Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/CwdCUQsFV7CyApTMyt6j3A_OJVA.roa
File: CwdCUQsFV7CyApTMyt6j3A_OJVA.roa (raw, json)
Hash identifier: SME0C7xkpjziLPa0GzpInguFdkdM75z/nCo/zXQqOyk=
Subject key identifier: 0B:07:42:51:0B:05:57:B0:B2:02:94:CC:CA:DE:A3:DC:0F:CE:25:50
Certificate issuer: /CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Certificate serial: 019425FDB831763C284013373F745B089652
Authority key identifier: BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/CwdCUQsFV7CyApTMyt6j3A_OJVA.roa
Signing time: Thu 02 Jan 2025 07:49:32 +0000
ROA not before: Thu 02 Jan 2025 07:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49436
IP address blocks: 185.250.168.0/22 maxlen: 22
185.250.168.0/23 maxlen: 23
185.250.170.0/23 maxlen: 23
195.42.158.0/23 maxlen: 23
2a0c:f47::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b8:31:76:3c:28:40:13:37:3f:74:5b:08:96:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Validity
Not Before: Jan 2 07:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b0742510b0557b0b20294cccadea3dc0fce2550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:81:33:79:b3:e8:53:d7:c9:cd:f9:36:7a:2c:
74:fe:0e:57:f2:d2:54:fb:88:ed:81:f8:a1:03:c4:
84:13:ba:a0:93:b6:6a:9f:41:3f:40:c3:f1:3d:10:
cf:5e:40:e3:a3:40:ee:f2:83:86:3e:c6:d5:d5:96:
33:36:14:fd:01:cd:53:67:17:14:8f:9d:f6:20:d5:
e7:b5:3b:bd:f6:cd:28:55:57:8d:79:9a:2f:fa:50:
5f:3d:9c:19:ab:19:19:de:c5:fe:c3:1b:19:f5:42:
fd:03:fb:78:55:fc:c7:21:89:60:8f:64:6f:59:1f:
c8:97:21:5e:21:95:fe:26:29:71:29:c6:a5:61:77:
3b:44:0c:87:46:1a:3a:1a:74:f0:a6:ac:1f:7d:00:
c8:cc:95:19:b0:ce:2c:84:57:7d:d8:30:96:05:b9:
19:39:50:dc:e2:67:f2:48:d3:e9:24:fa:29:41:8d:
91:0a:1c:82:77:e1:bc:d4:5c:65:9b:d0:84:49:70:
b2:92:64:36:8b:05:c8:6c:cb:3d:36:ec:e7:1e:d2:
71:44:48:f5:df:14:31:2e:6d:28:5d:4a:33:84:23:
ff:b7:8e:e7:39:cf:3e:f4:d1:e4:63:3f:b9:2c:43:
56:11:36:97:ba:41:d0:1d:42:15:9a:2b:e9:10:5e:
35:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:07:42:51:0B:05:57:B0:B2:02:94:CC:CA:DE:A3:DC:0F:CE:25:50
X509v3 Authority Key Identifier:
keyid:BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/CwdCUQsFV7CyApTMyt6j3A_OJVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.168.0/22
195.42.158.0/23
IPv6:
2a0c:f47::/32
Signature Algorithm: sha256WithRSAEncryption
82:e9:f3:df:39:44:55:c1:a6:72:8b:ab:2d:bc:d0:3c:8c:76:
f3:6a:08:c7:88:fa:66:08:49:2f:e6:da:bb:8a:92:bf:20:47:
d4:c1:8f:79:3c:f5:c6:bc:ac:ed:13:1d:d7:ef:e8:ae:8a:aa:
fc:38:7a:f0:3d:89:ae:18:80:59:c6:dd:8e:7b:e8:d0:18:1f:
d0:6f:4e:c9:17:c0:58:3b:eb:af:f2:3a:ba:d2:ce:c5:51:9b:
9e:b5:e0:b6:ad:35:13:4d:dd:74:05:6f:a0:29:85:06:81:00:
e1:ed:1f:31:ad:24:2d:ae:4d:86:60:05:38:89:76:6d:71:9b:
2c:5f:28:f9:4a:e8:2c:e8:1b:40:ae:93:69:59:05:5c:6e:61:
44:d4:51:f9:fa:e4:e4:7b:83:cf:eb:4a:f4:4b:bf:3b:40:0d:
84:a1:c1:20:b2:f1:ab:8f:13:b3:9a:2a:46:d1:a2:06:94:a1:
66:69:87:26:ec:02:e6:9f:42:8a:b3:31:f7:e1:97:54:a6:c9:
2f:fb:22:ae:0e:1e:37:af:01:7d:2b:ac:72:bc:f3:34:b4:88:
5c:33:b3:e0:73:49:c2:6a:ce:2c:b6:7a:77:06:66:b6:28:f7:
7b:11:92:d1:69:ac:ab:2b:2d:45:0c:73:ca:94:ef:87:cb:9b:
35:1a:4a:5b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/bgxdjwoQBM3P3RbCJZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmQyZGE1NDQ3ZDAwNzYxNmViZGRjMmE3MGZlYWM1ZTc3
YzRhOGIwHhcNMjUwMTAyMDc0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjA3NDI1MTBiMDU1N2IwYjIwMjk0Y2NjYWRlYTNkYzBmY2UyNTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YEzebPoU9fJzfk2eix0/g5X8tJU
+4jtgfihA8SEE7qgk7Zqn0E/QMPxPRDPXkDjo0Du8oOGPsbV1ZYzNhT9Ac1TZxcU
j532INXntTu99s0oVVeNeZov+lBfPZwZqxkZ3sX+wxsZ9UL9A/t4VfzHIYlgj2Rv
WR/IlyFeIZX+JilxKcalYXc7RAyHRho6GnTwpqwffQDIzJUZsM4shFd92DCWBbkZ
OVDc4mfySNPpJPopQY2RChyCd+G81Fxlm9CESXCykmQ2iwXIbMs9NuznHtJxREj1
3xQxLm0oXUozhCP/t47nOc8+9NHkYz+5LENWETaXukHQHUIVmivpEF418QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAsHQlELBVewsgKUzMreo9wPziVQMB8GA1UdIwQY
MBaAFLz9LaVEfQB2FuvdwqcP6sXnfEqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQt
YmJmZTIxOTZjNmFmLzEvQ3dkQ1VRc0ZWN0N5QXBUTXl0NmozQV9PSlZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQtYmJmZTIxOTZjNmFm
LzEvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCufqoAwQB
wyqeMA0EAgACMAcDBQAqDA9HMA0GCSqGSIb3DQEBCwUAA4IBAQCC6fPfOURVwaZy
i6stvNA8jHbzagjHiPpmCEkv5tq7ipK/IEfUwY95PPXGvKztEx3X7+iuiqr8OHrw
PYmuGIBZxt2Oe+jQGB/Qb07JF8BYO+uv8jq60s7FUZueteC2rTUTTd10BW+gKYUG
gQDh7R8xrSQtrk2GYAU4iXZtcZssXyj5Sugs6BtArpNpWQVcbmFE1FH5+uTke4PP
60r0S787QA2EocEgsvGrjxOzmipG0aIGlKFmaYcm7ALmn0KKszH34ZdUpskv+yKu
Dh43rwF9K6xyvPM0tIhcM7Pgc0nCas4stnp3Bma2KPd7EZLRaayrKy1FDHPKlO+H
y5s1Gkpb
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:30:27 2025 by rpki-client