Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/bZhcYDRGuak__doT2fQkvqKhRpM.roa
File: bZhcYDRGuak__doT2fQkvqKhRpM.roa (raw, json)
Hash identifier: V0NBnVhP5OckgRiEymReNcLya3T42i253bokKg3jbUI=
Subject key identifier: 6D:98:5C:60:34:46:B9:A9:3F:FD:DA:13:D9:F4:24:BE:A2:A1:46:93
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018BDD248AD9C342DB622C6634984885E0D9
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/bZhcYDRGuak__doT2fQkvqKhRpM.roa
Signing time: Fri 17 Nov 2023 11:57:21 +0000
ROA not before: Fri 17 Nov 2023 11:57:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211376
IP address blocks: 5.180.107.0/24 maxlen: 24
45.131.1.114/32 maxlen: 32
194.116.228.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
194.116.228.174/32 maxlen: 32
45.131.1.0/24 maxlen: 24
2a0f:b700::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dd:24:8a:d9:c3:42:db:62:2c:66:34:98:48:85:e0:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Nov 17 11:57:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d985c603446b9a93ffdda13d9f424bea2a14693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:46:be:8f:21:4e:c1:70:59:17:15:d7:d2:ea:
6c:af:9b:2f:08:d6:3e:de:4d:74:dc:5d:f5:cf:d8:
bc:2d:09:73:97:a6:68:aa:1c:d9:a3:c2:ff:da:8b:
30:43:d8:23:4d:21:a2:09:95:bb:66:d0:38:83:4f:
dc:ff:51:a1:a8:d2:39:1a:3e:f9:31:e3:13:69:45:
f8:6c:49:e3:b2:85:25:1d:8a:c1:84:ea:11:a5:0b:
0c:c2:11:11:fd:2c:1a:cb:53:d7:5b:09:3c:17:51:
98:14:c0:c4:f3:aa:da:f8:3c:cf:f4:5c:aa:e2:8e:
17:5e:a1:47:89:1f:94:d9:6d:10:93:68:78:33:87:
7a:fa:15:56:72:5c:76:51:2d:43:37:e6:12:e3:e4:
99:00:ab:0b:01:aa:b6:87:2b:ac:5c:ef:c9:b8:8e:
1e:6a:d8:79:e5:1d:e2:00:75:c3:b8:54:80:82:88:
31:65:2c:a9:11:15:ab:9a:eb:67:04:cc:c8:f6:3f:
c1:88:39:24:f0:e5:79:3b:2b:94:b9:26:88:ba:1c:
31:cd:4c:58:75:63:48:8a:82:84:c1:19:69:6c:0a:
0a:ae:ef:c9:42:b1:99:f9:6a:5d:7c:39:0f:6b:da:
85:96:6a:e1:71:46:03:a8:b5:de:dc:98:80:7e:6f:
f9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:98:5C:60:34:46:B9:A9:3F:FD:DA:13:D9:F4:24:BE:A2:A1:46:93
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/bZhcYDRGuak__doT2fQkvqKhRpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.107.0/24
45.131.1.0/24
45.136.5.0/24
194.116.228.0/24
194.146.26.0/24
IPv6:
2a0f:b700::/29
Signature Algorithm: sha256WithRSAEncryption
74:e8:20:cf:de:79:f9:93:9b:70:e7:21:fc:6f:b1:69:b9:67:
db:30:74:5b:ef:09:d5:00:b8:29:f6:78:f5:50:b8:67:a3:f6:
57:c3:1f:96:81:40:d6:de:c8:78:da:e4:5f:cd:d6:fd:45:cb:
1b:31:8e:18:64:8c:32:7d:da:51:57:68:b6:e0:e3:96:72:cd:
4d:5d:fd:c2:dd:70:9d:65:14:0a:35:8a:14:82:09:a4:85:db:
ed:5f:b0:89:98:77:9c:c0:15:2e:0b:77:f1:88:8e:f3:e4:55:
2e:d9:70:34:99:23:42:db:4c:eb:7c:9a:cc:c0:1f:ab:13:92:
cf:23:13:08:0d:1a:b5:fd:95:5e:8d:80:b2:83:1f:55:fe:8b:
e7:e7:5a:f2:57:97:cd:d0:ac:a8:7c:19:ee:f5:30:a1:5a:d5:
32:aa:0d:52:ed:59:f6:4a:07:ad:cf:7a:40:19:b2:67:e5:5d:
ef:06:c7:b4:24:5f:0b:7f:6c:4c:15:05:3d:15:47:88:c9:e6:
55:ed:9a:ee:a3:0f:c7:16:11:02:93:69:1c:e5:13:3d:3a:a3:
26:01:f7:22:42:42:73:bf:70:48:f3:1b:7b:0c:ad:44:c1:68:
4b:37:3a:09:0c:24:31:48:c7:0e:b7:4d:57:ad:49:37:8f:e3:
fd:0b:8a:e1
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYvdJIrZw0LbYixmNJhIheDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjMxMTE3MTE1NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDk4NWM2MDM0NDZiOWE5M2ZmZGRhMTNkOWY0MjRiZWEyYTE0NjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjka+jyFOwXBZFxXX0upsr5svCNY+
3k103F31z9i8LQlzl6ZoqhzZo8L/2oswQ9gjTSGiCZW7ZtA4g0/c/1GhqNI5Gj75
MeMTaUX4bEnjsoUlHYrBhOoRpQsMwhER/Sway1PXWwk8F1GYFMDE86ra+DzP9Fyq
4o4XXqFHiR+U2W0Qk2h4M4d6+hVWclx2US1DN+YS4+SZAKsLAaq2hyusXO/JuI4e
ath55R3iAHXDuFSAgogxZSypERWrmutnBMzI9j/BiDkk8OV5OyuUuSaIuhwxzUxY
dWNIioKEwRlpbAoKru/JQrGZ+WpdfDkPa9qFlmrhcUYDqLXe3JiAfm/5KQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFG2YXGA0RrmpP/3aE9n0JL6ioUaTMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvYlpoY1lEUkd1YWtfX2RvVDJmUWt2cUtoUnBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQABbRrAwQA
LYMBAwQALYgFAwQAwnTkAwQAwpIaMA0EAgACMAcDBQMqD7cAMA0GCSqGSIb3DQEB
CwUAA4IBAQB06CDP3nn5k5tw5yH8b7FpuWfbMHRb7wnVALgp9nj1ULhno/ZXwx+W
gUDW3sh42uRfzdb9RcsbMY4YZIwyfdpRV2i24OOWcs1NXf3C3XCdZRQKNYoUggmk
hdvtX7CJmHecwBUuC3fxiI7z5FUu2XA0mSNC20zrfJrMwB+rE5LPIxMIDRq1/ZVe
jYCygx9V/ovn51ryV5fN0KyofBnu9TChWtUyqg1S7Vn2Sgetz3pAGbJn5V3vBse0
JF8Lf2xMFQU9FUeIyeZV7Zruow/HFhECk2kc5RM9OqMmAfciQkJzv3BI8xt7DK1E
wWhLNzoJDCQxSMcOt01XrUk3j+P9C4rh
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:49 2025 by rpki-client