Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/Bbxo5GOkMtBPV4eyDiJBtgGCAvs.roa
File: Bbxo5GOkMtBPV4eyDiJBtgGCAvs.roa (raw, json)
Hash identifier: gPTOZ/QwaGNzYqcGskaYm0Q9CUgsB/kmTCxE6lNVoV8=
Subject key identifier: 05:BC:68:E4:63:A4:32:D0:4F:57:87:B2:0E:22:41:B6:01:82:02:FB
Certificate issuer: /CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Certificate serial: 019426D94FAF5BBAC08FBBBCC3FE209ACFEB
Authority key identifier: C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/Bbxo5GOkMtBPV4eyDiJBtgGCAvs.roa
Signing time: Thu 02 Jan 2025 11:49:23 +0000
ROA not before: Thu 02 Jan 2025 11:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2259
IP address blocks: 134.158.144.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:4f:af:5b:ba:c0:8f:bb:bc:c3:fe:20:9a:cf:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Validity
Not Before: Jan 2 11:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05bc68e463a432d04f5787b20e2241b6018202fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b0:bf:de:b2:a3:84:a1:b1:0d:73:3d:a6:f9:
24:43:c7:f7:0d:55:e8:f2:d6:e8:05:13:80:03:b4:
90:f0:d9:36:28:62:01:a2:e7:25:86:ec:3d:a4:b4:
a6:39:fb:ef:f0:33:0f:8b:f7:e0:d1:94:29:95:2a:
d0:30:69:4e:95:ce:4b:a9:91:99:39:77:89:bb:fa:
71:30:20:1f:e6:8e:a6:0a:13:50:40:44:09:af:e9:
44:de:9f:d6:f2:b5:86:54:11:20:9f:f6:43:f6:e4:
85:af:d0:7d:d6:d9:30:3f:4a:e0:c6:e4:fa:ac:a8:
58:e3:1b:e2:17:87:4b:77:ee:f1:95:e1:1e:90:13:
f6:aa:0f:cc:c2:bf:8c:bb:be:99:14:a0:04:10:52:
6d:f7:90:47:c3:b8:80:96:57:a5:59:d6:e7:4b:9f:
1d:38:a0:a3:8f:fb:4d:4d:a1:4b:30:7a:f6:48:be:
ce:87:a1:83:ae:01:99:fd:02:9a:e2:49:82:b4:ec:
0e:4d:57:c4:7e:11:f7:c4:08:b8:b6:b6:ff:8e:6d:
4b:ea:d0:27:54:78:e1:24:76:90:60:68:3d:c5:e5:
a4:cb:15:7f:5a:3c:20:65:27:93:ee:64:96:7f:6c:
2e:a9:a3:1b:80:6e:4e:2b:d6:99:c5:97:1e:f9:c9:
ec:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:BC:68:E4:63:A4:32:D0:4F:57:87:B2:0E:22:41:B6:01:82:02:FB
X509v3 Authority Key Identifier:
keyid:C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/Bbxo5GOkMtBPV4eyDiJBtgGCAvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.158.144.0/21
Signature Algorithm: sha256WithRSAEncryption
9a:96:a5:0a:7d:01:c7:6c:2d:41:49:1b:d4:86:44:ec:a3:cc:
c3:55:77:41:c7:e1:c5:90:fe:d6:fe:6a:fe:f4:9b:a1:3f:2b:
6b:5a:b0:13:38:d1:56:15:08:49:e9:fa:03:81:66:70:79:51:
48:e0:b8:7c:ab:41:c1:92:1e:2b:fe:77:77:b4:86:50:04:75:
d8:f1:3b:75:28:5a:96:76:9b:92:06:96:43:f5:88:3d:02:7d:
8f:ed:7c:ed:c8:e4:31:cd:67:a9:f1:be:f8:15:4a:87:13:a6:
2c:39:ec:29:32:8e:9d:17:c5:e8:38:19:52:33:f9:82:69:b9:
9c:57:b0:72:ff:1b:c2:ff:fd:c9:b4:ac:76:b1:5e:5c:d0:a5:
4d:f7:d6:b1:34:a9:a4:12:63:70:2d:40:81:54:50:16:00:6a:
77:24:2b:ca:65:4c:3b:3a:84:2e:eb:24:8d:d2:ed:2c:f6:a3:
30:53:26:98:b0:08:a5:a4:88:d2:db:2a:3d:9d:42:e5:e2:a7:
95:48:3b:2b:26:b7:98:51:a0:0c:48:c4:3b:77:e8:9e:1f:74:
fe:41:12:73:4e:cf:f0:09:c2:e8:75:a5:6e:0f:77:f5:e0:d7:
26:6f:96:64:33:16:04:93:1e:04:48:92:86:96:9a:40:f4:ed:
5a:69:49:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2U+vW7rAj7u8w/4gms/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTdjM2Y0YjE0NjkzNTEyMjAyNTk1YThhNGY5NWIwZDZi
N2ExMDEwHhcNMjUwMTAyMTE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWJjNjhlNDYzYTQzMmQwNGY1Nzg3YjIwZTIyNDFiNjAxODIwMmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LC/3rKjhKGxDXM9pvkkQ8f3DVXo
8tboBROAA7SQ8Nk2KGIBouclhuw9pLSmOfvv8DMPi/fg0ZQplSrQMGlOlc5LqZGZ
OXeJu/pxMCAf5o6mChNQQEQJr+lE3p/W8rWGVBEgn/ZD9uSFr9B91tkwP0rgxuT6
rKhY4xviF4dLd+7xleEekBP2qg/Mwr+Mu76ZFKAEEFJt95BHw7iAllelWdbnS58d
OKCjj/tNTaFLMHr2SL7Oh6GDrgGZ/QKa4kmCtOwOTVfEfhH3xAi4trb/jm1L6tAn
VHjhJHaQYGg9xeWkyxV/WjwgZSeT7mSWf2wuqaMbgG5OK9aZxZce+cnsyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAW8aORjpDLQT1eHsg4iQbYBggL7MB8GA1UdIwQY
MBaAFMWnw/SxRpNRIgJZWopPlbDWt6EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgt
ZDEyZjFlMjQ1NmJhLzEvQmJ4bzVHT2tNdEJQVjRleURpSkJ0Z0dDQXZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgtZDEyZjFlMjQ1NmJh
LzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDhp6QMA0G
CSqGSIb3DQEBCwUAA4IBAQCalqUKfQHHbC1BSRvUhkTso8zDVXdBx+HFkP7W/mr+
9JuhPytrWrATONFWFQhJ6foDgWZweVFI4Lh8q0HBkh4r/nd3tIZQBHXY8Tt1KFqW
dpuSBpZD9Yg9An2P7XztyOQxzWep8b74FUqHE6YsOewpMo6dF8XoOBlSM/mCabmc
V7By/xvC//3JtKx2sV5c0KVN99axNKmkEmNwLUCBVFAWAGp3JCvKZUw7OoQu6ySN
0u0s9qMwUyaYsAilpIjS2yo9nULl4qeVSDsrJreYUaAMSMQ7d+ieH3T+QRJzTs/w
CcLodaVuD3f14Ncmb5ZkMxYEkx4ESJKGlppA9O1aaUky
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:48:45 2025 by rpki-client