Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/BUIDKpzmPbpSkoJT0Dc7qkwMF6k.roa
File: BUIDKpzmPbpSkoJT0Dc7qkwMF6k.roa (raw, json)
Hash identifier: Xip5iYPsDiPrMrQHUr0Xl4yTgoMgeUWmaa5vPmlZcl0=
Subject key identifier: 05:42:03:2A:9C:E6:3D:BA:52:92:82:53:D0:37:3B:AA:4C:0C:17:A9
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2E7EB3DAB2916D7A3E82198CAEB70
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/BUIDKpzmPbpSkoJT0Dc7qkwMF6k.roa
Signing time: Thu 02 Jan 2025 01:48:12 +0000
ROA not before: Thu 02 Jan 2025 01:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20910
IP address blocks: 62.84.0.0/20 maxlen: 32
62.205.192.0/18 maxlen: 32
77.38.128.0/17 maxlen: 32
85.115.96.0/19 maxlen: 32
85.254.120.0/23 maxlen: 23
87.226.0.0/17 maxlen: 32
89.18.192.0/19 maxlen: 32
89.201.0.0/17 maxlen: 32
91.142.0.0/20 maxlen: 32
91.188.32.0/19 maxlen: 32
93.177.192.0/18 maxlen: 32
94.30.128.0/17 maxlen: 32
109.110.0.0/19 maxlen: 32
136.169.0.0/17 maxlen: 32
185.144.184.0/22 maxlen: 32
188.112.128.0/18 maxlen: 32
195.62.128.0/19 maxlen: 32
195.244.128.0/20 maxlen: 32
213.180.96.0/19 maxlen: 32
217.198.224.0/20 maxlen: 32
217.199.96.0/19 maxlen: 32
2a00:9000::/29 maxlen: 32
2a00:f4a0::/29 maxlen: 32
2a03:6740::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:e7:eb:3d:ab:29:16:d7:a3:e8:21:98:ca:eb:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0542032a9ce63dba52928253d0373baa4c0c17a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:47:06:d7:76:3e:7c:69:79:c6:b8:73:40:af:
3e:38:4b:5e:c1:7a:72:64:1a:38:75:e5:37:e1:c7:
5f:86:ef:0c:10:48:52:e8:1e:ed:87:8e:dc:bd:bc:
01:c8:f3:6f:92:d7:d2:31:4d:e6:7d:26:e4:be:da:
5f:26:5e:37:dd:3f:8c:bd:04:ea:cc:0f:97:46:6b:
79:f7:34:fa:d2:a5:35:54:ae:ba:3f:39:39:3d:d9:
f1:18:6f:5b:b1:38:6a:19:f1:99:27:07:5a:d8:b8:
e8:96:41:30:e9:34:a5:32:1f:cf:63:30:7a:c9:f0:
4a:84:a5:15:75:0e:9c:3a:54:4c:d7:78:f1:19:47:
66:a3:d3:83:75:00:34:92:d4:cc:1a:aa:aa:ea:a6:
96:72:5d:58:e1:be:1b:be:bb:63:4d:6e:2e:d3:2b:
b4:c9:f4:50:60:47:5f:cb:3f:98:ab:79:5f:bd:63:
c4:46:ae:fe:13:c0:7b:cb:bd:83:52:f2:ad:a9:4b:
05:21:5a:06:9d:84:15:99:0d:e0:ad:d1:16:81:30:
6b:5a:80:32:ac:22:b9:f1:fe:10:ad:7e:6b:e0:a6:
d2:b8:fd:3f:02:fe:11:28:2e:5d:07:b2:49:25:25:
dd:b8:3d:b1:0c:2c:63:e6:57:64:53:27:f6:ce:b1:
73:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:42:03:2A:9C:E6:3D:BA:52:92:82:53:D0:37:3B:AA:4C:0C:17:A9
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/BUIDKpzmPbpSkoJT0Dc7qkwMF6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.0.0/20
62.205.192.0/18
77.38.128.0/17
85.115.96.0/19
85.254.120.0/23
87.226.0.0/17
89.18.192.0/19
89.201.0.0/17
91.142.0.0/20
91.188.32.0/19
93.177.192.0/18
94.30.128.0/17
109.110.0.0/19
136.169.0.0/17
185.144.184.0/22
188.112.128.0/18
195.62.128.0/19
195.244.128.0/20
213.180.96.0/19
217.198.224.0/20
217.199.96.0/19
IPv6:
2a00:9000::/29
2a00:f4a0::/29
2a03:6740::/29
Signature Algorithm: sha256WithRSAEncryption
64:f2:15:93:d6:b1:67:26:18:cc:d8:b8:ca:71:38:fc:78:d7:
48:da:a8:fb:77:a0:12:9e:13:08:20:cf:2e:d0:0e:48:d7:99:
53:aa:25:d2:7c:42:b6:3c:ce:2e:5c:22:c1:a2:f5:59:36:f9:
ce:98:6f:b3:cc:90:ab:d4:2d:32:7b:d2:a8:a3:b3:01:f7:fe:
f7:40:9b:4e:cf:e8:07:77:2d:ef:a3:7a:0c:90:ab:00:b1:26:
55:03:ce:73:4d:d4:de:ed:c1:45:34:0d:98:38:25:06:0d:6c:
1d:e9:47:e1:4f:ac:17:32:c8:f8:e6:e1:02:ef:da:f7:ad:09:
d3:47:75:e0:8a:2b:3d:18:9c:b2:fc:bd:eb:dc:18:ae:03:af:
3b:5d:86:10:15:2a:27:8a:21:da:51:fe:c7:30:b4:51:1d:2c:
21:a6:80:7a:88:e6:60:75:a4:5c:83:c3:80:15:41:66:58:7a:
74:12:1b:3d:9d:a9:07:f0:0b:14:c6:6c:05:cc:e1:d6:e2:0c:
90:cd:1a:e8:60:96:8d:f9:f7:d6:28:0a:c7:f4:8b:3e:bd:4f:
57:52:14:42:79:e2:59:1c:2a:ad:23:09:50:60:c9:04:79:0e:
d0:79:0e:61:cc:ac:ae:70:3a:29:17:51:b3:ce:ba:8f:1a:fc:
18:82:05:45
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZQksufrPaspFtej6CGYyutwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTQyMDMyYTljZTYzZGJhNTI5MjgyNTNkMDM3M2JhYTRjMGMxN2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEcG13Y+fGl5xrhzQK8+OEtewXpy
ZBo4deU34cdfhu8MEEhS6B7th47cvbwByPNvktfSMU3mfSbkvtpfJl433T+MvQTq
zA+XRmt59zT60qU1VK66Pzk5PdnxGG9bsThqGfGZJwda2LjolkEw6TSlMh/PYzB6
yfBKhKUVdQ6cOlRM13jxGUdmo9ODdQA0ktTMGqqq6qaWcl1Y4b4bvrtjTW4u0yu0
yfRQYEdfyz+Yq3lfvWPERq7+E8B7y72DUvKtqUsFIVoGnYQVmQ3grdEWgTBrWoAy
rCK58f4QrX5r4KbSuP0/Av4RKC5dB7JJJSXduD2xDCxj5ldkUyf2zrFzawIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFAVCAyqc5j26UpKCU9A3O6pMDBepMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvQlVJREtwem1QYnBTa29KVDBEYzdxa3dNRjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBhAQCAAEwfgMEBD5U
AAMEBj7NwAMEB00mgAMEBVVzYAMEAVX+eAMEB1fiAAMEBVkSwAMEB1nJAAMEBFuO
AAMEBVu8IAMEBl2xwAMEB14egAMEBW1uAAMEB4ipAAMEArmQuAMEBrxwgAMEBcM+
gAMEBMP0gAMEBdW0YAMEBNnG4AMEBdnHYDAbBAIAAjAVAwUDKgCQAAMFAyoA9KAD
BQMqA2dAMA0GCSqGSIb3DQEBCwUAA4IBAQBk8hWT1rFnJhjM2LjKcTj8eNdI2qj7
d6ASnhMIIM8u0A5I15lTqiXSfEK2PM4uXCLBovVZNvnOmG+zzJCr1C0ye9Koo7MB
9/73QJtOz+gHdy3vo3oMkKsAsSZVA85zTdTe7cFFNA2YOCUGDWwd6UfhT6wXMsj4
5uEC79r3rQnTR3Xgiis9GJyy/L3r3BiuA687XYYQFSoniiHaUf7HMLRRHSwhpoB6
iOZgdaRcg8OAFUFmWHp0Ehs9nakH8AsUxmwFzOHW4gyQzRroYJaN+ffWKArH9Is+
vU9XUhRCeeJZHCqtIwlQYMkEeQ7QeQ5hzKyucDopF1GzzrqPGvwYggVF
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:57 2025 by rpki-client