Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/1f0831-fc6b-4865-a8a8-edf42d5c481f/1/BSgY7CpivtVsohPCASWP5eG6O_Q.roa
File: BSgY7CpivtVsohPCASWP5eG6O_Q.roa (raw, json)
Hash identifier: V7cOS6YSzZkj26pOgo41T6xEpYgsoVkozlA5neFIqEI=
Subject key identifier: 05:28:18:EC:2A:62:BE:D5:6C:A2:13:C2:01:25:8F:E5:E1:BA:3B:F4
Certificate issuer: /CN=557d2144dd1b714e9e3ca0901fe67504bf457eeb
Certificate serial: 019372197084074452ABAA7EC424AE82D523
Authority key identifier: 55:7D:21:44:DD:1B:71:4E:9E:3C:A0:90:1F:E6:75:04:BF:45:7E:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VX0hRN0bcU6ePKCQH-Z1BL9Ffus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/1f0831-fc6b-4865-a8a8-edf42d5c481f/1/BSgY7CpivtVsohPCASWP5eG6O_Q.roa
Signing time: Thu 28 Nov 2024 09:28:09 +0000
ROA not before: Thu 28 Nov 2024 09:28:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213398
IP address blocks: 62.164.144.0/24 maxlen: 24
89.40.30.0/24 maxlen: 24
91.234.235.0/24 maxlen: 24
194.164.224.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:72:19:70:84:07:44:52:ab:aa:7e:c4:24:ae:82:d5:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=557d2144dd1b714e9e3ca0901fe67504bf457eeb
Validity
Not Before: Nov 28 09:28:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=052818ec2a62bed56ca213c201258fe5e1ba3bf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4d:45:7a:df:12:b4:3e:9e:c4:be:d1:38:25:
f8:90:e4:29:54:77:ec:6a:33:4e:92:19:99:81:3b:
8f:a4:aa:38:46:46:f8:2f:05:bd:c7:40:42:4f:ae:
a6:33:a2:25:57:51:43:34:18:d3:8f:ee:7b:41:0c:
e1:fc:0e:33:d0:d4:74:3c:1e:6c:2b:0a:55:73:6a:
9d:f3:b2:1d:d7:fe:32:1a:0b:7c:ca:02:76:12:93:
bd:12:90:ab:b3:7c:01:9d:1c:c3:7f:56:62:d4:81:
8d:62:0c:ee:fe:4a:d2:57:7b:84:d9:ad:b4:d3:2b:
9d:ad:57:d7:2a:c8:08:a3:d9:24:73:f1:95:42:32:
2c:6d:ea:4c:af:49:30:ba:39:a4:fb:73:34:b6:04:
b3:d5:d3:e4:a3:44:24:d9:04:8c:57:23:43:20:62:
71:b7:d8:3d:34:84:64:da:5e:b5:4d:1b:85:69:24:
bb:65:1b:02:d2:40:b8:7f:61:d7:55:ef:00:07:d1:
d6:84:75:de:7e:bf:bf:15:31:da:d2:50:dc:cf:f2:
d8:f1:ca:bd:64:15:96:1b:c6:8e:2f:ef:17:1b:02:
a8:83:4f:e5:90:31:52:81:6d:26:33:69:c8:aa:95:
6e:ad:f1:81:7b:a6:2e:e0:0c:17:39:88:8c:b9:07:
c6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:28:18:EC:2A:62:BE:D5:6C:A2:13:C2:01:25:8F:E5:E1:BA:3B:F4
X509v3 Authority Key Identifier:
keyid:55:7D:21:44:DD:1B:71:4E:9E:3C:A0:90:1F:E6:75:04:BF:45:7E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VX0hRN0bcU6ePKCQH-Z1BL9Ffus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1f0831-fc6b-4865-a8a8-edf42d5c481f/1/BSgY7CpivtVsohPCASWP5eG6O_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1f0831-fc6b-4865-a8a8-edf42d5c481f/1/VX0hRN0bcU6ePKCQH-Z1BL9Ffus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.144.0/24
89.40.30.0/24
91.234.235.0/24
194.164.224.0/24
Signature Algorithm: sha256WithRSAEncryption
43:1a:8d:16:1e:2f:d6:9e:b5:f1:43:61:8e:8f:25:38:94:09:
17:57:82:5e:e9:df:a1:6c:ec:cb:26:30:50:61:52:35:99:d4:
60:1e:4b:0a:ec:67:d5:a5:9c:80:7c:ad:55:f0:4c:53:56:f7:
65:4d:c4:26:29:9a:8d:90:90:b7:0a:ed:9e:b1:2c:fb:11:d9:
01:51:ec:36:9f:56:47:4d:cb:7d:2c:15:3a:87:ee:87:be:bc:
30:6c:a4:91:b7:16:1b:c7:ab:59:8f:80:48:41:0b:58:c8:6c:
c9:9c:b6:81:98:16:5c:5a:bc:42:29:ba:1d:54:8d:6a:bf:d2:
3d:5b:73:b6:eb:f2:86:71:55:1e:f4:fc:8b:6a:1f:41:af:cd:
1c:71:fa:20:1e:63:63:fc:27:0d:57:75:38:d8:08:0f:10:be:
3a:85:16:bb:ca:f3:f5:e3:7c:4b:7e:4f:65:e9:ce:0b:89:58:
c5:8a:65:cf:5e:4e:b7:db:7e:b6:b2:68:e0:4f:4d:68:79:9b:
7c:86:b2:ab:00:3c:96:99:62:53:81:3f:49:c4:88:65:b1:37:
7a:ad:a2:33:9d:2c:5a:55:f8:13:8f:b0:6f:05:d6:ea:48:3d:
87:e5:e1:11:f4:a3:c6:54:0d:e1:0b:2a:96:c6:6f:f2:d0:1b:
f5:6c:74:53
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZNyGXCEB0RSq6p+xCSugtUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1N2QyMTQ0ZGQxYjcxNGU5ZTNjYTA5MDFmZTY3NTA0YmY0
NTdlZWIwHhcNMjQxMTI4MDkyODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTI4MThlYzJhNjJiZWQ1NmNhMjEzYzIwMTI1OGZlNWUxYmEzYmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn01Fet8StD6exL7ROCX4kOQpVHfs
ajNOkhmZgTuPpKo4Rkb4LwW9x0BCT66mM6IlV1FDNBjTj+57QQzh/A4z0NR0PB5s
KwpVc2qd87Id1/4yGgt8ygJ2EpO9EpCrs3wBnRzDf1Zi1IGNYgzu/krSV3uE2a20
0yudrVfXKsgIo9kkc/GVQjIsbepMr0kwujmk+3M0tgSz1dPko0Qk2QSMVyNDIGJx
t9g9NIRk2l61TRuFaSS7ZRsC0kC4f2HXVe8AB9HWhHXefr+/FTHa0lDcz/LY8cq9
ZBWWG8aOL+8XGwKog0/lkDFSgW0mM2nIqpVurfGBe6Yu4AwXOYiMuQfG8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAUoGOwqYr7VbKITwgElj+Xhujv0MB8GA1UdIwQY
MBaAFFV9IUTdG3FOnjygkB/mdQS/RX7rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlgwaFJOMGJjVTZlUEtDUUgtWjFCTDlGZnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xZjA4MzEtZmM2Yi00ODY1LWE4YTgt
ZWRmNDJkNWM0ODFmLzEvQlNnWTdDcGl2dFZzb2hQQ0FTV1A1ZUc2T19RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xZjA4MzEtZmM2Yi00ODY1LWE4YTgtZWRmNDJkNWM0ODFm
LzEvVlgwaFJOMGJjVTZlUEtDUUgtWjFCTDlGZnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPqSQAwQA
WSgeAwQAW+rrAwQAwqTgMA0GCSqGSIb3DQEBCwUAA4IBAQBDGo0WHi/WnrXxQ2GO
jyU4lAkXV4Je6d+hbOzLJjBQYVI1mdRgHksK7GfVpZyAfK1V8ExTVvdlTcQmKZqN
kJC3Cu2esSz7EdkBUew2n1ZHTct9LBU6h+6HvrwwbKSRtxYbx6tZj4BIQQtYyGzJ
nLaBmBZcWrxCKbodVI1qv9I9W3O26/KGcVUe9PyLah9Br80ccfogHmNj/CcNV3U4
2AgPEL46hRa7yvP143xLfk9l6c4LiVjFimXPXk632362smjgT01oeZt8hrKrADyW
mWJTgT9JxIhlsTd6raIznSxaVfgTj7BvBdbqSD2H5eER9KPGVA3hCyqWxm/y0Bv1
bHRT
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:23 2024 by rpki-client on console.sobornost.net