Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/4wHZ-JWh0hvIYD9MZPVFfTzrB6s.roa
File: 4wHZ-JWh0hvIYD9MZPVFfTzrB6s.roa (raw, json)
Hash identifier: FAcgbYr3l0IpOEa8D57adnOHgkznzhVFY/ccsCkp6vw=
Subject key identifier: E3:01:D9:F8:95:A1:D2:1B:C8:60:3F:4C:64:F5:45:7D:3C:EB:07:AB
Certificate issuer: /CN=c089423af1be03027196d1f81df22992978cda6e
Certificate serial: 01856D13CA2F66C0ED6DEFDB5E5F660EB478
Authority key identifier: C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/4wHZ-JWh0hvIYD9MZPVFfTzrB6s.roa
Signing time: Sun 01 Jan 2023 11:24:51 +0000
ROA not before: Sun 01 Jan 2023 11:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138968
IP address blocks: 212.115.54.0/24 maxlen: 24
212.115.53.0/24 maxlen: 24
212.115.55.0/24 maxlen: 24
212.115.52.0/22 maxlen: 24
212.115.52.0/24 maxlen: 24
93.187.128.0/22 maxlen: 24
93.90.72.0/23 maxlen: 24
2a0c:640::/29 maxlen: 29
2a0d:2480::/29 maxlen: 29
2a0c:9380::/29 maxlen: 29
2a0c:f480::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:ca:2f:66:c0:ed:6d:ef:db:5e:5f:66:0e:b4:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c089423af1be03027196d1f81df22992978cda6e
Validity
Not Before: Jan 1 11:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e301d9f895a1d21bc8603f4c64f5457d3ceb07ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:69:65:0e:7c:4d:fa:52:9c:dd:b2:a1:d2:f8:
42:b1:a5:41:cf:60:ae:be:fe:30:50:67:8f:53:bc:
d0:f1:ad:33:9a:5a:77:e2:22:d1:51:ae:3d:8b:25:
ff:5b:a8:d3:13:ba:55:12:c3:9f:7e:23:03:c8:d7:
1b:b7:6a:37:fb:20:65:6d:ef:63:b0:64:30:d4:85:
5e:5e:ae:70:24:c5:79:79:86:4e:e2:85:c0:b0:e3:
56:78:2a:12:37:6a:58:44:4a:c1:49:33:e2:a2:15:
4b:80:4c:2c:19:96:89:fc:9a:f3:1b:a0:f0:71:53:
8d:cf:b5:ae:c1:bb:00:54:42:50:e1:f8:df:4d:32:
e1:f2:99:7d:9d:44:5f:22:7b:07:28:4e:b0:1e:09:
47:bc:31:dc:6e:8d:81:70:22:2d:15:4b:7a:54:6d:
04:c2:63:0c:6c:c2:58:bd:50:09:87:e6:e2:07:56:
09:1a:c7:47:1d:df:7f:74:0a:13:71:3c:c7:0d:21:
3a:83:09:77:2e:c4:e2:db:f7:c0:d6:bc:11:c0:de:
0c:89:9e:34:81:9e:be:40:e9:86:8d:a0:f1:6e:72:
0b:c1:f8:c5:c7:b4:c9:c3:a6:fa:02:94:19:ba:a0:
26:76:ef:16:b1:48:ba:8d:4e:e0:47:7a:7b:2c:a7:
62:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:01:D9:F8:95:A1:D2:1B:C8:60:3F:4C:64:F5:45:7D:3C:EB:07:AB
X509v3 Authority Key Identifier:
keyid:C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/4wHZ-JWh0hvIYD9MZPVFfTzrB6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.90.72.0/23
93.187.128.0/22
212.115.52.0/22
IPv6:
2a0c:640::/29
2a0c:9380::/29
2a0c:f480::/29
2a0d:2480::/29
Signature Algorithm: sha256WithRSAEncryption
6e:39:7c:a8:d1:56:7c:03:e6:db:eb:28:4c:c6:f3:a8:fe:c1:
f6:87:4f:65:62:20:81:b8:8a:d2:c8:c4:81:82:bf:aa:68:7e:
61:13:3c:94:48:e9:6f:2c:8f:7f:26:db:02:97:16:60:dc:f9:
cf:ed:57:3c:48:4d:cd:8f:8b:3f:b8:42:c0:f7:72:5b:47:f2:
09:2d:d8:12:1b:9e:28:f4:d3:62:a5:11:b7:bd:ad:ad:5d:64:
67:a0:58:6a:10:60:98:f3:54:6f:80:8b:ad:95:68:fa:bc:9a:
99:47:ba:86:51:21:64:bb:7f:c7:27:43:84:ce:24:b8:28:a4:
77:7a:ac:78:dd:13:0c:e8:84:a9:81:86:df:cc:97:a6:f4:54:
ac:e3:76:a3:59:ab:34:7d:d2:06:45:5a:a7:8f:24:de:1d:d5:
43:39:d4:c4:86:38:ba:24:9a:a3:7e:32:31:f8:01:24:df:39:
81:99:71:10:51:5f:f6:8d:04:c4:6a:28:8c:3b:7d:a4:24:ba:
ea:d2:bc:31:ba:02:04:be:75:eb:d6:5a:a4:13:7b:1e:74:18:
59:bc:4e:f4:75:ca:ac:67:d6:d6:ad:30:fa:f4:09:eb:59:78:
11:2d:08:3b:6d:ca:fe:a5:22:18:47:43:5c:b2:8a:49:a4:c5:
87:e4:2b:ce
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVtE8ovZsDtbe/bXl9mDrR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODk0MjNhZjFiZTAzMDI3MTk2ZDFmODFkZjIyOTkyOTc4
Y2RhNmUwHhcNMjMwMTAxMTEyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzAxZDlmODk1YTFkMjFiYzg2MDNmNGM2NGY1NDU3ZDNjZWIwN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWllDnxN+lKc3bKh0vhCsaVBz2Cu
vv4wUGePU7zQ8a0zmlp34iLRUa49iyX/W6jTE7pVEsOffiMDyNcbt2o3+yBlbe9j
sGQw1IVeXq5wJMV5eYZO4oXAsONWeCoSN2pYRErBSTPiohVLgEwsGZaJ/JrzG6Dw
cVONz7WuwbsAVEJQ4fjfTTLh8pl9nURfInsHKE6wHglHvDHcbo2BcCItFUt6VG0E
wmMMbMJYvVAJh+biB1YJGsdHHd9/dAoTcTzHDSE6gwl3LsTi2/fA1rwRwN4MiZ40
gZ6+QOmGjaDxbnILwfjFx7TJw6b6ApQZuqAmdu8WsUi6jU7gR3p7LKdiSwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOMB2fiVodIbyGA/TGT1RX086werMB8GA1UdIwQY
MBaAFMCJQjrxvgMCcZbR+B3yKZKXjNpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgt
NjUzMzJiNDdmNWViLzEvNHdIWi1KV2gwaHZJWUQ5TVpQVkZmVHpyQjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgtNjUzMzJiNDdmNWVi
LzEvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAYBAIAATASAwQBXVpIAwQC
XbuAAwQC1HM0MCIEAgACMBwDBQMqDAZAAwUDKgyTgAMFAyoM9IADBQMqDSSAMA0G
CSqGSIb3DQEBCwUAA4IBAQBuOXyo0VZ8A+bb6yhMxvOo/sH2h09lYiCBuIrSyMSB
gr+qaH5hEzyUSOlvLI9/JtsClxZg3PnP7Vc8SE3Nj4s/uELA93JbR/IJLdgSG54o
9NNipRG3va2tXWRnoFhqEGCY81RvgIutlWj6vJqZR7qGUSFku3/HJ0OEziS4KKR3
eqx43RMM6ISpgYbfzJem9FSs43ajWas0fdIGRVqnjyTeHdVDOdTEhji6JJqjfjIx
+AEk3zmBmXEQUV/2jQTEaiiMO32kJLrq0rwxugIEvnXr1lqkE3sedBhZvE70dcqs
Z9bWrTD69AnrWXgRLQg7bcr+pSIYR0NcsopJpMWH5CvO
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:04 2025 by rpki-client