Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d498e3-0ea9-4314-9849-00233ae50b52/1/BkImsqyeDV9XpgSG8pLl2ABEvhM.roa
File: BkImsqyeDV9XpgSG8pLl2ABEvhM.roa (raw, json)
Hash identifier: MCe5YlLPPWoRMpB8rN/pDZQlY8GNE1D+TtOA1UKSe84=
Subject key identifier: 06:42:26:B2:AC:9E:0D:5F:57:A6:04:86:F2:92:E5:D8:00:44:BE:13
Certificate issuer: /CN=e57455b8a8b0576d6f94f7e014f6b34d5aa6c4d7
Certificate serial: 01930A5C9C79C47C8ECF42E181D06C7556F7
Authority key identifier: E5:74:55:B8:A8:B0:57:6D:6F:94:F7:E0:14:F6:B3:4D:5A:A6:C4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5XRVuKiwV21vlPfgFPazTVqmxNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d498e3-0ea9-4314-9849-00233ae50b52/1/BkImsqyeDV9XpgSG8pLl2ABEvhM.roa
Signing time: Fri 08 Nov 2024 06:01:01 +0000
ROA not before: Fri 08 Nov 2024 06:01:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201719
IP address blocks: 185.65.120.0/22 maxlen: 22
185.65.120.0/24 maxlen: 24
185.65.121.0/24 maxlen: 24
185.65.122.0/24 maxlen: 24
185.65.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0a:5c:9c:79:c4:7c:8e:cf:42:e1:81:d0:6c:75:56:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e57455b8a8b0576d6f94f7e014f6b34d5aa6c4d7
Validity
Not Before: Nov 8 06:01:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=064226b2ac9e0d5f57a60486f292e5d80044be13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:49:ed:9f:4a:31:b1:5a:92:cc:0d:14:08:16:
36:6a:1a:70:1c:97:49:8d:d2:bf:b1:6f:eb:16:6e:
87:25:34:0a:b6:93:a9:4d:6f:aa:e0:71:e7:51:b1:
6c:3f:80:51:16:be:79:98:fe:5d:ec:8d:d4:02:f7:
96:c9:a8:fc:0f:d7:8f:be:6a:33:a4:db:dd:6d:39:
d6:be:62:49:b9:ad:a8:f5:44:a5:02:61:8b:6b:fd:
51:e1:e7:9f:08:25:d2:c8:78:84:8f:2c:1c:75:bf:
88:a3:4b:d5:a1:26:82:1a:de:38:bb:40:03:76:ec:
c2:bd:2f:2e:23:40:e1:66:b3:8c:b9:e4:ec:97:74:
e7:9b:a5:34:dd:cf:63:7e:b4:85:78:43:1c:1f:c2:
40:b5:18:1c:92:2b:40:07:bb:0b:36:e4:38:00:32:
74:dd:d2:fd:b5:ad:b9:62:6e:a4:42:d5:10:78:98:
98:af:e3:45:65:a7:ed:9c:75:92:0c:0a:b6:f9:6a:
01:af:b3:1d:93:bb:17:60:17:fc:2b:4c:bc:d4:4f:
f6:6d:04:ec:17:da:2b:86:4b:2a:98:92:22:55:86:
52:3b:42:51:1b:0f:05:74:37:a7:0c:dd:22:3f:af:
43:5f:09:10:cf:bc:6b:fb:b5:8d:2a:e4:4b:ed:c6:
bf:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:42:26:B2:AC:9E:0D:5F:57:A6:04:86:F2:92:E5:D8:00:44:BE:13
X509v3 Authority Key Identifier:
keyid:E5:74:55:B8:A8:B0:57:6D:6F:94:F7:E0:14:F6:B3:4D:5A:A6:C4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5XRVuKiwV21vlPfgFPazTVqmxNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d498e3-0ea9-4314-9849-00233ae50b52/1/BkImsqyeDV9XpgSG8pLl2ABEvhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d498e3-0ea9-4314-9849-00233ae50b52/1/5XRVuKiwV21vlPfgFPazTVqmxNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.120.0/22
Signature Algorithm: sha256WithRSAEncryption
04:a7:7e:60:31:a0:83:6e:de:68:38:d9:79:63:ac:5b:83:75:
10:ae:0f:ad:e5:d0:36:13:b7:48:eb:38:70:cd:fd:06:e1:47:
43:9b:4b:9d:66:a7:c8:49:1e:25:e2:cb:11:f2:eb:20:58:58:
7c:97:d9:61:71:8a:3f:a6:18:bd:6a:b9:09:95:19:12:85:08:
8e:86:84:20:0f:eb:d8:58:19:9c:83:45:fb:f4:b5:10:0b:21:
39:8e:82:a3:75:03:64:ec:43:88:ca:03:ce:0b:6c:31:56:01:
2d:a3:1f:cb:5d:5c:70:12:3e:ec:4e:d4:57:cf:fa:38:d0:ae:
59:4e:90:ad:c6:53:84:e5:82:f9:15:b4:0f:3b:0c:81:c6:d5:
2f:ce:73:6a:09:41:2e:3d:fb:67:e0:3f:3f:e1:70:2e:a4:a8:
ef:91:33:c5:d0:95:3d:d1:89:b3:07:10:4e:5a:60:97:d3:b9:
53:4c:ec:f2:64:fa:de:b1:0c:97:99:5c:21:30:48:e6:30:a1:
60:3a:f7:fd:23:b1:ea:5b:9f:aa:85:3e:29:8d:ba:5f:c7:15:
fa:81:57:da:0c:4b:9c:cc:75:e9:19:c0:ac:39:f8:fd:fd:ce:
43:b1:9a:86:3a:c4:72:b1:f3:a1:d5:a0:d8:92:de:9c:06:bb:
f3:b7:e8:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMKXJx5xHyOz0LhgdBsdVb3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NzQ1NWI4YThiMDU3NmQ2Zjk0ZjdlMDE0ZjZiMzRkNWFh
NmM0ZDcwHhcNMjQxMTA4MDYwMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjQyMjZiMmFjOWUwZDVmNTdhNjA0ODZmMjkyZTVkODAwNDRiZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60ntn0oxsVqSzA0UCBY2ahpwHJdJ
jdK/sW/rFm6HJTQKtpOpTW+q4HHnUbFsP4BRFr55mP5d7I3UAveWyaj8D9ePvmoz
pNvdbTnWvmJJua2o9USlAmGLa/1R4eefCCXSyHiEjywcdb+Io0vVoSaCGt44u0AD
duzCvS8uI0DhZrOMueTsl3Tnm6U03c9jfrSFeEMcH8JAtRgckitAB7sLNuQ4ADJ0
3dL9ta25Ym6kQtUQeJiYr+NFZaftnHWSDAq2+WoBr7Mdk7sXYBf8K0y81E/2bQTs
F9orhksqmJIiVYZSO0JRGw8FdDenDN0iP69DXwkQz7xr+7WNKuRL7ca/iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAZCJrKsng1fV6YEhvKS5dgARL4TMB8GA1UdIwQY
MBaAFOV0VbiosFdtb5T34BT2s01apsTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVhSVnVLaXdWMjF2bFBmZ0ZQYXpUVnFteE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kNDk4ZTMtMGVhOS00MzE0LTk4NDkt
MDAyMzNhZTUwYjUyLzEvQmtJbXNxeWVEVjlYcGdTRzhwTGwyQUJFdmhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kNDk4ZTMtMGVhOS00MzE0LTk4NDktMDAyMzNhZTUwYjUy
LzEvNVhSVnVLaXdWMjF2bFBmZ0ZQYXpUVnFteE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUF4MA0G
CSqGSIb3DQEBCwUAA4IBAQAEp35gMaCDbt5oONl5Y6xbg3UQrg+t5dA2E7dI6zhw
zf0G4UdDm0udZqfISR4l4ssR8usgWFh8l9lhcYo/phi9arkJlRkShQiOhoQgD+vY
WBmcg0X79LUQCyE5joKjdQNk7EOIygPOC2wxVgEtox/LXVxwEj7sTtRXz/o40K5Z
TpCtxlOE5YL5FbQPOwyBxtUvznNqCUEuPftn4D8/4XAupKjvkTPF0JU90YmzBxBO
WmCX07lTTOzyZPresQyXmVwhMEjmMKFgOvf9I7HqW5+qhT4pjbpfxxX6gVfaDEuc
zHXpGcCsOfj9/c5DsZqGOsRysfOh1aDYkt6cBrvzt+iu
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:00 2024 by rpki-client on console.sobornost.net