Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/66a237-9bc5-4abd-9b8b-c55476759d0c/1/BNqfmpLmjYM_hMvzjjiD1hvhjAw.roa
File: BNqfmpLmjYM_hMvzjjiD1hvhjAw.roa (raw, json)
Hash identifier: i4CNGeJ+mFFlH8LiDeZQtBRRw7N8oDxdjkoS0v+qObY=
Subject key identifier: 04:DA:9F:9A:92:E6:8D:83:3F:84:CB:F3:8E:38:83:D6:1B:E1:8C:0C
Certificate issuer: /CN=bc4f1e6b011f4d6331a127955a548fa5052580a5
Certificate serial: 019425FBF79B21EE2A6C51868B347E64869B
Authority key identifier: BC:4F:1E:6B:01:1F:4D:63:31:A1:27:95:5A:54:8F:A5:05:25:80:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vE8eawEfTWMxoSeVWlSPpQUlgKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/66a237-9bc5-4abd-9b8b-c55476759d0c/1/BNqfmpLmjYM_hMvzjjiD1hvhjAw.roa
Signing time: Thu 02 Jan 2025 07:47:37 +0000
ROA not before: Thu 02 Jan 2025 07:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44400
IP address blocks: 185.128.164.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fb:f7:9b:21:ee:2a:6c:51:86:8b:34:7e:64:86:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4f1e6b011f4d6331a127955a548fa5052580a5
Validity
Not Before: Jan 2 07:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04da9f9a92e68d833f84cbf38e3883d61be18c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d1:5d:ab:1d:8b:21:c9:22:40:0b:77:6c:a9:
c6:24:f6:bf:97:53:19:96:6a:3c:74:c7:aa:7f:aa:
39:f9:d2:40:c4:17:97:b9:89:d4:99:40:c9:bc:a2:
99:ea:63:1f:c6:d8:2e:c5:41:d3:1e:53:0d:95:73:
02:02:28:92:e3:0f:93:aa:85:0a:39:ad:67:f6:92:
10:e4:94:89:e4:e7:ff:e5:23:3e:d4:37:c4:81:30:
bb:75:a8:04:a3:fd:7f:10:9e:51:70:a4:8d:e7:9c:
01:ae:dd:24:50:ce:0e:6a:7f:36:dc:d0:42:7b:da:
e5:42:e5:0a:13:c2:d1:61:27:66:02:d7:40:9f:95:
a0:4b:ba:63:a6:4a:c4:16:99:36:1d:4a:4c:4c:95:
0b:f0:be:cd:c5:43:77:13:4b:6d:6f:81:f4:c9:99:
60:fc:c8:6c:a0:94:61:80:0e:77:a1:bc:a1:ae:e7:
bb:98:68:7e:9b:d9:82:6f:52:91:de:58:72:aa:ec:
2a:dd:50:72:52:0f:07:6d:b1:69:66:bc:76:42:c5:
5d:70:10:1d:14:a9:20:34:bd:f8:6b:94:79:45:ab:
f5:df:0f:97:e3:e9:7a:09:c8:c1:62:22:3c:5a:b6:
cc:01:6a:49:84:51:48:ba:27:54:da:a5:20:8e:f7:
d1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:DA:9F:9A:92:E6:8D:83:3F:84:CB:F3:8E:38:83:D6:1B:E1:8C:0C
X509v3 Authority Key Identifier:
keyid:BC:4F:1E:6B:01:1F:4D:63:31:A1:27:95:5A:54:8F:A5:05:25:80:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vE8eawEfTWMxoSeVWlSPpQUlgKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/66a237-9bc5-4abd-9b8b-c55476759d0c/1/BNqfmpLmjYM_hMvzjjiD1hvhjAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/66a237-9bc5-4abd-9b8b-c55476759d0c/1/vE8eawEfTWMxoSeVWlSPpQUlgKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.164.0/22
Signature Algorithm: sha256WithRSAEncryption
72:ca:93:ab:e7:71:39:97:ea:cb:b5:5c:59:fb:20:93:55:ff:
17:96:31:7c:53:35:97:91:c8:0b:d1:71:96:1c:13:93:70:f9:
01:7c:b8:cf:de:18:5c:95:29:a2:86:6b:58:ef:ad:91:e8:33:
58:db:a7:72:82:37:e4:ba:8f:95:04:f2:13:4d:91:b3:08:e8:
e8:73:ba:5a:4b:57:9f:97:f6:cb:13:c3:d6:b6:a0:02:97:0b:
8f:04:78:7c:37:43:6d:a8:27:61:da:21:bf:a3:ce:13:fe:80:
be:bb:5f:2f:f5:97:d7:c7:83:dd:63:63:09:0a:9d:ac:e3:90:
69:5f:06:2d:6d:e7:75:ac:a0:74:34:2e:f7:40:0a:22:d3:b3:
2d:88:33:15:65:50:d0:31:66:fa:74:92:b3:92:97:7b:1d:4b:
99:ff:d0:f9:d4:1a:70:c0:a3:97:ab:d1:4e:e4:50:e4:f3:9b:
02:ab:94:7f:f5:00:34:b0:54:e3:f3:e6:97:d9:b3:66:bf:3f:
20:5d:1e:33:25:43:fd:36:5d:e4:61:6d:a6:e3:3c:73:6e:c4:
ad:3c:a3:d5:3b:75:de:b1:37:d1:9d:66:36:6a:7f:49:e3:7a:
41:db:19:cc:ee:9b:28:93:c4:b0:0c:50:1c:61:11:ed:99:01:
97:8b:4d:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl+/ebIe4qbFGGizR+ZIabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNGYxZTZiMDExZjRkNjMzMWExMjc5NTVhNTQ4ZmE1MDUy
NTgwYTUwHhcNMjUwMTAyMDc0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGRhOWY5YTkyZTY4ZDgzM2Y4NGNiZjM4ZTM4ODNkNjFiZTE4YzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9Fdqx2LIckiQAt3bKnGJPa/l1MZ
lmo8dMeqf6o5+dJAxBeXuYnUmUDJvKKZ6mMfxtguxUHTHlMNlXMCAiiS4w+TqoUK
Oa1n9pIQ5JSJ5Of/5SM+1DfEgTC7dagEo/1/EJ5RcKSN55wBrt0kUM4Oan823NBC
e9rlQuUKE8LRYSdmAtdAn5WgS7pjpkrEFpk2HUpMTJUL8L7NxUN3E0ttb4H0yZlg
/MhsoJRhgA53obyhrue7mGh+m9mCb1KR3lhyquwq3VByUg8HbbFpZrx2QsVdcBAd
FKkgNL34a5R5Rav13w+X4+l6CcjBYiI8WrbMAWpJhFFIuidU2qUgjvfRgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFATan5qS5o2DP4TL8444g9Yb4YwMMB8GA1UdIwQY
MBaAFLxPHmsBH01jMaEnlVpUj6UFJYClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkU4ZWF3RWZUV014b1NlVldsU1BwUVVsZ0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi82NmEyMzctOWJjNS00YWJkLTliOGIt
YzU1NDc2NzU5ZDBjLzEvQk5xZm1wTG1qWU1faE12empqaUQxaHZoakF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi82NmEyMzctOWJjNS00YWJkLTliOGItYzU1NDc2NzU5ZDBj
LzEvdkU4ZWF3RWZUV014b1NlVldsU1BwUVVsZ0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYCkMA0G
CSqGSIb3DQEBCwUAA4IBAQByypOr53E5l+rLtVxZ+yCTVf8XljF8UzWXkcgL0XGW
HBOTcPkBfLjP3hhclSmihmtY762R6DNY26dygjfkuo+VBPITTZGzCOjoc7paS1ef
l/bLE8PWtqAClwuPBHh8N0NtqCdh2iG/o84T/oC+u18v9ZfXx4PdY2MJCp2s45Bp
XwYtbed1rKB0NC73QAoi07MtiDMVZVDQMWb6dJKzkpd7HUuZ/9D51BpwwKOXq9FO
5FDk85sCq5R/9QA0sFTj8+aX2bNmvz8gXR4zJUP9Nl3kYW2m4zxzbsStPKPVO3Xe
sTfRnWY2an9J43pB2xnM7psok8SwDFAcYRHtmQGXi020
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:31:49 2025 by rpki-client