Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/mRlQsb3dbReov3jXUUREpi1viVY.roa
File: mRlQsb3dbReov3jXUUREpi1viVY.roa (raw, json)
Hash identifier: Y3RyAQgqTO75JntgSyMUno9eMdRX6iEtiWuMakFdSrs=
Subject key identifier: 99:19:50:B1:BD:DD:6D:17:A8:BF:78:D7:51:44:44:A6:2D:6F:89:56
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01912CBFFB2358B98BAFE80A0C1AD240A4A2
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/mRlQsb3dbReov3jXUUREpi1viVY.roa
Signing time: Wed 07 Aug 2024 12:11:04 +0000
ROA not before: Wed 07 Aug 2024 12:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20910
IP address blocks: 62.84.0.0/19 maxlen: 32
62.205.192.0/18 maxlen: 32
77.38.128.0/17 maxlen: 32
79.135.128.0/19 maxlen: 32
80.254.208.0/20 maxlen: 32
85.115.96.0/19 maxlen: 32
85.254.120.0/23 maxlen: 23
87.226.0.0/17 maxlen: 32
89.18.192.0/19 maxlen: 32
89.201.0.0/17 maxlen: 32
91.142.0.0/20 maxlen: 32
91.188.32.0/19 maxlen: 32
93.177.192.0/18 maxlen: 32
94.30.128.0/17 maxlen: 32
109.110.0.0/19 maxlen: 32
136.169.0.0/17 maxlen: 32
185.144.184.0/22 maxlen: 32
188.112.128.0/18 maxlen: 32
195.62.128.0/19 maxlen: 32
195.244.128.0/20 maxlen: 32
213.180.96.0/19 maxlen: 32
217.198.224.0/20 maxlen: 32
217.199.96.0/19 maxlen: 32
2a00:9000::/29 maxlen: 32
2a00:f4a0::/29 maxlen: 32
2a03:6740::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2c:bf:fb:23:58:b9:8b:af:e8:0a:0c:1a:d2:40:a4:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Aug 7 12:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=991950b1bddd6d17a8bf78d7514444a62d6f8956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2d:d3:1f:31:89:e4:ea:1e:67:b9:2c:fa:b9:
95:4e:b1:ec:f5:8e:3c:b0:db:55:bd:63:37:93:4d:
bf:eb:3d:14:8b:26:a2:a3:7a:d9:04:5c:c0:ae:7d:
9a:f2:e4:2e:2a:8e:26:87:b8:2b:33:b1:09:fe:bc:
83:aa:8b:09:6f:94:6c:6a:48:82:0a:24:22:9d:94:
5d:c5:06:01:ee:15:fd:f2:16:70:88:73:f9:3b:70:
72:f7:c4:d5:ba:5e:0a:e5:0a:2e:21:93:53:c9:e4:
8c:60:04:c2:ba:1c:16:94:5f:6c:1e:67:2f:1e:71:
4a:d4:ae:e3:c6:62:d8:72:f7:74:e5:aa:22:cf:2f:
a7:b5:2d:d2:6d:a7:7c:dc:94:17:5f:e8:8a:b7:f0:
03:f6:bc:6d:84:7d:f4:eb:ef:c9:d0:1f:78:59:96:
2f:78:d7:d0:20:51:0b:e3:54:78:c3:44:a4:fc:d5:
18:0b:90:59:15:5e:45:f5:ea:57:1a:39:54:7b:78:
b2:20:49:e3:b9:02:e3:50:6a:48:23:90:0a:9a:9f:
f9:e1:1b:76:5c:d6:9a:f5:c7:d2:93:25:6b:8c:24:
37:af:8d:ec:a0:1b:8d:94:b6:1a:b7:74:15:6b:70:
bd:f7:9b:bf:20:5f:2c:da:5f:7f:01:18:d7:86:18:
fd:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:19:50:B1:BD:DD:6D:17:A8:BF:78:D7:51:44:44:A6:2D:6F:89:56
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/mRlQsb3dbReov3jXUUREpi1viVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.0.0/19
62.205.192.0/18
77.38.128.0/17
79.135.128.0/19
80.254.208.0/20
85.115.96.0/19
85.254.120.0/23
87.226.0.0/17
89.18.192.0/19
89.201.0.0/17
91.142.0.0/20
91.188.32.0/19
93.177.192.0/18
94.30.128.0/17
109.110.0.0/19
136.169.0.0/17
185.144.184.0/22
188.112.128.0/18
195.62.128.0/19
195.244.128.0/20
213.180.96.0/19
217.198.224.0/20
217.199.96.0/19
IPv6:
2a00:9000::/29
2a00:f4a0::/29
2a03:6740::/29
Signature Algorithm: sha256WithRSAEncryption
3f:6b:50:55:43:e6:b8:ec:ac:c9:da:f9:c4:1d:91:70:ff:da:
f5:17:c3:59:fc:00:ce:15:9d:66:9a:1a:88:23:64:dc:55:0d:
52:66:f3:6b:45:3b:85:45:69:b0:46:d7:4b:5d:ea:93:d0:0c:
58:fa:17:7d:f1:f7:4a:c0:07:6c:69:fb:70:74:f3:a2:cf:28:
f3:b5:eb:0d:68:c5:d2:87:e1:e5:d1:04:b4:43:d0:8d:24:3d:
4d:0e:ef:85:94:74:c4:b2:12:f4:3f:9c:85:6c:9a:78:c8:9e:
09:5c:ca:35:ff:27:67:a3:5f:19:01:3d:b9:8c:6d:47:e2:2a:
b4:7c:c8:5b:7b:cb:22:8c:bb:3d:86:31:1c:84:cf:f9:11:10:
46:b9:f3:e3:3b:47:ab:63:0a:7e:c5:4f:8b:08:d2:71:31:5f:
ee:f2:31:d3:ec:8c:cd:32:7e:72:a2:e1:97:dc:44:de:d5:4c:
eb:a8:9e:c8:73:3d:fe:92:1c:f1:b8:9c:52:59:f8:6d:d4:12:
3c:d6:2d:ec:ef:08:14:ff:5a:f6:df:32:92:ee:9f:fc:a3:dc:
ce:94:bb:a4:48:62:63:8f:eb:f7:03:a0:a6:72:e6:9c:6f:a5:
93:42:3b:fc:9f:ce:7b:5c:99:ab:5b:df:0c:18:4d:f9:a9:e6:
04:a4:ab:99
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZEsv/sjWLmLr+gKDBrSQKSiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwODA3MTIxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTE5NTBiMWJkZGQ2ZDE3YThiZjc4ZDc1MTQ0NDRhNjJkNmY4OTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0y3THzGJ5OoeZ7ks+rmVTrHs9Y48
sNtVvWM3k02/6z0Uiyaio3rZBFzArn2a8uQuKo4mh7grM7EJ/ryDqosJb5RsakiC
CiQinZRdxQYB7hX98hZwiHP5O3By98TVul4K5QouIZNTyeSMYATCuhwWlF9sHmcv
HnFK1K7jxmLYcvd05aoizy+ntS3Sbad83JQXX+iKt/AD9rxthH306+/J0B94WZYv
eNfQIFEL41R4w0Sk/NUYC5BZFV5F9epXGjlUe3iyIEnjuQLjUGpII5AKmp/54Rt2
XNaa9cfSkyVrjCQ3r43soBuNlLYat3QVa3C995u/IF8s2l9/ARjXhhj97wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJkZULG93W0XqL9411FERKYtb4lWMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvbVJsUXNiM2RiUmVvdjNqWFVVUkVwaTF2aVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBkQQCAAEwgYoDBAU+
VAADBAY+zcADBAdNJoADBAVPh4ADBARQ/tADBAVVc2ADBAFV/ngDBAdX4gADBAVZ
EsADBAdZyQADBARbjgADBAVbvCADBAZdscADBAdeHoADBAVtbgADBAeIqQADBAK5
kLgDBAa8cIADBAXDPoADBATD9IADBAXVtGADBATZxuADBAXZx2AwGwQCAAIwFQMF
AyoAkAADBQMqAPSgAwUDKgNnQDANBgkqhkiG9w0BAQsFAAOCAQEAP2tQVUPmuOys
ydr5xB2RcP/a9RfDWfwAzhWdZpoaiCNk3FUNUmbza0U7hUVpsEbXS13qk9AMWPoX
ffH3SsAHbGn7cHTzos8o87XrDWjF0ofh5dEEtEPQjSQ9TQ7vhZR0xLIS9D+chWya
eMieCVzKNf8nZ6NfGQE9uYxtR+IqtHzIW3vLIoy7PYYxHITP+REQRrnz4ztHq2MK
fsVPiwjScTFf7vIx0+yMzTJ+cqLhl9xE3tVM66ieyHM9/pIc8bicUln4bdQSPNYt
7O8IFP9a9t8yku6f/KPczpS7pEhiY4/r9wOgpnLmnG+lk0I7/J/Oe1yZq1vfDBhN
+anmBKSrmQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:18 2025 by rpki-client