Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/htAIENfJGZEfAHbzNv2LblgrGaI.roa
File: htAIENfJGZEfAHbzNv2LblgrGaI.roa (raw, json)
Hash identifier: Ea/cEdcjdGYyP36vzmpEi1CBFhn0o+CYoIBE8UpFTmo=
Subject key identifier: 86:D0:08:10:D7:C9:19:91:1F:00:76:F3:36:FD:8B:6E:58:2B:19:A2
Certificate issuer: /CN=33f5ce1fc37927cb5a4e67b176c7a63b32ff6e89
Certificate serial: 018D842F1AA1FE1AE1E0A7169CDC8BB57EAD
Authority key identifier: 33:F5:CE:1F:C3:79:27:CB:5A:4E:67:B1:76:C7:A6:3B:32:FF:6E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_XOH8N5J8taTmexdsemOzL_bok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/htAIENfJGZEfAHbzNv2LblgrGaI.roa
Signing time: Wed 07 Feb 2024 15:28:15 +0000
ROA not before: Wed 07 Feb 2024 15:28:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 62.204.57.0/24 maxlen: 24
91.213.117.0/24 maxlen: 24
146.19.194.0/24 maxlen: 24
195.64.106.0/24 maxlen: 24
212.18.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:2f:1a:a1:fe:1a:e1:e0:a7:16:9c:dc:8b:b5:7e:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33f5ce1fc37927cb5a4e67b176c7a63b32ff6e89
Validity
Not Before: Feb 7 15:28:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86d00810d7c919911f0076f336fd8b6e582b19a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:11:1c:6b:b8:45:3b:7c:f9:9c:7a:c2:7c:f6:
38:6d:af:e8:ab:2f:24:a9:04:9e:c9:93:0c:4b:90:
4d:a6:27:c5:00:62:83:d3:26:d0:1a:0a:52:63:55:
09:55:c5:11:c6:b2:aa:5f:e0:5f:31:bc:6b:45:f3:
a5:45:4a:34:d0:58:b7:36:ae:2c:14:2a:b5:ec:d7:
e5:e7:72:ba:a9:6b:2c:0e:4e:3e:9c:5c:81:ed:8a:
24:4e:6e:3f:6f:5e:ba:96:77:b1:04:c4:09:c7:2a:
4c:cc:75:5e:88:ca:dd:9d:1c:5c:f9:18:3d:4e:65:
4c:90:5a:de:46:9b:2d:45:5a:ee:24:28:ed:74:e0:
53:e7:e5:28:88:e8:5c:cd:4f:41:60:0f:ea:3f:2d:
72:47:4e:15:cc:a1:af:bd:31:c3:f2:45:05:94:57:
68:94:39:37:46:36:86:f3:d5:4f:52:7a:9e:22:02:
d8:56:13:69:29:de:d1:90:df:50:62:c7:f8:67:27:
66:9e:da:01:af:cd:15:50:f5:99:00:d7:d5:2f:87:
41:34:05:18:08:da:f1:68:79:33:d4:ec:cd:ed:93:
bf:e9:32:f9:83:54:29:f3:e5:bd:e8:9e:2e:2a:2d:
18:06:12:bc:63:1c:60:b3:2d:46:6e:11:a8:de:f0:
1f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D0:08:10:D7:C9:19:91:1F:00:76:F3:36:FD:8B:6E:58:2B:19:A2
X509v3 Authority Key Identifier:
keyid:33:F5:CE:1F:C3:79:27:CB:5A:4E:67:B1:76:C7:A6:3B:32:FF:6E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_XOH8N5J8taTmexdsemOzL_bok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/htAIENfJGZEfAHbzNv2LblgrGaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/M_XOH8N5J8taTmexdsemOzL_bok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.57.0/24
91.213.117.0/24
146.19.194.0/24
195.64.106.0/24
212.18.103.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:82:1f:52:23:75:9e:c0:c3:55:d8:df:4f:07:3d:fb:d3:0b:
6b:d7:0c:89:b7:c7:d8:66:ff:84:8d:77:0c:90:09:15:89:8c:
4a:e1:fd:c8:74:ea:45:af:90:4b:65:f9:44:34:63:26:07:39:
0d:ad:4f:74:43:87:b7:b1:d3:12:43:78:54:7d:69:84:b2:4a:
3c:58:8c:1f:57:5f:c2:37:b2:99:f3:57:8b:41:ac:51:9d:0b:
e4:07:cd:21:da:7e:72:b3:0f:88:83:91:a4:d8:fd:cd:a4:94:
0d:45:21:9a:9f:3f:16:5f:5f:6a:05:b1:46:4d:34:78:b2:29:
1a:e0:3d:64:33:d0:0f:06:38:c5:d1:75:b2:b3:68:c7:62:08:
00:e2:46:a4:04:17:e9:b2:76:d7:96:0b:ea:e1:c3:e2:96:ac:
2e:ae:5d:b3:0a:bc:e8:4c:fe:50:40:47:e5:46:ec:3e:41:1d:
0a:67:df:88:cd:62:99:ab:63:6f:00:28:ad:2c:be:a4:97:2c:
d8:0d:ef:6f:37:d7:48:48:e5:9d:73:1e:4c:d3:c7:24:bb:e3:
08:70:31:a5:f6:f8:a1:40:02:b2:c9:cb:8a:2b:b6:82:c4:a5:
f1:5d:ba:fd:ed:72:6c:50:11:00:57:29:8b:33:03:b0:b6:89:
5b:3c:d6:96
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY2ELxqh/hrh4KcWnNyLtX6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZjVjZTFmYzM3OTI3Y2I1YTRlNjdiMTc2YzdhNjNiMzJm
ZjZlODkwHhcNMjQwMjA3MTUyODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmQwMDgxMGQ3YzkxOTkxMWYwMDc2ZjMzNmZkOGI2ZTU4MmIxOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyREca7hFO3z5nHrCfPY4ba/oqy8k
qQSeyZMMS5BNpifFAGKD0ybQGgpSY1UJVcURxrKqX+BfMbxrRfOlRUo00Fi3Nq4s
FCq17Nfl53K6qWssDk4+nFyB7YokTm4/b166lnexBMQJxypMzHVeiMrdnRxc+Rg9
TmVMkFreRpstRVruJCjtdOBT5+UoiOhczU9BYA/qPy1yR04VzKGvvTHD8kUFlFdo
lDk3RjaG89VPUnqeIgLYVhNpKd7RkN9QYsf4ZydmntoBr80VUPWZANfVL4dBNAUY
CNrxaHkz1OzN7ZO/6TL5g1Qp8+W96J4uKi0YBhK8Yxxgsy1GbhGo3vAfbwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIbQCBDXyRmRHwB28zb9i25YKxmiMB8GA1UdIwQY
MBaAFDP1zh/DeSfLWk5nsXbHpjsy/26JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTV9YT0g4TjVKOHRhVG1leGRzZW1PekxfYm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zYmI5ZDgtYmY1NC00ZThmLTgzZTUt
M2ZmYzAxZmNiZmI2LzEvaHRBSUVOZkpHWkVmQUhiek52MkxibGdyR2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zYmI5ZDgtYmY1NC00ZThmLTgzZTUtM2ZmYzAxZmNiZmI2
LzEvTV9YT0g4TjVKOHRhVG1leGRzZW1PekxfYm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPsw5AwQA
W9V1AwQAkhPCAwQAw0BqAwQA1BJnMA0GCSqGSIb3DQEBCwUAA4IBAQCegh9SI3We
wMNV2N9PBz370wtr1wyJt8fYZv+EjXcMkAkViYxK4f3IdOpFr5BLZflENGMmBzkN
rU90Q4e3sdMSQ3hUfWmEsko8WIwfV1/CN7KZ81eLQaxRnQvkB80h2n5ysw+Ig5Gk
2P3NpJQNRSGanz8WX19qBbFGTTR4sika4D1kM9APBjjF0XWys2jHYggA4kakBBfp
snbXlgvq4cPilqwurl2zCrzoTP5QQEflRuw+QR0KZ9+IzWKZq2NvACitLL6klyzY
De9vN9dISOWdcx5M08cku+MIcDGl9vihQAKyycuKK7aCxKXxXbr97XJsUBEAVymL
MwOwtolbPNaW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:38 2025 by rpki-client