Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/3d7874-2588-407f-acb9-13d9efbf5ccf/1/wgIYLq3_Uu-FyO_cM1klSOKr2UI.roa
File: wgIYLq3_Uu-FyO_cM1klSOKr2UI.roa (raw, json)
Hash identifier: Der+kKc5o9YdsGaPlD1+hQwgmbaRKxcYr0FU5n6bQSw=
Subject key identifier: C2:02:18:2E:AD:FF:52:EF:85:C8:EF:DC:33:59:25:48:E2:AB:D9:42
Certificate issuer: /CN=cfa349e3b6ac2fa262413c20cbc41d6a53743193
Certificate serial: 01833201E346E1EE91E802FC7ECC00E4B2EE
Authority key identifier: CF:A3:49:E3:B6:AC:2F:A2:62:41:3C:20:CB:C4:1D:6A:53:74:31:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z6NJ47asL6JiQTwgy8QdalN0MZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/3d7874-2588-407f-acb9-13d9efbf5ccf/1/wgIYLq3_Uu-FyO_cM1klSOKr2UI.roa
Signing time: Mon 12 Sep 2022 14:02:07 +0000
ROA not before: Mon 12 Sep 2022 14:02:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207990
IP address blocks: 194.53.68.0/23 maxlen: 32
194.110.48.0/22 maxlen: 32
194.33.156.0/22 maxlen: 32
194.34.128.0/22 maxlen: 32
193.228.72.0/22 maxlen: 32
193.142.132.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:32:01:e3:46:e1:ee:91:e8:02:fc:7e:cc:00:e4:b2:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfa349e3b6ac2fa262413c20cbc41d6a53743193
Validity
Not Before: Sep 12 14:02:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c202182eadff52ef85c8efdc33592548e2abd942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:07:4f:8e:45:55:d5:e5:dd:2d:03:0b:01:4a:
3a:24:09:c8:57:fb:a2:e8:64:6c:91:04:1c:e0:84:
1d:ec:03:f5:72:39:36:6a:6f:50:c6:da:6e:f9:67:
f3:62:a3:f9:5a:16:f0:ad:61:13:46:cd:b4:61:97:
cd:e1:e2:07:70:ab:04:9d:cc:a0:7c:77:df:40:9b:
4d:b2:0f:95:61:e9:12:1d:d9:0a:c0:04:34:f3:04:
b0:4c:57:ed:07:e8:a5:b3:db:45:37:f8:46:be:eb:
90:1d:a0:5c:e9:e4:0f:7a:8c:88:de:a2:ae:4c:f1:
a8:5c:aa:07:5d:96:84:3a:fb:da:56:49:80:0c:f2:
ad:ec:e9:93:36:de:1a:72:b8:90:54:a1:f5:43:71:
4b:4c:25:62:52:ff:0e:7b:1d:27:e9:dd:9d:ee:e8:
c0:2b:24:9b:7c:c2:72:6d:00:c5:2b:89:82:da:3e:
be:47:cb:d5:6e:77:2a:c2:86:8e:47:6d:e8:08:32:
b0:f7:eb:15:4a:56:bb:e8:46:83:90:50:9c:f8:c3:
49:3a:24:44:10:1b:4b:28:90:f0:d7:7c:28:fb:ac:
d7:a7:5e:f8:7c:92:7d:3d:4a:d6:02:03:49:c2:d2:
a6:29:79:52:2f:0c:87:62:76:48:50:73:52:f0:71:
25:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:02:18:2E:AD:FF:52:EF:85:C8:EF:DC:33:59:25:48:E2:AB:D9:42
X509v3 Authority Key Identifier:
keyid:CF:A3:49:E3:B6:AC:2F:A2:62:41:3C:20:CB:C4:1D:6A:53:74:31:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z6NJ47asL6JiQTwgy8QdalN0MZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/3d7874-2588-407f-acb9-13d9efbf5ccf/1/wgIYLq3_Uu-FyO_cM1klSOKr2UI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/3d7874-2588-407f-acb9-13d9efbf5ccf/1/z6NJ47asL6JiQTwgy8QdalN0MZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.132.0/22
193.228.72.0/22
194.33.156.0/22
194.34.128.0/22
194.53.68.0/23
194.110.48.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:df:93:22:c6:b2:91:7f:72:0c:67:39:71:b0:af:2c:f5:18:
d5:7c:dd:13:6b:40:c2:e2:c4:0c:0e:d8:d2:57:68:ef:db:42:
61:db:08:6c:40:7e:a0:93:b5:fd:f8:11:e0:b1:07:7f:43:79:
5f:aa:fe:91:a2:d8:a3:eb:ab:ce:bf:d4:96:04:90:79:15:08:
26:5a:cc:42:2f:d8:d9:72:f6:11:57:80:96:1a:bc:55:8c:6b:
e3:29:4d:57:a8:a1:ee:29:92:fd:7a:84:95:09:8f:93:e1:5e:
23:0f:a2:4e:0d:a0:0b:5f:e8:fc:75:80:5c:91:10:f0:e8:1b:
d1:6e:1b:38:0c:e8:7f:21:c4:5f:6d:2f:ec:ad:a4:5b:bc:b6:
92:b1:2e:fb:f8:57:a3:7a:e8:96:80:15:fc:8d:2b:b4:0c:85:
86:e6:65:4a:ee:3a:d3:01:d1:b9:ba:57:8c:dc:fc:fc:72:5f:
95:54:71:d6:cb:69:3f:02:04:86:88:c3:28:4b:0a:22:2a:d7:
ec:44:9a:ba:fc:7c:de:65:f4:53:88:97:a6:b3:86:7d:5f:5b:
38:bc:8a:d1:3e:62:01:22:da:6a:b5:b2:fe:02:92:94:35:2b:
57:5e:73:65:8a:d7:0d:49:68:e9:48:28:e2:0b:4f:9a:1c:c3:
8a:90:a2:68
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYMyAeNG4e6R6AL8fswA5LLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYTM0OWUzYjZhYzJmYTI2MjQxM2MyMGNiYzQxZDZhNTM3
NDMxOTMwHhcNMjIwOTEyMTQwMjA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjAyMTgyZWFkZmY1MmVmODVjOGVmZGMzMzU5MjU0OGUyYWJkOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwdPjkVV1eXdLQMLAUo6JAnIV/ui
6GRskQQc4IQd7AP1cjk2am9Qxtpu+WfzYqP5WhbwrWETRs20YZfN4eIHcKsEncyg
fHffQJtNsg+VYekSHdkKwAQ08wSwTFftB+ils9tFN/hGvuuQHaBc6eQPeoyI3qKu
TPGoXKoHXZaEOvvaVkmADPKt7OmTNt4acriQVKH1Q3FLTCViUv8Oex0n6d2d7ujA
KySbfMJybQDFK4mC2j6+R8vVbncqwoaOR23oCDKw9+sVSla76EaDkFCc+MNJOiRE
EBtLKJDw13wo+6zXp174fJJ9PUrWAgNJwtKmKXlSLwyHYnZIUHNS8HElIQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMICGC6t/1Lvhcjv3DNZJUjiq9lCMB8GA1UdIwQY
MBaAFM+jSeO2rC+iYkE8IMvEHWpTdDGTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejZOSjQ3YXNMNkppUVR3Z3k4UWRhbE4wTVpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8zZDc4NzQtMjU4OC00MDdmLWFjYjkt
MTNkOWVmYmY1Y2NmLzEvd2dJWUxxM19VdS1GeU9fY00xa2xTT0tyMlVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8zZDc4NzQtMjU4OC00MDdmLWFjYjktMTNkOWVmYmY1Y2Nm
LzEvejZOSjQ3YXNMNkppUVR3Z3k4UWRhbE4wTVpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCwY6EAwQC
weRIAwQCwiGcAwQCwiKAAwQBwjVEAwQCwm4wMA0GCSqGSIb3DQEBCwUAA4IBAQAq
35MixrKRf3IMZzlxsK8s9RjVfN0Ta0DC4sQMDtjSV2jv20Jh2whsQH6gk7X9+BHg
sQd/Q3lfqv6Rotij66vOv9SWBJB5FQgmWsxCL9jZcvYRV4CWGrxVjGvjKU1XqKHu
KZL9eoSVCY+T4V4jD6JODaALX+j8dYBckRDw6BvRbhs4DOh/IcRfbS/sraRbvLaS
sS77+FejeuiWgBX8jSu0DIWG5mVK7jrTAdG5uleM3Pz8cl+VVHHWy2k/AgSGiMMo
SwoiKtfsRJq6/HzeZfRTiJems4Z9X1s4vIrRPmIBItpqtbL+ApKUNStXXnNlitcN
SWjpSCjiC0+aHMOKkKJo
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:24 2025 by rpki-client