Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7eb293-8e76-470f-855f-b626d5746d13/1/BZnndlQQXrhtsi1w92QwnbcTVos.roa
File: BZnndlQQXrhtsi1w92QwnbcTVos.roa (raw, json)
Hash identifier: xdoIZn2kmQaThra2U5g+oAnP8t2eo6iub1zi69U/YhE=
Subject key identifier: 05:99:E7:76:54:10:5E:B8:6D:B2:2D:70:F7:64:30:9D:B7:13:56:8B
Certificate issuer: /CN=84106bfa023f17cf6d67eac9fdd2868a72f76680
Certificate serial: 0194228DA545FD910B5B249AB35F4D4C3004
Authority key identifier: 84:10:6B:FA:02:3F:17:CF:6D:67:EA:C9:FD:D2:86:8A:72:F7:66:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hBBr-gI_F89tZ-rJ_dKGinL3ZoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/7eb293-8e76-470f-855f-b626d5746d13/1/BZnndlQQXrhtsi1w92QwnbcTVos.roa
Signing time: Wed 01 Jan 2025 15:48:15 +0000
ROA not before: Wed 01 Jan 2025 15:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50370
IP address blocks: 195.114.24.0/23 maxlen: 24
2001:67c:6a4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:a5:45:fd:91:0b:5b:24:9a:b3:5f:4d:4c:30:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84106bfa023f17cf6d67eac9fdd2868a72f76680
Validity
Not Before: Jan 1 15:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0599e77654105eb86db22d70f764309db713568b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:29:9c:a2:9b:eb:ca:81:17:0a:7a:35:a4:ef:
6e:c8:df:6a:03:20:c0:05:08:d0:2e:1e:bf:3a:27:
1e:04:a3:2b:bf:e1:31:c0:f0:96:f1:b9:0c:8f:cb:
a1:63:70:b3:82:31:c8:5e:f0:0d:76:6a:ab:45:47:
c8:4b:44:6d:16:40:1d:f8:0f:97:3b:34:40:1c:9f:
62:66:9c:2f:ed:35:66:4a:d2:43:e3:d7:a4:15:e3:
2c:03:7b:e0:44:43:00:b6:d9:25:06:e5:8a:a3:6c:
9d:38:47:36:89:71:31:fa:a6:3e:88:da:02:43:2d:
db:cc:11:27:15:e2:70:99:ff:48:e3:b3:b5:f2:c5:
08:79:7d:f5:80:57:2c:4f:7d:55:5b:8d:cb:67:7d:
5d:64:69:e3:14:f5:af:f9:3a:17:9d:da:a8:8c:3a:
da:e9:38:f6:34:f1:40:97:70:9b:41:40:49:12:06:
2b:43:ee:c8:a4:18:51:13:22:5a:3a:9c:3a:26:b3:
e5:3d:52:11:db:c8:f9:40:b2:72:fa:62:6b:8f:e9:
7f:63:14:d0:bf:56:7d:dc:55:b4:b7:0d:84:e2:eb:
de:52:80:08:41:0b:89:99:3d:dd:2b:fe:fe:b0:cc:
92:80:c8:bc:ce:d3:b8:81:d2:b1:df:98:6e:64:55:
95:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:99:E7:76:54:10:5E:B8:6D:B2:2D:70:F7:64:30:9D:B7:13:56:8B
X509v3 Authority Key Identifier:
keyid:84:10:6B:FA:02:3F:17:CF:6D:67:EA:C9:FD:D2:86:8A:72:F7:66:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hBBr-gI_F89tZ-rJ_dKGinL3ZoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7eb293-8e76-470f-855f-b626d5746d13/1/BZnndlQQXrhtsi1w92QwnbcTVos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7eb293-8e76-470f-855f-b626d5746d13/1/hBBr-gI_F89tZ-rJ_dKGinL3ZoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.24.0/23
IPv6:
2001:67c:6a4::/48
Signature Algorithm: sha256WithRSAEncryption
0e:76:71:1a:7b:db:bb:59:b1:84:4b:ed:33:6b:c4:92:c1:a7:
78:23:0f:66:8e:b5:c5:c6:51:91:f5:a7:bd:a8:ee:48:02:e0:
94:88:e8:ad:06:77:bf:12:2a:69:7e:d9:bf:06:20:32:f6:5e:
e9:11:b1:97:ac:c1:fb:f8:ce:41:a3:60:fa:af:c8:ce:fb:39:
61:01:57:f4:d4:38:29:b6:66:6d:73:75:8b:00:e9:03:7a:93:
12:d6:71:43:e9:96:b7:e3:9b:62:de:b9:c7:36:6e:cd:aa:88:
41:d4:81:d1:cf:32:20:63:b7:d7:0a:d3:f3:83:c5:ed:00:db:
20:b0:ff:5e:72:bb:29:df:d3:ba:20:c1:96:83:1d:c0:a9:ce:
59:d4:dc:c2:b0:68:61:09:6d:ee:03:bb:92:e8:82:d3:3a:db:
42:5d:d0:88:59:44:3d:6a:26:a8:7c:d7:f9:6b:3d:56:d5:d7:
e6:6e:96:31:5d:4d:b8:ee:be:89:79:be:ae:8e:17:d5:e6:92:
5c:8e:59:87:00:d6:96:3e:d3:12:0b:48:2d:f0:69:6a:43:d1:
78:58:8b:08:b7:8c:76:40:10:f9:b7:7f:0f:f6:ff:50:e2:43:
2c:28:e7:54:49:6d:2b:b6:48:1c:0c:9b:ed:9b:5d:4e:ae:6a:
73:0e:9d:23
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQijaVF/ZELWySas19NTDAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MTA2YmZhMDIzZjE3Y2Y2ZDY3ZWFjOWZkZDI4NjhhNzJm
NzY2ODAwHhcNMjUwMTAxMTU0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTk5ZTc3NjU0MTA1ZWI4NmRiMjJkNzBmNzY0MzA5ZGI3MTM1NjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCmcopvryoEXCno1pO9uyN9qAyDA
BQjQLh6/OiceBKMrv+ExwPCW8bkMj8uhY3CzgjHIXvANdmqrRUfIS0RtFkAd+A+X
OzRAHJ9iZpwv7TVmStJD49ekFeMsA3vgREMAttklBuWKo2ydOEc2iXEx+qY+iNoC
Qy3bzBEnFeJwmf9I47O18sUIeX31gFcsT31VW43LZ31dZGnjFPWv+ToXndqojDra
6Tj2NPFAl3CbQUBJEgYrQ+7IpBhREyJaOpw6JrPlPVIR28j5QLJy+mJrj+l/YxTQ
v1Z93FW0tw2E4uveUoAIQQuJmT3dK/7+sMySgMi8ztO4gdKx35huZFWVwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAWZ53ZUEF64bbItcPdkMJ23E1aLMB8GA1UdIwQY
MBaAFIQQa/oCPxfPbWfqyf3Shopy92aAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEJCci1nSV9GODl0Wi1ySl9kS0dpbkwzWm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZWIyOTMtOGU3Ni00NzBmLTg1NWYt
YjYyNmQ1NzQ2ZDEzLzEvQlpubmRsUVFYcmh0c2kxdzkyUXduYmNUVm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZWIyOTMtOGU3Ni00NzBmLTg1NWYtYjYyNmQ1NzQ2ZDEz
LzEvaEJCci1nSV9GODl0Wi1ySl9kS0dpbkwzWm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw3IYMA8E
AgACMAkDBwAgAQZ8BqQwDQYJKoZIhvcNAQELBQADggEBAA52cRp727tZsYRL7TNr
xJLBp3gjD2aOtcXGUZH1p72o7kgC4JSI6K0Gd78SKml+2b8GIDL2XukRsZeswfv4
zkGjYPqvyM77OWEBV/TUOCm2Zm1zdYsA6QN6kxLWcUPplrfjm2Leucc2bs2qiEHU
gdHPMiBjt9cK0/ODxe0A2yCw/15yuynf07ogwZaDHcCpzlnU3MKwaGEJbe4Du5Lo
gtM620Jd0IhZRD1qJqh81/lrPVbV1+ZuljFdTbjuvol5vq6OF9XmklyOWYcA1pY+
0xILSC3waWpD0XhYiwi3jHZAEPm3fw/2/1DiQywo51RJbSu2SBwMm+2bXU6uanMO
nSM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:39:28 2025 by rpki-client