Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/ce0077-c701-4ced-9d53-6c5c34586f6e/1/JEn14k-ydXuxdwTzzhbXImRGWhQ.roa
File: JEn14k-ydXuxdwTzzhbXImRGWhQ.roa (raw, json)
Hash identifier: cS8on+3CLTzoB93FzIqLXe712OcQqzcxxnF2sbjDypE=
Subject key identifier: 24:49:F5:E2:4F:B2:75:7B:B1:77:04:F3:CE:16:D7:22:64:46:5A:14
Certificate issuer: /CN=bdf5b712f2e4932c1c030312d194a597883f3d5e
Certificate serial: 018CC8DF7F3B5790E477DD7FD258B3DC0CB3
Authority key identifier: BD:F5:B7:12:F2:E4:93:2C:1C:03:03:12:D1:94:A5:97:88:3F:3D:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfW3EvLkkywcAwMS0ZSll4g_PV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/ce0077-c701-4ced-9d53-6c5c34586f6e/1/JEn14k-ydXuxdwTzzhbXImRGWhQ.roa
Signing time: Tue 02 Jan 2024 06:32:19 +0000
ROA not before: Tue 02 Jan 2024 06:32:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29117
IP address blocks: 195.85.200.0/24 maxlen: 24
195.234.61.0/24 maxlen: 24
2001:67c:195c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:7f:3b:57:90:e4:77:dd:7f:d2:58:b3:dc:0c:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdf5b712f2e4932c1c030312d194a597883f3d5e
Validity
Not Before: Jan 2 06:32:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2449f5e24fb2757bb17704f3ce16d72264465a14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6d:ae:d2:58:6f:1a:8e:c7:b0:3c:34:27:9a:
03:24:5f:d3:e1:9d:fa:62:67:6e:e9:8f:26:c0:a5:
4c:f9:04:9f:2c:a1:e5:50:b6:01:49:67:07:a4:e9:
cf:8f:63:78:2f:b6:22:b8:53:69:2e:11:13:04:3c:
88:ac:24:27:bc:73:df:36:15:57:aa:1c:d1:dd:8d:
37:db:61:c7:28:ed:19:61:9c:c4:31:64:9f:b9:fa:
a6:c5:71:f8:26:d2:1e:db:55:be:02:84:f7:69:9d:
10:5b:6a:90:f2:e1:f6:d9:b8:b5:13:40:08:48:41:
61:4d:ef:43:94:08:da:0c:05:1d:73:f6:ff:7e:c1:
01:fb:78:53:02:a6:5f:46:3e:86:23:fe:9e:c8:a5:
60:5e:cb:a1:75:a8:d3:7d:d1:9b:c9:97:8c:10:eb:
46:8f:c4:d8:97:f1:a3:ba:c2:dc:26:ad:c8:b0:e8:
2b:00:e2:74:de:b0:8b:43:fc:30:00:8b:37:b4:6e:
ab:e5:33:19:fd:d1:f4:0e:11:01:e8:8c:b2:42:8c:
0d:f9:ef:25:4a:58:7f:f5:a1:f0:4b:a6:09:6e:bc:
83:ab:0e:76:2a:3b:3a:52:f6:94:dd:36:9e:a5:6f:
83:99:7d:8f:83:52:c1:cf:3e:40:67:17:d6:e3:fd:
ac:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:49:F5:E2:4F:B2:75:7B:B1:77:04:F3:CE:16:D7:22:64:46:5A:14
X509v3 Authority Key Identifier:
keyid:BD:F5:B7:12:F2:E4:93:2C:1C:03:03:12:D1:94:A5:97:88:3F:3D:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfW3EvLkkywcAwMS0ZSll4g_PV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/ce0077-c701-4ced-9d53-6c5c34586f6e/1/JEn14k-ydXuxdwTzzhbXImRGWhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/ce0077-c701-4ced-9d53-6c5c34586f6e/1/vfW3EvLkkywcAwMS0ZSll4g_PV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.200.0/24
195.234.61.0/24
IPv6:
2001:67c:195c::/48
Signature Algorithm: sha256WithRSAEncryption
8c:fb:f6:aa:03:dd:05:50:05:8e:05:5f:34:ee:06:b9:f3:f3:
4a:ed:07:a8:9b:a0:73:e7:15:6d:65:e1:fc:87:2f:33:64:1b:
d8:98:0d:6b:5f:cd:94:98:97:bb:c7:e8:a6:cf:18:28:f0:15:
37:32:22:f2:49:02:ec:6e:f0:09:8b:a5:60:dc:02:b9:81:f8:
ce:84:7c:fd:67:81:b5:6e:4f:07:47:8a:11:30:41:89:2d:60:
9c:ab:14:87:af:b6:ae:92:44:0c:62:3b:45:28:80:48:1e:7a:
03:98:e6:7e:12:7f:0e:d6:8e:2b:03:fe:a3:09:a9:8a:ef:9a:
f0:04:4a:31:a7:5e:06:50:a5:3c:f4:b2:c0:b3:3a:de:39:1c:
4f:ad:22:a3:17:78:25:4e:63:ee:69:7e:ee:2f:7a:52:b2:2e:
a7:b0:8a:b0:43:d9:e6:03:97:e7:eb:a3:65:0a:2c:8e:70:9f:
f0:11:65:f4:2c:5c:8f:a2:6e:81:c6:46:47:a0:03:6b:ad:fa:
03:76:f7:af:2e:40:c1:72:60:77:f6:b9:7c:91:75:4b:9b:25:
ba:33:5f:00:9e:5c:8d:a3:77:52:e1:32:00:64:33:8b:27:ba:
e0:e7:e7:b7:d8:82:2a:ba:a1:c7:d6:57:e6:bf:14:3f:18:f7:
fd:b6:fe:ea
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzI3387V5Dkd91/0liz3AyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZjViNzEyZjJlNDkzMmMxYzAzMDMxMmQxOTRhNTk3ODgz
ZjNkNWUwHhcNMjQwMTAyMDYzMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQ5ZjVlMjRmYjI3NTdiYjE3NzA0ZjNjZTE2ZDcyMjY0NDY1YTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm2u0lhvGo7HsDw0J5oDJF/T4Z36
Ymdu6Y8mwKVM+QSfLKHlULYBSWcHpOnPj2N4L7YiuFNpLhETBDyIrCQnvHPfNhVX
qhzR3Y0322HHKO0ZYZzEMWSfufqmxXH4JtIe21W+AoT3aZ0QW2qQ8uH22bi1E0AI
SEFhTe9DlAjaDAUdc/b/fsEB+3hTAqZfRj6GI/6eyKVgXsuhdajTfdGbyZeMEOtG
j8TYl/GjusLcJq3IsOgrAOJ03rCLQ/wwAIs3tG6r5TMZ/dH0DhEB6IyyQowN+e8l
Slh/9aHwS6YJbryDqw52Kjs6UvaU3TaepW+DmX2Pg1LBzz5AZxfW4/2sXQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCRJ9eJPsnV7sXcE884W1yJkRloUMB8GA1UdIwQY
MBaAFL31txLy5JMsHAMDEtGUpZeIPz1eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZXM0V2TGtreXdjQXdNUzBaU2xsNGdfUFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9jZTAwNzctYzcwMS00Y2VkLTlkNTMt
NmM1YzM0NTg2ZjZlLzEvSkVuMTRrLXlkWHV4ZHdUenpoYlhJbVJHV2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9jZTAwNzctYzcwMS00Y2VkLTlkNTMtNmM1YzM0NTg2ZjZl
LzEvdmZXM0V2TGtreXdjQXdNUzBaU2xsNGdfUFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAw1XIAwQA
w+o9MA8EAgACMAkDBwAgAQZ8GVwwDQYJKoZIhvcNAQELBQADggEBAIz79qoD3QVQ
BY4FXzTuBrnz80rtB6iboHPnFW1l4fyHLzNkG9iYDWtfzZSYl7vH6KbPGCjwFTcy
IvJJAuxu8AmLpWDcArmB+M6EfP1ngbVuTwdHihEwQYktYJyrFIevtq6SRAxiO0Uo
gEgeegOY5n4Sfw7WjisD/qMJqYrvmvAESjGnXgZQpTz0ssCzOt45HE+tIqMXeCVO
Y+5pfu4velKyLqewirBD2eYDl+fro2UKLI5wn/ARZfQsXI+iboHGRkegA2ut+gN2
968uQMFyYHf2uXyRdUubJbozXwCeXI2jd1LhMgBkM4snuuDn57fYgiq6ocfWV+a/
FD8Y9/22/uo=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:11 2024 by rpki-client on console.sobornost.net