb:b6:e6:51:
fe:1c:25:4c:ef:fc:8b:f7:3a:db:27:94:cb:48:39:
19:12:31:26:0e:eb:af:75:00:7a:a5:d8:0e:2f:1f:
2e:2d:20:34:d0:14:71:da:46:6e:a7:83:f3:8d:c7:
eb:26:9f:38:75:00:61:38:99:ac:b2:2d:de:bc:21:
5a:39:21:ed:bc:54:01:83:33:b3:5c:a8:6e:61:26:
20:8d:c6:f9:e3:e9:44:45:6a:6f:51:03:8e:ad:e9:
54:a6:45:0a:87:ec:24:e4:8b:8e:c9:34:96:c9:23:
d7:a4:b2:fa:cf:d5:b7:d3:0b:6e:e6:ba:4a:92:92:
9d:07:71:8b:72:8e:37:c1:dc:65:e3:e2:9f:65:d3:
16:9e:a9:e1:74:f3:a1:7a:82:15:f8:86:02:fd:30:
6b:0a:e1:c1:9a:c7:4b:57:e8:25:4c:07:bd:7e:45:
c0:fe:0b:0e:c7:4b:5d:5f:3b:f4:92:31:95:58:4c:
98:ee:19:3a:c5:85:f8:14:e0:90:59:d9:29:35:7c:
85:f0:0d:e2:31:ad:b0:6a:78:bc:8a:2e:db:18:d3:
d8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:4D:4E:4B:B7:51:7F:78:92:69:1B:A6:3A:23:B3:88:45:02:98:40
X509v3 Authority Key Identifier:
keyid:C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/4k1OS7dRf3iSaRumOiOziEUCmEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.102.0/23
93.187.128.0/22
185.239.84.0/22
185.242.232.0/22
185.245.40.0/22
IPv6:
2a0c:f480::/29
2a0d:2480::/29
Signature Algorithm: sha256WithRSAEncryption
44:60:ee:85:05:6d:5a:0a:ee:cb:93:a2:65:c8:c1:22:fd:d8:
2a:40:64:c6:f5:1a:e2:a2:e4:3c:f9:82:b9:12:c9:f2:7c:0d:
b2:fd:36:ed:90:61:9d:d2:14:a5:75:9d:40:0e:f4:6c:4a:cf:
fe:ad:cc:75:6e:62:89:4e:53:5c:31:bd:e3:7a:76:dc:e7:95:
b7:84:c1:e7:c5:a2:e9:e2:7c:68:1c:23:93:5b:84:7d:ab:95:
36:fe:a9:ce:b4:26:48:e2:e3:60:03:76:b1:9d:81:e8:b0:db:
ae:9a:2a:75:d0:f9:2d:48:1e:cf:86:d4:50:a1:93:ae:4c:16:
23:81:21:75:35:bf:79:a2:af:08:1d:c1:0b:d7:cd:a0:dc:33:
57:51:10:b1:97:d5:b3:ad:25:14:d3:18:f4:42:25:f6:c9:37:
2d:36:34:ef:39:83:d9:f1:84:c9:d8:af:7e:9e:83:ca:eb:1e:
81:61:3d:89:60:03:57:52:aa:cb:0f:f4:44:ab:b9:d0:54:e6:
4b:da:91:c0:94:14:80:5e:d7:c6:0b:4c:42:a8:4b:2e:a3:c7:
47:24:94:8d:0a:c3:02:f4:9a:90:a4:d5:a2:99:de:1c:72:be:
36:58:93:a5:da:01:55:02:d7:67:9b:e1:6b:ed:97:f3:cc:5e:
e1:ca:5c:d3
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYlTCMgfaBiiXJVSg50HVPsaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODk0MjNhZjFiZTAzMDI3MTk2ZDFmODFkZjIyOTkyOTc4
Y2RhNmUwHhcNMjMwNzE0MDYxMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjRkNGU0YmI3NTE3Zjc4OTI2OTFiYTYzYTIzYjM4ODQ1MDI5ODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBK+veCuig236JJMPAYkAnbTAPAU
HCJcuWdHp3SMCavnwpHPLE4ukuu25lH+HCVM7/yL9zrbJ5TLSDkZEjEmDuuvdQB6
pdgOLx8uLSA00BRx2kZup4PzjcfrJp84dQBhOJmssi3evCFaOSHtvFQBgzOzXKhu
YSYgjcb54+lERWpvUQOOrelUpkUKh+wk5IuOyTSWySPXpLL6z9W30wtu5rpKkpKd
B3GLco43wdxl4+KfZdMWnqnhdPOheoIV+IYC/TBrCuHBmsdLV+glTAe9fkXA/gsO
x0tdXzv0kjGVWEyY7hk6xYX4FOCQWdkpNXyF8A3iMa2wani8ii7bGNPYcQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFOJNTku3UX94kmkbpjojs4hFAphAMB8GA1UdIwQY
MBaAFMCJQjrxvgMCcZbR+B3yKZKXjNpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgt
NjUzMzJiNDdmNWViLzEvNGsxT1M3ZFJmM2lTYVJ1bU9pT3ppRVVDbUVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgtNjUzMzJiNDdmNWVi
LzEvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQBVPxmAwQC
XbuAAwQCue9UAwQCufLoAwQCufUoMBQEAgACMA4DBQMqDPSAAwUDKg0kgDANBgkq
hkiG9w0BAQsFAAOCAQEARGDuhQVtWgruy5OiZcjBIv3YKkBkxvUa4qLkPPmCuRLJ
8nwNsv027ZBhndIUpXWdQA70bErP/q3MdW5iiU5TXDG943p23OeVt4TB58Wi6eJ8
aBwjk1uEfauVNv6pzrQmSOLjYAN2sZ2B6LDbrpoqddD5LUgez4bUUKGTrkwWI4Eh
dTW/eaKvCB3BC9fNoNwzV1EQsZfVs60lFNMY9EIl9sk3LTY07zmD2fGEydivfp6D
yusegWE9iWADV1Kqyw/0RKu50FTmS9qRwJQUgF7XxgtMQqhLLqPHRySUjQrDAvSa
kKTVopneHHK+NliTpdoBVQLXZ5vha+2X88xe4cpc0w==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:59 2025 by rpki-client