Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/bKdFeyVH_r7HsHfe9GqBe_UUrg8.roa
File: bKdFeyVH_r7HsHfe9GqBe_UUrg8.roa (raw, json)
Hash identifier: vnPbAxKFKizMFdUh2dDG9y/SGopR40zinaRVaCXXct4=
Subject key identifier: 6C:A7:45:7B:25:47:FE:BE:C7:B0:77:DE:F4:6A:81:7B:F5:14:AE:0F
Certificate issuer: /CN=9e441e9e705ada3f9c1e827cd276dbd097487608
Certificate serial: 019420D6182D690F096B777616346D820047
Authority key identifier: 9E:44:1E:9E:70:5A:DA:3F:9C:1E:82:7C:D2:76:DB:D0:97:48:76:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkQennBa2j-cHoJ80nbb0JdIdgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/bKdFeyVH_r7HsHfe9GqBe_UUrg8.roa
Signing time: Wed 01 Jan 2025 07:48:09 +0000
ROA not before: Wed 01 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28889
IP address blocks: 85.255.146.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:18:2d:69:0f:09:6b:77:76:16:34:6d:82:00:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e441e9e705ada3f9c1e827cd276dbd097487608
Validity
Not Before: Jan 1 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ca7457b2547febec7b077def46a817bf514ae0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:03:12:98:22:99:7e:c0:7b:fa:c9:e4:65:eb:
35:49:15:42:59:a4:d1:ac:22:f7:db:2a:d2:ee:00:
bb:5c:44:45:96:83:c9:04:c5:c7:41:3f:e6:47:17:
73:ff:a9:70:01:83:19:d1:81:b7:fb:c2:1f:e2:57:
e7:e8:03:f6:38:f7:e6:50:7d:42:ca:13:67:c9:b3:
d1:42:a5:99:03:49:c7:0a:89:b5:52:b3:4c:dc:e4:
c4:fd:92:6b:21:ba:d1:7b:9c:fe:94:3e:1d:c4:65:
19:9d:11:85:db:c2:94:d7:9c:e2:8c:3c:75:c2:74:
5d:dc:22:22:82:d8:8d:86:60:75:f0:cb:fa:fd:9a:
b3:90:cc:c2:cf:07:6d:cc:76:3c:51:eb:2e:83:ef:
f9:78:37:e3:9d:36:48:ee:c3:29:08:58:87:e9:93:
e6:e7:36:a2:10:dd:17:e3:1d:1a:28:d8:97:15:3b:
43:83:6e:45:92:fc:4a:b3:21:94:af:39:63:fb:f6:
49:05:c6:bb:18:37:d3:ba:e3:2e:dc:2a:b9:d5:25:
67:c0:43:0e:7a:ec:7d:9a:d2:e0:8f:16:4a:4a:b0:
9f:41:24:02:df:d3:1e:1f:01:09:f0:99:14:6c:82:
f6:6a:f6:a7:e2:71:09:b3:a4:8d:09:56:53:da:fe:
8e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A7:45:7B:25:47:FE:BE:C7:B0:77:DE:F4:6A:81:7B:F5:14:AE:0F
X509v3 Authority Key Identifier:
keyid:9E:44:1E:9E:70:5A:DA:3F:9C:1E:82:7C:D2:76:DB:D0:97:48:76:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkQennBa2j-cHoJ80nbb0JdIdgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/bKdFeyVH_r7HsHfe9GqBe_UUrg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/nkQennBa2j-cHoJ80nbb0JdIdgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.146.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:da:b3:dc:38:f6:5e:63:67:2f:ad:d9:d1:fd:a7:ec:e4:9a:
06:01:a1:4b:e6:77:b8:06:5f:fd:6d:e5:e5:d7:26:45:8f:04:
c9:ce:d1:87:b7:81:8e:01:99:3b:06:dc:09:33:30:0b:4d:fa:
20:75:9e:65:e2:2c:7d:bf:36:f2:98:ee:b8:00:f7:35:14:22:
33:eb:fe:9b:a7:a4:e1:0b:f0:c7:3a:ca:53:14:3e:fa:76:3d:
9b:35:a2:f2:ad:03:6c:53:fb:19:c4:33:dc:fb:84:33:ec:5d:
73:84:8a:48:26:8f:29:0d:01:a7:a9:20:69:d5:82:af:9f:5a:
f0:15:a4:4d:97:1d:66:67:95:e1:7f:fa:93:ad:a4:36:ce:fb:
4b:d3:f1:d0:88:91:56:9e:68:0b:47:c4:9a:31:ec:61:72:26:
fc:24:a2:28:bf:74:83:99:df:44:b7:42:70:1a:34:f2:5e:f3:
37:0f:53:a3:85:8d:38:b6:29:a2:5a:dc:50:e3:c1:fa:93:1a:
a3:2c:5a:f1:15:17:76:71:2c:ea:2c:c7:da:81:4f:1f:08:bc:
97:5c:5f:d2:7e:59:30:c4:9f:d9:be:c1:00:b1:29:66:03:80:
e6:da:6d:6c:1b:4c:57:da:0f:7d:59:9c:1f:8d:f4:38:32:c9:
af:67:ed:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1hgtaQ8Ja3d2FjRtggBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDQxZTllNzA1YWRhM2Y5YzFlODI3Y2QyNzZkYmQwOTc0
ODc2MDgwHhcNMjUwMTAxMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2E3NDU3YjI1NDdmZWJlYzdiMDc3ZGVmNDZhODE3YmY1MTRhZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wMSmCKZfsB7+snkZes1SRVCWaTR
rCL32yrS7gC7XERFloPJBMXHQT/mRxdz/6lwAYMZ0YG3+8If4lfn6AP2OPfmUH1C
yhNnybPRQqWZA0nHCom1UrNM3OTE/ZJrIbrRe5z+lD4dxGUZnRGF28KU15zijDx1
wnRd3CIigtiNhmB18Mv6/ZqzkMzCzwdtzHY8Uesug+/5eDfjnTZI7sMpCFiH6ZPm
5zaiEN0X4x0aKNiXFTtDg25FkvxKsyGUrzlj+/ZJBca7GDfTuuMu3Cq51SVnwEMO
eux9mtLgjxZKSrCfQSQC39MeHwEJ8JkUbIL2avan4nEJs6SNCVZT2v6OaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGynRXslR/6+x7B33vRqgXv1FK4PMB8GA1UdIwQY
MBaAFJ5EHp5wWto/nB6CfNJ229CXSHYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtRZW5uQmEyai1jSG9KODBuYmIwSmRJZGdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9jZTE2ZjctYjg2OC00YjRjLTlkOWIt
OTMyZDE2YjA4ZGYwLzEvYktkRmV5VkhfcjdIc0hmZTlHcUJlX1VVcmc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9jZTE2ZjctYjg2OC00YjRjLTlkOWItOTMyZDE2YjA4ZGYw
LzEvbmtRZW5uQmEyai1jSG9KODBuYmIwSmRJZGdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVf+SMA0G
CSqGSIb3DQEBCwUAA4IBAQAf2rPcOPZeY2cvrdnR/afs5JoGAaFL5ne4Bl/9beXl
1yZFjwTJztGHt4GOAZk7BtwJMzALTfogdZ5l4ix9vzbymO64APc1FCIz6/6bp6Th
C/DHOspTFD76dj2bNaLyrQNsU/sZxDPc+4Qz7F1zhIpIJo8pDQGnqSBp1YKvn1rw
FaRNlx1mZ5Xhf/qTraQ2zvtL0/HQiJFWnmgLR8SaMexhcib8JKIov3SDmd9Et0Jw
GjTyXvM3D1OjhY04timiWtxQ48H6kxqjLFrxFRd2cSzqLMfagU8fCLyXXF/Sflkw
xJ/ZvsEAsSlmA4Dm2m1sG0xX2g99WZwfjfQ4MsmvZ+1I
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:07:52 2025 by rpki-client