Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/bzccdE_nNPzPnSlliioVj-7hRew.roa
File: bzccdE_nNPzPnSlliioVj-7hRew.roa (raw, json)
Hash identifier: 4glX8OcaCyXvmeuybZ7zpnmmIAAdCSrGViopmHl3Q8g=
Subject key identifier: 6F:37:1C:74:4F:E7:34:FC:CF:9D:29:65:8A:2A:15:8F:EE:E1:45:EC
Certificate issuer: /CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Certificate serial: 0194228E1554E7EC359FDAD2D12273767549
Authority key identifier: 2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/bzccdE_nNPzPnSlliioVj-7hRew.roa
Signing time: Wed 01 Jan 2025 15:48:44 +0000
ROA not before: Wed 01 Jan 2025 15:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 87.238.154.0/24 maxlen: 24
217.117.65.0/24 maxlen: 24
217.117.71.0/24 maxlen: 24
217.117.76.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:15:54:e7:ec:35:9f:da:d2:d1:22:73:76:75:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Validity
Not Before: Jan 1 15:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f371c744fe734fccf9d29658a2a158feee145ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:20:5c:13:85:2b:52:0a:68:42:bd:13:78:91:
0d:51:bc:35:d4:65:01:99:5a:b4:76:71:8c:6b:f8:
63:d1:26:bd:88:60:38:d9:8c:44:fb:13:83:a2:a3:
94:65:82:1f:e6:6d:d7:9b:50:fb:0e:ee:98:b8:b3:
7f:6d:65:86:56:2e:e8:68:9c:d6:4e:9a:3d:f0:f9:
17:23:f7:51:56:54:d2:6d:3a:1f:2b:ab:43:6f:06:
6b:06:0f:28:fe:6f:e2:5d:66:af:e7:1f:d6:6d:23:
04:f1:55:23:25:0d:98:63:17:41:ce:16:0c:1d:4d:
33:a4:cc:86:a6:d4:36:00:0f:97:d3:e5:af:9b:6d:
69:1f:49:24:b1:f8:f9:42:cc:26:90:a5:b0:fb:e9:
11:bd:be:69:ec:6b:79:aa:16:05:72:a2:6d:e8:0d:
1d:07:32:64:22:17:f6:5c:c9:6e:f6:cb:fa:c4:18:
ff:32:56:cc:21:b3:75:8d:e9:f8:30:bb:cb:97:89:
27:b8:e3:24:c8:5e:61:e0:57:16:3e:b1:6b:44:eb:
d3:4d:7f:7c:a5:89:10:45:4b:03:41:08:4c:6a:bf:
bd:74:82:7c:82:d2:47:53:5c:b9:63:5d:28:0e:68:
bd:74:44:f7:86:48:35:16:77:90:b4:f3:28:8b:a5:
0b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:37:1C:74:4F:E7:34:FC:CF:9D:29:65:8A:2A:15:8F:EE:E1:45:EC
X509v3 Authority Key Identifier:
keyid:2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/bzccdE_nNPzPnSlliioVj-7hRew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.154.0/24
217.117.65.0/24
217.117.71.0/24
217.117.76.0/24
Signature Algorithm: sha256WithRSAEncryption
75:b2:85:90:fd:23:ca:a4:41:e3:fd:73:61:ee:7e:31:df:4c:
e8:ad:97:38:ec:e2:69:18:2c:f8:67:72:34:a8:d7:b3:05:f5:
5f:5c:fb:d2:86:0c:f9:22:33:67:8c:93:6a:1c:0d:77:7f:ba:
4c:ea:ad:58:41:d4:7e:14:a8:95:43:b2:3a:44:20:c2:4b:12:
56:b9:21:c6:97:e9:91:14:be:41:f8:e6:ad:9e:21:de:4b:07:
2f:6f:9d:91:80:07:59:05:4c:96:54:7e:f6:68:5e:b0:65:77:
8f:f1:a3:4b:93:39:c9:80:2a:b4:43:b3:f9:d6:bf:7f:58:c6:
8c:9a:20:b1:8d:51:ed:d0:a4:a2:2f:31:d1:84:3f:a6:3e:bd:
1b:ed:fb:99:31:72:dc:f1:7a:a8:60:9b:b9:fc:d8:1a:21:81:
0b:89:70:12:97:10:2b:d0:38:a6:31:3b:3e:64:39:b4:d8:6d:
33:31:8b:b5:f9:08:24:b6:39:d4:37:74:a8:de:0a:ba:a2:fc:
b0:8c:de:7b:53:21:6f:b5:75:79:2b:fa:d1:0a:54:d0:04:b6:
25:53:f0:ab:7c:de:98:30:70:ee:92:62:6b:94:a0:78:34:ab:
86:d1:5d:54:7a:4d:ae:15:13:41:58:ec:69:be:ce:0c:6d:5e:
95:f0:68:96
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQijhVU5+w1n9rS0SJzdnVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhY2UyMTA5MGVlNGQ3ODY3NzQxMzQyM2RjYjJmZTAxYTZl
MWM2MjIwHhcNMjUwMTAxMTU0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjM3MWM3NDRmZTczNGZjY2Y5ZDI5NjU4YTJhMTU4ZmVlZTE0NWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyBcE4UrUgpoQr0TeJENUbw11GUB
mVq0dnGMa/hj0Sa9iGA42YxE+xODoqOUZYIf5m3Xm1D7Du6YuLN/bWWGVi7oaJzW
Tpo98PkXI/dRVlTSbTofK6tDbwZrBg8o/m/iXWav5x/WbSME8VUjJQ2YYxdBzhYM
HU0zpMyGptQ2AA+X0+Wvm21pH0kksfj5QswmkKWw++kRvb5p7Gt5qhYFcqJt6A0d
BzJkIhf2XMlu9sv6xBj/MlbMIbN1jen4MLvLl4knuOMkyF5h4FcWPrFrROvTTX98
pYkQRUsDQQhMar+9dIJ8gtJHU1y5Y10oDmi9dET3hkg1FneQtPMoi6ULYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG83HHRP5zT8z50pZYoqFY/u4UXsMB8GA1UdIwQY
MBaAFCrOIQkO5NeGd0E0I9yy/gGm4cYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3M0aENRN2sxNFozUVRRajNMTC1BYWJoeGlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yOTE1ZjEtODdiYS00YzE4LWFhZjkt
NTkwYTk4MTNkZGRmLzEvYnpjY2RFX25OUHpQblNsbGlpb1ZqLTdoUmV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yOTE1ZjEtODdiYS00YzE4LWFhZjktNTkwYTk4MTNkZGRm
LzEvS3M0aENRN2sxNFozUVRRajNMTC1BYWJoeGlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV+6aAwQA
2XVBAwQA2XVHAwQA2XVMMA0GCSqGSIb3DQEBCwUAA4IBAQB1soWQ/SPKpEHj/XNh
7n4x30zorZc47OJpGCz4Z3I0qNezBfVfXPvShgz5IjNnjJNqHA13f7pM6q1YQdR+
FKiVQ7I6RCDCSxJWuSHGl+mRFL5B+OatniHeSwcvb52RgAdZBUyWVH72aF6wZXeP
8aNLkznJgCq0Q7P51r9/WMaMmiCxjVHt0KSiLzHRhD+mPr0b7fuZMXLc8XqoYJu5
/NgaIYELiXASlxAr0DimMTs+ZDm02G0zMYu1+QgktjnUN3So3gq6ovywjN57UyFv
tXV5K/rRClTQBLYlU/CrfN6YMHDukmJrlKB4NKuG0V1Uek2uFRNBWOxpvs4MbV6V
8GiW
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:11:55 2025 by rpki-client