Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/BX5R5amdcio3WuT_y5iUpVj2ums.roa
File: BX5R5amdcio3WuT_y5iUpVj2ums.roa (raw, json)
Hash identifier: pwGrkwLGbzotd2slolQ5A3oax/Mg/fo6nb/3FvvTnt0=
Subject key identifier: 05:7E:51:E5:A9:9D:72:2A:37:5A:E4:FF:CB:98:94:A5:58:F6:BA:6B
Certificate issuer: /CN=6a17de1887fcfa9244b931d96da82678c0147663
Certificate serial: 0194258F5EBE9B17CAED225CDCC8164AB48C
Authority key identifier: 6A:17:DE:18:87:FC:FA:92:44:B9:31:D9:6D:A8:26:78:C0:14:76:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ahfeGIf8-pJEuTHZbagmeMAUdmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/BX5R5amdcio3WuT_y5iUpVj2ums.roa
Signing time: Thu 02 Jan 2025 05:49:00 +0000
ROA not before: Thu 02 Jan 2025 05:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56821
IP address blocks: 89.239.24.0/21 maxlen: 21
2a02:4007::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:5e:be:9b:17:ca:ed:22:5c:dc:c8:16:4a:b4:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a17de1887fcfa9244b931d96da82678c0147663
Validity
Not Before: Jan 2 05:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=057e51e5a99d722a375ae4ffcb9894a558f6ba6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a5:48:98:d7:15:0f:26:fc:0d:cf:48:6e:a7:
4f:fa:60:76:88:26:6c:2d:fc:ef:41:fa:ef:26:c5:
b0:16:4c:20:08:c5:2c:8f:27:ec:4b:12:8a:95:27:
36:14:24:fd:c3:79:b6:7e:07:4b:cc:c0:5a:dc:cf:
d5:12:3a:25:39:de:98:52:49:82:18:5d:5b:e1:1f:
9f:e8:c8:31:04:18:05:a6:24:67:d9:c2:f5:1c:60:
84:33:53:34:5e:7f:87:ad:be:21:01:25:d5:e2:6b:
a6:2c:f9:52:0a:75:c5:2f:21:fe:c7:c7:2b:1a:c5:
04:60:71:99:21:33:c8:94:f5:bd:26:30:f5:bd:b6:
59:96:b4:c6:9e:e7:2a:5e:3c:2e:28:e0:21:2e:3d:
99:8b:fe:1c:e8:20:6b:11:39:5c:8d:75:ef:69:2b:
e6:08:e8:91:92:d2:27:c1:8d:47:e4:6f:16:76:70:
95:2a:d8:3a:e6:e2:44:f6:b9:2f:f5:24:1e:07:0d:
3d:02:83:d1:50:43:66:09:b5:3a:05:1a:b5:45:81:
cc:b2:66:9b:7f:35:eb:85:64:13:0b:8a:75:f4:b7:
7c:4d:4b:3d:3c:1a:7a:88:d6:48:fd:41:b1:f6:f7:
3b:74:ae:e7:0a:3f:9b:a0:85:b8:41:2f:46:55:04:
3f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:7E:51:E5:A9:9D:72:2A:37:5A:E4:FF:CB:98:94:A5:58:F6:BA:6B
X509v3 Authority Key Identifier:
keyid:6A:17:DE:18:87:FC:FA:92:44:B9:31:D9:6D:A8:26:78:C0:14:76:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ahfeGIf8-pJEuTHZbagmeMAUdmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/BX5R5amdcio3WuT_y5iUpVj2ums.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/ahfeGIf8-pJEuTHZbagmeMAUdmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.239.24.0/21
IPv6:
2a02:4007::/32
Signature Algorithm: sha256WithRSAEncryption
4b:59:18:c4:28:2e:9a:cd:e8:75:be:7b:cf:1d:27:7d:10:73:
de:36:87:ce:c3:6b:bd:1f:d5:71:86:b4:8d:05:cb:8e:cf:9f:
57:56:c8:81:4c:6b:51:ae:40:de:9a:5f:5a:e1:68:49:1b:e3:
b4:5a:4e:9d:a8:b6:a6:bc:eb:bc:df:79:dc:b9:8b:dd:10:dc:
a1:16:ba:a8:ba:71:c1:0f:da:a4:e2:c2:6d:ac:42:e5:49:e5:
0c:5d:f0:19:80:79:70:1e:5c:3c:7f:d0:92:51:95:9a:84:73:
c5:76:4f:8d:29:b0:fe:5f:7f:46:9d:3e:c5:41:5b:7d:c3:da:
08:6f:1d:8a:75:cb:f6:94:35:07:0d:95:c1:2a:b1:63:7a:f6:
18:4f:bc:52:0d:5d:75:ad:fc:1e:b5:f3:08:d1:de:15:0b:b9:
ab:62:77:9c:77:1c:66:10:d7:1c:a1:8c:5d:04:6e:1f:1b:c2:
70:da:40:c7:37:8b:0f:3f:1a:29:a7:05:2e:8b:eb:18:87:93:
4c:19:38:78:c9:ae:a0:09:15:87:93:d8:75:bf:bb:8a:70:3e:
ce:c4:94:1a:27:36:5d:d1:68:29:10:56:33:75:68:fd:42:e4:
b5:8b:7c:c6:f0:60:8a:2f:8e:37:c5:7d:a6:c9:99:5b:e5:32:
6d:31:8c:e6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj16+mxfK7SJc3MgWSrSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMTdkZTE4ODdmY2ZhOTI0NGI5MzFkOTZkYTgyNjc4YzAx
NDc2NjMwHhcNMjUwMTAyMDU0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTdlNTFlNWE5OWQ3MjJhMzc1YWU0ZmZjYjk4OTRhNTU4ZjZiYTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaVImNcVDyb8Dc9IbqdP+mB2iCZs
LfzvQfrvJsWwFkwgCMUsjyfsSxKKlSc2FCT9w3m2fgdLzMBa3M/VEjolOd6YUkmC
GF1b4R+f6MgxBBgFpiRn2cL1HGCEM1M0Xn+Hrb4hASXV4mumLPlSCnXFLyH+x8cr
GsUEYHGZITPIlPW9JjD1vbZZlrTGnucqXjwuKOAhLj2Zi/4c6CBrETlcjXXvaSvm
COiRktInwY1H5G8WdnCVKtg65uJE9rkv9SQeBw09AoPRUENmCbU6BRq1RYHMsmab
fzXrhWQTC4p19Ld8TUs9PBp6iNZI/UGx9vc7dK7nCj+boIW4QS9GVQQ/3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAV+UeWpnXIqN1rk/8uYlKVY9rprMB8GA1UdIwQY
MBaAFGoX3hiH/PqSRLkx2W2oJnjAFHZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWhmZUdJZjgtcEpFdVRIWmJhZ21lTUFVZG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lYzI1YmQtMjE5ZS00ZDAyLWE1MzIt
MDc5OWE1MmE2Mzg3LzEvQlg1UjVhbWRjaW8zV3VUX3k1aVVwVmoydW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lYzI1YmQtMjE5ZS00ZDAyLWE1MzItMDc5OWE1MmE2Mzg3
LzEvYWhmZUdJZjgtcEpFdVRIWmJhZ21lTUFVZG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDWe8YMA0E
AgACMAcDBQAqAkAHMA0GCSqGSIb3DQEBCwUAA4IBAQBLWRjEKC6azeh1vnvPHSd9
EHPeNofOw2u9H9VxhrSNBcuOz59XVsiBTGtRrkDeml9a4WhJG+O0Wk6dqLamvOu8
33ncuYvdENyhFrqounHBD9qk4sJtrELlSeUMXfAZgHlwHlw8f9CSUZWahHPFdk+N
KbD+X39GnT7FQVt9w9oIbx2Kdcv2lDUHDZXBKrFjevYYT7xSDV11rfwetfMI0d4V
C7mrYnecdxxmENccoYxdBG4fG8Jw2kDHN4sPPxoppwUui+sYh5NMGTh4ya6gCRWH
k9h1v7uKcD7OxJQaJzZd0WgpEFYzdWj9QuS1i3zG8GCKL443xX2myZlb5TJtMYzm
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:26:42 2025 by rpki-client