Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/1a6f83-4ab4-4a43-a491-18ae75981d1d/1/At6axjPdtJJwtUxoMVn2x7sA0kc.roa
File: At6axjPdtJJwtUxoMVn2x7sA0kc.roa (raw, json)
Hash identifier: /YP1R6A6sxcns18l5paS1tdEhMNLs2bXTMl2jwcUk0M=
Subject key identifier: 02:DE:9A:C6:33:DD:B4:92:70:B5:4C:68:31:59:F6:C7:BB:00:D2:47
Certificate issuer: /CN=b61d9e8c9a08b23a98b14c308b80dcfbf55e5cd1
Certificate serial: 01856C53DEF1311B5474E33C897D97A952B0
Authority key identifier: B6:1D:9E:8C:9A:08:B2:3A:98:B1:4C:30:8B:80:DC:FB:F5:5E:5C:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/th2ejJoIsjqYsUwwi4Dc-_VeXNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/1a6f83-4ab4-4a43-a491-18ae75981d1d/1/At6axjPdtJJwtUxoMVn2x7sA0kc.roa
Signing time: Sun 01 Jan 2023 07:55:13 +0000
ROA not before: Sun 01 Jan 2023 07:55:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34087
IP address blocks: 152.65.32.0/19 maxlen: 19
185.161.56.0/23 maxlen: 23
185.161.56.0/22 maxlen: 22
152.65.64.0/19 maxlen: 19
84.16.216.0/24 maxlen: 24
94.246.0.0/18 maxlen: 20
152.65.0.0/19 maxlen: 19
152.65.0.0/17 maxlen: 19
89.151.192.0/18 maxlen: 20
178.164.0.0/17 maxlen: 20
178.164.0.0/23 maxlen: 23
84.16.192.0/19 maxlen: 20
217.168.80.0/20 maxlen: 20
148.252.64.0/18 maxlen: 19
152.65.96.0/19 maxlen: 19
84.52.192.0/18 maxlen: 20
85.89.0.0/19 maxlen: 20
2a01:560::/29 maxlen: 29
2a01:560::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:de:f1:31:1b:54:74:e3:3c:89:7d:97:a9:52:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b61d9e8c9a08b23a98b14c308b80dcfbf55e5cd1
Validity
Not Before: Jan 1 07:55:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02de9ac633ddb49270b54c683159f6c7bb00d247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:36:1b:52:f1:ee:aa:91:3a:18:33:be:00:4c:
f6:10:62:7b:af:c4:d3:a4:3f:88:3a:c0:3b:fa:55:
c7:3d:f7:17:2a:98:09:c0:14:96:31:1a:b5:37:ed:
71:73:d4:94:b3:91:7b:3e:38:c4:6a:ed:ad:0f:87:
34:23:d5:50:2f:c7:df:4f:61:86:f4:c1:af:5b:45:
bd:c3:6b:9b:4a:d0:2d:96:d3:46:4e:04:e5:39:7e:
c1:8b:81:82:3a:63:1b:e8:94:60:66:14:72:21:65:
a0:12:7d:fd:df:30:8f:97:e9:2f:ff:44:63:8b:95:
5f:5f:d8:5d:af:57:a0:b9:71:1c:4e:ef:d3:b4:2c:
00:d4:6c:e5:f8:90:10:d7:0a:e3:54:ef:7b:31:a0:
ab:1c:b6:ae:5e:53:42:c7:57:13:93:21:b1:31:c9:
d6:04:9d:64:20:5f:ac:85:43:20:57:f9:26:fa:9f:
03:c4:4f:1c:71:7b:7a:68:0a:cc:26:8c:1e:08:cb:
06:b4:47:dc:85:80:93:2c:90:30:46:85:72:4a:75:
17:78:78:9b:84:d6:cf:96:f2:63:71:3e:99:64:25:
58:c4:ee:de:09:e5:7b:54:70:4a:c7:4f:3f:16:cd:
9a:2e:66:f6:cb:02:f8:25:3f:b0:95:12:bd:1c:67:
bc:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:DE:9A:C6:33:DD:B4:92:70:B5:4C:68:31:59:F6:C7:BB:00:D2:47
X509v3 Authority Key Identifier:
keyid:B6:1D:9E:8C:9A:08:B2:3A:98:B1:4C:30:8B:80:DC:FB:F5:5E:5C:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/th2ejJoIsjqYsUwwi4Dc-_VeXNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1a6f83-4ab4-4a43-a491-18ae75981d1d/1/At6axjPdtJJwtUxoMVn2x7sA0kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1a6f83-4ab4-4a43-a491-18ae75981d1d/1/th2ejJoIsjqYsUwwi4Dc-_VeXNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.16.192.0/19
84.52.192.0/18
85.89.0.0/19
89.151.192.0/18
94.246.0.0/18
148.252.64.0/18
152.65.0.0/17
178.164.0.0/17
185.161.56.0/22
217.168.80.0/20
IPv6:
2a01:560::/29
Signature Algorithm: sha256WithRSAEncryption
89:29:cd:1b:71:d1:68:58:ed:13:6f:c7:f1:11:e8:5a:8a:5b:
c7:9e:da:fc:eb:43:48:e4:5a:0d:56:ae:61:b8:f3:08:cb:e0:
5a:bb:25:59:34:ca:46:9b:ac:c1:c2:c3:1d:32:b8:22:1d:04:
71:23:8c:68:e0:0a:c3:9f:7f:5a:fd:9b:b9:73:9d:9e:94:b8:
01:93:1d:6a:ea:d7:13:70:2b:c7:e7:3b:4c:8f:6d:08:60:6d:
61:71:85:6a:31:48:c6:58:9d:dd:fa:a9:e7:70:e2:2d:15:33:
8b:bb:cb:62:63:fc:ec:3d:0a:c8:4d:f3:ff:61:a8:f5:9a:fd:
18:fa:e1:62:31:20:9f:a5:88:ae:ad:17:7e:fc:b1:58:ee:8a:
ba:9c:ec:31:fe:79:e0:5f:9d:ac:3e:13:1d:c2:bf:69:f9:56:
20:01:60:d2:7a:57:72:69:c2:80:27:41:2f:12:48:1b:cf:cb:
a3:1d:0b:6c:9b:f1:ec:42:80:89:4d:4d:01:a0:4d:7b:2c:8d:
3b:44:c0:78:b5:7b:cd:df:21:b7:40:a1:e7:2a:2c:2f:4d:a3:
cd:fe:be:ab:03:01:28:b7:27:b3:f4:92:ce:3d:10:9e:5a:eb:
5c:b3:48:73:3d:cf:5b:6b:f7:ae:62:1d:cb:9d:b5:3e:4b:2c:
0b:87:1e:b6
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYVsU97xMRtUdOM8iX2XqVKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MWQ5ZThjOWEwOGIyM2E5OGIxNGMzMDhiODBkY2ZiZjU1
ZTVjZDEwHhcNMjMwMTAxMDc1NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmRlOWFjNjMzZGRiNDkyNzBiNTRjNjgzMTU5ZjZjN2JiMDBkMjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDYbUvHuqpE6GDO+AEz2EGJ7r8TT
pD+IOsA7+lXHPfcXKpgJwBSWMRq1N+1xc9SUs5F7PjjEau2tD4c0I9VQL8ffT2GG
9MGvW0W9w2ubStAtltNGTgTlOX7Bi4GCOmMb6JRgZhRyIWWgEn393zCPl+kv/0Rj
i5VfX9hdr1eguXEcTu/TtCwA1Gzl+JAQ1wrjVO97MaCrHLauXlNCx1cTkyGxMcnW
BJ1kIF+shUMgV/km+p8DxE8ccXt6aArMJoweCMsGtEfchYCTLJAwRoVySnUXeHib
hNbPlvJjcT6ZZCVYxO7eCeV7VHBKx08/Fs2aLmb2ywL4JT+wlRK9HGe8BQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFALemsYz3bSScLVMaDFZ9se7ANJHMB8GA1UdIwQY
MBaAFLYdnoyaCLI6mLFMMIuA3Pv1XlzRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGgyZWpKb0lzanFZc1V3d2k0RGMtX1ZlWE5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8xYTZmODMtNGFiNC00YTQzLWE0OTEt
MThhZTc1OTgxZDFkLzEvQXQ2YXhqUGR0Skp3dFV4b01WbjJ4N3NBMGtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8xYTZmODMtNGFiNC00YTQzLWE0OTEtMThhZTc1OTgxZDFk
LzEvdGgyZWpKb0lzanFZc1V3d2k0RGMtX1ZlWE5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQFVBDAAwQG
VDTAAwQFVVkAAwQGWZfAAwQGXvYAAwQGlPxAAwQHmEEAAwQHsqQAAwQCuaE4AwQE
2ahQMA0EAgACMAcDBQMqAQVgMA0GCSqGSIb3DQEBCwUAA4IBAQCJKc0bcdFoWO0T
b8fxEehailvHntr860NI5FoNVq5huPMIy+BauyVZNMpGm6zBwsMdMrgiHQRxI4xo
4ArDn39a/Zu5c52elLgBkx1q6tcTcCvH5ztMj20IYG1hcYVqMUjGWJ3d+qnncOIt
FTOLu8tiY/zsPQrITfP/Yaj1mv0Y+uFiMSCfpYiurRd+/LFY7oq6nOwx/nngX52s
PhMdwr9p+VYgAWDSeldyacKAJ0EvEkgbz8ujHQtsm/HsQoCJTU0BoE17LI07RMB4
tXvN3yG3QKHnKiwvTaPN/r6rAwEotyez9JLOPRCeWutcs0hzPc9ba/euYh3LnbU+
SywLhx62
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:01 2025 by rpki-client