Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/P2dXFv3sJEXMR-2hSvtLAsSU2B0.roa
File: P2dXFv3sJEXMR-2hSvtLAsSU2B0.roa (raw, json)
Hash identifier: uMkfSKHNtPY/jiYYk7zJiF88Dc4GFG68mg6cTAjSH5E=
Subject key identifier: 3F:67:57:16:FD:EC:24:45:CC:47:ED:A1:4A:FB:4B:02:C4:94:D8:1D
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 0542317C
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/P2dXFv3sJEXMR-2hSvtLAsSU2B0.roa
Signing time: Sat 01 Jan 2022 06:04:03 +0000
ROA not before: Sat 01 Jan 2022 06:04:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16246
IP address blocks: 77.87.232.0/21 maxlen: 21
91.197.116.0/22 maxlen: 22
92.240.160.0/19 maxlen: 19
94.74.192.0/18 maxlen: 18
188.175.0.0/16 maxlen: 16
82.150.160.0/19 maxlen: 19
78.108.144.0/21 maxlen: 21
213.180.32.0/19 maxlen: 19
78.108.152.0/21 maxlen: 21
178.17.96.0/20 maxlen: 20
86.63.192.0/19 maxlen: 19
2a02:350::/29 maxlen: 29
2a00:d480::/32 maxlen: 32
2a00:1e60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88224124 (0x542317c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 1 06:04:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f675716fdec2445cc47eda14afb4b02c494d81d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:92:34:78:d1:1b:1a:9b:4e:0a:82:94:17:16:
6c:fb:f0:5d:15:b7:50:8a:83:6e:43:98:57:b0:b5:
13:0c:86:5a:67:05:c9:c6:43:6e:81:ca:78:15:ec:
0d:d3:20:bf:d6:83:99:35:bc:2f:fb:75:70:70:85:
73:4a:9b:a0:61:b0:8a:0c:c0:6e:a4:45:4a:ff:d8:
96:e9:fb:16:ed:70:a5:4c:ac:3d:85:4e:26:97:83:
03:1c:1c:34:12:7f:c5:fa:02:61:af:41:e5:d5:6f:
ca:d9:a5:fe:a5:e2:f2:c9:2d:84:fe:4f:96:16:15:
6a:59:ea:0b:22:28:66:80:3c:52:a3:17:96:95:7d:
87:61:7b:24:33:e6:58:f7:00:10:9a:70:71:40:a3:
b9:34:02:d2:fa:16:10:a9:67:9f:b4:c8:76:83:d7:
2d:fc:ce:90:29:73:9d:5a:8e:ee:0b:6f:4d:7c:8f:
cf:d2:1c:16:e7:ca:a2:99:e0:3e:26:b6:64:91:11:
47:ba:03:5f:16:04:64:8d:cb:63:d8:f8:bb:69:f1:
de:95:44:a3:f9:34:40:24:ae:90:f3:ff:99:21:05:
2f:61:77:8d:bb:43:63:f6:12:08:ca:d1:4d:5e:67:
c0:49:d6:56:36:94:28:d6:41:b1:97:53:6a:df:a6:
45:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:67:57:16:FD:EC:24:45:CC:47:ED:A1:4A:FB:4B:02:C4:94:D8:1D
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/P2dXFv3sJEXMR-2hSvtLAsSU2B0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.232.0/21
78.108.144.0/20
82.150.160.0/19
86.63.192.0/19
91.197.116.0/22
92.240.160.0/19
94.74.192.0/18
178.17.96.0/20
188.175.0.0/16
213.180.32.0/19
IPv6:
2a00:1e60::/32
2a00:d480::/32
2a02:350::/29
Signature Algorithm: sha256WithRSAEncryption
7f:98:30:1e:f6:b1:f2:20:58:dc:30:40:4a:60:3e:fd:e0:66:
b4:be:d9:ce:0d:30:d8:9a:82:b0:bb:e5:52:7d:1e:7b:e6:0c:
59:95:8f:93:cb:ca:9b:f4:89:b7:5b:ac:4e:30:52:b2:e6:f9:
00:47:7d:03:80:9c:c7:76:50:f4:7b:9f:75:f0:46:a5:67:e4:
97:35:bb:7b:f8:ff:a4:2f:75:1f:6a:d3:73:6d:8f:87:d6:87:
55:30:a8:58:98:5c:5e:05:f9:5e:e5:a5:0b:9e:b4:ed:ee:c7:
e0:d3:26:6f:8e:1a:a0:9b:ad:7f:b3:84:77:22:d3:94:07:4e:
3d:ae:25:93:28:78:44:bb:07:93:e6:d6:a2:fc:cc:f5:0a:29:
1d:e3:f6:f0:32:e9:c5:06:d5:8c:5e:45:50:61:d7:9c:8b:28:
e7:e5:ee:31:32:96:04:58:d0:78:15:95:1f:4f:42:43:c0:84:
7f:05:f0:da:7a:c2:a6:40:72:4f:4a:e5:b6:15:06:ab:0d:26:
3a:6b:7c:33:de:7c:c7:ac:48:a8:0c:0c:82:a8:ce:17:28:bf:
c0:bb:b1:6f:6f:65:a9:9a:80:5f:08:e2:02:02:3b:bc:6a:05:
6b:e6:d0:70:09:92:c6:68:e0:e3:04:49:8e:e8:80:74:82:c5:
41:08:0f:ef
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIEBUIxfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGZmMGZlY2Q3YmY0NDE0ODkzMTc4OGRmZTdmMjBkNjdhNjdhMGRiMB4XDTIyMDEw
MTA2MDQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Y2NzU3MTZmZGVj
MjQ0NWNjNDdlZGExNGFmYjRiMDJjNDk0ZDgxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiSNHjRGxqbTgqClBcWbPvwXRW3UIqDbkOYV7C1EwyGWmcF
ycZDboHKeBXsDdMgv9aDmTW8L/t1cHCFc0qboGGwigzAbqRFSv/Ylun7Fu1wpUys
PYVOJpeDAxwcNBJ/xfoCYa9B5dVvytml/qXi8skthP5PlhYValnqCyIoZoA8UqMX
lpV9h2F7JDPmWPcAEJpwcUCjuTQC0voWEKlnn7TIdoPXLfzOkClznVqO7gtvTXyP
z9IcFufKopngPia2ZJERR7oDXxYEZI3LY9j4u2nx3pVEo/k0QCSukPP/mSEFL2F3
jbtDY/YSCMrRTV5nwEnWVjaUKNZBsZdTat+mRc0CAwEAAaOCAlswggJXMB0GA1Ud
DgQWBBQ/Z1cW/ewkRcxH7aFK+0sCxJTYHTAfBgNVHSMEGDAWgBTU/w/s179EFIkx
eI3+fyDWemeg2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFQOFA3TmVfUkJTSk1YaU5fbjhnMW5wbm9Ocy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMGMwYzY1LTlmODItNDQ1MC05MTY1LWYwYzIxZjgxODZmMC8x
L1AyZFhGdjNzSkVYTVItMmhTdnRMQXNTVTJCMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MGMwYzY1LTlmODItNDQ1MC05MTY1LWYwYzIxZjgxODZmMC8xLzFQOFA3TmVfUkJT
Sk1YaU5fbjhnMW5wbm9Ocy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBx
BggrBgEFBQcBBwEB/wRiMGAwQQQCAAEwOwMEA01X6AMEBE5skAMEBVKWoAMEBVY/
wAMEAlvFdAMEBVzwoAMEBl5KwAMEBLIRYAMDALyvAwQF1bQgMBsEAgACMBUDBQAq
AB5gAwUAKgDUgAMFAyoCA1AwDQYJKoZIhvcNAQELBQADggEBAH+YMB72sfIgWNww
QEpgPv3gZrS+2c4NMNiagrC75VJ9HnvmDFmVj5PLypv0ibdbrE4wUrLm+QBHfQOA
nMd2UPR7n3XwRqVn5Jc1u3v4/6QvdR9q03Ntj4fWh1UwqFiYXF4F+V7lpQuetO3u
x+DTJm+OGqCbrX+zhHci05QHTj2uJZMoeES7B5Pm1qL8zPUKKR3j9vAy6cUG1Yxe
RVBh15yLKOfl7jEylgRY0HgVlR9PQkPAhH8F8Np6wqZAck9K5bYVBqsNJjprfDPe
fMesSKgMDIKozhcov8C7sW9vZamagF8I4gICO7xqBWvm0HAJksZo4OMESY7ogHSC
xUEID+8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:18 2025 by rpki-client