Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/d81e08-19c1-434a-bd06-474106e5c687/1/BdX5iKTo-k3wUI2x5ZEk3C8TZrc.roa
File: BdX5iKTo-k3wUI2x5ZEk3C8TZrc.roa (raw, json)
Hash identifier: wmSIweOlqkf7vsDlG0Q21aNCXe6xGYbzaBgOXw8Yry8=
Subject key identifier: 05:D5:F9:88:A4:E8:FA:4D:F0:50:8D:B1:E5:91:24:DC:2F:13:66:B7
Certificate issuer: /CN=2c57dd0f9a03833e74e47b990f1a4895b52104a4
Certificate serial: 018D13D7EC99C25CE74DF589A7654E3FA8EF
Authority key identifier: 2C:57:DD:0F:9A:03:83:3E:74:E4:7B:99:0F:1A:48:95:B5:21:04:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LFfdD5oDgz505HuZDxpIlbUhBKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/d81e08-19c1-434a-bd06-474106e5c687/1/BdX5iKTo-k3wUI2x5ZEk3C8TZrc.roa
Signing time: Tue 16 Jan 2024 19:55:34 +0000
ROA not before: Tue 16 Jan 2024 19:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 62.204.36.0/24 maxlen: 24
80.91.209.0/24 maxlen: 24
146.19.187.0/24 maxlen: 24
195.96.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:ec:99:c2:5c:e7:4d:f5:89:a7:65:4e:3f:a8:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c57dd0f9a03833e74e47b990f1a4895b52104a4
Validity
Not Before: Jan 16 19:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05d5f988a4e8fa4df0508db1e59124dc2f1366b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:45:35:1e:70:a4:e4:28:5e:b0:b1:3f:55:b1:
12:c6:d9:54:01:14:af:ce:1f:fa:22:61:72:32:d9:
c8:49:09:ad:0d:bd:49:0c:6d:e2:ba:b0:99:45:4f:
a1:65:9f:e0:8f:b4:93:e2:0b:0d:ca:e4:72:61:02:
05:8c:e9:97:a0:18:32:35:74:f5:dc:a3:b2:ba:aa:
5c:39:5d:71:83:5f:c1:0d:73:f8:a3:e4:a6:16:10:
3e:ce:3c:1a:62:6c:85:fe:ab:62:35:e6:4b:2b:1d:
56:78:95:6f:81:2c:07:a6:32:c8:92:2e:8f:5f:fb:
41:ec:e8:c9:8a:af:f8:7a:5e:1c:38:aa:de:86:14:
e1:d1:bc:92:08:53:0a:1a:4c:24:80:19:26:32:4a:
68:7d:dd:25:6a:13:ba:3d:23:a9:d6:3b:51:ee:bf:
9d:19:35:27:d5:cb:c6:11:0d:fa:93:43:a7:06:4d:
48:c3:65:ab:25:8e:39:10:91:34:1e:ef:68:55:24:
15:00:4d:88:82:3a:26:a5:9a:ca:a9:84:85:4c:a6:
6d:8b:6b:b1:c4:5e:fb:25:b7:9c:61:79:04:06:b6:
eb:6f:0d:0f:d3:d6:a0:81:04:6c:47:15:65:6c:5c:
e3:00:67:b4:f3:74:09:37:42:88:88:14:cb:60:bf:
07:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D5:F9:88:A4:E8:FA:4D:F0:50:8D:B1:E5:91:24:DC:2F:13:66:B7
X509v3 Authority Key Identifier:
keyid:2C:57:DD:0F:9A:03:83:3E:74:E4:7B:99:0F:1A:48:95:B5:21:04:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LFfdD5oDgz505HuZDxpIlbUhBKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d81e08-19c1-434a-bd06-474106e5c687/1/BdX5iKTo-k3wUI2x5ZEk3C8TZrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d81e08-19c1-434a-bd06-474106e5c687/1/LFfdD5oDgz505HuZDxpIlbUhBKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.36.0/24
80.91.209.0/24
146.19.187.0/24
195.96.136.0/24
Signature Algorithm: sha256WithRSAEncryption
02:1b:2b:0f:71:b3:8f:b9:ae:77:a8:9a:a2:0d:93:14:ae:d9:
9e:4c:bb:96:f7:0b:b6:f0:f6:78:fd:3e:95:a8:e6:37:0f:6d:
ea:f2:67:56:dc:91:48:fd:98:f9:6b:5a:c2:1f:e8:30:05:27:
e1:f8:22:79:d6:da:c4:45:3b:1c:4f:e0:44:45:65:8c:fd:0b:
a6:7b:26:97:8a:b9:8e:b4:5a:03:b6:6e:41:17:57:de:65:ea:
5d:84:cc:54:a7:43:58:6b:59:c0:27:e1:85:dd:82:a7:a4:74:
0e:01:ce:44:a6:e5:86:03:ca:ed:24:22:c3:18:b4:35:14:0d:
20:ae:ab:94:72:de:1a:e1:6e:b9:fb:b2:a5:cd:60:3b:b1:4d:
bb:41:32:7b:c3:48:c8:87:ae:b8:37:a8:2f:28:7f:82:d4:d5:
08:1f:90:ad:ed:6c:e2:68:0c:96:52:c5:bb:2f:b2:cf:a5:c1:
9f:f2:ab:bc:3f:f6:e2:71:e7:ec:53:67:fc:b3:43:a8:7f:f6:
5e:d4:f3:3e:a3:b8:4f:44:8c:02:d4:d8:d9:73:e4:96:a6:cf:
61:1c:4a:c2:96:b3:e3:fe:7c:12:f0:70:53:25:e0:45:75:7b:
d5:9e:5a:a0:ee:50:35:1b:b4:9e:19:a2:1e:0d:50:8a:b2:4f:
a9:7f:33:70
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0T1+yZwlznTfWJp2VOP6jvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNTdkZDBmOWEwMzgzM2U3NGU0N2I5OTBmMWE0ODk1YjUy
MTA0YTQwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQ1Zjk4OGE0ZThmYTRkZjA1MDhkYjFlNTkxMjRkYzJmMTM2NmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10U1HnCk5ChesLE/VbESxtlUARSv
zh/6ImFyMtnISQmtDb1JDG3iurCZRU+hZZ/gj7ST4gsNyuRyYQIFjOmXoBgyNXT1
3KOyuqpcOV1xg1/BDXP4o+SmFhA+zjwaYmyF/qtiNeZLKx1WeJVvgSwHpjLIki6P
X/tB7OjJiq/4el4cOKrehhTh0bySCFMKGkwkgBkmMkpofd0lahO6PSOp1jtR7r+d
GTUn1cvGEQ36k0OnBk1Iw2WrJY45EJE0Hu9oVSQVAE2IgjompZrKqYSFTKZti2ux
xF77JbecYXkEBrbrbw0P09aggQRsRxVlbFzjAGe083QJN0KIiBTLYL8HRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAXV+Yik6PpN8FCNseWRJNwvE2a3MB8GA1UdIwQY
MBaAFCxX3Q+aA4M+dOR7mQ8aSJW1IQSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEZmZEQ1b0RnejUwNUh1WkR4cElsYlVoQktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kODFlMDgtMTljMS00MzRhLWJkMDYt
NDc0MTA2ZTVjNjg3LzEvQmRYNWlLVG8tazN3VUkyeDVaRWszQzhUWnJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9kODFlMDgtMTljMS00MzRhLWJkMDYtNDc0MTA2ZTVjNjg3
LzEvTEZmZEQ1b0RnejUwNUh1WkR4cElsYlVoQktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPswkAwQA
UFvRAwQAkhO7AwQAw2CIMA0GCSqGSIb3DQEBCwUAA4IBAQACGysPcbOPua53qJqi
DZMUrtmeTLuW9wu28PZ4/T6VqOY3D23q8mdW3JFI/Zj5a1rCH+gwBSfh+CJ51trE
RTscT+BERWWM/QumeyaXirmOtFoDtm5BF1feZepdhMxUp0NYa1nAJ+GF3YKnpHQO
Ac5EpuWGA8rtJCLDGLQ1FA0grquUct4a4W65+7KlzWA7sU27QTJ7w0jIh664N6gv
KH+C1NUIH5Ct7WziaAyWUsW7L7LPpcGf8qu8P/bicefsU2f8s0Oof/Ze1PM+o7hP
RIwC1NjZc+SWps9hHErClrPj/nwS8HBTJeBFdXvVnlqg7lA1G7SeGaIeDVCKsk+p
fzNw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:59 2024 by rpki-client on console-fra.rpki-client.org