Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/bWqIp5feLQSsJD7kwUBedChSzMo.roa
File: bWqIp5feLQSsJD7kwUBedChSzMo.roa (raw, json)
Hash identifier: 98pft1ND6Kv5gCD6BHVFSVYszWpevt8Dn2WBI256b3I=
Subject key identifier: 6D:6A:88:A7:97:DE:2D:04:AC:24:3E:E4:C1:40:5E:74:28:52:CC:CA
Certificate issuer: /CN=672f0e42b08aa451fc583a358ec370ffbd2dac68
Certificate serial: 01857169AB7347019EEF8A57A40B3636711E
Authority key identifier: 67:2F:0E:42:B0:8A:A4:51:FC:58:3A:35:8E:C3:70:FF:BD:2D:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/bWqIp5feLQSsJD7kwUBedChSzMo.roa
Signing time: Mon 02 Jan 2023 07:37:08 +0000
ROA not before: Mon 02 Jan 2023 07:37:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51776
IP address blocks: 87.238.138.0/24 maxlen: 24
87.238.137.0/24 maxlen: 24
87.238.136.0/21 maxlen: 24
87.238.142.0/24 maxlen: 24
87.238.141.0/24 maxlen: 24
185.132.128.0/22 maxlen: 24
185.188.53.0/24 maxlen: 24
185.188.52.0/24 maxlen: 24
185.188.55.0/24 maxlen: 24
185.188.54.0/24 maxlen: 24
91.201.213.0/24 maxlen: 24
91.201.212.0/24 maxlen: 24
91.201.212.0/23 maxlen: 24
2a06:56c0::/29 maxlen: 48
2a06:56c0:12::/48 maxlen: 48
2001:67c:3fc::/48 maxlen: 48
2a06:56c3::/32 maxlen: 48
2a06:56c0:11::/48 maxlen: 48
2a06:56c1:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:ab:73:47:01:9e:ef:8a:57:a4:0b:36:36:71:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=672f0e42b08aa451fc583a358ec370ffbd2dac68
Validity
Not Before: Jan 2 07:37:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d6a88a797de2d04ac243ee4c1405e742852ccca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5b:e6:83:64:a4:33:00:86:9e:85:0a:46:be:
e1:88:85:dc:97:2d:59:c6:61:29:ca:b0:2f:33:27:
b0:cb:1b:ba:b3:1b:d4:55:36:0d:c1:17:af:a2:b1:
6b:d8:76:51:1f:57:7b:7e:0b:11:0c:ce:ea:e7:e4:
60:cb:d1:f1:ca:84:e0:55:1c:e8:7f:78:8b:38:84:
9c:1e:11:c0:c9:3b:4e:d4:06:64:7a:f1:a9:ec:3d:
04:17:51:aa:1a:c6:b2:75:b3:e8:e5:71:80:15:8a:
06:a3:17:34:a9:e6:78:2f:1c:17:f9:15:9c:89:11:
bc:d2:70:b1:aa:95:34:a4:0e:0c:ea:9a:97:f2:a9:
8c:b3:b4:f4:2d:f4:b3:47:b7:54:f3:a4:4c:fd:2f:
56:db:51:16:0c:af:a3:95:e5:ed:ad:91:ac:e3:88:
6b:6c:59:0f:5e:5f:c7:84:f9:d5:fa:17:31:e5:6b:
59:b1:00:c1:2f:5a:4f:0b:47:64:6c:59:67:3a:2c:
dd:fb:58:b2:56:2c:d2:e1:5b:b1:08:e0:eb:90:92:
f3:a6:17:03:8f:2b:7e:0a:ab:a6:a7:37:e0:4c:f6:
58:d8:64:fa:27:3c:86:fd:a4:ba:dc:45:39:93:21:
39:0c:8a:3a:f4:10:de:a8:91:b1:0b:5d:e3:ec:15:
87:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:6A:88:A7:97:DE:2D:04:AC:24:3E:E4:C1:40:5E:74:28:52:CC:CA
X509v3 Authority Key Identifier:
keyid:67:2F:0E:42:B0:8A:A4:51:FC:58:3A:35:8E:C3:70:FF:BD:2D:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/bWqIp5feLQSsJD7kwUBedChSzMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/Zy8OQrCKpFH8WDo1jsNw_70trGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.136.0/21
91.201.212.0/23
185.132.128.0/22
185.188.52.0/22
IPv6:
2001:67c:3fc::/48
2a06:56c0::/29
Signature Algorithm: sha256WithRSAEncryption
3c:3f:29:54:f2:eb:c7:16:f6:8d:85:ef:55:f3:63:55:7e:24:
52:86:58:28:6c:c4:37:8f:eb:67:9c:b8:98:8d:0b:10:e6:ec:
9a:31:c1:37:7d:e3:02:bc:da:8c:67:bf:77:43:79:ef:18:93:
87:b8:c0:47:db:6a:e3:a2:1c:f3:e9:7c:6a:18:be:71:c4:d4:
c0:3e:2a:ee:a0:38:6c:9e:88:85:56:3e:23:b6:24:a5:01:5c:
76:a4:9a:0f:5c:2d:9b:5f:00:29:19:56:07:0c:7a:6b:55:60:
66:9a:df:77:30:ef:2f:a0:92:4d:6d:6e:3c:83:6d:ae:f4:a3:
5c:75:98:78:d8:eb:5e:4d:64:69:fd:34:60:41:31:e9:22:dd:
4b:aa:57:34:16:24:fb:a2:1f:d5:a2:9c:7c:aa:df:bc:c3:ff:
73:8e:17:a1:b1:f1:52:5f:54:bc:72:1a:b4:14:9e:ab:0a:ec:
ab:57:ff:dc:30:5c:dd:e9:d1:d3:71:60:30:38:a1:81:49:69:
2a:08:ed:99:70:73:cc:f0:73:c0:a5:0e:55:f6:28:5e:39:e8:
64:b0:4f:12:8d:57:20:c6:48:15:d1:e0:fb:3f:b2:d8:20:19:
86:0d:bc:dc:1c:2b:89:1f:f5:51:30:20:5a:f4:17:59:58:46:
f3:4c:d2:39
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVxaatzRwGe74pXpAs2NnEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MmYwZTQyYjA4YWE0NTFmYzU4M2EzNThlYzM3MGZmYmQy
ZGFjNjgwHhcNMjMwMTAyMDczNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDZhODhhNzk3ZGUyZDA0YWMyNDNlZTRjMTQwNWU3NDI4NTJjY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplvmg2SkMwCGnoUKRr7hiIXcly1Z
xmEpyrAvMyewyxu6sxvUVTYNwRevorFr2HZRH1d7fgsRDM7q5+Rgy9HxyoTgVRzo
f3iLOIScHhHAyTtO1AZkevGp7D0EF1GqGsaydbPo5XGAFYoGoxc0qeZ4LxwX+RWc
iRG80nCxqpU0pA4M6pqX8qmMs7T0LfSzR7dU86RM/S9W21EWDK+jleXtrZGs44hr
bFkPXl/HhPnV+hcx5WtZsQDBL1pPC0dkbFlnOizd+1iyVizS4VuxCODrkJLzphcD
jyt+CqumpzfgTPZY2GT6JzyG/aS63EU5kyE5DIo69BDeqJGxC13j7BWH4QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFG1qiKeX3i0ErCQ+5MFAXnQoUszKMB8GA1UdIwQY
MBaAFGcvDkKwiqRR/Fg6NY7DcP+9LaxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnk4T1FyQ0twRkg4V0RvMWpzTndfNzB0ckdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My81OWE2YjktY2QyMC00Y2Q3LWI0YTct
ZjBiOTYyZjUyNDE0LzEvYldxSXA1ZmVMUVNzSkQ3a3dVQmVkQ2hTek1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My81OWE2YjktY2QyMC00Y2Q3LWI0YTctZjBiOTYyZjUyNDE0
LzEvWnk4T1FyQ0twRkg4V0RvMWpzTndfNzB0ckdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQDV+6IAwQB
W8nUAwQCuYSAAwQCubw0MBYEAgACMBADBwAgAQZ8A/wDBQMqBlbAMA0GCSqGSIb3
DQEBCwUAA4IBAQA8PylU8uvHFvaNhe9V82NVfiRShlgobMQ3j+tnnLiYjQsQ5uya
McE3feMCvNqMZ793Q3nvGJOHuMBH22rjohzz6XxqGL5xxNTAPiruoDhsnoiFVj4j
tiSlAVx2pJoPXC2bXwApGVYHDHprVWBmmt93MO8voJJNbW48g22u9KNcdZh42Ote
TWRp/TRgQTHpIt1Lqlc0FiT7oh/Vopx8qt+8w/9zjhehsfFSX1S8chq0FJ6rCuyr
V//cMFzd6dHTcWAwOKGBSWkqCO2ZcHPM8HPApQ5V9iheOehksE8SjVcgxkgV0eD7
P7LYIBmGDbzcHCuJH/VRMCBa9BdZWEbzTNI5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:20 2025 by rpki-client