Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/cfcffa-6029-42dd-9ef8-9d3a0f23cbe7/1/D6wuQ5YLWxTN1lfL6OsJoade-_Q.roa
File: D6wuQ5YLWxTN1lfL6OsJoade-_Q.roa (raw, json)
Hash identifier: gz8s9MoPdwx4WmA+4+bjkOJpATN2HqWXoUXqlF6gt+A=
Subject key identifier: 0F:AC:2E:43:96:0B:5B:14:CD:D6:57:CB:E8:EB:09:A1:A7:5E:FB:F4
Certificate issuer: /CN=28f8ede20b78f995993da98f434a966074d562c2
Certificate serial: 016810
Authority key identifier: 28:F8:ED:E2:0B:78:F9:95:99:3D:A9:8F:43:4A:96:60:74:D5:62:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KPjt4gt4-ZWZPamPQ0qWYHTVYsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/cfcffa-6029-42dd-9ef8-9d3a0f23cbe7/1/D6wuQ5YLWxTN1lfL6OsJoade-_Q.roa
Signing time: Tue 01 Mar 2022 11:25:21 +0000
ROA not before: Tue 01 Mar 2022 11:25:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15518
IP address blocks: 212.86.160.0/20 maxlen: 20
213.153.64.0/22 maxlen: 22
212.86.180.0/22 maxlen: 22
212.86.188.0/22 maxlen: 22
213.153.74.0/24 maxlen: 24
213.153.73.0/24 maxlen: 24
213.153.72.0/24 maxlen: 24
213.153.75.0/24 maxlen: 24
213.153.72.0/22 maxlen: 22
2a00:1180::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92176 (0x16810)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28f8ede20b78f995993da98f434a966074d562c2
Validity
Not Before: Mar 1 11:25:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0fac2e43960b5b14cdd657cbe8eb09a1a75efbf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:01:e2:d2:4a:f6:74:d9:43:02:15:76:90:55:
77:bd:c8:99:63:fc:44:67:f6:a5:1e:69:8a:ee:4a:
48:18:91:da:1c:f4:51:f5:73:de:fe:9a:ba:4d:84:
2a:2d:b7:12:12:70:cf:30:7c:85:38:e7:5c:be:15:
4b:e6:d2:6a:dd:1a:df:be:39:8b:ab:dc:8c:5e:5a:
d3:48:d2:b4:f0:59:37:83:c6:b4:1e:4f:93:a0:89:
67:f8:5a:d1:fa:8b:05:a8:55:db:fa:b6:a3:6a:1b:
2a:2d:22:ab:e8:71:db:e6:52:36:f4:e1:01:86:fb:
a8:f6:b2:e7:10:7d:a3:8c:d5:2d:01:0d:73:21:dd:
a0:eb:79:a4:95:05:e5:33:e2:76:9e:85:66:c8:27:
f5:8a:3b:79:bb:29:4c:cb:7d:25:ef:7b:9a:9a:9e:
b7:ac:aa:05:d5:d4:e6:d9:da:68:51:34:d7:b0:e7:
14:01:7b:cf:c1:9f:18:31:b7:43:68:8b:08:83:c8:
d9:42:0d:4d:0d:9a:68:8d:2e:bd:10:7d:07:04:3c:
70:d4:7d:a2:bd:4e:19:f4:50:85:55:a9:bf:82:3e:
97:96:5f:6f:86:3b:9b:46:62:4a:c5:2b:9f:c7:03:
d5:b2:00:e1:10:86:34:28:66:f6:90:6a:a9:f2:e9:
ab:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:AC:2E:43:96:0B:5B:14:CD:D6:57:CB:E8:EB:09:A1:A7:5E:FB:F4
X509v3 Authority Key Identifier:
keyid:28:F8:ED:E2:0B:78:F9:95:99:3D:A9:8F:43:4A:96:60:74:D5:62:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPjt4gt4-ZWZPamPQ0qWYHTVYsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfcffa-6029-42dd-9ef8-9d3a0f23cbe7/1/D6wuQ5YLWxTN1lfL6OsJoade-_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfcffa-6029-42dd-9ef8-9d3a0f23cbe7/1/KPjt4gt4-ZWZPamPQ0qWYHTVYsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.86.160.0/20
212.86.180.0/22
212.86.188.0/22
213.153.64.0/22
213.153.72.0/22
IPv6:
2a00:1180::/32
Signature Algorithm: sha256WithRSAEncryption
29:f6:28:17:a2:39:e8:ec:0a:c0:8e:ee:73:56:7b:6f:d2:f1:
d2:76:92:e2:88:fc:5f:11:aa:29:b6:b5:05:37:65:6b:7c:6d:
7e:a2:ef:57:f4:a3:5a:1f:99:74:4c:da:90:0d:f9:1a:46:17:
12:09:77:1a:78:0d:3e:f5:2a:9d:3b:9d:ce:83:41:80:64:36:
eb:d8:03:df:21:48:80:b0:45:a9:6e:27:27:6c:4f:c8:ec:17:
70:ea:63:44:3a:2d:12:ef:a3:b9:2b:29:38:50:b9:d7:3e:74:
82:c3:cf:3c:6b:05:d9:67:90:85:a9:bd:55:82:bf:ad:b7:ef:
90:1f:ec:2e:19:06:76:a1:a8:3d:e7:fd:78:4c:4a:8d:d0:3d:
70:15:3a:27:16:1b:1f:f6:86:0c:10:23:2b:d5:38:b0:9e:0a:
06:d5:cb:25:94:b1:34:90:4d:9f:74:2f:e0:15:ca:80:20:a3:
d5:52:48:62:aa:db:17:ae:c8:43:bd:0e:03:5c:81:f4:6c:e9:
46:76:15:50:ea:8f:9d:b2:4b:72:e9:e5:65:e4:9a:ff:b2:26:
b0:18:e3:73:fb:26:41:3c:54:39:f8:21:7d:27:e4:3d:48:dc:
1d:ee:28:f8:9c:40:39:79:56:69:78:27:47:7a:53:e0:c6:4c:
85:6f:64:6d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIDAWgQMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI4
ZjhlZGUyMGI3OGY5OTU5OTNkYTk4ZjQzNGE5NjYwNzRkNTYyYzIwHhcNMjIwMzAx
MTEyNTIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwZmFjMmU0Mzk2MGI1
YjE0Y2RkNjU3Y2JlOGViMDlhMWE3NWVmYmY0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmwHi0kr2dNlDAhV2kFV3vciZY/xEZ/alHmmK7kpIGJHaHPRR
9XPe/pq6TYQqLbcSEnDPMHyFOOdcvhVL5tJq3RrfvjmLq9yMXlrTSNK08Fk3g8a0
Hk+ToIln+FrR+osFqFXb+rajahsqLSKr6HHb5lI29OEBhvuo9rLnEH2jjNUtAQ1z
Id2g63mklQXlM+J2noVmyCf1ijt5uylMy30l73uamp63rKoF1dTm2dpoUTTXsOcU
AXvPwZ8YMbdDaIsIg8jZQg1NDZpojS69EH0HBDxw1H2ivU4Z9FCFVam/gj6Xll9v
hjubRmJKxSufxwPVsgDhEIY0KGb2kGqp8umr2wIDAQABo4ICMDCCAiwwHQYDVR0O
BBYEFA+sLkOWC1sUzdZXy+jrCaGnXvv0MB8GA1UdIwQYMBaAFCj47eILePmVmT2p
j0NKlmB01WLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S1BqdDRndDQtWldaUGFtUFEwcVdZSFRWWXNJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Zi9jZmNmZmEtNjAyOS00MmRkLTllZjgtOWQzYTBmMjNjYmU3LzEv
RDZ3dVE1WUxXeFROMWxmTDZPc0pvYWRlLV9RLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9j
ZmNmZmEtNjAyOS00MmRkLTllZjgtOWQzYTBmMjNjYmU3LzEvS1BqdDRndDQtWlda
UGFtUFEwcVdZSFRWWXNJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYG
CCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQE1FagAwQC1Fa0AwQC1Fa8AwQC1ZlA
AwQC1ZlIMA0EAgACMAcDBQAqABGAMA0GCSqGSIb3DQEBCwUAA4IBAQAp9igXojno
7ArAju5zVntv0vHSdpLiiPxfEaoptrUFN2VrfG1+ou9X9KNaH5l0TNqQDfkaRhcS
CXcaeA0+9SqdO53Og0GAZDbr2APfIUiAsEWpbicnbE/I7Bdw6mNEOi0S76O5Kyk4
ULnXPnSCw888awXZZ5CFqb1Vgr+tt++QH+wuGQZ2oag95/14TEqN0D1wFTonFhsf
9oYMECMr1TiwngoG1csllLE0kE2fdC/gFcqAIKPVUkhiqtsXrshDvQ4DXIH0bOlG
dhVQ6o+dskty6eVl5Jr/siawGONz+yZBPFQ5+CF9J+Q9SNwd7ij4nEA5eVZpeCdH
elPgxkyFb2Rt
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:43 2025 by rpki-client