Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/031fcb-b74e-4e75-a7b9-90e65412252a/1/Bha5fqCb4Fccw9Hz-g5tESnNC_M.roa
File: Bha5fqCb4Fccw9Hz-g5tESnNC_M.roa (raw, json)
Hash identifier: 46eG+dZ14ZYRFYw5iRf0nTqMM6SE1SjEdU7Pao7e1x0=
Subject key identifier: 06:16:B9:7E:A0:9B:E0:57:1C:C3:D1:F3:FA:0E:6D:11:29:CD:0B:F3
Certificate issuer: /CN=36a4668ff83814af90a78b4fc8d262325058cbc6
Certificate serial: 01941F8C885416D8AEA28A91EAA408F17B7F
Authority key identifier: 36:A4:66:8F:F8:38:14:AF:90:A7:8B:4F:C8:D2:62:32:50:58:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NqRmj_g4FK-Qp4tPyNJiMlBYy8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/031fcb-b74e-4e75-a7b9-90e65412252a/1/Bha5fqCb4Fccw9Hz-g5tESnNC_M.roa
Signing time: Wed 01 Jan 2025 01:48:11 +0000
ROA not before: Wed 01 Jan 2025 01:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210096
IP address blocks: 85.235.76.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:88:54:16:d8:ae:a2:8a:91:ea:a4:08:f1:7b:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36a4668ff83814af90a78b4fc8d262325058cbc6
Validity
Not Before: Jan 1 01:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0616b97ea09be0571cc3d1f3fa0e6d1129cd0bf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b6:2c:99:d2:e7:c5:be:0c:bb:77:1d:e0:fb:
1c:24:f8:43:49:91:be:9f:7f:cd:e6:45:9f:65:af:
c2:d6:9c:5a:87:03:ac:73:35:03:23:fa:28:6e:2d:
47:dc:d8:27:53:f9:bf:d8:a7:95:22:72:eb:5f:db:
6d:54:cb:41:28:99:28:96:e1:17:62:26:65:2c:89:
81:77:bf:bf:11:de:52:6c:ce:01:cf:eb:4d:9d:47:
90:df:60:c2:76:0d:cf:b2:2f:a8:01:93:49:57:7f:
fc:1a:90:95:5e:a8:29:b4:fd:3c:90:cf:9e:57:d1:
ab:7f:d8:a5:03:e4:95:b8:fe:a1:cb:d8:53:93:b6:
19:1a:2b:9b:07:26:e3:5e:91:2e:93:c2:d2:d5:fa:
d1:f7:34:6c:d3:08:98:22:3f:cd:bb:df:7e:f5:40:
84:a5:03:81:2b:79:c4:8a:6c:4d:7d:3b:55:6e:ab:
18:8f:0e:a7:69:a6:a2:df:3e:b1:2d:f7:cc:8f:a2:
66:5a:1a:71:41:48:49:7b:dc:5d:1d:a6:96:c5:95:
d0:b2:92:d2:dd:e1:20:03:5e:3a:b2:5a:bb:ab:c0:
d4:23:fd:dd:8b:34:c2:3d:7f:70:b5:df:7c:d0:8d:
2b:18:a5:71:1b:91:2f:c3:48:e9:9e:b4:57:3c:45:
70:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:16:B9:7E:A0:9B:E0:57:1C:C3:D1:F3:FA:0E:6D:11:29:CD:0B:F3
X509v3 Authority Key Identifier:
keyid:36:A4:66:8F:F8:38:14:AF:90:A7:8B:4F:C8:D2:62:32:50:58:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NqRmj_g4FK-Qp4tPyNJiMlBYy8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/031fcb-b74e-4e75-a7b9-90e65412252a/1/Bha5fqCb4Fccw9Hz-g5tESnNC_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/031fcb-b74e-4e75-a7b9-90e65412252a/1/NqRmj_g4FK-Qp4tPyNJiMlBYy8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.76.0/22
Signature Algorithm: sha256WithRSAEncryption
21:75:49:9c:e9:de:b1:8c:e2:e9:88:5b:2a:a3:69:35:d7:f1:
fa:79:10:31:fc:51:69:f9:f6:68:93:c9:ea:0a:8b:6c:50:9e:
1b:67:c6:76:f8:16:ba:25:1c:23:7d:a0:81:99:19:82:c7:01:
a7:f3:77:33:b1:07:6f:e6:57:5f:0f:9a:ad:1a:e3:18:53:1f:
52:88:5d:40:47:c2:9a:d1:6c:47:60:10:cb:d9:c7:f1:4a:0a:
8a:7c:71:a5:cc:21:ce:b4:e3:1b:6a:63:4f:ff:e7:1b:f9:c0:
79:25:cf:78:35:d4:97:c3:47:79:f3:ab:85:94:18:e9:fc:f7:
0e:c6:a7:71:2f:e9:a4:86:b7:41:6f:f3:a3:5d:0c:eb:bd:bb:
3b:1b:01:be:f1:e4:d4:f1:af:c3:2a:a6:93:54:0c:6c:b6:1f:
90:55:9b:39:ce:82:15:82:1b:7f:bf:99:bb:af:8f:86:5a:87:
a2:b3:49:52:9c:d5:ec:73:89:fa:21:b7:33:e0:e4:a7:5a:2e:
43:98:87:a5:bf:93:ea:23:ab:c2:16:29:b6:41:bb:de:77:c3:
8b:9b:23:96:bd:b5:69:87:1e:59:1a:f2:7d:d3:5e:54:41:10:
8a:0f:13:12:94:e5:12:e4:23:fb:04:39:6b:5c:39:9c:f1:18:
4f:2a:71:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjIhUFtiuooqR6qQI8Xt/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YTQ2NjhmZjgzODE0YWY5MGE3OGI0ZmM4ZDI2MjMyNTA1
OGNiYzYwHhcNMjUwMTAxMDE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjE2Yjk3ZWEwOWJlMDU3MWNjM2QxZjNmYTBlNmQxMTI5Y2QwYmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7YsmdLnxb4Mu3cd4PscJPhDSZG+
n3/N5kWfZa/C1pxahwOsczUDI/oobi1H3NgnU/m/2KeVInLrX9ttVMtBKJkoluEX
YiZlLImBd7+/Ed5SbM4Bz+tNnUeQ32DCdg3Psi+oAZNJV3/8GpCVXqgptP08kM+e
V9Grf9ilA+SVuP6hy9hTk7YZGiubBybjXpEuk8LS1frR9zRs0wiYIj/Nu99+9UCE
pQOBK3nEimxNfTtVbqsYjw6naaai3z6xLffMj6JmWhpxQUhJe9xdHaaWxZXQspLS
3eEgA146slq7q8DUI/3dizTCPX9wtd980I0rGKVxG5Evw0jpnrRXPEVwmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYWuX6gm+BXHMPR8/oObREpzQvzMB8GA1UdIwQY
MBaAFDakZo/4OBSvkKeLT8jSYjJQWMvGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnFSbWpfZzRGSy1RcDR0UHlOSmlNbEJZeThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8wMzFmY2ItYjc0ZS00ZTc1LWE3Yjkt
OTBlNjU0MTIyNTJhLzEvQmhhNWZxQ2I0RmNjdzlIei1nNXRFU25OQ19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8wMzFmY2ItYjc0ZS00ZTc1LWE3YjktOTBlNjU0MTIyNTJh
LzEvTnFSbWpfZzRGSy1RcDR0UHlOSmlNbEJZeThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVetMMA0G
CSqGSIb3DQEBCwUAA4IBAQAhdUmc6d6xjOLpiFsqo2k11/H6eRAx/FFp+fZok8nq
CotsUJ4bZ8Z2+Ba6JRwjfaCBmRmCxwGn83czsQdv5ldfD5qtGuMYUx9SiF1AR8Ka
0WxHYBDL2cfxSgqKfHGlzCHOtOMbamNP/+cb+cB5Jc94NdSXw0d586uFlBjp/PcO
xqdxL+mkhrdBb/OjXQzrvbs7GwG+8eTU8a/DKqaTVAxsth+QVZs5zoIVght/v5m7
r4+GWoeis0lSnNXsc4n6Ibcz4OSnWi5DmIelv5PqI6vCFim2Qbved8OLmyOWvbVp
hx5ZGvJ9015UQRCKDxMSlOUS5CP7BDlrXDmc8RhPKnEO
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:45:59 2025 by rpki-client