Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/e77b83-a23b-4897-b4dd-68eedf5f66bc/1/Bh5IC48JAR5FB63v2dnakNOTX34.roa
File: Bh5IC48JAR5FB63v2dnakNOTX34.roa (raw, json)
Hash identifier: FMLGNxpZDrf8rppZSMEnpJR9pt6oa5eJBxowJrkMq7o=
Subject key identifier: 06:1E:48:0B:8F:09:01:1E:45:07:AD:EF:D9:D9:DA:90:D3:93:5F:7E
Certificate issuer: /CN=1de5dbc0b610485d0f7e2194d8f816d6c1445326
Certificate serial: 01942368E5DCB5D6CEA5564D7A7EEABA1875
Authority key identifier: 1D:E5:DB:C0:B6:10:48:5D:0F:7E:21:94:D8:F8:16:D6:C1:44:53:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeXbwLYQSF0PfiGU2PgW1sFEUyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/e77b83-a23b-4897-b4dd-68eedf5f66bc/1/Bh5IC48JAR5FB63v2dnakNOTX34.roa
Signing time: Wed 01 Jan 2025 19:47:44 +0000
ROA not before: Wed 01 Jan 2025 19:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29611
IP address blocks: 185.119.52.0/22 maxlen: 22
185.119.52.0/24 maxlen: 24
185.119.53.0/24 maxlen: 24
185.119.54.0/24 maxlen: 24
185.119.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:e5:dc:b5:d6:ce:a5:56:4d:7a:7e:ea:ba:18:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de5dbc0b610485d0f7e2194d8f816d6c1445326
Validity
Not Before: Jan 1 19:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=061e480b8f09011e4507adefd9d9da90d3935f7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:29:26:30:d7:e0:5b:ab:60:61:35:2a:58:a1:
ec:b4:e0:9d:05:e0:9e:4e:61:c3:ba:46:36:b0:68:
a7:d0:43:42:2d:d3:f7:1d:57:ce:aa:35:a8:14:9a:
82:08:56:b0:bb:6f:dd:e7:48:39:86:58:0f:55:54:
bd:1f:99:7b:11:bf:0a:49:76:c1:47:7d:13:ea:8c:
74:9e:50:f3:1b:ce:44:ff:a6:fe:2a:c8:2e:1b:4e:
e4:0d:7d:b8:a3:b0:65:f5:ec:c7:51:67:b3:4d:21:
37:30:b4:17:06:38:23:93:3e:30:7a:d1:19:ff:ee:
7d:96:f2:b3:dc:1a:e5:28:31:fa:4a:19:73:08:23:
e3:92:63:1f:5f:29:b3:29:f2:1e:5d:75:69:9e:2c:
0c:7f:7a:10:68:63:6c:80:88:43:f1:50:f7:e4:5c:
28:88:e4:05:fd:62:d2:c6:44:af:b3:2c:20:b9:bd:
31:06:bc:39:5c:1b:b9:e4:0c:54:bc:69:e9:70:1e:
10:23:0b:35:a1:26:d1:91:be:11:d8:09:a5:18:27:
6f:8e:80:f6:6e:5e:d2:fd:b8:ee:94:53:50:84:c1:
d1:7f:6e:36:a0:c1:90:9c:25:cb:99:82:bf:cf:22:
45:fd:da:d6:6a:35:d8:6b:a5:e9:c7:97:fc:da:c2:
6f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:1E:48:0B:8F:09:01:1E:45:07:AD:EF:D9:D9:DA:90:D3:93:5F:7E
X509v3 Authority Key Identifier:
keyid:1D:E5:DB:C0:B6:10:48:5D:0F:7E:21:94:D8:F8:16:D6:C1:44:53:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeXbwLYQSF0PfiGU2PgW1sFEUyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/e77b83-a23b-4897-b4dd-68eedf5f66bc/1/Bh5IC48JAR5FB63v2dnakNOTX34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/e77b83-a23b-4897-b4dd-68eedf5f66bc/1/HeXbwLYQSF0PfiGU2PgW1sFEUyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.52.0/22
Signature Algorithm: sha256WithRSAEncryption
71:6a:04:dc:a1:9f:60:5a:f4:53:e4:5f:0b:60:20:67:72:98:
48:47:31:db:f2:fd:25:5b:40:0d:fc:ed:32:01:1f:a6:4d:9f:
41:cd:1c:c5:94:92:3a:93:7a:57:d2:ba:4e:79:2a:6e:10:c1:
6c:83:11:88:ce:45:d1:31:f1:2f:d3:c3:77:fd:6c:8b:62:84:
84:69:a9:79:74:44:e4:19:15:0c:b0:5d:85:d7:69:b8:6f:41:
51:3a:6b:28:0e:b6:52:24:d8:2e:f5:2b:9f:67:ac:95:fa:88:
2b:31:25:bd:23:e7:98:87:0e:c3:4a:35:36:c9:6f:50:b1:62:
80:2c:1b:c2:8c:29:d5:30:90:bc:fd:4f:3a:02:44:ac:07:40:
b1:bb:92:bb:c9:22:16:48:e7:fc:45:02:a4:91:b3:16:d3:6a:
bf:b3:10:47:11:53:df:b6:25:2a:cd:7e:b5:da:5d:1e:6f:35:
9f:4d:4e:9a:20:63:21:8e:34:c7:03:c3:cb:a0:30:be:3a:e5:
74:0c:bb:4b:8e:2d:60:02:f9:93:66:a0:37:21:22:07:71:88:
3e:44:3a:d7:41:39:8d:6f:3d:a8:5f:7a:60:31:2c:49:0b:22:
96:cb:38:62:27:3d:be:fa:54:a8:8d:6b:bd:58:71:bc:eb:9d:
e2:01:ef:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaOXctdbOpVZNen7quhh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTVkYmMwYjYxMDQ4NWQwZjdlMjE5NGQ4ZjgxNmQ2YzE0
NDUzMjYwHhcNMjUwMTAxMTk0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjFlNDgwYjhmMDkwMTFlNDUwN2FkZWZkOWQ5ZGE5MGQzOTM1ZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkykmMNfgW6tgYTUqWKHstOCdBeCe
TmHDukY2sGin0ENCLdP3HVfOqjWoFJqCCFawu2/d50g5hlgPVVS9H5l7Eb8KSXbB
R30T6ox0nlDzG85E/6b+KsguG07kDX24o7Bl9ezHUWezTSE3MLQXBjgjkz4wetEZ
/+59lvKz3BrlKDH6ShlzCCPjkmMfXymzKfIeXXVpniwMf3oQaGNsgIhD8VD35Fwo
iOQF/WLSxkSvsywgub0xBrw5XBu55AxUvGnpcB4QIws1oSbRkb4R2AmlGCdvjoD2
bl7S/bjulFNQhMHRf242oMGQnCXLmYK/zyJF/drWajXYa6Xpx5f82sJvywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYeSAuPCQEeRQet79nZ2pDTk19+MB8GA1UdIwQY
MBaAFB3l28C2EEhdD34hlNj4FtbBRFMmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVYYndMWVFTRjBQZmlHVTJQZ1cxc0ZFVXlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lNzdiODMtYTIzYi00ODk3LWI0ZGQt
NjhlZWRmNWY2NmJjLzEvQmg1SUM0OEpBUjVGQjYzdjJkbmFrTk9UWDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lNzdiODMtYTIzYi00ODk3LWI0ZGQtNjhlZWRmNWY2NmJj
LzEvSGVYYndMWVFTRjBQZmlHVTJQZ1cxc0ZFVXlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXc0MA0G
CSqGSIb3DQEBCwUAA4IBAQBxagTcoZ9gWvRT5F8LYCBncphIRzHb8v0lW0AN/O0y
AR+mTZ9BzRzFlJI6k3pX0rpOeSpuEMFsgxGIzkXRMfEv08N3/WyLYoSEaal5dETk
GRUMsF2F12m4b0FROmsoDrZSJNgu9SufZ6yV+ogrMSW9I+eYhw7DSjU2yW9QsWKA
LBvCjCnVMJC8/U86AkSsB0Cxu5K7ySIWSOf8RQKkkbMW02q/sxBHEVPftiUqzX61
2l0ebzWfTU6aIGMhjjTHA8PLoDC+OuV0DLtLji1gAvmTZqA3ISIHcYg+RDrXQTmN
bz2oX3pgMSxJCyKWyzhiJz2++lSojWu9WHG8653iAe9M
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:18 2025 by rpki-client on console.sobornost.net