Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5c65af-b3f9-4bb3-a702-2bc90794d38d/1/BKkYw6wCv0BCzIN9mNvcFYakNOY.roa
File: BKkYw6wCv0BCzIN9mNvcFYakNOY.roa (raw, json)
Hash identifier: JOy8URSCrbw8xxAKeoSqWbsMyce29owmtAkGhYDeHjY=
Subject key identifier: 04:A9:18:C3:AC:02:BF:40:42:CC:83:7D:98:DB:DC:15:86:A4:34:E6
Certificate issuer: /CN=46ebddae6a7acee83a322a0e743a6759d85365f2
Certificate serial: 019424B3DDFA83A056E761862CAAE3C36EDE
Authority key identifier: 46:EB:DD:AE:6A:7A:CE:E8:3A:32:2A:0E:74:3A:67:59:D8:53:65:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ruvdrmp6zug6MioOdDpnWdhTZfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5c65af-b3f9-4bb3-a702-2bc90794d38d/1/BKkYw6wCv0BCzIN9mNvcFYakNOY.roa
Signing time: Thu 02 Jan 2025 01:49:15 +0000
ROA not before: Thu 02 Jan 2025 01:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8487
IP address blocks: 185.171.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:dd:fa:83:a0:56:e7:61:86:2c:aa:e3:c3:6e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46ebddae6a7acee83a322a0e743a6759d85365f2
Validity
Not Before: Jan 2 01:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04a918c3ac02bf4042cc837d98dbdc1586a434e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f5:f7:c4:ae:ca:58:42:21:44:de:ac:77:f2:
2f:d1:8d:9b:53:77:e0:0e:05:51:61:87:fe:77:41:
40:f0:09:7f:e2:99:82:f2:8e:35:c5:ff:b4:1e:ff:
d0:f7:41:4a:5b:17:32:04:fe:8f:b2:6a:49:87:b6:
1b:57:91:24:ef:7b:af:8a:64:38:79:0a:d5:7c:d4:
09:32:a6:20:06:5c:45:6e:b2:27:54:20:b9:55:81:
b5:02:44:b2:14:f1:fe:01:5d:ee:eb:b7:bb:03:6e:
54:e8:6a:21:7d:3d:f7:ed:b6:7b:62:c2:42:1a:3e:
da:52:fa:fc:3c:4c:24:b4:ec:bb:a0:31:03:fa:e9:
00:57:e5:d2:5a:41:9d:cb:d7:30:4e:ef:df:46:0a:
e8:1c:d5:4d:fb:71:06:f7:a7:b5:75:53:78:99:d8:
f9:0f:e0:92:b7:e2:cf:00:18:b7:f3:b5:18:fa:41:
5d:a0:8d:ed:15:65:0d:30:20:33:c8:34:aa:1b:64:
ee:48:cf:64:1f:d0:a2:d0:8b:35:59:27:43:68:05:
e2:89:5d:24:c9:12:49:d9:e0:20:68:2e:d1:6b:fa:
c1:5d:ed:54:b2:90:a7:21:4e:69:a6:81:ea:e5:7e:
af:88:66:f4:b2:e2:52:bd:ee:7a:24:d5:b3:cf:e5:
a5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A9:18:C3:AC:02:BF:40:42:CC:83:7D:98:DB:DC:15:86:A4:34:E6
X509v3 Authority Key Identifier:
keyid:46:EB:DD:AE:6A:7A:CE:E8:3A:32:2A:0E:74:3A:67:59:D8:53:65:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ruvdrmp6zug6MioOdDpnWdhTZfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5c65af-b3f9-4bb3-a702-2bc90794d38d/1/BKkYw6wCv0BCzIN9mNvcFYakNOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5c65af-b3f9-4bb3-a702-2bc90794d38d/1/Ruvdrmp6zug6MioOdDpnWdhTZfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.23.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:a6:fe:78:39:0a:7d:59:88:fc:ea:ec:a5:a1:69:7c:50:b6:
cc:26:ec:db:5d:56:de:73:ca:fd:b7:e8:49:d2:19:34:a1:c8:
8c:cd:a9:0d:b3:c5:c4:72:74:4c:5f:bb:31:c7:a2:8d:46:00:
cd:40:e0:0a:67:9e:3c:8a:13:c3:18:60:ec:77:98:d0:d8:a3:
a9:57:62:38:55:dc:14:31:76:ba:4e:cf:6f:28:04:c2:be:40:
42:9f:9c:28:e3:34:64:b0:3f:cc:95:d9:a7:dc:36:db:db:8d:
17:08:3f:42:48:f4:dd:ba:f6:bb:74:1e:e8:52:d6:ff:ec:ba:
10:0a:8d:8b:55:3c:be:9c:0c:d8:25:a4:d8:de:ff:a1:a4:79:
9b:fd:78:ff:a4:4c:4c:cf:70:fb:a5:25:d7:e7:53:4d:a4:c9:
86:69:74:f4:7e:61:9b:7b:ae:a8:77:31:43:6b:9e:14:40:e6:
8c:8c:45:8a:d0:2a:cf:5c:52:9c:1d:d0:30:8d:1e:a7:00:6b:
2d:8f:f7:b6:4d:6e:c6:62:e1:86:49:20:94:dc:07:65:fb:92:
e7:9c:b0:b2:15:45:d6:5d:58:87:12:55:ce:60:2a:0c:c8:3e:
39:b3:cd:79:8c:ac:17:98:67:97:66:8d:78:89:a0:5c:b4:0c:
98:e2:09:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks936g6BW52GGLKrjw27eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZWJkZGFlNmE3YWNlZTgzYTMyMmEwZTc0M2E2NzU5ZDg1
MzY1ZjIwHhcNMjUwMTAyMDE0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGE5MThjM2FjMDJiZjQwNDJjYzgzN2Q5OGRiZGMxNTg2YTQzNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/X3xK7KWEIhRN6sd/Iv0Y2bU3fg
DgVRYYf+d0FA8Al/4pmC8o41xf+0Hv/Q90FKWxcyBP6PsmpJh7YbV5Ek73uvimQ4
eQrVfNQJMqYgBlxFbrInVCC5VYG1AkSyFPH+AV3u67e7A25U6GohfT337bZ7YsJC
Gj7aUvr8PEwktOy7oDED+ukAV+XSWkGdy9cwTu/fRgroHNVN+3EG96e1dVN4mdj5
D+CSt+LPABi387UY+kFdoI3tFWUNMCAzyDSqG2TuSM9kH9Ci0Is1WSdDaAXiiV0k
yRJJ2eAgaC7Ra/rBXe1UspCnIU5ppoHq5X6viGb0suJSve56JNWzz+WleQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFASpGMOsAr9AQsyDfZjb3BWGpDTmMB8GA1UdIwQY
MBaAFEbr3a5qes7oOjIqDnQ6Z1nYU2XyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnV2ZHJtcDZ6dWc2TWlvT2REcG5XZGhUWmZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81YzY1YWYtYjNmOS00YmIzLWE3MDIt
MmJjOTA3OTRkMzhkLzEvQktrWXc2d0N2MEJDeklOOW1OdmNGWWFrTk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81YzY1YWYtYjNmOS00YmIzLWE3MDItMmJjOTA3OTRkMzhk
LzEvUnV2ZHJtcDZ6dWc2TWlvT2REcG5XZGhUWmZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuasXMA0G
CSqGSIb3DQEBCwUAA4IBAQCNpv54OQp9WYj86uyloWl8ULbMJuzbXVbec8r9t+hJ
0hk0ociMzakNs8XEcnRMX7sxx6KNRgDNQOAKZ548ihPDGGDsd5jQ2KOpV2I4VdwU
MXa6Ts9vKATCvkBCn5wo4zRksD/Mldmn3Dbb240XCD9CSPTduva7dB7oUtb/7LoQ
Co2LVTy+nAzYJaTY3v+hpHmb/Xj/pExMz3D7pSXX51NNpMmGaXT0fmGbe66odzFD
a54UQOaMjEWK0CrPXFKcHdAwjR6nAGstj/e2TW7GYuGGSSCU3Adl+5LnnLCyFUXW
XViHElXOYCoMyD45s815jKwXmGeXZo14iaBctAyY4gl1
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:35:34 2025 by rpki-client