Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/cxLUtvRc1PE7p_j4spKLO77ND2g.roa
File: cxLUtvRc1PE7p_j4spKLO77ND2g.roa (raw, json)
Hash identifier: 62Na0cXlNHEPB5HNROm00kPAIvHRuW520fWysT/wQWE=
Subject key identifier: 73:12:D4:B6:F4:5C:D4:F1:3B:A7:F8:F8:B2:92:8B:3B:BE:CD:0F:68
Certificate issuer: /CN=c089423af1be03027196d1f81df22992978cda6e
Certificate serial: 019427486F522D6BD8A0208DFA1739FBCCC6
Authority key identifier: C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/cxLUtvRc1PE7p_j4spKLO77ND2g.roa
Signing time: Thu 02 Jan 2025 13:50:46 +0000
ROA not before: Thu 02 Jan 2025 13:50:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138968
IP address blocks: 93.90.72.0/23 maxlen: 24
93.187.128.0/22 maxlen: 24
212.115.52.0/22 maxlen: 24
212.115.52.0/24 maxlen: 24
212.115.53.0/24 maxlen: 24
212.115.54.0/24 maxlen: 24
212.115.55.0/24 maxlen: 24
2a0c:640::/29 maxlen: 29
2a0c:9380::/29 maxlen: 29
2a0c:f480::/29 maxlen: 29
2a0d:2480::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:6f:52:2d:6b:d8:a0:20:8d:fa:17:39:fb:cc:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c089423af1be03027196d1f81df22992978cda6e
Validity
Not Before: Jan 2 13:50:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7312d4b6f45cd4f13ba7f8f8b2928b3bbecd0f68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cb:5a:ed:88:3d:bf:86:a9:6d:c3:6b:aa:e1:
5d:00:6d:6a:d0:c3:dc:c9:42:c7:1a:c5:1f:e6:42:
24:21:c7:76:63:22:e5:9c:dc:06:bb:09:1f:09:da:
12:9f:3a:f3:6b:77:a8:d7:68:e8:b3:35:76:eb:cb:
47:87:fd:de:92:e7:be:36:ee:43:b3:48:bc:62:59:
51:4a:18:eb:fd:51:1b:a0:a8:83:5b:ef:a6:6e:e6:
78:8a:b8:ab:b7:bb:d9:8b:26:92:97:22:f3:97:6e:
82:a3:5b:fb:9a:83:df:d1:1f:2d:ad:45:2d:b3:fa:
40:15:2a:3e:5d:7d:74:4b:bd:20:d5:a2:c4:35:09:
5d:55:65:a6:f3:a2:8c:90:9f:74:fc:67:99:06:f2:
75:97:e3:f9:e6:42:4f:02:74:9e:5c:c1:f9:fd:28:
f6:7b:56:9c:60:30:87:19:a3:ad:9c:e9:4b:dc:19:
38:fd:c2:4d:1e:ff:c5:a4:de:7a:37:c9:29:57:d9:
73:eb:fa:09:24:48:4e:24:05:7b:42:33:e4:c3:13:
39:10:e2:c7:21:0f:15:e7:b9:7b:12:14:2e:5f:02:
70:11:4a:31:e2:40:87:b6:a7:c4:85:8b:66:da:cb:
6a:a3:9c:f7:5f:cf:7e:b0:aa:9b:ad:3f:e2:2b:26:
3a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:12:D4:B6:F4:5C:D4:F1:3B:A7:F8:F8:B2:92:8B:3B:BE:CD:0F:68
X509v3 Authority Key Identifier:
keyid:C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/cxLUtvRc1PE7p_j4spKLO77ND2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.90.72.0/23
93.187.128.0/22
212.115.52.0/22
IPv6:
2a0c:640::/29
2a0c:9380::/29
2a0c:f480::/29
2a0d:2480::/29
Signature Algorithm: sha256WithRSAEncryption
9f:b9:1a:57:4d:10:1f:4b:f3:ac:17:88:64:48:bc:5f:b8:10:
25:b3:4a:f7:b7:5f:45:57:50:4d:70:07:40:11:9d:b9:d9:0c:
67:9d:31:6a:da:8c:bb:4b:30:ee:d5:51:cf:5b:1e:cd:17:58:
ac:55:ca:a7:5e:8d:ce:f0:22:d8:a6:85:b7:cb:25:0a:14:a0:
39:27:c0:0b:14:ad:63:fb:a5:7a:e0:a3:56:63:12:25:0c:fc:
59:43:94:48:84:2c:49:4e:07:06:23:d4:07:34:78:6d:5a:23:
69:a1:1d:4a:ae:81:9f:cb:84:31:e2:1b:54:cf:0b:88:d7:d6:
87:91:8c:96:a0:3c:99:01:59:4c:3c:de:12:2d:70:52:67:ce:
88:de:13:70:bd:35:f9:04:3d:b3:77:40:8a:8b:a6:53:7b:e2:
39:c7:93:d4:0b:f8:96:13:89:c3:68:8d:2d:99:00:a8:8b:b4:
a3:f9:66:86:72:5c:6a:a2:0c:88:f9:92:0e:7a:39:04:94:5c:
a6:8b:78:b5:e2:e1:3d:68:34:49:c2:59:b8:ce:79:41:eb:61:
8f:77:74:59:f7:49:a9:df:9f:e2:50:f2:2e:32:2a:46:93:c0:
c4:67:33:3c:f1:46:fb:b5:aa:00:17:13:6c:28:21:6a:48:01:
e0:9c:fa:fa
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQnSG9SLWvYoCCN+hc5+8zGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODk0MjNhZjFiZTAzMDI3MTk2ZDFmODFkZjIyOTkyOTc4
Y2RhNmUwHhcNMjUwMTAyMTM1MDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzEyZDRiNmY0NWNkNGYxM2JhN2Y4ZjhiMjkyOGIzYmJlY2QwZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcta7Yg9v4apbcNrquFdAG1q0MPc
yULHGsUf5kIkIcd2YyLlnNwGuwkfCdoSnzrza3eo12joszV268tHh/3ekue+Nu5D
s0i8YllRShjr/VEboKiDW++mbuZ4irirt7vZiyaSlyLzl26Co1v7moPf0R8trUUt
s/pAFSo+XX10S70g1aLENQldVWWm86KMkJ90/GeZBvJ1l+P55kJPAnSeXMH5/Sj2
e1acYDCHGaOtnOlL3Bk4/cJNHv/FpN56N8kpV9lz6/oJJEhOJAV7QjPkwxM5EOLH
IQ8V57l7EhQuXwJwEUox4kCHtqfEhYtm2stqo5z3X89+sKqbrT/iKyY6hwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHMS1Lb0XNTxO6f4+LKSizu+zQ9oMB8GA1UdIwQY
MBaAFMCJQjrxvgMCcZbR+B3yKZKXjNpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgt
NjUzMzJiNDdmNWViLzEvY3hMVXR2UmMxUEU3cF9qNHNwS0xPNzdORDJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgtNjUzMzJiNDdmNWVi
LzEvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAYBAIAATASAwQBXVpIAwQC
XbuAAwQC1HM0MCIEAgACMBwDBQMqDAZAAwUDKgyTgAMFAyoM9IADBQMqDSSAMA0G
CSqGSIb3DQEBCwUAA4IBAQCfuRpXTRAfS/OsF4hkSLxfuBAls0r3t19FV1BNcAdA
EZ252QxnnTFq2oy7SzDu1VHPWx7NF1isVcqnXo3O8CLYpoW3yyUKFKA5J8ALFK1j
+6V64KNWYxIlDPxZQ5RIhCxJTgcGI9QHNHhtWiNpoR1KroGfy4Qx4htUzwuI19aH
kYyWoDyZAVlMPN4SLXBSZ86I3hNwvTX5BD2zd0CKi6ZTe+I5x5PUC/iWE4nDaI0t
mQCoi7Sj+WaGclxqogyI+ZIOejkElFymi3i14uE9aDRJwlm4znlB62GPd3RZ90mp
35/iUPIuMipGk8DEZzM88Ub7taoAFxNsKCFqSAHgnPr6
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:14 2025 by rpki-client