Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/209NkkLrL7RoGWTNdkU0BhL705U.roa
File: 209NkkLrL7RoGWTNdkU0BhL705U.roa (raw, json)
Hash identifier: gtbUV0A8w2SozR2Uj+e5CGu7DgOv/OafDa50ezd9ef8=
Subject key identifier: DB:4F:4D:92:42:EB:2F:B4:68:19:64:CD:76:45:34:06:12:FB:D3:95
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F1F511C110E42A7C034DAA92C4EB6B13
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/209NkkLrL7RoGWTNdkU0BhL705U.roa
Signing time: Thu 08 Dec 2022 13:38:00 +0000
ROA not before: Thu 08 Dec 2022 13:38:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6854
IP address blocks: 212.69.96.0/19 maxlen: 24
212.14.160.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
80.253.0.0/20 maxlen: 20
195.16.96.0/19 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
62.64.16.0/20 maxlen: 20
62.64.24.0/21 maxlen: 21
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 19
195.5.128.0/19 maxlen: 24
83.229.128.0/17 maxlen: 17
212.44.64.0/19 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:f5:11:c1:10:e4:2a:7c:03:4d:aa:92:c4:eb:6b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 13:38:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db4f4d9242eb2fb4681964cd7645340612fbd395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2d:0f:b4:15:45:0e:dc:21:b5:77:fd:16:bb:
a1:11:6d:63:46:8b:8d:82:5c:ff:6a:5f:74:7a:19:
02:d3:90:61:8a:a6:16:81:9a:9a:1c:da:67:24:14:
6e:f6:e3:c8:36:12:e2:7e:c6:9a:df:e2:24:13:de:
fb:3f:aa:82:d3:4c:ae:44:73:33:e0:4d:cf:f5:47:
8f:ff:06:d5:b2:07:3a:48:30:40:fb:d2:00:e6:71:
cf:a1:56:da:ca:5a:b6:94:fb:02:61:35:8f:b3:16:
a6:43:9b:06:47:c6:39:6a:22:5c:29:32:c3:ca:09:
b4:77:fa:94:ea:c6:a2:f3:4b:99:b2:4f:9f:70:e8:
42:ab:13:f0:73:94:66:f1:82:6f:c0:b7:1a:58:f3:
c7:1a:7f:2e:6e:a3:fb:d0:57:30:c2:fe:6d:af:a9:
fb:dc:21:9c:c7:77:92:2b:a6:73:9e:b4:de:c2:74:
38:2c:f6:4d:11:67:46:3e:86:29:dd:b1:45:fa:8e:
a8:88:20:45:fe:6a:c3:f1:f8:04:85:67:99:da:f9:
4f:47:c8:bb:80:c5:28:01:12:88:12:97:39:67:f9:
d4:63:5c:16:ae:78:5e:66:da:77:ee:d4:f0:7a:7f:
29:f0:47:bc:44:8c:d9:87:50:88:6b:c6:07:b3:08:
16:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4F:4D:92:42:EB:2F:B4:68:19:64:CD:76:45:34:06:12:FB:D3:95
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/209NkkLrL7RoGWTNdkU0BhL705U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.64.16.0/20
80.253.0.0/20
83.222.192.0/19
83.229.128.0/17
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
12:aa:c9:26:c4:39:9b:39:2a:e7:b7:fd:78:64:c2:7e:09:36:
01:57:14:5d:3f:b9:cd:42:66:48:7d:be:db:90:b9:92:53:f8:
5b:5d:e6:3f:8b:fe:70:df:ee:9f:07:fa:74:3a:7c:db:79:ff:
dc:1f:0a:6e:ce:c6:6b:05:5c:63:cb:8a:45:43:6e:6d:20:6a:
e9:58:eb:b2:9d:61:c7:78:7d:0c:ed:3a:8a:3e:9b:1f:e5:00:
7f:9c:55:dc:1b:c3:05:98:85:f1:13:f1:49:b6:2c:cc:22:93:
ea:1c:e3:d5:0a:36:a1:bb:49:f1:fb:34:19:38:45:5a:8f:96:
a3:83:67:89:01:e9:d3:32:12:13:71:18:62:66:c8:1d:24:50:
f2:2f:9a:68:a3:5a:be:8d:b6:cb:fd:6b:22:b5:63:2f:c2:33:
f0:63:47:2d:8b:4d:28:ba:10:db:1e:6c:ef:9b:7e:23:0d:de:
e2:26:bd:b1:12:8b:70:fe:01:45:87:63:72:91:58:45:21:ef:
6b:a8:fd:64:bc:15:87:d0:61:5f:df:cd:d7:fb:a3:4b:92:e4:
b5:2b:f7:06:21:56:db:e1:cf:dd:af:4c:e0:06:28:6d:48:d2:
86:b3:78:8d:c1:a8:a2:fc:bf:1c:0b:97:7d:b3:38:e2:35:51:
a8:b4:d3:61
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYTx9RHBEOQqfANNqpLE62sTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTMzODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjRmNGQ5MjQyZWIyZmI0NjgxOTY0Y2Q3NjQ1MzQwNjEyZmJkMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyy0PtBVFDtwhtXf9FruhEW1jRouN
glz/al90ehkC05BhiqYWgZqaHNpnJBRu9uPINhLifsaa3+IkE977P6qC00yuRHMz
4E3P9UeP/wbVsgc6SDBA+9IA5nHPoVbaylq2lPsCYTWPsxamQ5sGR8Y5aiJcKTLD
ygm0d/qU6sai80uZsk+fcOhCqxPwc5Rm8YJvwLcaWPPHGn8ubqP70Fcwwv5tr6n7
3CGcx3eSK6ZznrTewnQ4LPZNEWdGPoYp3bFF+o6oiCBF/mrD8fgEhWeZ2vlPR8i7
gMUoARKIEpc5Z/nUY1wWrnheZtp37tTwen8p8Ee8RIzZh1CIa8YHswgW7QIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFNtPTZJC6y+0aBlkzXZFNAYS+9OVMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvMjA5TmtrTHJMN1JvR1dUTmRrVTBCaEw3MDVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTCBigQCAAEwgYMDBAQ+
QBADBARQ/QADBAVT3sADBAdT5YADBAK5AyADBAK50owDBAO8XqgDAwC8ogMEAsHJ
5AMEBcMFgAMEBcMQYAMEAcNOdAMEAMOVbwMEBcPmQAMEBdQOoAMEBdQsQAMEBdRF
YAMEBdR3oAMEBdWaoAMEBdWoIAMEBtXzQAMEBNlzUDANBgkqhkiG9w0BAQsFAAOC
AQEAEqrJJsQ5mzkq57f9eGTCfgk2AVcUXT+5zUJmSH2+25C5klP4W13mP4v+cN/u
nwf6dDp823n/3B8Kbs7GawVcY8uKRUNubSBq6Vjrsp1hx3h9DO06ij6bH+UAf5xV
3BvDBZiF8RPxSbYszCKT6hzj1Qo2obtJ8fs0GThFWo+Wo4NniQHp0zISE3EYYmbI
HSRQ8i+aaKNavo22y/1rIrVjL8Iz8GNHLYtNKLoQ2x5s75t+Iw3e4ia9sRKLcP4B
RYdjcpFYRSHva6j9ZLwVh9BhX9/N1/ujS5LktSv3BiFW2+HP3a9M4AYobUjShrN4
jcGoovy/HAuXfbM44jVRqLTTYQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:32:44 2025 by rpki-client