Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/4b8cc4-5fc2-4f26-8045-50ef726a9136/1/bdCx_iL4BGDGmb_sn3HHeUsyzUQ.roa
File: bdCx_iL4BGDGmb_sn3HHeUsyzUQ.roa (raw, json)
Hash identifier: 8K2o80acv1WPZi0eglDv0fi3ZkygIeG/oGGQEIAFeG4=
Subject key identifier: 6D:D0:B1:FE:22:F8:04:60:C6:99:BF:EC:9F:71:C7:79:4B:32:CD:44
Certificate issuer: /CN=e9fc6c81663cf6fce92e83e5d6628bc0eb6a94d2
Certificate serial: 019174DDDCF82AF4C5C0224F777E1D083ABE
Authority key identifier: E9:FC:6C:81:66:3C:F6:FC:E9:2E:83:E5:D6:62:8B:C0:EB:6A:94:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6fxsgWY89vzpLoPl1mKLwOtqlNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/4b8cc4-5fc2-4f26-8045-50ef726a9136/1/bdCx_iL4BGDGmb_sn3HHeUsyzUQ.roa
Signing time: Wed 21 Aug 2024 12:16:22 +0000
ROA not before: Wed 21 Aug 2024 12:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57988
IP address blocks: 91.237.54.0/23 maxlen: 23
91.237.54.0/24 maxlen: 24
91.237.55.0/24 maxlen: 24
176.111.248.0/21 maxlen: 21
176.111.248.0/24 maxlen: 24
176.111.249.0/24 maxlen: 24
176.111.250.0/24 maxlen: 24
176.111.251.0/24 maxlen: 24
176.111.252.0/24 maxlen: 24
176.111.253.0/24 maxlen: 24
176.111.254.0/24 maxlen: 24
176.111.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:74:dd:dc:f8:2a:f4:c5:c0:22:4f:77:7e:1d:08:3a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9fc6c81663cf6fce92e83e5d6628bc0eb6a94d2
Validity
Not Before: Aug 21 12:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dd0b1fe22f80460c699bfec9f71c7794b32cd44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c5:f1:aa:6d:50:62:16:db:cd:91:ad:af:54:
ce:1b:66:23:36:bf:3c:5b:aa:13:1f:e2:2d:27:fd:
b1:2b:05:a0:e2:8b:a7:42:f5:e2:42:ad:7d:c8:e3:
20:fc:f3:fa:11:ab:cd:af:df:cd:e5:9b:ab:ca:c1:
bd:ec:84:4b:36:d1:81:9d:c0:82:9e:a0:d0:19:10:
03:86:bc:2f:ea:4e:1e:a0:7c:da:58:45:73:00:ea:
d5:27:2b:33:c8:e9:74:2f:ba:b5:59:62:9a:1b:a5:
23:9b:0f:df:de:4e:e1:ce:5b:ff:7f:c0:2c:7a:dc:
e8:eb:d2:5d:88:83:e7:3b:7f:bb:ff:1d:c0:03:ff:
46:15:dd:83:89:53:87:4c:94:11:93:bc:df:34:3f:
3b:61:85:3b:25:51:4a:eb:c7:91:20:c7:57:5e:af:
bf:7e:bc:ce:99:37:83:b0:01:0f:97:39:3f:8b:a1:
d8:9d:b3:01:61:12:05:2e:97:4e:a6:13:4d:8d:0e:
82:dd:be:1e:82:19:8c:57:fc:3b:00:70:9e:80:d8:
eb:f8:91:b5:1d:30:84:8f:23:72:f1:6e:50:e6:23:
8f:6a:bd:57:80:1c:41:a4:91:fe:6c:12:46:d0:94:
46:dc:3a:bd:6c:6c:c1:e9:6c:25:e5:eb:52:ee:c1:
eb:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D0:B1:FE:22:F8:04:60:C6:99:BF:EC:9F:71:C7:79:4B:32:CD:44
X509v3 Authority Key Identifier:
keyid:E9:FC:6C:81:66:3C:F6:FC:E9:2E:83:E5:D6:62:8B:C0:EB:6A:94:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6fxsgWY89vzpLoPl1mKLwOtqlNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4b8cc4-5fc2-4f26-8045-50ef726a9136/1/bdCx_iL4BGDGmb_sn3HHeUsyzUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4b8cc4-5fc2-4f26-8045-50ef726a9136/1/6fxsgWY89vzpLoPl1mKLwOtqlNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.54.0/23
176.111.248.0/21
Signature Algorithm: sha256WithRSAEncryption
40:3f:d9:ad:e9:3d:2c:2c:f4:f6:59:94:2e:53:be:28:b9:3d:
37:0e:7f:55:a5:78:0e:eb:88:51:af:50:8e:15:9a:97:94:6d:
7d:e8:48:e1:47:06:61:de:2c:28:1b:36:a6:1f:4e:2a:29:d3:
eb:95:b3:ba:bb:27:84:01:23:9e:8f:ed:40:b3:ae:dd:ee:2e:
04:7b:77:8b:34:13:0f:dc:be:e0:52:0a:ab:7e:58:64:9f:25:
f2:6a:23:b6:9a:70:d7:87:43:57:4b:fe:79:15:a6:db:32:a0:
aa:4e:14:6a:4f:22:29:cf:69:2a:8c:3a:31:16:51:d8:49:ef:
32:e8:85:3e:ed:1d:49:53:8a:01:ad:a9:99:c3:d9:d3:81:b9:
a6:08:29:4c:19:a1:5a:60:26:9b:21:69:c9:ef:ea:75:03:f8:
fa:2c:2a:08:72:69:4b:79:1c:46:2f:88:8c:51:8f:f1:1c:10:
93:6d:8d:b6:8e:03:cf:06:20:44:7c:3d:91:0f:33:a1:01:cd:
10:82:d7:24:67:72:62:12:9f:ee:60:8a:5b:b7:fa:ac:5c:b7:
cc:24:ee:5d:68:f6:5d:9c:f0:b9:dd:66:5b:2f:36:c7:18:f0:
d3:ce:1f:30:eb:4d:9d:eb:bc:ba:48:4a:84:b9:6f:c9:a2:8e:
e0:1d:f9:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZF03dz4KvTFwCJPd34dCDq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZmM2YzgxNjYzY2Y2ZmNlOTJlODNlNWQ2NjI4YmMwZWI2
YTk0ZDIwHhcNMjQwODIxMTIxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGQwYjFmZTIyZjgwNDYwYzY5OWJmZWM5ZjcxYzc3OTRiMzJjZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMXxqm1QYhbbzZGtr1TOG2YjNr88
W6oTH+ItJ/2xKwWg4ounQvXiQq19yOMg/PP6EavNr9/N5ZurysG97IRLNtGBncCC
nqDQGRADhrwv6k4eoHzaWEVzAOrVJyszyOl0L7q1WWKaG6Ujmw/f3k7hzlv/f8As
etzo69JdiIPnO3+7/x3AA/9GFd2DiVOHTJQRk7zfND87YYU7JVFK68eRIMdXXq+/
frzOmTeDsAEPlzk/i6HYnbMBYRIFLpdOphNNjQ6C3b4eghmMV/w7AHCegNjr+JG1
HTCEjyNy8W5Q5iOPar1XgBxBpJH+bBJG0JRG3Dq9bGzB6Wwl5etS7sHrWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG3Qsf4i+ARgxpm/7J9xx3lLMs1EMB8GA1UdIwQY
MBaAFOn8bIFmPPb86S6D5dZii8DrapTSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmZ4c2dXWTg5dnpwTG9QbDFtS0x3T3RxbE5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80YjhjYzQtNWZjMi00ZjI2LTgwNDUt
NTBlZjcyNmE5MTM2LzEvYmRDeF9pTDRCR0RHbWJfc24zSEhlVXN5elVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80YjhjYzQtNWZjMi00ZjI2LTgwNDUtNTBlZjcyNmE5MTM2
LzEvNmZ4c2dXWTg5dnpwTG9QbDFtS0x3T3RxbE5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+02AwQD
sG/4MA0GCSqGSIb3DQEBCwUAA4IBAQBAP9mt6T0sLPT2WZQuU74ouT03Dn9VpXgO
64hRr1COFZqXlG196EjhRwZh3iwoGzamH04qKdPrlbO6uyeEASOej+1As67d7i4E
e3eLNBMP3L7gUgqrflhknyXyaiO2mnDXh0NXS/55FabbMqCqThRqTyIpz2kqjDox
FlHYSe8y6IU+7R1JU4oBramZw9nTgbmmCClMGaFaYCabIWnJ7+p1A/j6LCoIcmlL
eRxGL4iMUY/xHBCTbY22jgPPBiBEfD2RDzOhAc0QgtckZ3JiEp/uYIpbt/qsXLfM
JO5daPZdnPC53WZbLzbHGPDTzh8w602d67y6SEqEuW/Joo7gHfkA
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:57 2024 by rpki-client on console.sobornost.net