Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/2a965c-3347-443e-88c7-5b4d52dc2de2/1/d6Tbpmh0zvqIO6UdgJGGI6gQZ-c.roa
File: d6Tbpmh0zvqIO6UdgJGGI6gQZ-c.roa (raw, json)
Hash identifier: OQwkKTAk6OifA79Ze+x6B3uzbzd5GFa50tyft79XIZI=
Subject key identifier: 77:A4:DB:A6:68:74:CE:FA:88:3B:A5:1D:80:91:86:23:A8:10:67:E7
Certificate issuer: /CN=ad12daa384888b5247df712965803f0d3fa8989d
Certificate serial: 0187276C38BCE15EC8F2566399B15A0DF012
Authority key identifier: AD:12:DA:A3:84:88:8B:52:47:DF:71:29:65:80:3F:0D:3F:A8:98:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rRLao4SIi1JH33EpZYA_DT-omJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/2a965c-3347-443e-88c7-5b4d52dc2de2/1/d6Tbpmh0zvqIO6UdgJGGI6gQZ-c.roa
Signing time: Tue 28 Mar 2023 08:53:36 +0000
ROA not before: Tue 28 Mar 2023 08:53:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42263
IP address blocks: 185.182.32.0/22 maxlen: 22
5.253.192.0/22 maxlen: 22
185.32.80.0/22 maxlen: 22
192.70.192.0/22 maxlen: 22
185.145.196.0/22 maxlen: 22
45.94.108.0/22 maxlen: 22
45.140.116.0/22 maxlen: 22
185.115.48.0/22 maxlen: 22
185.116.244.0/24 maxlen: 24
185.116.244.0/22 maxlen: 22
185.173.240.0/22 maxlen: 22
2a00:c320::/32 maxlen: 32
2a00:c320::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:27:6c:38:bc:e1:5e:c8:f2:56:63:99:b1:5a:0d:f0:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad12daa384888b5247df712965803f0d3fa8989d
Validity
Not Before: Mar 28 08:53:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77a4dba66874cefa883ba51d80918623a81067e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:df:48:ff:d8:74:eb:81:20:5b:31:14:e2:cb:
ce:4a:d2:66:94:d9:d5:80:1f:fa:d5:0b:f6:8b:2a:
39:2d:91:77:ae:85:d4:5d:4e:f0:75:d6:0b:82:15:
8a:90:7f:95:aa:aa:34:4e:66:82:81:c3:11:33:1c:
6f:87:f8:e5:f4:88:2e:98:53:81:70:aa:39:64:28:
ab:57:fa:9c:b9:71:2e:83:e4:c2:d6:ae:24:fd:25:
91:de:2f:5f:a8:54:ff:43:37:c4:ed:a3:87:15:9d:
0d:1d:c9:2e:30:3d:51:3b:41:fd:90:ac:08:15:29:
d2:4e:a5:f2:43:06:46:fe:d3:54:f0:43:96:23:53:
ac:5d:14:36:16:18:66:1b:76:20:ec:e1:b3:f4:ac:
68:21:d5:04:60:81:cd:08:d7:a4:e9:93:97:1b:5b:
6b:82:99:a6:b3:a8:2c:38:ca:8b:3e:70:6b:45:75:
52:f4:00:33:fc:d8:ef:57:da:87:c8:a2:1e:b9:90:
8b:bc:70:ee:26:5d:33:f2:22:b0:53:59:6f:c6:f6:
21:e1:25:fb:89:86:d7:63:14:8d:ed:28:d4:14:55:
1e:d6:e2:56:41:5f:f2:eb:36:0e:ff:74:fd:8d:14:
92:7b:b0:27:cc:ab:a9:25:d6:89:19:de:cf:4c:73:
b1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A4:DB:A6:68:74:CE:FA:88:3B:A5:1D:80:91:86:23:A8:10:67:E7
X509v3 Authority Key Identifier:
keyid:AD:12:DA:A3:84:88:8B:52:47:DF:71:29:65:80:3F:0D:3F:A8:98:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRLao4SIi1JH33EpZYA_DT-omJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/2a965c-3347-443e-88c7-5b4d52dc2de2/1/d6Tbpmh0zvqIO6UdgJGGI6gQZ-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/2a965c-3347-443e-88c7-5b4d52dc2de2/1/rRLao4SIi1JH33EpZYA_DT-omJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.192.0/22
45.94.108.0/22
45.140.116.0/22
185.32.80.0/22
185.115.48.0/22
185.116.244.0/22
185.145.196.0/22
185.173.240.0/22
185.182.32.0/22
192.70.192.0/22
IPv6:
2a00:c320::/29
Signature Algorithm: sha256WithRSAEncryption
47:50:8f:98:41:aa:1b:63:19:a8:59:36:77:96:1d:64:81:8b:
a5:20:12:53:f5:c2:2b:07:fb:e7:e7:15:81:e9:54:9d:e1:ea:
91:79:e2:2a:20:f1:2d:82:e2:74:80:d3:4c:39:e3:ea:55:8f:
61:d4:0e:23:03:e0:01:c3:db:52:e2:f1:45:26:9a:7a:68:5f:
c0:1c:38:be:5c:7b:4b:b8:8f:96:f0:0c:3d:6d:96:ce:63:3e:
18:da:95:76:cd:a6:fe:37:f7:e7:53:f1:fb:c7:d9:63:c0:da:
84:59:12:ab:12:a7:de:44:9a:5d:81:60:7a:a4:f3:48:5b:79:
60:79:53:0e:51:b3:0b:f1:e5:b6:ba:5c:4a:ef:d1:cc:78:df:
75:a7:c7:4d:d3:29:b0:4d:66:20:96:e8:92:c2:da:78:fd:d3:
0a:65:56:3d:48:73:9b:9b:ad:90:ba:cd:34:7a:44:5c:52:cf:
57:f7:48:6d:87:f4:e2:57:12:78:bb:9d:fc:cd:ce:30:5a:84:
f0:f9:24:32:29:45:e3:80:7a:72:01:ea:a7:0c:c0:4b:42:b2:
70:bc:f9:29:58:72:3d:63:07:4b:37:9f:7c:c8:80:68:65:80:
bd:35:50:bc:ad:3d:c2:a3:06:b6:c0:4b:89:85:c9:d5:8d:37:
7c:0e:68:ad
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYcnbDi84V7I8lZjmbFaDfASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMTJkYWEzODQ4ODhiNTI0N2RmNzEyOTY1ODAzZjBkM2Zh
ODk4OWQwHhcNMjMwMzI4MDg1MzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2E0ZGJhNjY4NzRjZWZhODgzYmE1MWQ4MDkxODYyM2E4MTA2N2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlN9I/9h064EgWzEU4svOStJmlNnV
gB/61Qv2iyo5LZF3roXUXU7wddYLghWKkH+Vqqo0TmaCgcMRMxxvh/jl9IgumFOB
cKo5ZCirV/qcuXEug+TC1q4k/SWR3i9fqFT/QzfE7aOHFZ0NHckuMD1RO0H9kKwI
FSnSTqXyQwZG/tNU8EOWI1OsXRQ2FhhmG3Yg7OGz9KxoIdUEYIHNCNek6ZOXG1tr
gpmms6gsOMqLPnBrRXVS9AAz/NjvV9qHyKIeuZCLvHDuJl0z8iKwU1lvxvYh4SX7
iYbXYxSN7SjUFFUe1uJWQV/y6zYO/3T9jRSSe7AnzKupJdaJGd7PTHOx9wIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFHek26ZodM76iDulHYCRhiOoEGfnMB8GA1UdIwQY
MBaAFK0S2qOEiItSR99xKWWAPw0/qJidMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclJMYW80U0lpMUpIMzNFcFpZQV9EVC1vbUowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8yYTk2NWMtMzM0Ny00NDNlLTg4Yzct
NWI0ZDUyZGMyZGUyLzEvZDZUYnBtaDB6dnFJTzZVZGdKR0dJNmdRWi1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8yYTk2NWMtMzM0Ny00NDNlLTg4YzctNWI0ZDUyZGMyZGUy
LzEvclJMYW80U0lpMUpIMzNFcFpZQV9EVC1vbUowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCBf3AAwQC
LV5sAwQCLYx0AwQCuSBQAwQCuXMwAwQCuXT0AwQCuZHEAwQCua3wAwQCubYgAwQC
wEbAMA0EAgACMAcDBQMqAMMgMA0GCSqGSIb3DQEBCwUAA4IBAQBHUI+YQaobYxmo
WTZ3lh1kgYulIBJT9cIrB/vn5xWB6VSd4eqReeIqIPEtguJ0gNNMOePqVY9h1A4j
A+ABw9tS4vFFJpp6aF/AHDi+XHtLuI+W8Aw9bZbOYz4Y2pV2zab+N/fnU/H7x9lj
wNqEWRKrEqfeRJpdgWB6pPNIW3lgeVMOUbML8eW2ulxK79HMeN91p8dN0ymwTWYg
luiSwtp4/dMKZVY9SHObm62Qus00ekRcUs9X90hth/TiVxJ4u538zc4wWoTw+SQy
KUXjgHpyAeqnDMBLQrJwvPkpWHI9YwdLN598yIBoZYC9NVC8rT3Cowa2wEuJhcnV
jTd8Dmit
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:35 2025 by rpki-client