Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1bd319-cb0d-4ea8-aee5-32c967f4d20b/1/S80sm6i19FGju4r692L12LzKYJw.roa
File: S80sm6i19FGju4r692L12LzKYJw.roa (raw, json)
Hash identifier: ulfPTgW9yCADu7jJPlzHuaQIu5WtOM1jcAR3laIemgs=
Subject key identifier: 4B:CD:2C:9B:A8:B5:F4:51:A3:BB:8A:FA:F7:62:F5:D8:BC:CA:60:9C
Certificate issuer: /CN=6e582ea417520f9300c6e0e15eccab41bfbe11b0
Certificate serial: 01856DEF6076CF19F1B4D5D5476E51CB5782
Authority key identifier: 6E:58:2E:A4:17:52:0F:93:00:C6:E0:E1:5E:CC:AB:41:BF:BE:11:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/blgupBdSD5MAxuDhXsyrQb--EbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1bd319-cb0d-4ea8-aee5-32c967f4d20b/1/S80sm6i19FGju4r692L12LzKYJw.roa
Signing time: Sun 01 Jan 2023 15:24:42 +0000
ROA not before: Sun 01 Jan 2023 15:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206495
IP address blocks: 194.150.70.0/24 maxlen: 24
194.9.56.0/23 maxlen: 23
194.150.68.0/23 maxlen: 23
194.150.71.0/24 maxlen: 24
194.9.80.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:60:76:cf:19:f1:b4:d5:d5:47:6e:51:cb:57:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e582ea417520f9300c6e0e15eccab41bfbe11b0
Validity
Not Before: Jan 1 15:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bcd2c9ba8b5f451a3bb8afaf762f5d8bcca609c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1c:63:e7:f4:e6:21:fc:a5:17:be:85:41:4a:
d8:5a:58:f7:5d:c9:49:ef:0c:90:e8:ba:29:d4:29:
4f:f6:77:69:65:1a:a4:dd:ac:8a:a1:9e:49:46:97:
c3:5e:83:c0:ed:95:72:2d:a0:75:05:ac:4c:a8:40:
1b:86:e5:f3:a3:e0:60:b2:ad:de:e1:28:64:3f:db:
d9:f8:4f:29:e6:e0:6b:89:c9:ea:aa:f5:b3:63:80:
0d:07:c2:8a:3a:64:d9:5e:30:4b:f5:6b:09:c3:c6:
b8:a0:cc:61:a3:b0:7b:3b:11:63:a0:f6:a6:90:61:
da:03:87:85:0a:30:89:82:37:21:42:d4:3f:51:cc:
dc:e2:1c:d7:ba:f2:ef:66:0d:19:64:a5:ff:e9:ef:
96:2d:e2:79:63:bc:d3:ab:c4:30:4a:6a:e9:18:70:
ac:6a:e7:41:52:ad:56:38:54:9a:dc:91:6a:90:39:
02:66:e2:ff:5e:1a:0c:14:9a:39:01:2d:68:41:fc:
96:41:6c:64:f2:0e:6f:a4:4f:ee:71:6c:8b:16:25:
8e:1d:b4:ab:5b:e6:50:34:1a:e9:d5:58:78:5d:6d:
e5:59:1a:ad:cb:70:4a:5b:28:9e:68:08:f7:25:45:
2b:d1:b2:94:2b:2f:c3:21:61:b3:07:b9:4b:fe:d1:
80:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CD:2C:9B:A8:B5:F4:51:A3:BB:8A:FA:F7:62:F5:D8:BC:CA:60:9C
X509v3 Authority Key Identifier:
keyid:6E:58:2E:A4:17:52:0F:93:00:C6:E0:E1:5E:CC:AB:41:BF:BE:11:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/blgupBdSD5MAxuDhXsyrQb--EbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1bd319-cb0d-4ea8-aee5-32c967f4d20b/1/S80sm6i19FGju4r692L12LzKYJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1bd319-cb0d-4ea8-aee5-32c967f4d20b/1/blgupBdSD5MAxuDhXsyrQb--EbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.56.0/23
194.9.80.0/23
194.150.68.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:c2:4b:1a:59:79:a3:fc:46:37:3f:0a:7c:19:b9:62:d2:aa:
95:4a:f9:42:d5:c2:16:4e:e7:8a:81:97:bb:b5:b4:a7:1d:d7:
12:c7:b0:b1:80:ea:de:60:8d:56:7c:fa:5d:98:dd:e3:fd:d9:
d7:ae:1f:a7:d6:6b:0b:f6:fa:33:e6:96:37:e4:52:06:43:26:
97:61:0c:c0:bf:eb:25:f2:6e:7c:16:05:a3:cf:a0:8d:4c:5c:
34:2f:14:38:38:cf:b6:08:f9:fc:c6:31:d5:80:f0:b0:fd:ad:
dd:97:07:78:b7:ed:11:84:05:b3:c3:cd:ce:d0:10:32:57:cb:
4c:d2:f4:8b:fa:ad:1d:27:34:f3:b9:a4:5f:c5:33:a4:ba:89:
e2:8b:35:54:f0:1f:1e:3f:ef:31:a3:6e:90:fc:5a:49:6d:b9:
43:5a:59:e8:a5:d0:4f:83:a4:0d:be:a3:90:c1:bb:05:30:24:
ff:c5:3d:6f:58:0d:ff:24:17:83:3d:29:e5:82:6a:ed:58:c0:
50:e0:54:99:dd:5b:54:54:7a:0b:59:d7:9e:99:7c:d2:ce:6c:
2e:ce:bc:3a:76:8a:c3:56:09:65:80:48:9a:e9:2e:ee:7e:9f:
f5:9a:f8:df:c2:db:25:61:52:85:57:fa:30:cb:a2:94:0e:08:
c6:f6:0e:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVt72B2zxnxtNXVR25Ry1eCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNTgyZWE0MTc1MjBmOTMwMGM2ZTBlMTVlY2NhYjQxYmZi
ZTExYjAwHhcNMjMwMTAxMTUyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmNkMmM5YmE4YjVmNDUxYTNiYjhhZmFmNzYyZjVkOGJjY2E2MDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBxj5/TmIfylF76FQUrYWlj3XclJ
7wyQ6Lop1ClP9ndpZRqk3ayKoZ5JRpfDXoPA7ZVyLaB1BaxMqEAbhuXzo+Bgsq3e
4ShkP9vZ+E8p5uBricnqqvWzY4ANB8KKOmTZXjBL9WsJw8a4oMxho7B7OxFjoPam
kGHaA4eFCjCJgjchQtQ/Uczc4hzXuvLvZg0ZZKX/6e+WLeJ5Y7zTq8QwSmrpGHCs
audBUq1WOFSa3JFqkDkCZuL/XhoMFJo5AS1oQfyWQWxk8g5vpE/ucWyLFiWOHbSr
W+ZQNBrp1Vh4XW3lWRqty3BKWyieaAj3JUUr0bKUKy/DIWGzB7lL/tGA2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEvNLJuotfRRo7uK+vdi9di8ymCcMB8GA1UdIwQY
MBaAFG5YLqQXUg+TAMbg4V7Mq0G/vhGwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmxndXBCZFNENU1BeHVEaFhzeXJRYi0tRWJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xYmQzMTktY2IwZC00ZWE4LWFlZTUt
MzJjOTY3ZjRkMjBiLzEvUzgwc202aTE5RkdqdTRyNjkyTDEyTHpLWUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xYmQzMTktY2IwZC00ZWE4LWFlZTUtMzJjOTY3ZjRkMjBi
LzEvYmxndXBCZFNENU1BeHVEaFhzeXJRYi0tRWJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwgk4AwQB
wglQAwQCwpZEMA0GCSqGSIb3DQEBCwUAA4IBAQAKwksaWXmj/EY3Pwp8Gbli0qqV
SvlC1cIWTueKgZe7tbSnHdcSx7CxgOreYI1WfPpdmN3j/dnXrh+n1msL9voz5pY3
5FIGQyaXYQzAv+sl8m58FgWjz6CNTFw0LxQ4OM+2CPn8xjHVgPCw/a3dlwd4t+0R
hAWzw83O0BAyV8tM0vSL+q0dJzTzuaRfxTOkuoniizVU8B8eP+8xo26Q/FpJbblD
WlnopdBPg6QNvqOQwbsFMCT/xT1vWA3/JBeDPSnlgmrtWMBQ4FSZ3VtUVHoLWdee
mXzSzmwuzrw6dorDVgllgEia6S7ufp/1mvjfwtslYVKFV/owy6KUDgjG9g6l
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:17 2025 by rpki-client