Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/XX_BFW9nFUFuWdOocOXp06qKt9Y.roa
File: XX_BFW9nFUFuWdOocOXp06qKt9Y.roa (raw, json)
Hash identifier: S+jr7pgWhtqI0BopolKmaN1jwVqS4E8sZd65b8xUc4E=
Subject key identifier: 5D:7F:C1:15:6F:67:15:41:6E:59:D3:A8:70:E5:E9:D3:AA:8A:B7:D6
Certificate issuer: /CN=2b8966d0f14fd59993ca4878e774fa4779036694
Certificate serial: 018C3EBA2270A73386F11AC6E3D44DC012FB
Authority key identifier: 2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/XX_BFW9nFUFuWdOocOXp06qKt9Y.roa
Signing time: Wed 06 Dec 2023 10:43:54 +0000
ROA not before: Wed 06 Dec 2023 10:43:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198682
IP address blocks: 193.176.64.0/22 maxlen: 24
109.205.0.0/21 maxlen: 24
109.71.136.0/21 maxlen: 24
185.71.148.0/22 maxlen: 24
185.230.96.0/22 maxlen: 24
185.220.72.0/22 maxlen: 24
45.88.140.0/22 maxlen: 24
2a0b:f1c0::/32 maxlen: 32
2a00:1f10::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:ba:22:70:a7:33:86:f1:1a:c6:e3:d4:4d:c0:12:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b8966d0f14fd59993ca4878e774fa4779036694
Validity
Not Before: Dec 6 10:43:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d7fc1156f6715416e59d3a870e5e9d3aa8ab7d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d0:9d:a8:1d:74:7c:b5:54:87:56:96:a6:ee:
70:6a:f6:6b:9b:82:91:d1:a9:3e:5c:e6:7e:7b:12:
3f:4d:b7:e5:cf:1e:c5:4b:a9:9c:f8:38:db:82:3c:
f4:4c:13:c2:80:a1:ab:0b:c1:be:e5:5e:5e:e6:66:
a5:fa:a8:d0:86:b2:35:4f:43:ed:f0:14:33:48:79:
cf:61:2d:33:34:b1:ba:91:ea:c4:72:c7:5d:bb:64:
73:01:97:c9:79:d0:ca:a7:63:36:c5:88:22:b2:9d:
32:dd:0d:bc:9b:c8:c2:ed:52:a8:27:d7:23:40:48:
aa:ab:83:0d:5b:39:30:3a:79:c8:fa:d3:e3:62:d4:
6a:8f:39:b8:df:07:14:05:2a:b5:a6:d9:23:66:fa:
d0:6d:8e:d4:53:fb:a7:61:36:de:51:99:6b:d4:b4:
20:f8:6a:fe:c1:b3:f6:0d:1d:5c:20:66:b3:fa:1a:
37:3c:4f:13:5e:a6:f6:6c:1f:6f:fd:e1:84:f4:a6:
54:7a:2a:87:42:43:ec:00:16:b3:ef:ed:88:fa:90:
44:93:c0:a4:0a:30:4a:68:97:ca:2d:ed:2d:f8:e5:
e9:3d:0c:52:b7:05:55:f1:90:93:dc:3f:73:61:54:
e6:49:a1:81:4b:7b:4e:7d:20:de:a2:77:3d:9a:eb:
05:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:7F:C1:15:6F:67:15:41:6E:59:D3:A8:70:E5:E9:D3:AA:8A:B7:D6
X509v3 Authority Key Identifier:
keyid:2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/XX_BFW9nFUFuWdOocOXp06qKt9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/K4lm0PFP1ZmTykh453T6R3kDZpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.140.0/22
109.71.136.0/21
109.205.0.0/21
185.71.148.0/22
185.220.72.0/22
185.230.96.0/22
193.176.64.0/22
IPv6:
2a00:1f10::/32
2a0b:f1c0::/32
Signature Algorithm: sha256WithRSAEncryption
93:48:0b:19:5a:8b:a7:3d:b1:9c:5c:b8:ea:16:db:3c:61:59:
50:cb:ff:b1:a6:fd:31:fb:5f:44:e5:2d:cc:cf:59:7d:37:ec:
c2:3b:ce:e4:24:64:6d:ea:a8:a7:e0:6a:b8:9f:b6:2e:c7:54:
a0:e1:bb:d4:9d:7b:d6:f3:82:c1:1a:c1:4b:c0:0f:ea:9d:68:
36:9b:11:d3:25:af:d8:69:c7:2a:da:68:a6:54:bf:ed:ca:7d:
1c:bd:9e:5b:71:39:c4:b2:e3:25:02:7b:6e:a8:e6:5c:b5:23:
fa:fa:15:be:91:50:65:ba:b9:78:42:8e:91:20:13:a6:2e:f5:
ef:4d:35:b5:b8:53:45:67:39:da:9c:25:26:59:7a:a8:f0:04:
a8:15:a3:5e:d6:7b:8d:81:2a:96:08:ef:23:e2:a1:3a:d0:97:
11:f8:98:12:d5:18:30:c0:29:ac:08:5f:c7:1b:bc:0f:74:8f:
37:17:e4:55:72:07:0b:64:f0:6b:24:51:19:bc:9a:b1:0d:20:
71:d1:4d:70:7d:fd:5f:d1:73:c6:f4:9e:90:b2:fb:42:7f:98:
89:58:d6:c8:fc:80:e9:d4:c4:bc:65:3c:68:6f:f2:a7:dd:e0:
d5:f6:40:2a:43:ca:7a:dd:18:19:bb:f4:93:a6:f5:10:81:b8:
14:ec:c9:2b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYw+uiJwpzOG8RrG49RNwBL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiODk2NmQwZjE0ZmQ1OTk5M2NhNDg3OGU3NzRmYTQ3Nzkw
MzY2OTQwHhcNMjMxMjA2MTA0MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDdmYzExNTZmNjcxNTQxNmU1OWQzYTg3MGU1ZTlkM2FhOGFiN2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dCdqB10fLVUh1aWpu5wavZrm4KR
0ak+XOZ+exI/Tbflzx7FS6mc+Djbgjz0TBPCgKGrC8G+5V5e5mal+qjQhrI1T0Pt
8BQzSHnPYS0zNLG6kerEcsddu2RzAZfJedDKp2M2xYgisp0y3Q28m8jC7VKoJ9cj
QEiqq4MNWzkwOnnI+tPjYtRqjzm43wcUBSq1ptkjZvrQbY7UU/unYTbeUZlr1LQg
+Gr+wbP2DR1cIGaz+ho3PE8TXqb2bB9v/eGE9KZUeiqHQkPsABaz7+2I+pBEk8Ck
CjBKaJfKLe0t+OXpPQxStwVV8ZCT3D9zYVTmSaGBS3tOfSDeonc9musFRQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFF1/wRVvZxVBblnTqHDl6dOqirfWMB8GA1UdIwQY
MBaAFCuJZtDxT9WZk8pIeOd0+kd5A2aUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvWFhfQkZXOW5GVUZ1V2RPb2NPWHAwNnFLdDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQCLViMAwQD
bUeIAwQDbc0AAwQCuUeUAwQCudxIAwQCueZgAwQCwbBAMBQEAgACMA4DBQAqAB8Q
AwUAKgvxwDANBgkqhkiG9w0BAQsFAAOCAQEAk0gLGVqLpz2xnFy46hbbPGFZUMv/
sab9MftfROUtzM9ZfTfswjvO5CRkbeqop+BquJ+2LsdUoOG71J171vOCwRrBS8AP
6p1oNpsR0yWv2GnHKtpoplS/7cp9HL2eW3E5xLLjJQJ7bqjmXLUj+voVvpFQZbq5
eEKOkSATpi717001tbhTRWc52pwlJll6qPAEqBWjXtZ7jYEqlgjvI+KhOtCXEfiY
EtUYMMAprAhfxxu8D3SPNxfkVXIHC2TwayRRGbyasQ0gcdFNcH39X9FzxvSekLL7
Qn+YiVjWyPyA6dTEvGU8aG/yp93g1fZAKkPKet0YGbv0k6b1EIG4FOzJKw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:25 2025 by rpki-client