Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/bQc5T4PirD71F511kjzfy84OVUo.roa
File: bQc5T4PirD71F511kjzfy84OVUo.roa (raw, json)
Hash identifier: EWzOl7FZsznXJxW6MkTJcVJE6hamn7Yg/ELBjTogg48=
Subject key identifier: 6D:07:39:4F:83:E2:AC:3E:F5:17:9D:75:92:3C:DF:CB:CE:0E:55:4A
Certificate issuer: /CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Certificate serial: 019427481F2220BDF321A8FE2FFEC4AB9B94
Authority key identifier: 47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/bQc5T4PirD71F511kjzfy84OVUo.roa
Signing time: Thu 02 Jan 2025 13:50:25 +0000
ROA not before: Thu 02 Jan 2025 13:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39679
IP address blocks: 185.6.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:1f:22:20:bd:f3:21:a8:fe:2f:fe:c4:ab:9b:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Validity
Not Before: Jan 2 13:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d07394f83e2ac3ef5179d75923cdfcbce0e554a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:b7:7b:b4:fc:7a:15:2b:9d:87:28:8e:c4:9c:
05:d4:f1:1d:26:c1:71:e2:80:45:c9:ea:f7:fd:1d:
83:25:0d:93:8a:7f:e7:4c:8e:b0:12:50:89:51:82:
b0:03:45:9e:47:54:b8:33:33:b1:1b:83:01:3c:1f:
7f:63:5e:03:93:68:a9:b3:a0:6e:73:6d:9b:33:56:
fa:3e:da:a8:a6:23:22:f7:a0:e4:12:df:8b:0a:53:
8e:bb:7b:84:4e:60:f5:7e:e2:26:cd:f8:de:5d:ca:
0b:43:c4:f4:a1:4a:65:16:3e:03:90:9e:ac:ea:41:
54:19:84:0c:64:a1:64:4e:29:a0:d8:2b:04:84:3c:
6a:87:ff:82:89:c1:f7:9e:ad:25:39:b6:8d:40:bf:
72:d7:ce:b5:c8:59:f0:8a:bb:6f:e2:28:08:c4:d5:
56:f3:11:a1:2d:fb:e6:7b:d2:e1:c9:f8:e1:d3:1a:
d3:5b:36:e9:85:5a:cf:08:cc:6c:84:29:04:a8:a1:
da:42:a5:31:f4:a3:14:e7:2b:43:dd:97:d4:8a:ca:
d4:c1:ae:cb:d7:f6:25:59:3f:80:de:2f:ab:8e:1b:
cb:7b:7c:e8:b8:51:eb:95:55:e6:c3:9f:f2:a1:b7:
bb:fe:10:7d:c2:2c:b4:92:10:52:de:9f:48:62:a0:
c4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:07:39:4F:83:E2:AC:3E:F5:17:9D:75:92:3C:DF:CB:CE:0E:55:4A
X509v3 Authority Key Identifier:
keyid:47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/bQc5T4PirD71F511kjzfy84OVUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.138.0/24
Signature Algorithm: sha256WithRSAEncryption
e4:57:3a:07:94:76:9c:68:8a:3f:ad:f8:4d:ad:9c:8a:6c:4e:
d1:76:9a:9b:90:e9:52:56:b9:be:cc:b0:c9:9f:3d:71:df:d0:
17:6f:1d:2c:2e:c3:53:60:0d:e9:2c:90:7e:1b:08:69:9b:ad:
12:11:47:a8:ea:21:1b:95:a5:4c:6d:d2:62:04:93:bd:da:9f:
78:66:dd:1d:2f:f3:f4:ba:53:36:b8:96:a2:56:d5:5a:db:62:
da:c7:ba:e6:6f:ed:d5:21:ed:72:ea:24:91:f7:cc:d5:95:30:
fe:58:94:24:87:5c:c7:fa:c0:1a:44:a9:92:70:11:1c:76:67:
2c:47:65:cb:27:e5:97:c5:a2:fb:69:b3:b7:1d:4b:41:87:35:
ca:d5:9d:cf:bc:4d:c3:10:15:20:57:3c:24:f9:12:77:03:75:
af:b5:4e:78:a2:a6:aa:f6:88:6d:d7:b4:36:d1:b2:2a:ec:a3:
00:8b:d9:19:9a:c2:2d:c9:38:6c:cb:cc:b5:d7:95:0f:6f:05:
41:82:86:1a:1d:6c:3b:c6:52:2e:42:76:2d:d1:a7:e4:77:75:
c4:20:a2:ce:c1:13:e6:0b:42:6c:73:19:4f:87:9e:36:6f:a2:
bb:0a:02:69:09:35:54:17:12:4a:f2:08:54:fc:f1:cb:ab:3e:
bf:6d:28:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSB8iIL3zIaj+L/7Eq5uUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjJhZWEwZWY0YzA2NjdkYjgxOWY1ZDVhM2RhZWE2Mzk5
ZjAzOGMwHhcNMjUwMTAyMTM1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDA3Mzk0ZjgzZTJhYzNlZjUxNzlkNzU5MjNjZGZjYmNlMGU1NTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7rd7tPx6FSudhyiOxJwF1PEdJsFx
4oBFyer3/R2DJQ2Tin/nTI6wElCJUYKwA0WeR1S4MzOxG4MBPB9/Y14Dk2ips6Bu
c22bM1b6PtqopiMi96DkEt+LClOOu3uETmD1fuImzfjeXcoLQ8T0oUplFj4DkJ6s
6kFUGYQMZKFkTimg2CsEhDxqh/+CicH3nq0lObaNQL9y1861yFnwirtv4igIxNVW
8xGhLfvme9Lhyfjh0xrTWzbphVrPCMxshCkEqKHaQqUx9KMU5ytD3ZfUisrUwa7L
1/YlWT+A3i+rjhvLe3zouFHrlVXmw5/yobe7/hB9wiy0khBS3p9IYqDEPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG0HOU+D4qw+9ReddZI838vODlVKMB8GA1UdIwQY
MBaAFEcirqDvTAZn24GfXVo9rqY5nwOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYt
NmUzMDc0YzZjNjYzLzEvYlFjNVQ0UGlyRDcxRjUxMWtqemZ5ODRPVlVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYtNmUzMDc0YzZjNjYz
LzEvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQaKMA0G
CSqGSIb3DQEBCwUAA4IBAQDkVzoHlHacaIo/rfhNrZyKbE7RdpqbkOlSVrm+zLDJ
nz1x39AXbx0sLsNTYA3pLJB+Gwhpm60SEUeo6iEblaVMbdJiBJO92p94Zt0dL/P0
ulM2uJaiVtVa22Lax7rmb+3VIe1y6iSR98zVlTD+WJQkh1zH+sAaRKmScBEcdmcs
R2XLJ+WXxaL7abO3HUtBhzXK1Z3PvE3DEBUgVzwk+RJ3A3WvtU54oqaq9oht17Q2
0bIq7KMAi9kZmsItyThsy8y115UPbwVBgoYaHWw7xlIuQnYt0afkd3XEIKLOwRPm
C0JscxlPh542b6K7CgJpCTVUFxJK8ghU/PHLqz6/bSie
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:50:41 2025 by rpki-client