Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/IczYGFZun21u7JK8_bcb-xfyq04.roa
File: IczYGFZun21u7JK8_bcb-xfyq04.roa (raw, json)
Hash identifier: 94DTVZyVATE1eVjJyLkXIlYZiG4RcsRN1URGzV4dwAA=
Subject key identifier: 21:CC:D8:18:56:6E:9F:6D:6E:EC:92:BC:FD:B7:1B:FB:17:F2:AB:4E
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 0192FD2DF94D400BFE7A803AB79E2FDFA965
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/IczYGFZun21u7JK8_bcb-xfyq04.roa
Signing time: Tue 05 Nov 2024 16:35:01 +0000
ROA not before: Tue 05 Nov 2024 16:35:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 86.104.199.0/24 maxlen: 24
89.35.14.0/24 maxlen: 24
93.117.131.0/24 maxlen: 24
93.119.144.0/24 maxlen: 24
94.176.74.0/24 maxlen: 24
94.176.79.0/24 maxlen: 24
188.209.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:2d:f9:4d:40:0b:fe:7a:80:3a:b7:9e:2f:df:a9:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Nov 5 16:35:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21ccd818566e9f6d6eec92bcfdb71bfb17f2ab4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:55:0b:34:b9:89:9e:f3:57:68:3d:50:79:af:
c0:9c:43:70:a6:a8:d7:05:74:b7:b9:bd:41:c9:6e:
12:10:2f:13:2b:44:a2:60:a1:4f:08:b9:af:49:2c:
59:d0:e8:17:3b:d0:d3:b3:f2:47:55:0f:57:66:ea:
13:65:c7:90:a8:be:af:4e:7d:09:d8:08:8f:de:c9:
41:7a:9d:aa:e7:59:7e:0c:2f:78:90:1c:79:d3:58:
90:a0:fc:6e:36:7d:02:ff:d1:66:2b:98:5b:fa:bf:
c5:f4:b2:48:bd:fd:24:94:fd:54:52:da:2b:71:19:
5d:5c:6d:98:b7:8a:a7:9f:6d:93:18:e1:1e:11:d7:
d9:15:f0:b7:76:a3:d1:2d:c4:72:54:0c:34:b5:db:
da:8f:05:ca:94:d9:b7:7a:e8:d9:94:88:94:bb:ba:
04:ab:60:b0:bb:cc:20:0b:a1:85:fb:bf:16:f1:ec:
ad:3f:ea:4d:95:75:5d:58:2b:f0:ba:8f:48:ac:74:
8e:1d:d9:1a:e7:d2:91:bb:84:8f:14:92:7c:b3:ac:
40:7b:85:5d:15:f0:28:89:9e:c9:71:ec:14:1c:50:
6a:f5:e1:a9:12:06:3e:3d:85:e9:1d:d1:e5:6f:9b:
0e:9b:d7:58:b9:59:e4:ca:f5:84:48:5c:99:49:0b:
dd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:CC:D8:18:56:6E:9F:6D:6E:EC:92:BC:FD:B7:1B:FB:17:F2:AB:4E
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/IczYGFZun21u7JK8_bcb-xfyq04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.199.0/24
89.35.14.0/24
93.117.131.0/24
93.119.144.0/24
94.176.74.0/24
94.176.79.0/24
188.209.223.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:15:77:56:ee:55:89:e9:e1:00:d0:9b:23:cc:5a:85:84:73:
b4:4c:5c:75:a6:30:32:3a:97:c3:f4:e7:38:af:90:26:ea:d7:
6b:24:4c:68:48:b7:82:93:14:e3:1f:4c:80:4c:db:ac:8d:5e:
a4:bd:c0:6b:e5:26:76:29:39:ff:50:3e:84:65:dc:ca:03:66:
16:d6:cf:f5:13:92:21:15:a9:f1:e5:20:67:a5:d4:9d:a3:1e:
1a:9f:a3:42:ab:3f:06:21:e2:b1:47:78:e8:16:ee:b2:e5:d8:
ea:21:21:3e:9b:2f:fd:4a:28:46:bb:d4:91:c5:f0:fd:25:29:
71:b1:b3:cb:10:0d:cb:21:ce:f4:df:a0:48:d2:e7:fc:77:dd:
49:3d:3f:b6:85:06:1c:00:2d:af:dd:3e:75:20:bb:98:56:6a:
f0:c6:e6:95:57:43:f2:f2:d4:c0:57:f0:1a:01:11:de:d7:0e:
22:5b:76:08:33:da:ef:ce:68:04:bb:e4:63:98:e2:96:33:89:
e5:45:47:3a:3f:18:50:a3:67:08:5a:99:5d:d6:8c:98:22:13:
88:1b:57:dc:ed:23:05:09:f9:e9:ae:f0:bc:83:c8:f2:00:db:
3c:1c:b9:38:ae:43:b5:6c:94:0e:e2:77:9f:13:3d:45:02:bc:
03:30:78:e0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZL9LflNQAv+eoA6t54v36llMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjQxMTA1MTYzNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWNjZDgxODU2NmU5ZjZkNmVlYzkyYmNmZGI3MWJmYjE3ZjJhYjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVULNLmJnvNXaD1Qea/AnENwpqjX
BXS3ub1ByW4SEC8TK0SiYKFPCLmvSSxZ0OgXO9DTs/JHVQ9XZuoTZceQqL6vTn0J
2AiP3slBep2q51l+DC94kBx501iQoPxuNn0C/9FmK5hb+r/F9LJIvf0klP1UUtor
cRldXG2Yt4qnn22TGOEeEdfZFfC3dqPRLcRyVAw0tdvajwXKlNm3eujZlIiUu7oE
q2Cwu8wgC6GF+78W8eytP+pNlXVdWCvwuo9IrHSOHdka59KRu4SPFJJ8s6xAe4Vd
FfAoiZ7JcewUHFBq9eGpEgY+PYXpHdHlb5sOm9dYuVnkyvWESFyZSQvdTQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCHM2BhWbp9tbuySvP23G/sX8qtOMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvSWN6WUdGWnVuMjF1N0pLOF9iY2IteGZ5cTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVmjHAwQA
WSMOAwQAXXWDAwQAXXeQAwQAXrBKAwQAXrBPAwQAvNHfMA0GCSqGSIb3DQEBCwUA
A4IBAQDJFXdW7lWJ6eEA0JsjzFqFhHO0TFx1pjAyOpfD9Oc4r5Am6tdrJExoSLeC
kxTjH0yATNusjV6kvcBr5SZ2KTn/UD6EZdzKA2YW1s/1E5IhFanx5SBnpdSdox4a
n6NCqz8GIeKxR3joFu6y5djqISE+my/9SihGu9SRxfD9JSlxsbPLEA3LIc7036BI
0uf8d91JPT+2hQYcAC2v3T51ILuYVmrwxuaVV0Py8tTAV/AaARHe1w4iW3YIM9rv
zmgEu+RjmOKWM4nlRUc6PxhQo2cIWpld1oyYIhOIG1fc7SMFCfnprvC8g8jyANs8
HLk4rkO1bJQO4nefEz1FArwDMHjg
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:15 2025 by rpki-client