Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/Zv4MPmG0ohhVYCTOvxDE3vFORIk.roa
File: Zv4MPmG0ohhVYCTOvxDE3vFORIk.roa (raw, json)
Hash identifier: FOzLiVcABTlahJ+Voptw3SfDkxkuftwQwaouy8ELtlU=
Subject key identifier: 66:FE:0C:3E:61:B4:A2:18:55:60:24:CE:BF:10:C4:DE:F1:4E:44:89
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 0184CDAB0C207CDA255D209B16A792045349
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/Zv4MPmG0ohhVYCTOvxDE3vFORIk.roa
Signing time: Thu 01 Dec 2022 12:30:49 +0000
ROA not before: Thu 01 Dec 2022 12:30:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31246
IP address blocks: 95.82.128.0/18 maxlen: 18
83.240.0.0/17 maxlen: 17
46.39.160.0/19 maxlen: 19
213.155.224.0/19 maxlen: 19
185.51.240.0/22 maxlen: 22
2a01:4240::/32 maxlen: 32
2a0a:cac0::/29 maxlen: 29
2001:4cc8::/31 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:ab:0c:20:7c:da:25:5d:20:9b:16:a7:92:04:53:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Dec 1 12:30:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66fe0c3e61b4a218556024cebf10c4def14e4489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:eb:56:56:61:33:f8:cf:a9:62:d5:71:04:59:
ff:1f:27:d2:73:65:fb:32:2d:5c:4e:20:bb:ff:2d:
06:d6:2b:ca:4e:d0:39:4b:4f:fc:b4:88:6b:3c:a9:
a1:d9:c9:3d:44:2f:b0:f1:cc:f0:67:74:ee:38:2b:
e7:21:9c:3b:f7:f6:1b:3f:48:97:f3:78:24:6b:18:
aa:bc:57:63:1d:8e:2a:d7:31:28:aa:fe:3f:3d:0c:
9d:b1:6a:9e:48:57:4e:c0:99:a9:cd:3b:84:11:32:
c0:b1:03:0d:ad:d5:e6:ef:db:ce:f2:e4:ad:66:13:
11:82:54:f7:42:53:b5:53:cf:39:a8:18:9f:3e:54:
f8:7b:3d:c9:d7:77:38:3b:07:c6:26:cb:2b:58:99:
39:d4:f8:05:b2:90:e3:e2:ea:df:32:01:bd:95:e9:
92:eb:ce:13:8e:ba:32:0f:e5:2f:be:13:7c:1d:27:
0b:85:7d:29:70:44:bf:20:76:c2:4d:8a:e4:e6:a6:
d3:86:d9:b5:9b:b6:24:37:eb:b0:73:ce:02:f7:a0:
8d:e3:be:d9:9a:3e:e4:ab:f0:0e:78:44:ac:36:9f:
35:c3:c6:d4:38:51:c2:28:a9:84:53:db:b2:e5:7a:
7d:93:8b:c6:bd:68:04:4d:93:72:23:c2:4b:59:19:
07:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:FE:0C:3E:61:B4:A2:18:55:60:24:CE:BF:10:C4:DE:F1:4E:44:89
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/Zv4MPmG0ohhVYCTOvxDE3vFORIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.39.160.0/19
83.240.0.0/17
95.82.128.0/18
185.51.240.0/22
213.155.224.0/19
IPv6:
2001:4cc8::/31
2a01:4240::/32
2a0a:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
1b:b7:02:69:72:a0:73:12:1b:c3:c0:91:77:1f:82:d3:af:b3:
9f:d0:06:97:f8:e0:44:42:48:27:11:cb:9d:c0:54:45:bd:84:
9b:dd:6c:3c:a2:f3:d0:32:63:21:d4:01:b4:fd:05:6a:61:c4:
eb:a7:47:dc:a6:23:99:3f:68:52:1a:1e:23:f6:ff:32:31:73:
85:1b:b4:c9:02:4c:67:04:74:0e:75:78:8a:f2:2f:0e:8a:ab:
79:4f:50:5d:df:55:b3:d5:01:89:b5:84:9f:c6:50:ed:ce:d5:
60:b8:df:d9:c7:b3:c7:78:eb:75:2e:76:b3:da:74:d1:ce:44:
fe:5e:30:c9:a4:59:f8:5a:8e:35:09:9e:dc:c7:f7:4b:bc:4d:
10:10:63:3d:67:48:8b:5a:ef:0a:c0:9d:97:ec:ca:c8:a7:d9:
02:7b:26:02:3b:33:2e:66:68:e1:0f:f6:23:8c:fc:3e:57:08:
a0:49:b9:09:44:f1:bd:a1:df:74:d9:30:4f:86:36:73:24:27:
18:06:d2:2f:1e:95:ac:df:31:34:e1:dd:65:29:03:58:49:7a:
d2:d2:1e:a0:fc:ff:36:92:39:da:92:1e:1d:86:6c:e4:10:33:
3d:30:75:51:d5:0f:4a:1b:6d:33:b4:e9:3f:bc:87:99:a9:0e:
0f:3e:21:01
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYTNqwwgfNolXSCbFqeSBFNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmYwZmVjZDdiZjQ0MTQ4OTMxNzg4ZGZlN2YyMGQ2N2E2
N2EwZGIwHhcNMjIxMjAxMTIzMDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmZlMGMzZTYxYjRhMjE4NTU2MDI0Y2ViZjEwYzRkZWYxNGU0NDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+tWVmEz+M+pYtVxBFn/HyfSc2X7
Mi1cTiC7/y0G1ivKTtA5S0/8tIhrPKmh2ck9RC+w8czwZ3TuOCvnIZw79/YbP0iX
83gkaxiqvFdjHY4q1zEoqv4/PQydsWqeSFdOwJmpzTuEETLAsQMNrdXm79vO8uSt
ZhMRglT3QlO1U885qBifPlT4ez3J13c4OwfGJssrWJk51PgFspDj4urfMgG9lemS
684TjroyD+UvvhN8HScLhX0pcES/IHbCTYrk5qbThtm1m7YkN+uwc84C96CN477Z
mj7kq/AOeESsNp81w8bUOFHCKKmEU9uy5Xp9k4vGvWgETZNyI8JLWRkHEQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFGb+DD5htKIYVWAkzr8QxN7xTkSJMB8GA1UdIwQY
MBaAFNT/D+zXv0QUiTF4jf5/INZ6Z6DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUt
ZjBjMjFmODE4NmYwLzEvWnY0TVBtRzBvaGhWWUNUT3Z4REUzdkZPUklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUtZjBjMjFmODE4NmYw
LzEvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQFLiegAwQH
U/AAAwQGX1KAAwQCuTPwAwQF1ZvgMBsEAgACMBUDBQEgAUzIAwUAKgFCQAMFAyoK
ysAwDQYJKoZIhvcNAQELBQADggEBABu3AmlyoHMSG8PAkXcfgtOvs5/QBpf44ERC
SCcRy53AVEW9hJvdbDyi89AyYyHUAbT9BWphxOunR9ymI5k/aFIaHiP2/zIxc4Ub
tMkCTGcEdA51eIryLw6Kq3lPUF3fVbPVAYm1hJ/GUO3O1WC439nHs8d463UudrPa
dNHORP5eMMmkWfhajjUJntzH90u8TRAQYz1nSIta7wrAnZfsysin2QJ7JgI7My5m
aOEP9iOM/D5XCKBJuQlE8b2h33TZME+GNnMkJxgG0i8elazfMTTh3WUpA1hJetLS
HqD8/zaSOdqSHh2GbOQQMz0wdVHVD0obbTO06T+8h5mpDg8+IQE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:50 2025 by rpki-client