Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/DdfZl5cX5SBBIipNBKvW64T-UyA.roa
File: DdfZl5cX5SBBIipNBKvW64T-UyA.roa (raw, json)
Hash identifier: mB5RlMr/qSX9XxcnoQPX3rKKTW9TeZyizAhCZkoMI3I=
Subject key identifier: 0D:D7:D9:97:97:17:E5:20:41:22:2A:4D:04:AB:D6:EB:84:FE:53:20
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 018AFFD723F9DFCD7B37BBADF4B8D38CB048
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/DdfZl5cX5SBBIipNBKvW64T-UyA.roa
Signing time: Thu 05 Oct 2023 12:36:44 +0000
ROA not before: Thu 05 Oct 2023 12:36:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21700
IP address blocks: 194.195.48.0/20 maxlen: 20
194.195.16.0/20 maxlen: 24
62.138.68.0/22 maxlen: 22
62.138.76.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:d7:23:f9:df:cd:7b:37:bb:ad:f4:b8:d3:8c:b0:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Oct 5 12:36:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dd7d9979717e52041222a4d04abd6eb84fe5320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f6:7d:fc:37:e9:48:09:60:0e:dd:92:ee:cb:
8a:13:d0:05:a4:ff:ec:70:b6:c4:52:1c:6c:0a:db:
1d:a1:5b:dc:a6:b9:b5:ed:b1:79:44:6f:a6:0f:39:
4e:ec:63:86:5f:c1:2b:a2:53:50:2e:11:2a:59:9e:
4e:23:90:6a:01:d4:5e:fb:35:3b:e5:f9:8a:02:07:
c1:aa:5b:f5:06:a6:86:d7:e4:eb:71:93:93:c2:91:
8d:d4:64:c8:71:85:ff:04:f5:f3:34:a3:0a:4b:4b:
8e:94:44:39:be:aa:79:2b:be:d0:70:59:a2:f2:32:
d5:92:da:a3:24:9e:9b:97:a7:51:7e:1f:e4:fe:f0:
19:1f:62:3e:85:93:ce:bf:c3:73:03:59:87:8d:1e:
05:16:84:49:69:4d:48:f6:46:c0:78:75:41:f2:e8:
32:79:d1:7e:b4:12:64:b7:04:14:25:bd:b0:da:b2:
34:cd:2f:90:18:b0:96:16:44:90:92:4d:bf:17:6f:
0d:d0:c7:59:4d:33:66:4f:30:6d:3c:2e:db:89:7a:
f9:40:7c:f9:41:d6:87:5c:f9:2d:18:c5:6e:02:a1:
cf:80:db:4a:d2:a7:e8:c2:76:de:4f:7e:10:13:da:
88:1d:88:c8:81:d9:81:78:95:13:6e:db:a9:cb:65:
01:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D7:D9:97:97:17:E5:20:41:22:2A:4D:04:AB:D6:EB:84:FE:53:20
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/DdfZl5cX5SBBIipNBKvW64T-UyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.138.68.0/22
62.138.76.0/22
194.195.16.0/20
194.195.48.0/20
Signature Algorithm: sha256WithRSAEncryption
15:74:a4:27:f8:31:8a:1c:06:dd:43:37:4c:13:83:9f:4f:84:
44:19:4c:94:0e:ea:0a:f2:e1:9f:d4:13:07:d5:49:3f:3e:0e:
62:24:88:5d:fd:d5:e7:63:0e:a6:12:46:05:39:88:53:c1:6b:
83:05:96:c5:9a:a3:67:2e:60:7b:e6:dd:59:ed:98:c4:54:ed:
fd:96:13:5e:c8:e6:cf:e3:4d:1e:82:54:1d:f1:59:e7:3a:92:
10:df:bb:d1:82:f0:16:26:70:b3:09:41:6a:df:b0:bb:cb:72:
4a:0b:5d:1b:2b:80:2c:ba:9e:0c:ea:96:74:af:98:c7:52:76:
69:5f:34:fd:7e:a5:2a:c8:3f:80:26:62:5e:7c:46:a7:6a:18:
a5:25:9e:63:ed:26:fb:5d:93:e4:8f:64:a4:c7:7a:6a:df:3d:
72:f6:e6:02:34:7f:19:5b:da:8f:87:98:b2:2d:a0:0f:4f:46:
4e:52:2f:02:71:d3:bc:02:59:82:9c:b8:87:76:2d:ff:42:0e:
f8:09:14:84:9c:27:1d:5d:8b:bf:fe:13:e6:09:11:52:9f:c7:
08:c2:bb:98:b4:f8:e4:50:02:aa:a8:11:ef:31:9d:1c:37:53:
aa:57:c0:34:28:2b:86:23:9a:2d:12:22:ed:e0:cb:84:2f:c3:
f8:f6:d8:c8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYr/1yP53817N7ut9LjTjLBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMxMDA1MTIzNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ3ZDk5Nzk3MTdlNTIwNDEyMjJhNGQwNGFiZDZlYjg0ZmU1MzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPZ9/DfpSAlgDt2S7suKE9AFpP/s
cLbEUhxsCtsdoVvcprm17bF5RG+mDzlO7GOGX8ErolNQLhEqWZ5OI5BqAdRe+zU7
5fmKAgfBqlv1BqaG1+TrcZOTwpGN1GTIcYX/BPXzNKMKS0uOlEQ5vqp5K77QcFmi
8jLVktqjJJ6bl6dRfh/k/vAZH2I+hZPOv8NzA1mHjR4FFoRJaU1I9kbAeHVB8ugy
edF+tBJktwQUJb2w2rI0zS+QGLCWFkSQkk2/F28N0MdZTTNmTzBtPC7biXr5QHz5
QdaHXPktGMVuAqHPgNtK0qfownbeT34QE9qIHYjIgdmBeJUTbtupy2UBJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA3X2ZeXF+UgQSIqTQSr1uuE/lMgMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvRGRmWmw1Y1g1U0JCSWlwTkJLdlc2NFQtVXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCPopEAwQC
PopMAwQEwsMQAwQEwsMwMA0GCSqGSIb3DQEBCwUAA4IBAQAVdKQn+DGKHAbdQzdM
E4OfT4REGUyUDuoK8uGf1BMH1Uk/Pg5iJIhd/dXnYw6mEkYFOYhTwWuDBZbFmqNn
LmB75t1Z7ZjEVO39lhNeyObP400eglQd8VnnOpIQ37vRgvAWJnCzCUFq37C7y3JK
C10bK4Asup4M6pZ0r5jHUnZpXzT9fqUqyD+AJmJefEanahilJZ5j7Sb7XZPkj2Sk
x3pq3z1y9uYCNH8ZW9qPh5iyLaAPT0ZOUi8CcdO8AlmCnLiHdi3/Qg74CRSEnCcd
XYu//hPmCRFSn8cIwruYtPjkUAKqqBHvMZ0cN1OqV8A0KCuGI5otEiLt4MuEL8P4
9tjI
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:44 2025 by rpki-client