Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/GnfdzN9jKjpbDRP8Ru-6TRNc0VI.roa
File: GnfdzN9jKjpbDRP8Ru-6TRNc0VI.roa (raw, json)
Hash identifier: 6TP8rz/Xkus15O2Gb8f03moORbjFYBkpzayrG6NeCB4=
Subject key identifier: 1A:77:DD:CC:DF:63:2A:3A:5B:0D:13:FC:46:EF:BA:4D:13:5C:D1:52
Certificate issuer: /CN=c089423af1be03027196d1f81df22992978cda6e
Certificate serial: 01837F91BE2DC9D4DF10B9780ADE8503F793
Authority key identifier: C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/GnfdzN9jKjpbDRP8Ru-6TRNc0VI.roa
Signing time: Tue 27 Sep 2022 15:30:01 +0000
ROA not before: Tue 27 Sep 2022 15:30:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 328543
IP address blocks: 185.249.60.0/22 maxlen: 23
2a0c:640::/29 maxlen: 29
2a0d:2480::/29 maxlen: 29
2a0c:f480::/29 maxlen: 29
2a0c:9380::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7f:91:be:2d:c9:d4:df:10:b9:78:0a:de:85:03:f7:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c089423af1be03027196d1f81df22992978cda6e
Validity
Not Before: Sep 27 15:30:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a77ddccdf632a3a5b0d13fc46efba4d135cd152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a7:c3:6c:6d:4a:59:2e:74:12:39:95:8c:c7:
a1:03:c6:d7:c0:ea:9d:04:6d:88:b6:da:03:10:00:
7c:7f:97:80:3c:d4:c8:dc:5b:ae:02:73:9b:cc:0a:
95:2d:bb:58:ea:fb:d0:d9:f0:08:6b:a7:4c:80:65:
e7:ae:d8:ae:f9:c6:db:ea:89:72:89:1e:4f:fe:55:
28:f8:3c:c9:32:d0:19:d6:7b:79:71:fc:94:d3:6c:
91:d8:d8:6c:93:cd:d0:c8:7e:02:20:3b:8f:70:cf:
c7:60:00:bd:70:9b:b0:82:68:5a:32:5b:cd:46:bd:
74:98:29:c4:e3:f1:f1:1e:9a:c6:12:5a:de:92:2c:
ec:fc:59:69:d4:1f:bd:f7:6a:91:8d:48:c1:38:95:
28:b5:91:8a:ea:cf:07:ae:95:cf:29:a2:e1:6b:ed:
9f:c8:2f:86:cf:69:8a:8a:b9:01:79:0f:3b:79:99:
b4:a5:11:5c:38:3a:a7:32:4d:8c:23:aa:06:58:cb:
8f:56:9b:58:c5:b9:f7:f2:ed:64:2d:7b:d9:2b:b4:
ce:68:40:f8:99:e0:17:a6:ba:bf:0b:53:87:6a:d4:
94:94:12:6e:e6:31:c3:38:53:da:10:0e:93:44:c7:
1f:82:bc:22:ee:2b:af:ec:7c:e8:59:ed:50:b0:6f:
1e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:77:DD:CC:DF:63:2A:3A:5B:0D:13:FC:46:EF:BA:4D:13:5C:D1:52
X509v3 Authority Key Identifier:
keyid:C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/GnfdzN9jKjpbDRP8Ru-6TRNc0VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.60.0/22
IPv6:
2a0c:640::/29
2a0c:9380::/29
2a0c:f480::/29
2a0d:2480::/29
Signature Algorithm: sha256WithRSAEncryption
03:dd:da:6e:c5:a7:29:c7:a0:76:bc:84:48:96:c7:7e:ee:5f:
4f:a4:24:17:75:c1:a1:eb:f2:7f:79:82:8f:c5:42:ea:63:ef:
97:c5:4f:2f:89:36:75:e8:eb:e9:f2:0e:2b:7b:e9:03:74:08:
74:8d:5d:69:b8:0b:07:2f:36:75:e1:07:17:ef:1d:4c:ab:08:
e1:b6:9d:d4:f6:58:73:20:23:1d:cd:2c:22:5c:44:c6:2a:e5:
14:7a:26:7b:ad:da:32:09:39:a6:dd:26:bb:c4:31:2f:97:55:
1c:9e:7c:00:b7:3c:ce:00:a3:89:32:ed:2d:1c:d6:bf:30:7a:
6d:46:08:db:61:17:0f:f4:ef:36:61:bc:f3:bb:e0:cc:d5:b9:
c1:c2:5f:5d:1b:2d:9b:4d:6d:8a:9f:51:6a:9c:6f:8a:63:de:
8e:78:cc:98:07:7d:35:e8:fc:dc:6d:f1:42:de:44:cb:71:75:
47:50:45:fb:7d:5c:58:9e:b5:7b:cb:cb:cc:35:73:6b:2a:29:
d9:29:58:12:25:f4:eb:04:c8:37:db:38:89:93:e5:37:ef:03:
b8:f6:bf:df:93:31:b3:02:c2:43:ba:8a:f9:55:47:aa:79:d5:
19:99:c6:7f:16:ea:85:a2:1d:b5:55:08:3f:e3:ad:07:6a:89:
f8:b0:8e:1d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYN/kb4tydTfELl4Ct6FA/eTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODk0MjNhZjFiZTAzMDI3MTk2ZDFmODFkZjIyOTkyOTc4
Y2RhNmUwHhcNMjIwOTI3MTUzMDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTc3ZGRjY2RmNjMyYTNhNWIwZDEzZmM0NmVmYmE0ZDEzNWNkMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsafDbG1KWS50EjmVjMehA8bXwOqd
BG2IttoDEAB8f5eAPNTI3FuuAnObzAqVLbtY6vvQ2fAIa6dMgGXnrtiu+cbb6oly
iR5P/lUo+DzJMtAZ1nt5cfyU02yR2Nhsk83QyH4CIDuPcM/HYAC9cJuwgmhaMlvN
Rr10mCnE4/HxHprGElrekizs/Flp1B+992qRjUjBOJUotZGK6s8HrpXPKaLha+2f
yC+Gz2mKirkBeQ87eZm0pRFcODqnMk2MI6oGWMuPVptYxbn38u1kLXvZK7TOaED4
meAXprq/C1OHatSUlBJu5jHDOFPaEA6TRMcfgrwi7iuv7HzoWe1QsG8ezQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBp33czfYyo6Ww0T/Ebvuk0TXNFSMB8GA1UdIwQY
MBaAFMCJQjrxvgMCcZbR+B3yKZKXjNpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgt
NjUzMzJiNDdmNWViLzEvR25mZHpOOWpLanBiRFJQOFJ1LTZUUk5jMFZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgtNjUzMzJiNDdmNWVi
LzEvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAMBAIAATAGAwQCufk8MCIE
AgACMBwDBQMqDAZAAwUDKgyTgAMFAyoM9IADBQMqDSSAMA0GCSqGSIb3DQEBCwUA
A4IBAQAD3dpuxacpx6B2vIRIlsd+7l9PpCQXdcGh6/J/eYKPxULqY++XxU8viTZ1
6Ovp8g4re+kDdAh0jV1puAsHLzZ14QcX7x1Mqwjhtp3U9lhzICMdzSwiXETGKuUU
eiZ7rdoyCTmm3Sa7xDEvl1UcnnwAtzzOAKOJMu0tHNa/MHptRgjbYRcP9O82Ybzz
u+DM1bnBwl9dGy2bTW2Kn1FqnG+KY96OeMyYB3016PzcbfFC3kTLcXVHUEX7fVxY
nrV7y8vMNXNrKinZKVgSJfTrBMg32ziJk+U37wO49r/fkzGzAsJDuor5VUeqedUZ
mcZ/FuqFoh21VQg/460Haon4sI4d
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:46 2025 by rpki-client