Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/YWed1lxoC1ozQnZVIQdkB5YQ6fM.roa
File: YWed1lxoC1ozQnZVIQdkB5YQ6fM.roa (raw, json)
Hash identifier: M3bQGIbGjoXeEWHvuxNvt9UHBXy0TzQogmj9ew5K71s=
Subject key identifier: 61:67:9D:D6:5C:68:0B:5A:33:42:76:55:21:07:64:07:96:10:E9:F3
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01928B0CA6251903DE6ED0F469BE3E21CBBD
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/YWed1lxoC1ozQnZVIQdkB5YQ6fM.roa
Signing time: Mon 14 Oct 2024 12:41:54 +0000
ROA not before: Mon 14 Oct 2024 12:41:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 62.84.16.0/20 maxlen: 20
85.254.8.0/24 maxlen: 24
85.254.9.0/24 maxlen: 24
85.254.10.0/24 maxlen: 24
85.254.11.0/24 maxlen: 24
85.254.12.0/24 maxlen: 24
85.254.13.0/24 maxlen: 24
85.254.14.0/24 maxlen: 24
85.254.15.0/24 maxlen: 24
85.254.63.0/24 maxlen: 24
85.254.117.0/24 maxlen: 24
85.254.118.0/23 maxlen: 23
85.254.123.0/24 maxlen: 24
217.24.64.0/20 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8b:0c:a6:25:19:03:de:6e:d0:f4:69:be:3e:21:cb:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Oct 14 12:41:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61679dd65c680b5a33427655210764079610e9f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:86:6d:6b:e4:b1:d6:da:8b:a0:8b:72:6b:d5:
5f:de:4e:a5:f6:33:f5:b2:22:86:0d:3b:71:32:e5:
37:cb:d3:ee:62:50:6f:d4:ac:c4:3e:a5:81:cf:a0:
1a:10:e2:23:58:5f:5e:cd:5d:09:42:6a:a6:d6:aa:
1f:4a:bd:f2:92:b6:70:bc:54:b2:b4:6f:29:5a:0e:
25:7c:85:82:a0:6f:7f:ed:7c:b7:1d:7c:3b:32:f6:
b9:46:e5:40:85:21:f4:27:40:53:27:75:77:05:92:
96:cc:bb:70:75:1a:dd:3c:42:0b:24:4e:41:d3:96:
90:e9:5b:55:5a:64:37:14:61:ba:d6:0f:04:50:a5:
d4:a9:3a:e4:86:0a:69:6d:00:4e:bc:be:c4:44:ce:
21:51:d3:72:ee:9e:f6:e8:af:15:0a:e7:0f:ab:5c:
5b:26:8a:9e:09:e3:ea:40:14:38:a0:c4:dd:bb:0b:
00:a9:e5:ca:b2:e2:0e:59:67:d9:a6:90:37:64:b0:
f9:7c:30:a0:00:f4:72:02:ef:ac:fe:2d:7d:ae:c3:
6e:d4:da:fb:33:e9:5a:3e:4b:2b:08:9e:d7:12:58:
92:67:05:88:72:73:d1:92:91:37:d8:60:0d:85:68:
cc:70:3a:fd:f5:c8:08:80:8e:12:d6:7f:fc:65:0f:
06:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:67:9D:D6:5C:68:0B:5A:33:42:76:55:21:07:64:07:96:10:E9:F3
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/YWed1lxoC1ozQnZVIQdkB5YQ6fM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.16.0/20
85.254.8.0/21
85.254.63.0/24
85.254.117.0-85.254.119.255
85.254.123.0/24
217.24.64.0/20
Signature Algorithm: sha256WithRSAEncryption
21:a7:16:20:59:22:fb:8a:c2:fc:43:8e:d5:5e:99:bd:4e:80:
8d:b6:36:64:7a:de:e6:70:db:8e:51:c4:04:d5:c4:e7:00:d4:
5f:84:fb:09:8a:37:3d:85:07:21:48:c7:b8:98:60:74:2a:db:
38:8f:c0:5b:98:3e:d8:1f:cb:e5:cc:db:c2:4a:b1:d2:b1:84:
a8:52:c8:95:0e:8f:7f:ea:67:bb:87:a8:ca:ca:05:95:58:b2:
e3:34:3b:43:f0:64:bd:a8:48:53:e0:b4:2e:58:84:3f:cb:a9:
0e:29:98:2e:70:52:48:d3:29:12:92:23:8c:1f:b6:6e:e9:24:
9f:8e:8f:1a:01:ef:af:05:2a:82:13:2e:61:d6:0c:b6:0a:aa:
82:07:7c:a1:df:56:59:e5:ef:b5:d8:fc:62:72:14:23:da:98:
d5:57:51:6b:72:48:14:76:ce:f9:16:00:95:88:87:0d:d5:52:
f4:42:0d:df:a0:ac:69:6c:88:52:87:16:2e:aa:9b:f1:17:82:
87:2c:a5:25:fb:71:c9:1b:b6:d0:19:c0:ff:2e:09:fb:57:5d:
c2:4e:34:2c:e1:bc:a8:e7:53:5e:18:bc:0e:6c:ff:38:62:ab:
e6:22:3e:5c:05:1f:13:7d:c9:5d:20:a1:81:b8:54:62:17:2d:
2a:e1:5b:84
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZKLDKYlGQPebtD0ab4+Icu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQxMDE0MTI0MTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTY3OWRkNjVjNjgwYjVhMzM0Mjc2NTUyMTA3NjQwNzk2MTBlOWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoZta+Sx1tqLoItya9Vf3k6l9jP1
siKGDTtxMuU3y9PuYlBv1KzEPqWBz6AaEOIjWF9ezV0JQmqm1qofSr3ykrZwvFSy
tG8pWg4lfIWCoG9/7Xy3HXw7Mva5RuVAhSH0J0BTJ3V3BZKWzLtwdRrdPEILJE5B
05aQ6VtVWmQ3FGG61g8EUKXUqTrkhgppbQBOvL7ERM4hUdNy7p726K8VCucPq1xb
JoqeCePqQBQ4oMTduwsAqeXKsuIOWWfZppA3ZLD5fDCgAPRyAu+s/i19rsNu1Nr7
M+laPksrCJ7XEliSZwWIcnPRkpE32GANhWjMcDr99cgIgI4S1n/8ZQ8GZwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGFnndZcaAtaM0J2VSEHZAeWEOnzMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvWVdlZDFseG9DMW96UW5aVklRZGtCNVlRNmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQEPlQQAwQD
Vf4IAwQAVf4/MAwDBABV/nUDBANV/nADBABV/nsDBATZGEAwDQYJKoZIhvcNAQEL
BQADggEBACGnFiBZIvuKwvxDjtVemb1OgI22NmR63uZw245RxATVxOcA1F+E+wmK
Nz2FByFIx7iYYHQq2ziPwFuYPtgfy+XM28JKsdKxhKhSyJUOj3/qZ7uHqMrKBZVY
suM0O0PwZL2oSFPgtC5YhD/LqQ4pmC5wUkjTKRKSI4wftm7pJJ+OjxoB768FKoIT
LmHWDLYKqoIHfKHfVlnl77XY/GJyFCPamNVXUWtySBR2zvkWAJWIhw3VUvRCDd+g
rGlsiFKHFi6qm/EXgocspSX7cckbttAZwP8uCftXXcJONCzhvKjnU14YvA5s/zhi
q+YiPlwFHxN9yV0goYG4VGIXLSrhW4Q=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:03 2025 by rpki-client