Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/343379-f8e1-4be6-be01-f83946c2c82e/1/bfqWDkVhGy76Rae3S9tStiTFUrs.roa
File: bfqWDkVhGy76Rae3S9tStiTFUrs.roa (raw, json)
Hash identifier: kZ9SPJVaD+tzaWTpjk4SSpmqQWPCNXcap+moMfax1ng=
Subject key identifier: 6D:FA:96:0E:45:61:1B:2E:FA:45:A7:B7:4B:DB:52:B6:24:C5:52:BB
Certificate issuer: /CN=8c2289ae0b10629350da0a50e87b389109f16c2e
Certificate serial: 0193F3509611480C63B7D366F9121AEF518C
Authority key identifier: 8C:22:89:AE:0B:10:62:93:50:DA:0A:50:E8:7B:38:91:09:F1:6C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jCKJrgsQYpNQ2gpQ6Hs4kQnxbC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/343379-f8e1-4be6-be01-f83946c2c82e/1/bfqWDkVhGy76Rae3S9tStiTFUrs.roa
Signing time: Mon 23 Dec 2024 11:39:25 +0000
ROA not before: Mon 23 Dec 2024 11:39:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25189
IP address blocks: 213.251.208.0/20 maxlen: 20
213.251.240.0/20 maxlen: 24
213.251.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f3:50:96:11:48:0c:63:b7:d3:66:f9:12:1a:ef:51:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c2289ae0b10629350da0a50e87b389109f16c2e
Validity
Not Before: Dec 23 11:39:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dfa960e45611b2efa45a7b74bdb52b624c552bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:13:fc:c3:84:77:17:27:5a:ae:fe:3e:b8:64:
de:5d:b5:de:e4:d7:15:14:df:2f:68:1e:06:6e:15:
b4:46:fa:57:26:ee:c0:77:55:0a:72:11:6d:63:cb:
d4:f3:87:76:ad:f2:43:7b:7d:ea:ac:a7:40:9b:59:
e8:56:58:03:24:ee:21:54:9c:36:1f:79:2a:02:81:
de:62:f5:f4:f0:cd:06:34:76:50:7b:96:43:dd:18:
14:66:cb:1f:f9:c9:89:f1:70:88:4e:e4:c2:3a:08:
3e:1d:bb:4a:37:72:2a:ca:ae:9e:3b:38:ca:b4:63:
7e:6f:a7:a3:39:0a:f9:65:a1:7f:7b:a8:38:68:84:
51:b8:fa:c6:dd:33:ba:e8:25:8d:c1:6d:02:35:2e:
65:2c:c2:43:6c:6d:56:a7:09:13:fb:4b:44:26:2f:
81:0f:ad:79:5b:6d:5f:48:66:00:ba:e9:d8:b6:ff:
00:2e:b9:e2:c7:e5:c8:66:3c:31:9d:04:b7:99:5c:
66:13:a5:8b:04:7e:71:4a:a8:a8:4f:55:dc:35:ef:
df:30:9d:cc:01:86:c7:ac:66:55:ed:3c:40:25:52:
87:fc:d4:0b:9a:76:7e:84:d8:13:4e:3d:de:fb:d1:
90:c1:5e:d7:e5:ea:cb:47:6a:61:9c:97:95:ae:77:
6a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:FA:96:0E:45:61:1B:2E:FA:45:A7:B7:4B:DB:52:B6:24:C5:52:BB
X509v3 Authority Key Identifier:
keyid:8C:22:89:AE:0B:10:62:93:50:DA:0A:50:E8:7B:38:91:09:F1:6C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jCKJrgsQYpNQ2gpQ6Hs4kQnxbC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/343379-f8e1-4be6-be01-f83946c2c82e/1/bfqWDkVhGy76Rae3S9tStiTFUrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/343379-f8e1-4be6-be01-f83946c2c82e/1/jCKJrgsQYpNQ2gpQ6Hs4kQnxbC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.251.208.0/20
213.251.240.0/20
Signature Algorithm: sha256WithRSAEncryption
0b:8b:bc:23:92:e2:0d:5b:16:68:40:c2:a8:9b:19:ec:5b:4f:
6f:d8:10:60:80:02:3a:15:b2:5e:84:9f:e7:9d:ab:ad:be:36:
5f:43:d0:ed:44:ca:86:dc:15:f9:9e:95:95:76:a6:b7:72:9a:
cf:c8:e7:ed:b6:73:15:dc:4c:3f:92:79:eb:b2:ed:ae:15:13:
9e:39:48:02:4b:e7:68:0e:d8:97:e8:6a:4a:99:7f:76:40:27:
38:e9:11:94:b2:a7:2b:74:fd:b2:23:54:54:6f:c4:c7:fb:21:
c7:f5:06:69:f0:c3:3f:ab:7e:05:f7:d0:f5:19:99:e8:51:33:
9f:8c:8b:e2:86:22:4a:db:f9:71:d6:ef:23:e9:a5:d7:72:a9:
dd:56:a5:c7:c5:3f:99:33:6e:9e:87:40:6f:80:01:28:4f:8e:
de:5c:fc:cf:e8:89:4a:e4:25:18:6b:9c:ad:65:8c:57:07:58:
ea:6e:af:ef:a7:72:a8:8c:e9:d6:1d:83:89:11:1f:6a:d5:33:
9f:21:46:f1:47:a4:c9:d4:8f:ba:a2:ae:91:fe:58:d9:97:78:
9c:7d:68:51:c3:33:0f:9b:aa:d1:ff:21:9f:69:b5:d4:fa:ab:
3d:a5:04:e1:f7:d6:fa:6d:fd:06:a0:06:de:6d:bc:77:5a:1f:
04:bc:05:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPzUJYRSAxjt9Nm+RIa71GMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMjI4OWFlMGIxMDYyOTM1MGRhMGE1MGU4N2IzODkxMDlm
MTZjMmUwHhcNMjQxMjIzMTEzOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGZhOTYwZTQ1NjExYjJlZmE0NWE3Yjc0YmRiNTJiNjI0YzU1MmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BP8w4R3Fydarv4+uGTeXbXe5NcV
FN8vaB4GbhW0RvpXJu7Ad1UKchFtY8vU84d2rfJDe33qrKdAm1noVlgDJO4hVJw2
H3kqAoHeYvX08M0GNHZQe5ZD3RgUZssf+cmJ8XCITuTCOgg+HbtKN3Iqyq6eOzjK
tGN+b6ejOQr5ZaF/e6g4aIRRuPrG3TO66CWNwW0CNS5lLMJDbG1WpwkT+0tEJi+B
D615W21fSGYAuunYtv8ALrnix+XIZjwxnQS3mVxmE6WLBH5xSqioT1XcNe/fMJ3M
AYbHrGZV7TxAJVKH/NQLmnZ+hNgTTj3e+9GQwV7X5erLR2phnJeVrndq6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG36lg5FYRsu+kWnt0vbUrYkxVK7MB8GA1UdIwQY
MBaAFIwiia4LEGKTUNoKUOh7OJEJ8WwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakNLSnJnc1FZcE5RMmdwUTZIczRrUW54YkM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zNDMzNzktZjhlMS00YmU2LWJlMDEt
ZjgzOTQ2YzJjODJlLzEvYmZxV0RrVmhHeTc2UmFlM1M5dFN0aVRGVXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8zNDMzNzktZjhlMS00YmU2LWJlMDEtZjgzOTQ2YzJjODJl
LzEvakNLSnJnc1FZcE5RMmdwUTZIczRrUW54YkM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQE1fvQAwQE
1fvwMA0GCSqGSIb3DQEBCwUAA4IBAQALi7wjkuINWxZoQMKomxnsW09v2BBggAI6
FbJehJ/nnautvjZfQ9DtRMqG3BX5npWVdqa3cprPyOfttnMV3Ew/knnrsu2uFROe
OUgCS+doDtiX6GpKmX92QCc46RGUsqcrdP2yI1RUb8TH+yHH9QZp8MM/q34F99D1
GZnoUTOfjIvihiJK2/lx1u8j6aXXcqndVqXHxT+ZM26eh0BvgAEoT47eXPzP6IlK
5CUYa5ytZYxXB1jqbq/vp3KojOnWHYOJER9q1TOfIUbxR6TJ1I+6oq6R/ljZl3ic
fWhRwzMPm6rR/yGfabXU+qs9pQTh99b6bf0GoAbebbx3Wh8EvAXu
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:59 2024 by rpki-client on console.sobornost.net