Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hmNlWsgvmJrtNQ7LSdwYKkUaHZE.roa
File: hmNlWsgvmJrtNQ7LSdwYKkUaHZE.roa (raw, json)
Hash identifier: HS5nkz9uwgbrL+CmaSjLEVO+XHtZ1/uGCk/HtBizJIQ=
Subject key identifier: 86:63:65:5A:C8:2F:98:9A:ED:35:0E:CB:49:DC:18:2A:45:1A:1D:91
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2E3CB3802E5AF21437072DB5C1417
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hmNlWsgvmJrtNQ7LSdwYKkUaHZE.roa
Signing time: Thu 02 Jan 2025 01:48:11 +0000
ROA not before: Thu 02 Jan 2025 01:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 62.84.16.0/20 maxlen: 20
85.254.8.0/24 maxlen: 24
85.254.9.0/24 maxlen: 24
85.254.10.0/24 maxlen: 24
85.254.11.0/24 maxlen: 24
85.254.12.0/24 maxlen: 24
85.254.13.0/24 maxlen: 24
85.254.14.0/24 maxlen: 24
85.254.15.0/24 maxlen: 24
85.254.63.0/24 maxlen: 24
85.254.117.0/24 maxlen: 24
85.254.118.0/23 maxlen: 23
217.24.64.0/20 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:e3:cb:38:02:e5:af:21:43:70:72:db:5c:14:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8663655ac82f989aed350ecb49dc182a451a1d91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:af:91:fb:c8:50:e4:ba:f5:af:c6:10:52:bd:
3b:e5:e8:28:d6:53:ac:f9:5b:da:21:c6:69:21:c6:
4f:45:27:b0:b6:62:63:82:0d:57:90:bf:85:7a:36:
0e:9f:2d:8b:03:8e:57:74:54:51:da:de:54:65:94:
17:30:35:33:6e:d9:47:c4:16:ac:b2:e7:94:66:ff:
60:e1:b9:66:8f:5c:ca:87:86:77:31:86:6b:44:14:
8b:d0:10:79:27:92:91:7e:1d:a8:4e:1d:38:94:00:
a2:60:ba:88:89:c9:c6:d8:95:c0:4f:98:ef:ed:35:
18:1a:18:1e:47:bb:c3:50:9f:f6:19:56:f6:43:a9:
d8:17:48:42:bb:c1:c9:cd:79:7d:f4:79:45:b7:c5:
b3:7b:09:0d:92:bf:e9:a1:67:ab:0c:18:e9:10:6c:
a7:3c:5a:78:1a:7d:03:af:63:d5:df:b0:b0:39:2e:
fa:d5:a3:12:ce:fb:50:87:fd:2c:ae:96:97:72:68:
8d:52:48:59:6b:02:79:9d:0e:b8:41:96:9f:c1:04:
f2:46:20:31:69:5f:b8:8f:2b:9f:10:d9:67:47:63:
91:a2:e2:ea:95:40:b2:1d:fb:08:a5:e1:74:69:60:
f5:14:29:d1:e3:d1:a7:73:20:74:e7:13:b3:b6:df:
d0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:63:65:5A:C8:2F:98:9A:ED:35:0E:CB:49:DC:18:2A:45:1A:1D:91
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hmNlWsgvmJrtNQ7LSdwYKkUaHZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.16.0/20
85.254.8.0/21
85.254.63.0/24
85.254.117.0-85.254.119.255
217.24.64.0/20
Signature Algorithm: sha256WithRSAEncryption
96:4b:02:d4:28:b9:e5:cc:f9:c9:bb:f0:dc:d8:f0:91:3d:63:
90:9f:fa:dc:d3:46:47:fa:45:3a:cc:6e:05:46:5b:44:5a:cf:
09:06:e8:0b:67:82:28:b2:62:a6:06:b5:00:6f:2f:2a:79:55:
f7:fb:b8:5b:a0:bc:04:d4:66:15:d1:3d:62:b4:de:83:6f:4a:
d6:8e:dc:7e:67:e0:db:93:75:73:37:c4:57:cf:f3:8d:f8:69:
70:4f:97:db:60:a5:7c:67:08:22:67:db:0f:36:3e:58:d3:e4:
b2:d9:d1:20:e7:c1:8b:ac:95:4d:83:5f:76:b6:71:52:55:34:
37:49:78:40:0e:ee:88:38:50:df:d1:87:99:75:28:cf:97:1b:
14:64:f2:c1:4b:a0:69:87:36:fe:1f:cd:00:27:e1:b4:22:b7:
46:9e:6f:88:23:a3:b6:9f:5e:ac:0d:c9:2f:31:87:1e:25:ae:
80:66:43:c7:61:09:b3:26:d9:7d:fe:fd:93:54:95:39:91:bc:
51:a4:81:cf:8b:91:47:a1:cc:99:5d:df:84:71:b2:ee:c0:e7:
1a:da:fe:f8:b6:99:82:10:12:7f:67:fa:95:76:72:73:9e:12:
7d:fd:57:15:14:15:06:dd:4f:8e:3f:ef:16:0b:96:18:d6:07:
6e:60:88:87
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQksuPLOALlryFDcHLbXBQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjYzNjU1YWM4MmY5ODlhZWQzNTBlY2I0OWRjMTgyYTQ1MWExZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAka+R+8hQ5Lr1r8YQUr075ego1lOs
+VvaIcZpIcZPRSewtmJjgg1XkL+FejYOny2LA45XdFRR2t5UZZQXMDUzbtlHxBas
sueUZv9g4blmj1zKh4Z3MYZrRBSL0BB5J5KRfh2oTh04lACiYLqIicnG2JXAT5jv
7TUYGhgeR7vDUJ/2GVb2Q6nYF0hCu8HJzXl99HlFt8WzewkNkr/poWerDBjpEGyn
PFp4Gn0Dr2PV37CwOS761aMSzvtQh/0srpaXcmiNUkhZawJ5nQ64QZafwQTyRiAx
aV+4jyufENlnR2ORouLqlUCyHfsIpeF0aWD1FCnR49GncyB05xOztt/Q5wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIZjZVrIL5ia7TUOy0ncGCpFGh2RMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaG1ObFdzZ3ZtSnJ0TlE3TFNkd1lLa1VhSFpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEPlQQAwQD
Vf4IAwQAVf4/MAwDBABV/nUDBANV/nADBATZGEAwDQYJKoZIhvcNAQELBQADggEB
AJZLAtQoueXM+cm78NzY8JE9Y5Cf+tzTRkf6RTrMbgVGW0RazwkG6AtngiiyYqYG
tQBvLyp5Vff7uFugvATUZhXRPWK03oNvStaO3H5n4NuTdXM3xFfP8434aXBPl9tg
pXxnCCJn2w82PljT5LLZ0SDnwYuslU2DX3a2cVJVNDdJeEAO7og4UN/Rh5l1KM+X
GxRk8sFLoGmHNv4fzQAn4bQit0aeb4gjo7afXqwNyS8xhx4lroBmQ8dhCbMm2X3+
/ZNUlTmRvFGkgc+LkUehzJld34Rxsu7A5xra/vi2mYIQEn9n+pV2cnOeEn39VxUU
FQbdT44/7xYLlhjWB25giIc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:57 2025 by rpki-client