Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/bfd_WpvacXpVJP__dq6vej5IyyY.roa
File: bfd_WpvacXpVJP__dq6vej5IyyY.roa (raw, json)
Hash identifier: /B+pNt8vIwVV5x8COrKPeKukz7hh0c0T1g3kvtIg6Z0=
Subject key identifier: 6D:F7:7F:5A:9B:DA:71:7A:55:24:FF:FF:76:AE:AF:7A:3E:48:CB:26
Certificate issuer: /CN=23d14afe8750213c280e5b68befb18866f79497f
Certificate serial: 019423697D2D0F8D5889DA5A012138C354F2
Authority key identifier: 23:D1:4A:FE:87:50:21:3C:28:0E:5B:68:BE:FB:18:86:6F:79:49:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/bfd_WpvacXpVJP__dq6vej5IyyY.roa
Signing time: Wed 01 Jan 2025 19:48:23 +0000
ROA not before: Wed 01 Jan 2025 19:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200410
IP address blocks: 91.103.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:7d:2d:0f:8d:58:89:da:5a:01:21:38:c3:54:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d14afe8750213c280e5b68befb18866f79497f
Validity
Not Before: Jan 1 19:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6df77f5a9bda717a5524ffff76aeaf7a3e48cb26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:de:a0:e6:49:bf:3e:4f:6f:38:bc:3e:d2:b0:
3b:9c:37:df:bc:63:e9:e8:61:0a:4d:2c:46:a7:11:
12:d7:fc:cc:78:c7:16:06:69:87:73:c5:bc:d4:ed:
07:93:47:eb:cc:a4:fb:58:aa:df:1a:49:20:e8:f0:
72:29:84:53:ff:8c:4e:64:0b:44:a8:68:e6:34:db:
07:3f:9d:2e:85:06:09:68:24:dd:2f:2a:08:85:18:
e2:1e:2e:36:af:60:db:56:a3:bc:61:87:87:a3:08:
f9:39:26:75:9a:2d:03:02:79:0b:da:ea:a4:78:50:
7f:6a:f4:b2:dd:89:0f:f3:6c:a6:0a:32:30:66:6c:
fc:d1:30:e2:e1:cd:e9:48:b6:5e:a6:76:66:a2:a1:
58:33:4c:0d:36:b5:93:ac:6c:0f:61:34:3b:54:1a:
ba:33:2a:dc:09:4d:52:a0:80:a3:6a:55:9e:d7:b8:
32:3a:da:89:48:ca:6e:d5:d0:6b:0a:3c:0d:7a:e7:
09:ef:e6:9c:26:d9:f9:7b:23:44:79:c3:95:e6:6d:
fd:f0:8a:a5:72:78:5f:47:1f:db:8c:7b:da:84:81:
b1:31:9d:27:13:d7:25:1b:87:4c:3e:b1:bd:0c:ee:
10:d5:9d:cf:a9:38:09:37:62:c1:ca:a9:b9:44:7a:
92:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F7:7F:5A:9B:DA:71:7A:55:24:FF:FF:76:AE:AF:7A:3E:48:CB:26
X509v3 Authority Key Identifier:
keyid:23:D1:4A:FE:87:50:21:3C:28:0E:5B:68:BE:FB:18:86:6F:79:49:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/bfd_WpvacXpVJP__dq6vej5IyyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.138.0/24
Signature Algorithm: sha256WithRSAEncryption
45:c2:33:af:9b:e2:07:d9:60:ac:b5:ac:92:c6:a7:ca:5c:53:
5b:08:29:c4:22:83:91:0e:c6:c8:b0:22:14:8e:9b:e0:01:2a:
3b:57:6f:2b:70:d6:e5:88:bc:5f:38:89:1b:3c:d8:fc:23:e7:
d4:35:fa:ad:87:e9:b8:68:1f:fc:94:8c:bd:de:b0:08:65:c9:
f5:c3:5d:89:db:85:db:79:44:e1:20:0b:0e:56:ba:1f:4e:a6:
d8:97:5e:41:4c:24:4d:05:a2:0f:b2:10:82:1e:ee:e9:9c:54:
dd:56:a6:21:c6:bd:60:6f:64:21:13:b2:cc:84:43:13:76:9b:
ba:c5:1d:51:c5:d1:ff:d0:08:24:a6:65:a3:9d:67:bb:51:42:
58:44:d2:4a:49:88:cf:09:11:72:4c:48:7a:e4:42:70:91:2d:
f3:ba:53:00:6d:c4:43:03:5e:36:f8:0b:48:24:8c:a1:fc:d8:
32:2a:13:d6:62:90:ae:d7:01:c9:ed:81:8c:5f:85:74:c5:ef:
4b:f0:15:72:93:ab:88:a3:0f:be:0f:52:f4:83:d8:cd:dd:cc:
d9:3c:21:b1:c1:f1:7e:5a:77:1d:62:47:e2:40:68:fc:13:e7:
29:b8:9e:66:56:e1:ea:3d:0a:c7:5d:b2:eb:d6:3f:1c:f6:23:
04:1c:06:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaX0tD41YidpaASE4w1TyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDE0YWZlODc1MDIxM2MyODBlNWI2OGJlZmIxODg2NmY3
OTQ5N2YwHhcNMjUwMTAxMTk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGY3N2Y1YTliZGE3MTdhNTUyNGZmZmY3NmFlYWY3YTNlNDhjYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxd6g5km/Pk9vOLw+0rA7nDffvGPp
6GEKTSxGpxES1/zMeMcWBmmHc8W81O0Hk0frzKT7WKrfGkkg6PByKYRT/4xOZAtE
qGjmNNsHP50uhQYJaCTdLyoIhRjiHi42r2DbVqO8YYeHowj5OSZ1mi0DAnkL2uqk
eFB/avSy3YkP82ymCjIwZmz80TDi4c3pSLZepnZmoqFYM0wNNrWTrGwPYTQ7VBq6
MyrcCU1SoICjalWe17gyOtqJSMpu1dBrCjwNeucJ7+acJtn5eyNEecOV5m398Iql
cnhfRx/bjHvahIGxMZ0nE9clG4dMPrG9DO4Q1Z3PqTgJN2LByqm5RHqSeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG33f1qb2nF6VST//3aur3o+SMsmMB8GA1UdIwQY
MBaAFCPRSv6HUCE8KA5baL77GIZveUl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84OWY4NDUtNTc2NS00YzExLTkyY2Qt
ODQ3MmNhNDBmN2E3LzEvYmZkX1dwdmFjWHBWSlBfX2RxNnZlajVJeXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84OWY4NDUtNTc2NS00YzExLTkyY2QtODQ3MmNhNDBmN2E3
LzEvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2eKMA0G
CSqGSIb3DQEBCwUAA4IBAQBFwjOvm+IH2WCstaySxqfKXFNbCCnEIoORDsbIsCIU
jpvgASo7V28rcNbliLxfOIkbPNj8I+fUNfqth+m4aB/8lIy93rAIZcn1w12J24Xb
eUThIAsOVrofTqbYl15BTCRNBaIPshCCHu7pnFTdVqYhxr1gb2QhE7LMhEMTdpu6
xR1RxdH/0AgkpmWjnWe7UUJYRNJKSYjPCRFyTEh65EJwkS3zulMAbcRDA142+AtI
JIyh/NgyKhPWYpCu1wHJ7YGMX4V0xe9L8BVyk6uIow++D1L0g9jN3czZPCGxwfF+
WncdYkfiQGj8E+cpuJ5mVuHqPQrHXbLr1j8c9iMEHAbj
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:40:52 2025 by rpki-client