Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/sPiK9zIWC2yVXvTuJs2Zb2RG2vo.roa
File: sPiK9zIWC2yVXvTuJs2Zb2RG2vo.roa (raw, json)
Hash identifier: nKw/V6Fp5cM+yw/npWG93E7uiY0RR+mj2XiVP5QpZDI=
Subject key identifier: B0:F8:8A:F7:32:16:0B:6C:95:5E:F4:EE:26:CD:99:6F:64:46:DA:FA
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 0185720351055DCC60EA47C283C44F094ED0
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/sPiK9zIWC2yVXvTuJs2Zb2RG2vo.roa
Signing time: Mon 02 Jan 2023 10:24:57 +0000
ROA not before: Mon 02 Jan 2023 10:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16246
IP address blocks: 77.87.232.0/21 maxlen: 21
95.143.128.0/20 maxlen: 20
91.197.116.0/22 maxlen: 22
92.240.160.0/19 maxlen: 19
94.74.192.0/18 maxlen: 18
188.175.0.0/16 maxlen: 16
82.150.160.0/19 maxlen: 19
78.108.144.0/21 maxlen: 21
213.180.32.0/19 maxlen: 19
78.108.152.0/21 maxlen: 21
185.15.252.0/22 maxlen: 22
178.17.96.0/20 maxlen: 20
86.63.192.0/19 maxlen: 19
2a03:b4c0::/32 maxlen: 32
2a02:350::/29 maxlen: 29
2a00:d480::/32 maxlen: 32
2a00:1e60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:51:05:5d:cc:60:ea:47:c2:83:c4:4f:09:4e:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 2 10:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0f88af732160b6c955ef4ee26cd996f6446dafa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:70:0f:c8:c4:ec:21:ce:a3:8a:fc:d3:6a:68:
3c:6a:0a:12:66:50:2d:11:a1:3b:55:7b:da:37:1e:
8a:0b:93:86:fb:c5:67:47:a0:f9:bd:85:3f:7e:9a:
45:dc:a9:4c:be:1b:de:4e:9a:1b:5b:fe:1e:54:2a:
6c:eb:d4:4d:0e:19:4a:1e:2b:6c:0e:1d:c5:15:7b:
6e:8b:ad:e2:5c:d7:03:fb:fc:c6:fb:37:c0:10:49:
47:f3:81:bc:e6:40:f6:46:d2:6f:9f:33:0f:3a:9c:
55:9b:03:76:c9:e9:08:7f:9f:e9:16:47:2a:23:ac:
3b:2f:35:a3:f4:ce:b4:82:42:89:4f:a4:01:01:f5:
7e:81:e2:45:1d:35:62:39:b8:a0:4e:8e:c0:e4:3d:
17:ca:2e:74:d0:8f:1b:c4:5f:a5:4d:2d:04:35:b2:
b1:49:b3:fd:bf:ae:43:3d:43:d3:af:e9:c0:ec:37:
78:ca:15:09:11:a5:4f:10:6a:66:28:7d:a5:21:41:
2b:ab:2e:fe:f8:ed:77:b4:9a:53:12:8e:c2:80:0a:
97:27:64:3f:1d:b1:b6:37:4c:76:f6:d6:72:95:ba:
14:2a:b2:cb:25:93:3d:00:75:a2:dd:75:df:64:08:
b0:6f:0b:3c:81:4e:6f:78:35:eb:d5:cd:fe:48:a2:
38:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F8:8A:F7:32:16:0B:6C:95:5E:F4:EE:26:CD:99:6F:64:46:DA:FA
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/sPiK9zIWC2yVXvTuJs2Zb2RG2vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.232.0/21
78.108.144.0/20
82.150.160.0/19
86.63.192.0/19
91.197.116.0/22
92.240.160.0/19
94.74.192.0/18
95.143.128.0/20
178.17.96.0/20
185.15.252.0/22
188.175.0.0/16
213.180.32.0/19
IPv6:
2a00:1e60::/32
2a00:d480::/32
2a02:350::/29
2a03:b4c0::/32
Signature Algorithm: sha256WithRSAEncryption
88:90:78:14:48:d9:65:e5:72:e6:8b:26:25:6a:34:25:d5:fd:
c0:11:1e:c4:f3:d8:8b:92:c3:a5:b1:70:82:da:46:04:bf:a6:
03:70:3b:bb:26:d2:fd:ab:ec:45:8e:dd:5a:22:bf:5b:ed:fa:
19:7f:53:1b:0d:0b:06:64:6e:93:c2:22:e6:58:81:df:ca:a3:
cd:11:3d:b4:da:a5:c8:e1:d5:28:45:64:58:e8:60:12:8b:3d:
dc:5e:f9:96:09:67:21:be:64:d8:ce:71:63:b6:42:08:9a:8d:
66:61:ec:b1:b7:3e:30:d0:44:a0:d0:b4:4c:4b:ea:a5:27:b6:
c8:91:e9:c6:8d:5e:5e:8c:98:db:bb:9a:11:5d:9f:ff:d7:4a:
1a:42:11:8b:b5:52:50:9c:c7:4f:39:88:06:ea:6c:c0:2a:1b:
7b:8f:71:ea:3d:bc:2e:cc:a5:a2:35:42:94:6a:b1:08:52:ab:
e9:89:fb:cb:fb:a9:24:27:d6:a4:ad:77:b2:9f:f4:71:f1:e6:
43:a6:ca:81:26:89:a8:1e:24:20:23:71:5a:22:c8:e7:4b:76:
6c:d0:15:53:8f:8e:58:c6:52:2f:bf:20:67:e6:df:cc:e9:82:
f0:5a:8b:e6:6d:a8:9f:eb:40:36:cb:03:81:16:14:af:ec:42:
70:c4:d6:04
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYVyA1EFXcxg6kfCg8RPCU7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmYwZmVjZDdiZjQ0MTQ4OTMxNzg4ZGZlN2YyMGQ2N2E2
N2EwZGIwHhcNMjMwMTAyMTAyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGY4OGFmNzMyMTYwYjZjOTU1ZWY0ZWUyNmNkOTk2ZjY0NDZkYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3APyMTsIc6jivzTamg8agoSZlAt
EaE7VXvaNx6KC5OG+8VnR6D5vYU/fppF3KlMvhveTpobW/4eVCps69RNDhlKHits
Dh3FFXtui63iXNcD+/zG+zfAEElH84G85kD2RtJvnzMPOpxVmwN2yekIf5/pFkcq
I6w7LzWj9M60gkKJT6QBAfV+geJFHTViObigTo7A5D0Xyi500I8bxF+lTS0ENbKx
SbP9v65DPUPTr+nA7Dd4yhUJEaVPEGpmKH2lIUErqy7++O13tJpTEo7CgAqXJ2Q/
HbG2N0x29tZylboUKrLLJZM9AHWi3XXfZAiwbws8gU5veDXr1c3+SKI4QwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFLD4ivcyFgtslV707ibNmW9kRtr6MB8GA1UdIwQY
MBaAFNT/D+zXv0QUiTF4jf5/INZ6Z6DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUt
ZjBjMjFmODE4NmYwLzEvc1BpSzl6SVdDMnlWWHZUdUpzMlpiMlJHMnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUtZjBjMjFmODE4NmYw
LzEvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwTQQCAAEwRwMEA01X6AME
BE5skAMEBVKWoAMEBVY/wAMEAlvFdAMEBVzwoAMEBl5KwAMEBF+PgAMEBLIRYAME
ArkP/AMDALyvAwQF1bQgMCIEAgACMBwDBQAqAB5gAwUAKgDUgAMFAyoCA1ADBQAq
A7TAMA0GCSqGSIb3DQEBCwUAA4IBAQCIkHgUSNll5XLmiyYlajQl1f3AER7E89iL
ksOlsXCC2kYEv6YDcDu7JtL9q+xFjt1aIr9b7foZf1MbDQsGZG6TwiLmWIHfyqPN
ET202qXI4dUoRWRY6GASiz3cXvmWCWchvmTYznFjtkIImo1mYeyxtz4w0ESg0LRM
S+qlJ7bIkenGjV5ejJjbu5oRXZ//10oaQhGLtVJQnMdPOYgG6mzAKht7j3HqPbwu
zKWiNUKUarEIUqvpifvL+6kkJ9akrXeyn/Rx8eZDpsqBJomoHiQgI3FaIsjnS3Zs
0BVTj45YxlIvvyBn5t/M6YLwWovmbaif60A2ywOBFhSv7EJwxNYE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:40 2025 by rpki-client