Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/79ac03-dc6a-40c0-82cb-8f10d5b96fd4/1/BFnGMJbw_FyqQDvzEvSvzgyfC8c.roa
File: BFnGMJbw_FyqQDvzEvSvzgyfC8c.roa (raw, json)
Hash identifier: Z0qcTwZhrvNxXQZpuNqxicC23C3Fi6C39Y2LCY//Cvo=
Subject key identifier: 04:59:C6:30:96:F0:FC:5C:AA:40:3B:F3:12:F4:AF:CE:0C:9F:0B:C7
Certificate issuer: /CN=01825c7a9e2701b6ba3670d08d2a10a9ea15d3e3
Certificate serial: 019427B49098A92ED1C91E6BAF011530F398
Authority key identifier: 01:82:5C:7A:9E:27:01:B6:BA:36:70:D0:8D:2A:10:A9:EA:15:D3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AYJcep4nAba6NnDQjSoQqeoV0-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/79ac03-dc6a-40c0-82cb-8f10d5b96fd4/1/BFnGMJbw_FyqQDvzEvSvzgyfC8c.roa
Signing time: Thu 02 Jan 2025 15:48:52 +0000
ROA not before: Thu 02 Jan 2025 15:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207065
IP address blocks: 185.119.128.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:90:98:a9:2e:d1:c9:1e:6b:af:01:15:30:f3:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01825c7a9e2701b6ba3670d08d2a10a9ea15d3e3
Validity
Not Before: Jan 2 15:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0459c63096f0fc5caa403bf312f4afce0c9f0bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c7:21:71:b9:0b:51:7c:57:72:81:80:7d:21:
8b:8e:3a:a8:2f:1c:12:bf:8e:5f:aa:57:85:ec:8b:
63:1f:63:0b:af:75:42:37:5d:4a:38:69:a9:98:b1:
8f:1c:62:48:bf:79:0d:7a:30:51:9e:ef:d7:a5:85:
d7:26:78:45:99:13:b3:3c:4a:79:6c:a1:a9:7c:e8:
a5:bd:b4:9d:d1:a3:93:9a:c6:8d:67:b0:5a:86:5b:
f0:8d:99:2a:3b:5a:fc:43:57:be:1c:d4:98:62:f1:
de:62:04:cb:06:86:aa:62:bc:67:91:c2:d0:41:0a:
bd:d9:1a:2f:33:81:9e:a3:cb:eb:0d:1a:81:d4:b4:
5f:fc:25:78:0a:90:64:9b:d8:98:3a:9e:38:9e:09:
79:43:2f:5f:68:95:c2:6d:9c:52:ff:c0:83:96:84:
b4:b0:05:9b:e8:b9:90:44:87:75:71:90:eb:db:92:
6b:56:69:62:3b:98:d4:d3:b2:6e:18:02:ee:d7:c7:
60:df:3a:48:73:c6:11:c3:cd:f7:2d:b6:da:56:cc:
de:87:b5:fe:be:ce:c2:50:2c:1f:05:34:36:c8:0e:
3f:b5:db:63:ba:c4:fa:74:f0:e5:80:cd:0e:d6:a2:
74:36:d5:96:f9:c8:7a:eb:d7:b3:86:1e:78:39:38:
26:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:59:C6:30:96:F0:FC:5C:AA:40:3B:F3:12:F4:AF:CE:0C:9F:0B:C7
X509v3 Authority Key Identifier:
keyid:01:82:5C:7A:9E:27:01:B6:BA:36:70:D0:8D:2A:10:A9:EA:15:D3:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AYJcep4nAba6NnDQjSoQqeoV0-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/79ac03-dc6a-40c0-82cb-8f10d5b96fd4/1/BFnGMJbw_FyqQDvzEvSvzgyfC8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/79ac03-dc6a-40c0-82cb-8f10d5b96fd4/1/AYJcep4nAba6NnDQjSoQqeoV0-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.128.0/22
Signature Algorithm: sha256WithRSAEncryption
80:65:c9:7d:71:ce:b8:cb:e3:ff:23:de:af:95:63:10:62:55:
07:1d:76:bc:35:0d:fa:4d:f9:92:8c:22:7a:ed:a8:a4:8c:ef:
44:3d:12:39:8b:e9:65:46:b6:2a:b8:e1:fc:c9:b1:25:cc:cc:
08:fd:be:75:ed:38:2e:09:cc:31:8a:51:5b:09:68:d8:c6:70:
51:69:07:5b:f1:61:43:8c:50:74:44:45:02:e0:e3:9c:6a:c4:
b5:ca:31:ca:15:b5:da:21:36:b6:f7:23:03:3e:cc:a4:56:9e:
13:26:f7:54:7d:a9:75:54:b4:09:f7:c6:dd:ee:20:bd:d6:4b:
54:c6:4b:dc:21:32:33:5a:e2:cd:67:0d:26:2d:af:64:01:bb:
b6:45:3d:77:57:c2:b9:6e:5f:c0:cb:70:70:e5:f3:74:3c:13:
01:94:67:01:71:ce:da:e8:3a:f6:b3:de:14:33:f6:bc:ce:05:
93:61:5a:72:20:a3:95:72:15:d8:14:d9:68:d2:a5:cd:6f:0d:
b9:36:24:b6:41:04:ee:c4:de:e4:fc:b7:05:e3:73:a9:0b:23:
fb:af:e3:88:83:b7:c1:90:8b:e9:a7:5b:79:47:ea:b2:53:9f:
8b:6d:cc:a6:03:4a:a3:26:93:82:b1:5e:34:09:3d:12:43:4e:
ef:c9:1d:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntJCYqS7RyR5rrwEVMPOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxODI1YzdhOWUyNzAxYjZiYTM2NzBkMDhkMmExMGE5ZWEx
NWQzZTMwHhcNMjUwMTAyMTU0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDU5YzYzMDk2ZjBmYzVjYWE0MDNiZjMxMmY0YWZjZTBjOWYwYmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnschcbkLUXxXcoGAfSGLjjqoLxwS
v45fqleF7ItjH2MLr3VCN11KOGmpmLGPHGJIv3kNejBRnu/XpYXXJnhFmROzPEp5
bKGpfOilvbSd0aOTmsaNZ7BahlvwjZkqO1r8Q1e+HNSYYvHeYgTLBoaqYrxnkcLQ
QQq92RovM4Geo8vrDRqB1LRf/CV4CpBkm9iYOp44ngl5Qy9faJXCbZxS/8CDloS0
sAWb6LmQRId1cZDr25JrVmliO5jU07JuGALu18dg3zpIc8YRw833LbbaVszeh7X+
vs7CUCwfBTQ2yA4/tdtjusT6dPDlgM0O1qJ0NtWW+ch669ezhh54OTgmyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFARZxjCW8PxcqkA78xL0r84MnwvHMB8GA1UdIwQY
MBaAFAGCXHqeJwG2ujZw0I0qEKnqFdPjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVlKY2VwNG5BYmE2Tm5EUWpTb1FxZW9WMC1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS83OWFjMDMtZGM2YS00MGMwLTgyY2It
OGYxMGQ1Yjk2ZmQ0LzEvQkZuR01KYndfRnlxUUR2ekV2U3Z6Z3lmQzhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS83OWFjMDMtZGM2YS00MGMwLTgyY2ItOGYxMGQ1Yjk2ZmQ0
LzEvQVlKY2VwNG5BYmE2Tm5EUWpTb1FxZW9WMC1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXeAMA0G
CSqGSIb3DQEBCwUAA4IBAQCAZcl9cc64y+P/I96vlWMQYlUHHXa8NQ36TfmSjCJ6
7aikjO9EPRI5i+llRrYquOH8ybElzMwI/b517TguCcwxilFbCWjYxnBRaQdb8WFD
jFB0REUC4OOcasS1yjHKFbXaITa29yMDPsykVp4TJvdUfal1VLQJ98bd7iC91ktU
xkvcITIzWuLNZw0mLa9kAbu2RT13V8K5bl/Ay3Bw5fN0PBMBlGcBcc7a6Dr2s94U
M/a8zgWTYVpyIKOVchXYFNlo0qXNbw25NiS2QQTuxN7k/LcF43OpCyP7r+OIg7fB
kIvpp1t5R+qyU5+LbcymA0qjJpOCsV40CT0SQ07vyR1R
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:46:38 2025 by rpki-client