Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/1f333e-d863-4939-b004-60003a1f4e23/1/5bJfdkwgayX-Sa9C97R0-FTbVeQ.roa
File: 5bJfdkwgayX-Sa9C97R0-FTbVeQ.roa (raw, json)
Hash identifier: JEYJaTIdHnqIEpmS35Jdhg7WSnTmiSo1m8z255Q8K5w=
Subject key identifier: E5:B2:5F:76:4C:20:6B:25:FE:49:AF:42:F7:B4:74:F8:54:DB:55:E4
Certificate issuer: /CN=bcc95830e715555b53bf8e4948ad43f696c5ebb7
Certificate serial: 019DF1BE
Authority key identifier: BC:C9:58:30:E7:15:55:5B:53:BF:8E:49:48:AD:43:F6:96:C5:EB:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMlYMOcVVVtTv45JSK1D9pbF67c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/1f333e-d863-4939-b004-60003a1f4e23/1/5bJfdkwgayX-Sa9C97R0-FTbVeQ.roa
Signing time: Sat 01 Jan 2022 06:59:11 +0000
ROA not before: Sat 01 Jan 2022 06:59:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12329
IP address blocks: 156.67.59.0/24 maxlen: 24
212.23.128.0/19 maxlen: 19
81.173.6.0/24 maxlen: 24
185.249.168.0/22 maxlen: 22
62.221.232.0/21 maxlen: 21
62.221.240.0/21 maxlen: 21
2001:7d8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27128254 (0x19df1be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcc95830e715555b53bf8e4948ad43f696c5ebb7
Validity
Not Before: Jan 1 06:59:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e5b25f764c206b25fe49af42f7b474f854db55e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:49:5c:49:3a:de:1e:eb:d1:78:2b:16:c3:07:
02:34:58:c8:a7:f0:1d:da:da:3d:58:a8:b7:0e:5c:
95:7a:27:16:a6:ea:91:41:13:40:bc:5b:d3:bd:07:
57:fa:6b:cc:74:2b:ff:33:e2:18:8e:cb:af:e1:d4:
58:89:e3:dd:a1:49:28:6d:73:a1:7b:4d:b5:7d:9b:
bc:5d:7d:a8:19:04:57:23:dc:2e:97:e0:c1:0c:63:
42:4e:fa:6a:db:f2:e9:a8:fa:61:0d:8b:0a:90:cd:
ae:a5:d2:fc:fd:69:9c:55:cb:7a:1e:10:9b:7b:c8:
46:93:a6:9e:22:d2:11:24:f5:80:2a:5f:e9:e3:23:
dd:57:56:68:f0:d8:c1:3a:cb:06:75:21:cb:e6:b5:
35:e5:55:85:20:bc:40:5e:32:ef:ef:33:5b:87:c1:
b3:e2:ce:59:d3:47:16:5c:60:e4:af:9a:dc:6b:81:
0b:e4:6f:3a:a7:7a:a7:d0:e8:a6:85:30:b7:f5:b9:
f0:e9:8b:87:e6:fa:d7:c4:4a:d5:56:b9:01:2c:20:
49:36:d4:26:4e:d3:c4:f3:8e:aa:80:81:0a:04:9d:
3f:b7:a9:23:1b:a6:64:f6:03:a9:d4:d6:20:9d:95:
bf:a4:6a:84:7c:69:46:0c:34:34:9d:a8:6c:f5:5d:
55:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:B2:5F:76:4C:20:6B:25:FE:49:AF:42:F7:B4:74:F8:54:DB:55:E4
X509v3 Authority Key Identifier:
keyid:BC:C9:58:30:E7:15:55:5B:53:BF:8E:49:48:AD:43:F6:96:C5:EB:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMlYMOcVVVtTv45JSK1D9pbF67c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1f333e-d863-4939-b004-60003a1f4e23/1/5bJfdkwgayX-Sa9C97R0-FTbVeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1f333e-d863-4939-b004-60003a1f4e23/1/vMlYMOcVVVtTv45JSK1D9pbF67c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.221.232.0-62.221.247.255
81.173.6.0/24
156.67.59.0/24
185.249.168.0/22
212.23.128.0/19
IPv6:
2001:7d8::/32
Signature Algorithm: sha256WithRSAEncryption
a3:39:df:7d:b9:e3:8d:cb:38:53:5b:ca:4c:bd:59:9f:e1:7f:
9c:9a:0d:a9:d1:38:07:9e:71:6b:6d:34:aa:22:55:14:05:61:
1e:7a:a3:0f:56:35:07:7b:41:e3:fa:72:5f:d2:01:f4:43:b8:
88:87:04:fa:bd:18:ad:bb:a5:72:6f:9f:02:d2:42:43:2b:48:
16:b5:60:2f:3b:90:1b:26:79:9a:33:da:18:f5:ca:50:2f:a7:
41:01:4f:84:2d:69:a7:a4:02:d6:a7:11:8d:c0:6c:86:ab:ec:
24:26:70:2f:fd:1e:45:c5:d9:bb:45:42:06:bd:6a:45:88:c6:
b8:86:52:7f:7f:dd:ee:28:2e:6c:26:22:86:b8:9f:ad:3b:f8:
a5:70:2c:bb:0a:f9:3b:68:9f:62:f3:67:72:61:4d:85:d6:8a:
38:48:8d:82:c4:75:9a:7c:0a:69:ab:cd:7b:1c:cb:f1:7a:8d:
ba:39:86:23:b5:62:fd:f4:b7:38:b3:17:6e:85:01:7a:51:e8:
5b:43:2c:43:4a:1c:fb:0d:2d:16:5f:37:3f:11:19:86:7b:11:
81:25:29:c2:78:0e:2d:95:8c:ce:63:37:05:6c:8c:e5:66:c3:
04:43:53:36:53:2b:28:67:52:5e:a9:70:73:a3:cc:d8:2b:5a:
d0:d2:d4:ed
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEAZ3xvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Y2M5NTgzMGU3MTU1NTViNTNiZjhlNDk0OGFkNDNmNjk2YzVlYmI3MB4XDTIyMDEw
MTA2NTkxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTViMjVmNzY0YzIw
NmIyNWZlNDlhZjQyZjdiNDc0Zjg1NGRiNTVlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBJXEk63h7r0XgrFsMHAjRYyKfwHdraPViotw5clXonFqbq
kUETQLxb070HV/przHQr/zPiGI7Lr+HUWInj3aFJKG1zoXtNtX2bvF19qBkEVyPc
LpfgwQxjQk76atvy6aj6YQ2LCpDNrqXS/P1pnFXLeh4Qm3vIRpOmniLSEST1gCpf
6eMj3VdWaPDYwTrLBnUhy+a1NeVVhSC8QF4y7+8zW4fBs+LOWdNHFlxg5K+a3GuB
C+RvOqd6p9DopoUwt/W58OmLh+b618RK1Va5ASwgSTbUJk7TxPOOqoCBCgSdP7ep
IxumZPYDqdTWIJ2Vv6RqhHxpRgw0NJ2obPVdVV0CAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBTlsl92TCBrJf5Jr0L3tHT4VNtV5DAfBgNVHSMEGDAWgBS8yVgw5xVVW1O/
jklIrUP2lsXrtzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZNbFlNT2NWVlZ0VHY0NUpTSzFEOXBiRjY3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvMWYzMzNlLWQ4NjMtNDkzOS1iMDA0LTYwMDAzYTFmNGUyMy8x
LzViSmZka3dnYXlYLVNhOUM5N1IwLUZUYlZlUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
MWYzMzNlLWQ4NjMtNDkzOS1iMDA0LTYwMDAzYTFmNGUyMy8xL3ZNbFlNT2NWVlZ0
VHY0NUpTSzFEOXBiRjY3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJjAMAwQDPt3oAwQDPt3wAwQAUa0GAwQA
nEM7AwQCufmoAwQF1BeAMA0EAgACMAcDBQAgAQfYMA0GCSqGSIb3DQEBCwUAA4IB
AQCjOd99ueONyzhTW8pMvVmf4X+cmg2p0TgHnnFrbTSqIlUUBWEeeqMPVjUHe0Hj
+nJf0gH0Q7iIhwT6vRitu6Vyb58C0kJDK0gWtWAvO5AbJnmaM9oY9cpQL6dBAU+E
LWmnpALWpxGNwGyGq+wkJnAv/R5Fxdm7RUIGvWpFiMa4hlJ/f93uKC5sJiKGuJ+t
O/ilcCy7Cvk7aJ9i82dyYU2F1oo4SI2CxHWafAppq817HMvxeo26OYYjtWL99Lc4
sxduhQF6UehbQyxDShz7DS0WXzc/ERmGexGBJSnCeA4tlYzOYzcFbIzlZsMEQ1M2
UysoZ1JeqXBzo8zYK1rQ0tTt
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:23 2023 by rpki-client on console.sobornost.net