Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/H_bkLdjo7He64z-JluJfy_wJejk.roa
File: H_bkLdjo7He64z-JluJfy_wJejk.roa (raw, json)
Hash identifier: kybLSddJIjcUhSXCGiYUr9h4Eqihrp15BxDbi/pEUV0=
Subject key identifier: 1F:F6:E4:2D:D8:E8:EC:77:BA:E3:3F:89:96:E2:5F:CB:FC:09:7A:39
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018C5893BD828D9C2AC55ED5FE06A5282AE7
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/H_bkLdjo7He64z-JluJfy_wJejk.roa
Signing time: Mon 11 Dec 2023 11:12:06 +0000
ROA not before: Mon 11 Dec 2023 11:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207326
IP address blocks: 185.65.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:93:bd:82:8d:9c:2a:c5:5e:d5:fe:06:a5:28:2a:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Dec 11 11:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ff6e42dd8e8ec77bae33f8996e25fcbfc097a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f6:af:ca:4e:86:bf:fb:2a:0b:4a:1d:40:a0:
60:55:93:f9:87:a3:47:77:7c:03:ba:27:3e:7e:15:
95:ea:20:a0:17:a1:7a:cc:02:c6:b0:17:3b:e7:8d:
a5:78:94:0f:61:5a:ee:bb:18:cd:b1:2d:13:22:fb:
64:0c:46:d4:c1:b2:9d:03:53:34:19:81:ac:cc:5d:
46:99:f2:c4:fb:91:cf:8b:aa:4d:ea:59:1e:17:4a:
00:40:ed:0e:41:cd:9d:f8:26:62:3e:70:c0:87:c9:
d1:ad:fb:ec:15:e8:ca:ca:99:4f:25:39:71:67:8a:
e4:30:e4:78:7f:99:6e:f3:ce:10:6e:3f:55:80:b4:
12:37:1b:9b:62:99:01:a7:4d:d5:e1:34:7e:31:ec:
7e:00:8e:cb:e0:e0:7f:8c:65:69:db:e5:d0:ad:01:
bc:31:4f:7b:68:5e:01:e8:e2:e1:f8:17:2b:9b:de:
e6:c6:8a:ad:6f:ee:2b:dd:df:e1:c1:be:26:41:2f:
0b:4b:d3:77:a9:62:13:58:b9:50:49:3b:da:97:73:
20:52:b5:a8:04:11:e0:13:a2:0c:d0:4d:fb:b1:2d:
8a:6f:6e:06:e3:61:fb:46:bf:cd:03:f5:43:cb:65:
f9:24:e4:46:11:18:7a:95:69:f9:45:6a:4e:e4:f2:
e8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F6:E4:2D:D8:E8:EC:77:BA:E3:3F:89:96:E2:5F:CB:FC:09:7A:39
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/H_bkLdjo7He64z-JluJfy_wJejk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.62.0/24
Signature Algorithm: sha256WithRSAEncryption
63:6f:ea:b3:da:28:0d:b1:fb:8b:f4:68:0c:84:91:8c:5e:5d:
04:99:4a:a4:5e:28:75:99:7b:2d:fd:53:ff:63:12:a1:ff:a8:
1f:40:46:ac:ae:84:57:bc:4d:4a:b7:fc:ab:6d:05:62:be:85:
79:61:0d:8a:76:70:b6:c1:a9:68:75:2f:92:41:66:94:9f:c9:
c9:58:4d:c1:e7:62:8e:41:08:15:e5:d7:a8:c4:be:86:23:b6:
6a:23:ea:68:67:62:8a:82:54:56:a9:8b:12:7b:42:a0:cc:20:
3d:22:11:42:7d:f6:59:44:4b:18:1d:20:f8:21:1c:10:d7:25:
0b:4a:39:dd:de:9d:cc:5b:fc:5a:4e:c2:85:35:6f:6d:1f:d3:
f5:43:d2:0f:df:ff:04:1b:f1:2e:8c:af:50:74:99:e2:57:5f:
50:70:db:64:0f:ff:24:a9:33:4b:31:dc:32:da:65:56:77:e0:
68:53:60:6d:9c:84:54:7b:67:56:d0:1c:46:f8:bc:17:23:1b:
6e:fe:5b:f6:f3:83:f5:b1:00:c0:8d:f0:ca:0e:d1:5c:0f:51:
0a:1f:2e:a5:24:3b:50:83:f9:07:79:01:62:fa:30:fd:1f:00:
0b:c6:1a:e1:ee:2d:20:a8:d0:0f:41:27:4e:7b:9a:6a:32:0a:
0e:a0:45:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxYk72CjZwqxV7V/galKCrnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMxMjExMTExMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmY2ZTQyZGQ4ZThlYzc3YmFlMzNmODk5NmUyNWZjYmZjMDk3YTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/avyk6Gv/sqC0odQKBgVZP5h6NH
d3wDuic+fhWV6iCgF6F6zALGsBc7542leJQPYVruuxjNsS0TIvtkDEbUwbKdA1M0
GYGszF1GmfLE+5HPi6pN6lkeF0oAQO0OQc2d+CZiPnDAh8nRrfvsFejKyplPJTlx
Z4rkMOR4f5lu884Qbj9VgLQSNxubYpkBp03V4TR+Mex+AI7L4OB/jGVp2+XQrQG8
MU97aF4B6OLh+Bcrm97mxoqtb+4r3d/hwb4mQS8LS9N3qWITWLlQSTval3MgUrWo
BBHgE6IM0E37sS2Kb24G42H7Rr/NA/VDy2X5JORGERh6lWn5RWpO5PLoXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB/25C3Y6Ox3uuM/iZbiX8v8CXo5MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvSF9ia0xkam83SGU2NHotSmx1SmZ5X3dKZWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUE+MA0G
CSqGSIb3DQEBCwUAA4IBAQBjb+qz2igNsfuL9GgMhJGMXl0EmUqkXih1mXst/VP/
YxKh/6gfQEasroRXvE1Kt/yrbQVivoV5YQ2KdnC2walodS+SQWaUn8nJWE3B52KO
QQgV5deoxL6GI7ZqI+poZ2KKglRWqYsSe0KgzCA9IhFCffZZREsYHSD4IRwQ1yUL
Sjnd3p3MW/xaTsKFNW9tH9P1Q9IP3/8EG/EujK9QdJniV19QcNtkD/8kqTNLMdwy
2mVWd+BoU2BtnIRUe2dW0BxG+LwXIxtu/lv284P1sQDAjfDKDtFcD1EKHy6lJDtQ
g/kHeQFi+jD9HwALxhrh7i0gqNAPQSdOe5pqMgoOoEXz
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:55 2025 by rpki-client