Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/a1399a-ea6b-4a09-8b40-90c0bde09869/1/BqxQqMXfVsv8J4WaLs72INfcI-w.roa
File: BqxQqMXfVsv8J4WaLs72INfcI-w.roa (raw, json)
Hash identifier: E4uf1aplKzZlY/g2WLAMnV1cBOEsVJ+7b0auNGq9law=
Subject key identifier: 06:AC:50:A8:C5:DF:56:CB:FC:27:85:9A:2E:CE:F6:20:D7:DC:23:EC
Certificate issuer: /CN=ad80679b96ca322bfa85500cab206c6d47412edf
Certificate serial: 019427B5BF91502F8A9C14316598A77F49B9
Authority key identifier: AD:80:67:9B:96:CA:32:2B:FA:85:50:0C:AB:20:6C:6D:47:41:2E:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rYBnm5bKMiv6hVAMqyBsbUdBLt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/a1399a-ea6b-4a09-8b40-90c0bde09869/1/BqxQqMXfVsv8J4WaLs72INfcI-w.roa
Signing time: Thu 02 Jan 2025 15:50:09 +0000
ROA not before: Thu 02 Jan 2025 15:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48096
IP address blocks: 195.42.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:bf:91:50:2f:8a:9c:14:31:65:98:a7:7f:49:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad80679b96ca322bfa85500cab206c6d47412edf
Validity
Not Before: Jan 2 15:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06ac50a8c5df56cbfc27859a2ecef620d7dc23ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:fa:b3:44:d7:6e:32:1b:3c:7f:15:bb:58:48:
8d:0e:e0:8b:c9:52:42:66:c3:42:c6:d7:fc:98:74:
21:b1:eb:4d:36:40:a1:e1:ed:b6:d6:85:23:3b:ca:
fa:94:2b:d5:41:06:a6:45:9a:69:ef:1f:cf:97:5f:
25:9a:d9:6b:e7:d6:02:52:40:7a:2b:e2:e7:c0:f5:
a5:9a:53:de:0d:99:ea:26:4a:94:ff:9a:8c:80:cf:
f3:ab:bc:fc:90:e9:fa:70:5d:04:3c:d0:35:e1:a7:
4f:85:47:2c:ae:b0:d3:4a:7a:41:80:42:50:a7:0c:
63:69:46:27:a8:7c:dd:63:d8:ea:6f:ad:4f:8f:c9:
0f:22:ec:c4:0e:d8:27:38:58:cf:aa:ad:f6:b3:a5:
cd:2a:f9:d3:81:df:02:16:af:5e:e9:0c:69:01:00:
00:f9:da:2a:4f:06:4c:2e:56:c7:6e:30:92:51:89:
f1:a4:03:1f:76:a4:b0:86:d3:9b:85:14:ae:35:af:
53:b5:b2:28:44:6e:7b:3c:aa:29:3a:53:cc:a3:23:
b8:8f:f7:90:d8:3d:18:2d:ce:a0:dc:64:81:be:89:
3b:d0:5a:6f:73:58:1f:55:43:cc:73:df:78:5b:ad:
d1:e9:41:e2:51:ca:ac:4e:b4:d4:1e:f9:bc:79:d0:
c5:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:AC:50:A8:C5:DF:56:CB:FC:27:85:9A:2E:CE:F6:20:D7:DC:23:EC
X509v3 Authority Key Identifier:
keyid:AD:80:67:9B:96:CA:32:2B:FA:85:50:0C:AB:20:6C:6D:47:41:2E:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rYBnm5bKMiv6hVAMqyBsbUdBLt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a1399a-ea6b-4a09-8b40-90c0bde09869/1/BqxQqMXfVsv8J4WaLs72INfcI-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a1399a-ea6b-4a09-8b40-90c0bde09869/1/rYBnm5bKMiv6hVAMqyBsbUdBLt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.42.243.0/24
Signature Algorithm: sha256WithRSAEncryption
98:71:5c:23:8b:b6:61:67:aa:9c:2f:48:1a:47:83:d4:1f:8c:
40:11:f9:16:cd:e7:0b:9a:ae:12:1d:d7:f6:df:6d:af:4a:81:
77:7e:96:d1:d5:01:46:a0:ff:df:30:9f:36:58:6d:ae:95:5d:
8a:b5:5b:72:f1:aa:c0:50:ab:17:49:5f:cd:a2:c1:9a:40:ad:
c6:a7:20:a7:81:d9:74:92:a8:08:07:dd:b4:b9:66:13:7a:2d:
22:d4:8e:a9:29:8d:12:7e:6d:c1:4d:6a:79:f7:e3:37:f8:96:
8a:ba:c9:57:cb:5e:84:cd:a0:f2:bc:4a:1a:60:32:e1:50:82:
06:37:97:c8:ef:c8:a4:fd:7e:7d:a0:8e:60:d0:f2:c1:75:6c:
98:06:9c:c5:5b:82:af:b2:3d:b2:fe:6c:f6:cc:98:47:c1:de:
55:17:d7:96:5b:63:4f:ce:4b:8e:70:e5:c8:b6:a5:80:08:8e:
e1:a0:40:4f:16:e0:80:6d:40:4f:4e:20:92:b4:5d:47:16:ad:
73:d9:52:fa:82:23:83:1d:66:81:1e:25:bd:52:a0:3f:68:3f:
af:5c:aa:77:bb:54:7f:ac:52:42:37:3c:30:bc:62:db:2a:28:
a3:cd:b8:4f:66:ff:08:9c:1b:c9:cc:f8:3a:6a:77:45:94:55:
bd:f8:e0:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntb+RUC+KnBQxZZinf0m5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkODA2NzliOTZjYTMyMmJmYTg1NTAwY2FiMjA2YzZkNDc0
MTJlZGYwHhcNMjUwMTAyMTU1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmFjNTBhOGM1ZGY1NmNiZmMyNzg1OWEyZWNlZjYyMGQ3ZGMyM2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8fqzRNduMhs8fxW7WEiNDuCLyVJC
ZsNCxtf8mHQhsetNNkCh4e221oUjO8r6lCvVQQamRZpp7x/Pl18lmtlr59YCUkB6
K+LnwPWlmlPeDZnqJkqU/5qMgM/zq7z8kOn6cF0EPNA14adPhUcsrrDTSnpBgEJQ
pwxjaUYnqHzdY9jqb61Pj8kPIuzEDtgnOFjPqq32s6XNKvnTgd8CFq9e6QxpAQAA
+doqTwZMLlbHbjCSUYnxpAMfdqSwhtObhRSuNa9TtbIoRG57PKopOlPMoyO4j/eQ
2D0YLc6g3GSBvok70Fpvc1gfVUPMc994W63R6UHiUcqsTrTUHvm8edDFEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAasUKjF31bL/CeFmi7O9iDX3CPsMB8GA1UdIwQY
MBaAFK2AZ5uWyjIr+oVQDKsgbG1HQS7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcllCbm01YktNaXY2aFZBTXF5QnNiVWRCTHQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9hMTM5OWEtZWE2Yi00YTA5LThiNDAt
OTBjMGJkZTA5ODY5LzEvQnF4UXFNWGZWc3Y4SjRXYUxzNzJJTmZjSS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9hMTM5OWEtZWE2Yi00YTA5LThiNDAtOTBjMGJkZTA5ODY5
LzEvcllCbm01YktNaXY2aFZBTXF5QnNiVWRCTHQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyrzMA0G
CSqGSIb3DQEBCwUAA4IBAQCYcVwji7ZhZ6qcL0gaR4PUH4xAEfkWzecLmq4SHdf2
322vSoF3fpbR1QFGoP/fMJ82WG2ulV2KtVty8arAUKsXSV/NosGaQK3GpyCngdl0
kqgIB920uWYTei0i1I6pKY0Sfm3BTWp59+M3+JaKuslXy16EzaDyvEoaYDLhUIIG
N5fI78ik/X59oI5g0PLBdWyYBpzFW4Kvsj2y/mz2zJhHwd5VF9eWW2NPzkuOcOXI
tqWACI7hoEBPFuCAbUBPTiCStF1HFq1z2VL6giODHWaBHiW9UqA/aD+vXKp3u1R/
rFJCNzwwvGLbKiijzbhPZv8InBvJzPg6andFlFW9+OAn
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:33:03 2025 by rpki-client