Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/SdQ4HQtDuhs62mgSu4s5F3kBfeY.roa
File: SdQ4HQtDuhs62mgSu4s5F3kBfeY.roa (raw, json)
Hash identifier: 3GlhgITM6BsMC7hJZxpFTNrb8BNiSG5ND2dtwYf1W+I=
Subject key identifier: 49:D4:38:1D:0B:43:BA:1B:3A:DA:68:12:BB:8B:39:17:79:01:7D:E6
Certificate issuer: /CN=c089423af1be03027196d1f81df22992978cda6e
Certificate serial: 06BF26B2
Authority key identifier: C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/SdQ4HQtDuhs62mgSu4s5F3kBfeY.roa
Signing time: Sat 01 Jan 2022 11:03:14 +0000
ROA not before: Sat 01 Jan 2022 11:03:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138968
IP address blocks: 212.115.54.0/24 maxlen: 24
212.115.53.0/24 maxlen: 24
212.115.55.0/24 maxlen: 24
212.115.52.0/22 maxlen: 24
212.115.52.0/24 maxlen: 24
93.187.128.0/22 maxlen: 24
93.90.72.0/23 maxlen: 24
2a0c:640::/29 maxlen: 29
2a0d:2480::/29 maxlen: 29
2a0c:9380::/29 maxlen: 29
2a0c:f480::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113190578 (0x6bf26b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c089423af1be03027196d1f81df22992978cda6e
Validity
Not Before: Jan 1 11:03:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49d4381d0b43ba1b3ada6812bb8b391779017de6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:70:a3:88:1e:ff:94:c5:11:28:2b:de:96:5f:
0c:53:e8:1b:c0:ad:f7:1b:85:6b:6c:2d:09:46:ae:
80:55:b3:a0:34:9d:85:70:b7:87:b6:98:15:76:a0:
91:c8:57:77:8f:1e:23:27:26:c7:e5:31:07:3a:40:
09:68:1e:23:c6:d6:34:39:08:d5:de:3e:10:0d:50:
0c:b3:99:5a:75:12:b9:db:2e:60:f3:c0:f2:60:cd:
a6:6c:02:f7:76:25:77:75:ef:cb:39:66:17:90:8b:
59:eb:24:1e:aa:a1:89:78:d2:01:4c:96:e5:09:46:
41:ec:d9:c4:d6:d8:72:73:5d:19:ea:82:99:d1:a9:
f2:24:bb:75:29:90:d3:53:85:75:cf:93:ab:d7:32:
33:dd:8e:51:cf:8c:6f:36:c1:47:5a:f9:00:42:1a:
04:8e:60:89:c6:7f:82:80:89:58:d4:bb:e5:db:c7:
d5:0c:9b:ca:db:bb:de:88:40:ea:f3:4d:ed:cf:6d:
0b:52:59:d4:9a:4d:5e:15:14:40:bd:64:a4:15:29:
dd:ef:e2:2f:8a:6a:e0:6d:0b:0d:44:8e:92:3b:f7:
8e:de:a3:3f:cf:aa:60:1a:67:9f:45:aa:df:e3:c7:
20:cd:d5:f1:c1:c1:7b:75:c7:93:06:c2:28:75:ab:
63:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D4:38:1D:0B:43:BA:1B:3A:DA:68:12:BB:8B:39:17:79:01:7D:E6
X509v3 Authority Key Identifier:
keyid:C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/SdQ4HQtDuhs62mgSu4s5F3kBfeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.90.72.0/23
93.187.128.0/22
212.115.52.0/22
IPv6:
2a0c:640::/29
2a0c:9380::/29
2a0c:f480::/29
2a0d:2480::/29
Signature Algorithm: sha256WithRSAEncryption
c3:a2:82:8d:10:f9:28:77:bb:85:a4:87:7a:a5:3b:37:a5:55:
31:c4:02:17:b9:ac:d1:0e:a3:a2:70:5a:b3:87:4f:be:b4:7c:
d9:e8:16:65:21:ac:0e:25:58:d1:1d:27:b9:a7:99:d4:eb:de:
b1:a4:44:1e:46:61:1d:a7:6f:3c:2d:71:2f:2b:0b:0a:b7:28:
b1:54:40:33:c5:2c:10:85:09:1c:9c:72:b6:62:1c:c1:5c:a0:
cd:3e:7a:44:81:0e:87:8e:2f:39:54:eb:fe:07:fb:9e:42:15:
12:e8:91:cb:cb:60:43:b3:2a:65:74:91:d8:65:1d:32:f8:49:
e1:38:02:b0:da:d9:81:df:38:79:e6:8d:4e:33:95:1b:91:28:
b2:68:db:db:53:18:16:38:db:e9:3a:72:76:9e:d9:42:ad:1e:
26:aa:2d:b1:e4:92:a5:81:05:0e:ea:bc:64:a5:56:80:7f:ac:
29:96:be:62:bb:bd:c2:e6:1b:1e:72:97:4c:eb:b6:2b:5d:3a:
1d:cb:86:75:b9:a3:1c:3d:c6:c6:ec:ad:a6:5e:f9:9b:0e:08:
3b:36:fa:7a:05:b2:98:11:c9:da:4d:28:d2:7f:89:09:37:79:
92:f8:6c:a0:40:f3:ba:57:d3:8b:fd:94:eb:fd:f9:de:ce:b3:
d1:42:ee:00
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBr8msjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MDg5NDIzYWYxYmUwMzAyNzE5NmQxZjgxZGYyMjk5Mjk3OGNkYTZlMB4XDTIyMDEw
MTExMDMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDlkNDM4MWQwYjQz
YmExYjNhZGE2ODEyYmI4YjM5MTc3OTAxN2RlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtwo4ge/5TFESgr3pZfDFPoG8Ct9xuFa2wtCUaugFWzoDSd
hXC3h7aYFXagkchXd48eIycmx+UxBzpACWgeI8bWNDkI1d4+EA1QDLOZWnUSudsu
YPPA8mDNpmwC93Yld3XvyzlmF5CLWeskHqqhiXjSAUyW5QlGQezZxNbYcnNdGeqC
mdGp8iS7dSmQ01OFdc+Tq9cyM92OUc+MbzbBR1r5AEIaBI5gicZ/goCJWNS75dvH
1Qybytu73ohA6vNN7c9tC1JZ1JpNXhUUQL1kpBUp3e/iL4pq4G0LDUSOkjv3jt6j
P8+qYBpnn0Wq3+PHIM3V8cHBe3XHkwbCKHWrY00CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBRJ1DgdC0O6GzraaBK7izkXeQF95jAfBgNVHSMEGDAWgBTAiUI68b4DAnGW
0fgd8imSl4zabjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dJbENPdkctQXdKeGx0SDRIZklwa3BlTTJtNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvZGMyOTEyLWM3YjAtNGRmNC05YWE4LTY1MzMyYjQ3ZjVlYi8x
L1NkUTRIUXREdWhzNjJtZ1N1NHM1RjNrQmZlWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
ZGMyOTEyLWM3YjAtNGRmNC05YWE4LTY1MzMyYjQ3ZjVlYi8xL3dJbENPdkctQXdK
eGx0SDRIZklwa3BlTTJtNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wGAQCAAEwEgMEAV1aSAMEAl27gAMEAtRzNDAiBAIA
AjAcAwUDKgwGQAMFAyoMk4ADBQMqDPSAAwUDKg0kgDANBgkqhkiG9w0BAQsFAAOC
AQEAw6KCjRD5KHe7haSHeqU7N6VVMcQCF7ms0Q6jonBas4dPvrR82egWZSGsDiVY
0R0nuaeZ1OvesaREHkZhHadvPC1xLysLCrcosVRAM8UsEIUJHJxytmIcwVygzT56
RIEOh44vOVTr/gf7nkIVEuiRy8tgQ7MqZXSR2GUdMvhJ4TgCsNrZgd84eeaNTjOV
G5Eosmjb21MYFjjb6Tpydp7ZQq0eJqotseSSpYEFDuq8ZKVWgH+sKZa+Yru9wuYb
HnKXTOu2K106HcuGdbmjHD3Gxuytpl75mw4IOzb6egWymBHJ2k0o0n+JCTd5kvhs
oEDzulfTi/2U6/353s6z0ULuAA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:21 2025 by rpki-client