Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bhV5-nLtui9hKJE0t2jx2o8_grU.roa
File: bhV5-nLtui9hKJE0t2jx2o8_grU.roa (raw, json)
Hash identifier: gxkj8bLKn/zZ3A9rLSJ8fanLpzI317fLcOeMQTAGRD0=
Subject key identifier: 6E:15:79:FA:72:ED:BA:2F:61:28:91:34:B7:68:F1:DA:8F:3F:82:B5
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019289BB150B9B92AD7D7ABBB1FA8440237C
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bhV5-nLtui9hKJE0t2jx2o8_grU.roa
Signing time: Mon 14 Oct 2024 06:33:12 +0000
ROA not before: Mon 14 Oct 2024 06:33:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 62.84.16.0/20 maxlen: 20
85.254.8.0/21 maxlen: 24
85.254.13.0/24 maxlen: 24
85.254.63.0/24 maxlen: 24
85.254.117.0/24 maxlen: 24
85.254.118.0/23 maxlen: 23
85.254.123.0/24 maxlen: 24
217.24.64.0/20 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:89:bb:15:0b:9b:92:ad:7d:7a:bb:b1:fa:84:40:23:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Oct 14 06:33:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e1579fa72edba2f61289134b768f1da8f3f82b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c2:56:73:89:ae:d0:f7:7c:89:39:7a:1e:9a:
63:19:1a:ca:44:fa:a7:62:ed:0c:91:30:12:8a:12:
1a:81:e4:4b:c1:40:b4:ea:4d:ea:f1:cc:16:3e:fd:
ab:e2:d1:ff:2b:e5:7f:2d:17:ab:cf:dd:0f:70:0d:
64:2b:6c:c0:83:fe:c1:dd:a4:c0:65:16:c7:04:bf:
4e:1c:42:7e:60:ae:51:7c:4a:80:49:db:94:00:b9:
fa:83:90:13:4a:51:04:41:bb:5a:b4:37:55:a9:90:
c9:bd:63:a7:0a:b3:ff:17:25:8a:2c:ca:93:e5:cb:
71:27:bf:48:ed:a9:ba:5c:53:71:b0:64:0e:6b:15:
cf:95:dd:c2:86:12:8c:c1:78:b2:57:20:b6:d3:5d:
21:c2:5e:b1:53:1b:db:b6:74:e6:cc:83:86:b4:d2:
8e:d2:64:87:37:c2:d6:df:fd:89:77:e3:9f:3a:00:
a6:43:2e:e4:9e:03:17:cb:28:6f:1c:ff:47:17:0c:
d1:ef:96:69:9f:22:65:ed:bd:4e:b5:af:4c:a9:f2:
64:0c:05:5e:e9:40:db:de:d4:e9:53:00:42:46:b9:
cf:e5:90:d8:8e:89:56:bb:f0:59:e5:aa:45:8f:4b:
62:78:72:d0:61:c0:76:f4:04:f0:12:7e:c8:6a:05:
20:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:15:79:FA:72:ED:BA:2F:61:28:91:34:B7:68:F1:DA:8F:3F:82:B5
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bhV5-nLtui9hKJE0t2jx2o8_grU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.16.0/20
85.254.8.0/21
85.254.63.0/24
85.254.117.0-85.254.119.255
85.254.123.0/24
217.24.64.0/20
Signature Algorithm: sha256WithRSAEncryption
23:e0:c4:1c:47:55:40:42:2e:a6:e4:5c:47:fe:70:dd:db:b4:
5d:0d:a1:c5:11:3a:c5:16:86:7a:7d:fa:28:d9:c6:5b:a4:af:
9c:01:98:0f:f5:d3:9b:09:d2:fc:01:24:3b:2d:aa:67:92:d7:
b3:60:4f:11:0d:b8:47:cb:26:32:ef:97:9b:14:8b:b0:f5:1d:
dd:10:21:4c:8b:0b:e0:e6:b8:95:0e:17:67:89:ac:bf:c4:92:
0f:71:b3:57:fd:93:da:d1:f2:da:02:39:c5:b9:ae:3b:f3:56:
c2:ab:64:d7:1a:0d:ae:41:93:97:89:58:a6:9b:74:77:fd:73:
da:02:7c:90:79:25:29:53:71:18:08:36:94:4a:9c:76:c3:ca:
3d:47:0b:56:ee:ef:d2:c9:67:b8:1e:57:74:d9:c3:2e:6c:f5:
1b:44:af:ac:31:e7:e1:b2:13:8f:aa:1c:8f:fd:fc:0a:c7:4c:
45:94:58:08:ae:0b:78:73:1c:2b:9c:de:e4:ff:64:52:0d:47:
fe:e5:9e:37:53:d0:26:64:7e:32:f7:e7:2d:09:b1:1d:82:0b:
d9:e7:fd:f8:f8:01:44:86:83:ad:c3:66:f4:a5:53:46:42:09:
e7:ce:53:40:a3:ff:63:ab:06:3a:ef:62:24:8c:b6:c2:ac:fd:
8d:d4:e1:88
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZKJuxULm5KtfXq7sfqEQCN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQxMDE0MDYzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTE1NzlmYTcyZWRiYTJmNjEyODkxMzRiNzY4ZjFkYThmM2Y4MmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycJWc4mu0Pd8iTl6HppjGRrKRPqn
Yu0MkTASihIageRLwUC06k3q8cwWPv2r4tH/K+V/LRerz90PcA1kK2zAg/7B3aTA
ZRbHBL9OHEJ+YK5RfEqASduUALn6g5ATSlEEQbtatDdVqZDJvWOnCrP/FyWKLMqT
5ctxJ79I7am6XFNxsGQOaxXPld3ChhKMwXiyVyC2010hwl6xUxvbtnTmzIOGtNKO
0mSHN8LW3/2Jd+OfOgCmQy7kngMXyyhvHP9HFwzR75ZpnyJl7b1Ota9MqfJkDAVe
6UDb3tTpUwBCRrnP5ZDYjolWu/BZ5apFj0tieHLQYcB29ATwEn7IagUgsQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFG4Vefpy7bovYSiRNLdo8dqPP4K1MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvYmhWNS1uTHR1aTloS0pFMHQyangybzhfZ3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQEPlQQAwQD
Vf4IAwQAVf4/MAwDBABV/nUDBANV/nADBABV/nsDBATZGEAwDQYJKoZIhvcNAQEL
BQADggEBACPgxBxHVUBCLqbkXEf+cN3btF0NocUROsUWhnp9+ijZxlukr5wBmA/1
05sJ0vwBJDstqmeS17NgTxENuEfLJjLvl5sUi7D1Hd0QIUyLC+DmuJUOF2eJrL/E
kg9xs1f9k9rR8toCOcW5rjvzVsKrZNcaDa5Bk5eJWKabdHf9c9oCfJB5JSlTcRgI
NpRKnHbDyj1HC1bu79LJZ7geV3TZwy5s9RtEr6wx5+GyE4+qHI/9/ArHTEWUWAiu
C3hzHCuc3uT/ZFINR/7lnjdT0CZkfjL35y0JsR2CC9nn/fj4AUSGg63DZvSlU0ZC
CefOU0Cj/2OrBjrvYiSMtsKs/Y3U4Yg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:04 2025 by rpki-client