Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c26261-e8ef-4fb7-8722-0ab475f9a9a3/1/bnZl71Yqvg4fKAwLep6qT8mMljU.roa
File: bnZl71Yqvg4fKAwLep6qT8mMljU.roa (raw, json)
Hash identifier: u/K+KG3UjK5oRYbj1DBWdPck7tnq8jBpWR4RErMWi/c=
Subject key identifier: 6E:76:65:EF:56:2A:BE:0E:1F:28:0C:0B:7A:9E:AA:4F:C9:8C:96:35
Certificate issuer: /CN=965c5ab9c091ab3c4505068a92ffcb019849aa78
Certificate serial: 01856F5DBFA8E504AC4E8469CB0BEADD30CB
Authority key identifier: 96:5C:5A:B9:C0:91:AB:3C:45:05:06:8A:92:FF:CB:01:98:49:AA:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/llxaucCRqzxFBQaKkv_LAZhJqng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c26261-e8ef-4fb7-8722-0ab475f9a9a3/1/bnZl71Yqvg4fKAwLep6qT8mMljU.roa
Signing time: Sun 01 Jan 2023 22:04:52 +0000
ROA not before: Sun 01 Jan 2023 22:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206920
IP address blocks: 185.56.100.0/22 maxlen: 24
145.255.56.0/21 maxlen: 24
94.126.0.0/21 maxlen: 24
82.134.128.0/18 maxlen: 18
2a03:fb80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:bf:a8:e5:04:ac:4e:84:69:cb:0b:ea:dd:30:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=965c5ab9c091ab3c4505068a92ffcb019849aa78
Validity
Not Before: Jan 1 22:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e7665ef562abe0e1f280c0b7a9eaa4fc98c9635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:09:2b:c8:5a:42:dc:f3:bf:79:e9:bd:a5:e0:
91:a6:a0:52:f1:23:f7:d5:01:fd:00:0e:50:eb:5f:
ac:17:8d:4f:d8:6d:bf:f3:d4:8b:e2:80:79:ac:2d:
b9:f6:c3:3c:65:40:4a:ff:4f:90:e6:a3:95:38:0a:
78:58:f9:19:f4:54:a4:80:8b:09:fc:32:50:b5:c2:
d1:fa:c8:c4:75:59:f6:32:a5:6a:e1:41:64:d2:dd:
fa:ea:28:2a:e6:b9:fe:f0:42:1d:97:10:5a:42:2d:
69:6f:f0:71:22:af:ca:32:a5:c0:be:7b:28:0f:d3:
e3:f3:d4:a6:02:2d:73:bb:18:bd:1b:c9:83:b6:27:
ce:c8:46:8a:90:87:7b:7f:a0:29:46:5a:9a:68:e1:
21:a7:d0:35:a7:80:eb:a1:fb:13:2d:e7:c7:d0:86:
b0:d3:e3:42:78:8f:71:b5:5a:fd:1a:f1:2c:19:a9:
00:36:9a:7f:fb:32:f6:4c:08:4b:99:79:cb:b9:7f:
26:f2:f3:0a:15:02:01:e0:e1:b2:bb:30:32:fa:2b:
9e:be:18:d8:36:4f:ac:9c:05:99:8f:27:e2:7a:79:
ce:90:b2:32:d6:e7:8c:5a:3c:69:d0:75:99:b8:71:
22:e1:c4:94:c4:65:1e:c4:8c:8f:88:73:06:a7:ce:
e0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:76:65:EF:56:2A:BE:0E:1F:28:0C:0B:7A:9E:AA:4F:C9:8C:96:35
X509v3 Authority Key Identifier:
keyid:96:5C:5A:B9:C0:91:AB:3C:45:05:06:8A:92:FF:CB:01:98:49:AA:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/llxaucCRqzxFBQaKkv_LAZhJqng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c26261-e8ef-4fb7-8722-0ab475f9a9a3/1/bnZl71Yqvg4fKAwLep6qT8mMljU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c26261-e8ef-4fb7-8722-0ab475f9a9a3/1/llxaucCRqzxFBQaKkv_LAZhJqng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.134.128.0/18
94.126.0.0/21
145.255.56.0/21
185.56.100.0/22
IPv6:
2a03:fb80::/32
Signature Algorithm: sha256WithRSAEncryption
2a:f5:73:cb:db:e3:6e:27:7e:9a:64:fd:58:84:0c:93:36:7b:
ad:d9:2f:6b:b9:e5:dc:88:a9:b9:c7:fa:86:4a:ed:15:03:d6:
41:be:5d:24:3c:cb:0b:52:10:b1:52:41:86:3d:11:e4:2b:86:
7c:10:82:85:1b:2b:8f:15:ce:56:db:dd:f8:19:79:f9:96:38:
7b:ab:0b:b7:42:ab:40:12:10:9e:e2:97:51:af:8a:6b:56:cc:
c9:3e:fd:52:3a:9d:83:78:2c:65:14:37:7c:3e:8a:13:42:76:
1b:07:c3:21:e0:71:d0:5b:4c:18:cb:56:26:2a:27:aa:b7:51:
44:0d:06:62:ac:de:a0:93:3d:80:38:33:2a:6d:00:39:0f:be:
f5:83:fa:d2:f7:3e:15:c8:f1:82:bc:27:dd:c3:36:42:82:1d:
a0:25:c8:59:99:36:4d:ae:0d:0c:be:a4:6a:6a:af:c3:20:70:
48:8c:8b:37:0d:de:d2:22:78:65:e6:94:b7:b4:92:ee:9e:6a:
10:6e:c0:6c:fc:37:3f:06:83:23:b8:b6:2d:89:e7:e8:32:6b:
aa:49:99:9c:4f:de:b0:89:ec:d3:67:46:d2:2f:99:93:df:3d:
a8:34:8a:f8:80:74:20:26:b7:51:c9:ad:92:76:6f:bd:53:e3:
8a:0d:6e:e5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvXb+o5QSsToRpywvq3TDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NWM1YWI5YzA5MWFiM2M0NTA1MDY4YTkyZmZjYjAxOTg0
OWFhNzgwHhcNMjMwMTAxMjIwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTc2NjVlZjU2MmFiZTBlMWYyODBjMGI3YTllYWE0ZmM5OGM5NjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngkryFpC3PO/eem9peCRpqBS8SP3
1QH9AA5Q61+sF41P2G2/89SL4oB5rC259sM8ZUBK/0+Q5qOVOAp4WPkZ9FSkgIsJ
/DJQtcLR+sjEdVn2MqVq4UFk0t366igq5rn+8EIdlxBaQi1pb/BxIq/KMqXAvnso
D9Pj89SmAi1zuxi9G8mDtifOyEaKkId7f6ApRlqaaOEhp9A1p4DrofsTLefH0Iaw
0+NCeI9xtVr9GvEsGakANpp/+zL2TAhLmXnLuX8m8vMKFQIB4OGyuzAy+iuevhjY
Nk+snAWZjyfiennOkLIy1ueMWjxp0HWZuHEi4cSUxGUexIyPiHMGp87gywIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFG52Ze9WKr4OHygMC3qeqk/JjJY1MB8GA1UdIwQY
MBaAFJZcWrnAkas8RQUGipL/ywGYSap4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGx4YXVjQ1JxenhGQlFhS2t2X0xBWmhKcW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMjYyNjEtZThlZi00ZmI3LTg3MjIt
MGFiNDc1ZjlhOWEzLzEvYm5abDcxWXF2ZzRmS0F3TGVwNnFUOG1NbGpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMjYyNjEtZThlZi00ZmI3LTg3MjItMGFiNDc1ZjlhOWEz
LzEvbGx4YXVjQ1JxenhGQlFhS2t2X0xBWmhKcW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGUoaAAwQD
Xn4AAwQDkf84AwQCuThkMA0EAgACMAcDBQAqA/uAMA0GCSqGSIb3DQEBCwUAA4IB
AQAq9XPL2+NuJ36aZP1YhAyTNnut2S9rueXciKm5x/qGSu0VA9ZBvl0kPMsLUhCx
UkGGPRHkK4Z8EIKFGyuPFc5W2934GXn5ljh7qwu3QqtAEhCe4pdRr4prVszJPv1S
Op2DeCxlFDd8PooTQnYbB8Mh4HHQW0wYy1YmKieqt1FEDQZirN6gkz2AODMqbQA5
D771g/rS9z4VyPGCvCfdwzZCgh2gJchZmTZNrg0MvqRqaq/DIHBIjIs3Dd7SInhl
5pS3tJLunmoQbsBs/Dc/BoMjuLYtiefoMmuqSZmcT96wiezTZ0bSL5mT3z2oNIr4
gHQgJrdRya2Sdm+9U+OKDW7l
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:27:18 2025 by rpki-client