Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5073f7-8d19-483b-af32-32361b3d782d/1/sQqbsGEsADtMSoClL-1_S44YbLM.roa
File: sQqbsGEsADtMSoClL-1_S44YbLM.roa (raw, json)
Hash identifier: BTpGwOXbNmhQS86c/uu2rotZbVje+dpkJm9n+RXwn7w=
Subject key identifier: B1:0A:9B:B0:61:2C:00:3B:4C:4A:80:A5:2F:ED:7F:4B:8E:18:6C:B3
Certificate issuer: /CN=bb7436808a737c5edc65256c74578be35ec41009
Certificate serial: 018746A9A1075A19C0FA68539866B958FDD4
Authority key identifier: BB:74:36:80:8A:73:7C:5E:DC:65:25:6C:74:57:8B:E3:5E:C4:10:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u3Q2gIpzfF7cZSVsdFeL417EEAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/5073f7-8d19-483b-af32-32361b3d782d/1/sQqbsGEsADtMSoClL-1_S44YbLM.roa
Signing time: Mon 03 Apr 2023 10:28:54 +0000
ROA not before: Mon 03 Apr 2023 10:28:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24875
IP address blocks: 194.62.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:a9:a1:07:5a:19:c0:fa:68:53:98:66:b9:58:fd:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb7436808a737c5edc65256c74578be35ec41009
Validity
Not Before: Apr 3 10:28:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b10a9bb0612c003b4c4a80a52fed7f4b8e186cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:14:d9:79:fb:1f:a1:fd:37:53:36:31:7e:56:
71:a3:34:f8:ba:36:0e:87:fe:2c:c5:0b:f5:50:dd:
83:07:f0:24:a2:fc:5b:9d:5e:68:d4:91:d0:ee:86:
a0:9b:1c:a9:9e:0e:27:91:a9:10:08:46:08:bc:aa:
aa:f7:23:eb:48:12:9d:29:70:1b:c9:06:71:2c:22:
27:c3:ca:1f:01:5e:51:6c:48:9f:81:4b:61:29:52:
44:35:67:13:b7:15:2c:bf:c0:c8:9a:39:ec:fb:93:
f7:40:72:ea:a2:83:80:73:d2:ef:7a:7c:e8:78:b1:
1a:dc:58:cc:54:99:b0:47:7f:af:1c:24:98:90:a6:
7e:64:dd:0f:b8:7e:3b:01:25:d6:70:7a:59:d4:c8:
f0:88:e1:60:a4:ba:64:ea:1c:e6:b3:e9:46:40:5a:
9d:bc:db:3f:47:f2:12:30:0b:b4:0a:bf:c1:96:d5:
b1:6f:13:d9:d5:b0:6a:5f:61:80:4e:a1:ae:1c:3c:
3e:0a:8e:46:d3:2b:3a:10:69:57:bf:ef:8e:08:51:
07:3e:b7:69:c9:32:f3:cb:ec:ad:c3:fe:ae:16:fc:
67:e2:29:f0:31:71:33:fb:ac:ac:10:15:db:9a:b1:
16:46:9b:d6:af:11:70:2a:2a:20:aa:af:d4:19:f6:
0f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:0A:9B:B0:61:2C:00:3B:4C:4A:80:A5:2F:ED:7F:4B:8E:18:6C:B3
X509v3 Authority Key Identifier:
keyid:BB:74:36:80:8A:73:7C:5E:DC:65:25:6C:74:57:8B:E3:5E:C4:10:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u3Q2gIpzfF7cZSVsdFeL417EEAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5073f7-8d19-483b-af32-32361b3d782d/1/sQqbsGEsADtMSoClL-1_S44YbLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5073f7-8d19-483b-af32-32361b3d782d/1/u3Q2gIpzfF7cZSVsdFeL417EEAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.16.0/24
Signature Algorithm: sha256WithRSAEncryption
49:cc:c7:d1:20:95:2e:68:92:99:bb:16:f6:7e:c7:a4:79:9b:
ac:19:1f:a2:04:cb:9b:b5:3d:67:87:10:11:81:c9:e1:82:fa:
7c:77:b2:a4:42:fb:83:8d:61:0b:b4:fb:89:ca:80:2a:84:5a:
74:f5:68:95:b3:04:b1:43:70:07:a6:c4:15:f0:5b:76:68:93:
0c:b6:e3:46:c6:43:7f:42:aa:10:a1:05:ea:b6:6d:93:46:04:
54:95:1c:18:a3:1e:e5:bb:4c:bc:3b:d5:8f:5d:8b:ad:0a:2d:
80:d5:8b:ce:df:75:c5:22:a7:cb:c6:5e:2a:cc:df:a2:28:17:
59:a4:09:65:a7:e2:a2:6b:a1:66:11:00:56:33:94:91:60:58:
95:87:1d:b1:f7:f0:6f:2a:e7:fb:1f:14:46:f7:fa:0e:10:c4:
d8:be:ad:38:3b:3a:5d:69:46:e0:a1:18:82:51:55:86:41:cf:
db:fa:a5:69:53:12:17:09:f0:9c:1d:e6:ba:ba:a9:ce:00:ce:
4e:7f:62:04:1f:b2:7b:8d:0f:49:7f:2e:5d:b6:30:47:46:4a:
6c:31:f5:75:3e:5a:25:11:70:6a:5d:49:82:e4:56:cb:e0:20:
f2:8c:60:c8:ea:63:dc:7f:e3:e3:ab:72:23:22:d9:5c:2a:2a:
6d:f7:4a:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdGqaEHWhnA+mhTmGa5WP3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNzQzNjgwOGE3MzdjNWVkYzY1MjU2Yzc0NTc4YmUzNWVj
NDEwMDkwHhcNMjMwNDAzMTAyODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTBhOWJiMDYxMmMwMDNiNGM0YTgwYTUyZmVkN2Y0YjhlMTg2Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BTZefsfof03UzYxflZxozT4ujYO
h/4sxQv1UN2DB/AkovxbnV5o1JHQ7oagmxypng4nkakQCEYIvKqq9yPrSBKdKXAb
yQZxLCInw8ofAV5RbEifgUthKVJENWcTtxUsv8DImjns+5P3QHLqooOAc9Lvenzo
eLEa3FjMVJmwR3+vHCSYkKZ+ZN0PuH47ASXWcHpZ1MjwiOFgpLpk6hzms+lGQFqd
vNs/R/ISMAu0Cr/BltWxbxPZ1bBqX2GATqGuHDw+Co5G0ys6EGlXv++OCFEHPrdp
yTLzy+ytw/6uFvxn4inwMXEz+6ysEBXbmrEWRpvWrxFwKiogqq/UGfYPfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLEKm7BhLAA7TEqApS/tf0uOGGyzMB8GA1UdIwQY
MBaAFLt0NoCKc3xe3GUlbHRXi+NexBAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTNRMmdJcHpmRjdjWlNWc2RGZUw0MTdFRUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81MDczZjctOGQxOS00ODNiLWFmMzIt
MzIzNjFiM2Q3ODJkLzEvc1FxYnNHRXNBRHRNU29DbEwtMV9TNDRZYkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS81MDczZjctOGQxOS00ODNiLWFmMzItMzIzNjFiM2Q3ODJk
LzEvdTNRMmdJcHpmRjdjWlNWc2RGZUw0MTdFRUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwj4QMA0G
CSqGSIb3DQEBCwUAA4IBAQBJzMfRIJUuaJKZuxb2fsekeZusGR+iBMubtT1nhxAR
gcnhgvp8d7KkQvuDjWELtPuJyoAqhFp09WiVswSxQ3AHpsQV8Ft2aJMMtuNGxkN/
QqoQoQXqtm2TRgRUlRwYox7lu0y8O9WPXYutCi2A1YvO33XFIqfLxl4qzN+iKBdZ
pAllp+Kia6FmEQBWM5SRYFiVhx2x9/BvKuf7HxRG9/oOEMTYvq04OzpdaUbgoRiC
UVWGQc/b+qVpUxIXCfCcHea6uqnOAM5Of2IEH7J7jQ9Jfy5dtjBHRkpsMfV1Plol
EXBqXUmC5FbL4CDyjGDI6mPcf+Pjq3IjItlcKipt90pg
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:23 2025 by rpki-client