Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/2dQmlenfIbJ_JHmbZt3MlXDxyLY.roa
File: 2dQmlenfIbJ_JHmbZt3MlXDxyLY.roa (raw, json)
Hash identifier: 8AnqlA8YwXgOLFpiRS2v1wDO7xyfgMyhwpS7iKbTfyw=
Subject key identifier: D9:D4:26:95:E9:DF:21:B2:7F:24:79:9B:66:DD:CC:95:70:F1:C8:B6
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01921E06B4A755FC2CCD8480F275E349B1B0
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/2dQmlenfIbJ_JHmbZt3MlXDxyLY.roa
Signing time: Mon 23 Sep 2024 08:36:48 +0000
ROA not before: Mon 23 Sep 2024 08:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20910
IP address blocks: 62.84.0.0/20 maxlen: 32
62.205.192.0/18 maxlen: 32
77.38.128.0/17 maxlen: 32
80.254.208.0/20 maxlen: 32
85.115.96.0/19 maxlen: 32
85.254.120.0/23 maxlen: 23
87.226.0.0/17 maxlen: 32
89.18.192.0/19 maxlen: 32
89.201.0.0/17 maxlen: 32
91.142.0.0/20 maxlen: 32
91.188.32.0/19 maxlen: 32
93.177.192.0/18 maxlen: 32
94.30.128.0/17 maxlen: 32
109.110.0.0/19 maxlen: 32
136.169.0.0/17 maxlen: 32
185.144.184.0/22 maxlen: 32
188.112.128.0/18 maxlen: 32
195.62.128.0/19 maxlen: 32
195.244.128.0/20 maxlen: 32
213.180.96.0/19 maxlen: 32
217.198.224.0/20 maxlen: 32
217.199.96.0/19 maxlen: 32
2a00:9000::/29 maxlen: 32
2a00:f4a0::/29 maxlen: 32
2a03:6740::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:06:b4:a7:55:fc:2c:cd:84:80:f2:75:e3:49:b1:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Sep 23 08:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9d42695e9df21b27f24799b66ddcc9570f1c8b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:37:b9:2e:c9:88:6a:0b:f3:80:0f:17:87:a8:
e5:e6:06:99:f3:ed:ea:e3:41:5a:9b:fb:a7:54:05:
55:6e:84:f4:e2:0c:f3:08:f0:92:d9:2a:28:12:d4:
44:80:63:e5:1f:49:20:4a:46:74:d4:d2:7d:01:75:
e8:42:5d:8d:5b:5d:af:15:a6:c1:d4:cf:1b:80:30:
90:19:2e:7f:49:20:a7:f9:76:78:07:e2:cd:dd:19:
e4:a8:65:3b:d5:9c:01:7c:68:07:e4:30:37:d4:31:
8e:10:19:6e:bf:8d:94:18:a7:ef:39:01:0f:b4:10:
37:f6:a5:1b:de:bd:96:e6:c6:b5:3d:d7:6a:5e:a5:
89:33:49:8c:b5:db:1d:d4:38:85:2b:35:94:38:6c:
de:ee:d1:a3:10:cf:77:6c:16:5e:4d:52:51:d3:92:
8f:dd:70:cb:f7:d2:ff:1d:a7:16:ba:5f:7f:c8:c9:
3f:0f:e6:05:33:7e:95:d0:ae:36:35:bc:61:15:68:
70:f0:ea:ef:c1:14:25:62:b6:bf:dc:a2:1e:3b:43:
ed:d8:d1:a6:a5:53:eb:b7:8c:3a:14:6e:3c:dd:b1:
92:b1:16:2f:84:b3:d5:49:19:4d:af:94:3d:ff:ce:
07:a6:36:4d:06:70:0d:c3:dd:08:20:15:49:eb:dc:
53:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D4:26:95:E9:DF:21:B2:7F:24:79:9B:66:DD:CC:95:70:F1:C8:B6
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/2dQmlenfIbJ_JHmbZt3MlXDxyLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.0.0/20
62.205.192.0/18
77.38.128.0/17
80.254.208.0/20
85.115.96.0/19
85.254.120.0/23
87.226.0.0/17
89.18.192.0/19
89.201.0.0/17
91.142.0.0/20
91.188.32.0/19
93.177.192.0/18
94.30.128.0/17
109.110.0.0/19
136.169.0.0/17
185.144.184.0/22
188.112.128.0/18
195.62.128.0/19
195.244.128.0/20
213.180.96.0/19
217.198.224.0/20
217.199.96.0/19
IPv6:
2a00:9000::/29
2a00:f4a0::/29
2a03:6740::/29
Signature Algorithm: sha256WithRSAEncryption
2f:f3:2d:7d:59:33:97:fa:95:86:9c:62:b8:76:d3:fd:2b:6c:
48:f1:30:94:db:be:44:e6:62:97:ca:07:93:84:80:c6:30:af:
8b:e8:33:fa:9c:2b:ec:ac:2e:08:ef:83:c0:b5:e1:0e:77:9a:
34:b2:3f:c3:38:c4:a1:87:b5:16:75:9d:f1:b4:52:29:8c:b4:
34:0a:ac:a6:c7:fc:5b:e1:82:c6:36:5a:ab:34:53:f4:52:fc:
56:a5:95:7b:5e:28:7d:81:9b:66:e2:8f:0d:f7:6b:7b:68:7e:
3d:86:b5:43:a3:5e:55:98:ee:a2:fd:b1:9c:72:aa:1d:63:04:
7c:ec:de:cd:44:ff:c0:82:30:a8:5a:e1:2d:4f:d3:2b:33:98:
c6:5d:e4:cd:b6:f2:6a:0b:56:ca:35:98:ba:b1:71:9c:c1:c4:
5d:f6:5c:1a:57:a4:dd:5a:da:2a:9e:1c:e7:00:33:70:1d:5e:
09:53:e9:bb:f6:f0:08:54:d5:6a:3a:7b:11:35:b7:d9:a3:36:
d1:c5:ad:ac:37:86:d8:7d:b5:5d:16:8d:8f:07:25:bc:32:65:
20:5a:f7:fc:2b:0a:1f:3c:44:5a:cf:43:27:08:8c:dd:9c:ca:
09:03:b4:d4:26:b8:f8:58:e3:3c:6a:22:85:bb:69:99:cd:29:
2a:a5:c5:1e
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAZIeBrSnVfwszYSA8nXjSbGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwOTIzMDgzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQ0MjY5NWU5ZGYyMWIyN2YyNDc5OWI2NmRkY2M5NTcwZjFjOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTe5LsmIagvzgA8Xh6jl5gaZ8+3q
40Fam/unVAVVboT04gzzCPCS2SooEtREgGPlH0kgSkZ01NJ9AXXoQl2NW12vFabB
1M8bgDCQGS5/SSCn+XZ4B+LN3RnkqGU71ZwBfGgH5DA31DGOEBluv42UGKfvOQEP
tBA39qUb3r2W5sa1PddqXqWJM0mMtdsd1DiFKzWUOGze7tGjEM93bBZeTVJR05KP
3XDL99L/HacWul9/yMk/D+YFM36V0K42NbxhFWhw8OrvwRQlYra/3KIeO0Pt2NGm
pVPrt4w6FG483bGSsRYvhLPVSRlNr5Q9/84HpjZNBnANw90IIBVJ69xTDwIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFNnUJpXp3yGyfyR5m2bdzJVw8ci2MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvMmRRbWxlbmZJYkpfSkhtYlp0M01sWER4eUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBiwQCAAEwgYQDBAQ+
VAADBAY+zcADBAdNJoADBARQ/tADBAVVc2ADBAFV/ngDBAdX4gADBAVZEsADBAdZ
yQADBARbjgADBAVbvCADBAZdscADBAdeHoADBAVtbgADBAeIqQADBAK5kLgDBAa8
cIADBAXDPoADBATD9IADBAXVtGADBATZxuADBAXZx2AwGwQCAAIwFQMFAyoAkAAD
BQMqAPSgAwUDKgNnQDANBgkqhkiG9w0BAQsFAAOCAQEAL/MtfVkzl/qVhpxiuHbT
/StsSPEwlNu+ROZil8oHk4SAxjCvi+gz+pwr7KwuCO+DwLXhDneaNLI/wzjEoYe1
FnWd8bRSKYy0NAqspsf8W+GCxjZaqzRT9FL8VqWVe14ofYGbZuKPDfdre2h+PYa1
Q6NeVZjuov2xnHKqHWMEfOzezUT/wIIwqFrhLU/TKzOYxl3kzbbyagtWyjWYurFx
nMHEXfZcGlek3VraKp4c5wAzcB1eCVPpu/bwCFTVajp7ETW32aM20cWtrDeG2H21
XRaNjwclvDJlIFr3/CsKHzxEWs9DJwiM3ZzKCQO01Ca4+FjjPGoihbtpmc0pKqXF
Hg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:45 2025 by rpki-client