Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c6b906-9150-443d-ba30-739c198c513f/1/BCx9uHR447EqnUAT6LDXDmc-U64.roa
File: BCx9uHR447EqnUAT6LDXDmc-U64.roa (raw, json)
Hash identifier: uKePdL/bKCVHy8Q2jDMnzQQFWnYFjJHWmlJeT5g86S8=
Subject key identifier: 04:2C:7D:B8:74:78:E3:B1:2A:9D:40:13:E8:B0:D7:0E:67:3E:53:AE
Certificate issuer: /CN=1ad5d174cbb46aaf86555b80e1773331b870b568
Certificate serial: 01942444CAD26E2C3B8824D1BC9DF2AD8448
Authority key identifier: 1A:D5:D1:74:CB:B4:6A:AF:86:55:5B:80:E1:77:33:31:B8:70:B5:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtXRdMu0aq-GVVuA4XczMbhwtWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c6b906-9150-443d-ba30-739c198c513f/1/BCx9uHR447EqnUAT6LDXDmc-U64.roa
Signing time: Wed 01 Jan 2025 23:47:55 +0000
ROA not before: Wed 01 Jan 2025 23:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47303
IP address blocks: 193.203.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ca:d2:6e:2c:3b:88:24:d1:bc:9d:f2:ad:84:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ad5d174cbb46aaf86555b80e1773331b870b568
Validity
Not Before: Jan 1 23:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=042c7db87478e3b12a9d4013e8b0d70e673e53ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fd:23:05:8a:0d:57:17:8c:8d:09:9a:75:ed:
ca:e0:01:a4:fd:3c:92:2d:10:7c:a5:6e:d0:c4:cd:
c6:35:ec:9c:48:f9:8b:12:10:3c:12:d9:be:ed:22:
05:fd:12:c4:97:cf:a5:45:30:0b:c2:c9:8b:ec:0d:
ff:e0:1a:b7:ac:8a:80:c3:eb:52:a1:74:b2:e3:f1:
80:5c:1c:3c:5c:9f:d3:1a:72:4b:7b:10:d8:b9:6a:
96:31:b4:dd:43:a8:8f:e2:11:7d:ca:11:df:17:42:
71:b5:2f:a4:68:ad:10:10:9f:8d:cb:31:49:99:47:
65:ff:71:99:60:67:c9:b2:1d:68:47:a8:bd:63:f2:
fe:ab:c8:80:6e:73:7e:94:a0:0a:4d:e0:06:1d:63:
b9:c0:83:fc:72:0e:99:b5:ee:a8:0d:6e:6a:b8:53:
a1:01:c7:c3:b0:7e:3d:23:47:da:34:69:cd:c2:34:
cb:b7:48:cb:0b:3c:e5:d5:5f:76:e2:ac:f0:03:b6:
2a:29:fd:d9:9c:da:df:4a:3e:7f:8f:e1:77:ef:5d:
b8:84:7c:47:55:54:8a:15:b1:93:77:a9:ce:13:ca:
39:b6:96:51:c2:94:3c:d6:e3:4b:35:c5:bf:0b:0c:
c6:71:bf:8c:d3:be:7d:b7:03:a3:78:cb:9e:73:92:
43:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:2C:7D:B8:74:78:E3:B1:2A:9D:40:13:E8:B0:D7:0E:67:3E:53:AE
X509v3 Authority Key Identifier:
keyid:1A:D5:D1:74:CB:B4:6A:AF:86:55:5B:80:E1:77:33:31:B8:70:B5:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtXRdMu0aq-GVVuA4XczMbhwtWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c6b906-9150-443d-ba30-739c198c513f/1/BCx9uHR447EqnUAT6LDXDmc-U64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c6b906-9150-443d-ba30-739c198c513f/1/GtXRdMu0aq-GVVuA4XczMbhwtWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.99.0/24
Signature Algorithm: sha256WithRSAEncryption
87:77:28:5f:e8:81:20:94:57:97:38:69:31:f3:a2:53:47:cc:
a1:d5:f7:b4:ab:1d:79:52:5d:15:8f:b9:08:55:36:65:5b:f2:
d4:ec:b2:3b:51:9b:ce:df:8b:13:96:bf:29:f5:2c:0b:e0:3a:
08:60:92:f6:d1:11:9c:8c:d1:27:9b:14:0f:cc:00:cc:52:15:
47:93:84:21:b6:96:c2:9c:67:3e:bf:49:8f:21:09:9a:ab:df:
2c:ed:16:aa:ca:91:b5:a0:dd:79:3b:2b:0f:b8:c3:bc:0f:3a:
1f:54:b4:da:74:f2:a0:d6:10:c4:e6:65:95:0f:a1:75:7d:4f:
d6:02:87:7c:37:43:f0:92:2b:4f:4a:3e:f8:99:e7:fe:29:eb:
7e:19:9f:be:9c:ba:46:16:3e:ad:28:d9:1c:19:87:9f:cc:6d:
ce:21:7a:b9:75:92:ba:9d:90:27:3e:d0:8e:c4:56:5b:98:ac:
09:12:52:74:d8:7d:ea:b8:8b:be:1b:45:fe:09:3a:85:ba:6b:
c9:04:3f:dd:67:f0:49:d6:93:03:ba:39:d0:bc:f8:db:cb:33:
e4:de:b6:95:29:72:2a:9f:e5:f4:c8:6f:fc:e3:3b:ff:e3:d5:
40:fe:44:45:31:82:fa:af:53:e8:c1:72:91:b2:f6:bd:e3:06:
db:1c:ee:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRMrSbiw7iCTRvJ3yrYRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZDVkMTc0Y2JiNDZhYWY4NjU1NWI4MGUxNzczMzMxYjg3
MGI1NjgwHhcNMjUwMTAxMjM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDJjN2RiODc0NzhlM2IxMmE5ZDQwMTNlOGIwZDcwZTY3M2U1M2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1P0jBYoNVxeMjQmade3K4AGk/TyS
LRB8pW7QxM3GNeycSPmLEhA8Etm+7SIF/RLEl8+lRTALwsmL7A3/4Bq3rIqAw+tS
oXSy4/GAXBw8XJ/TGnJLexDYuWqWMbTdQ6iP4hF9yhHfF0JxtS+kaK0QEJ+NyzFJ
mUdl/3GZYGfJsh1oR6i9Y/L+q8iAbnN+lKAKTeAGHWO5wIP8cg6Zte6oDW5quFOh
AcfDsH49I0faNGnNwjTLt0jLCzzl1V924qzwA7YqKf3ZnNrfSj5/j+F37124hHxH
VVSKFbGTd6nOE8o5tpZRwpQ81uNLNcW/CwzGcb+M0759twOjeMuec5JDSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAQsfbh0eOOxKp1AE+iw1w5nPlOuMB8GA1UdIwQY
MBaAFBrV0XTLtGqvhlVbgOF3MzG4cLVoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RYUmRNdTBhcS1HVlZ1QTRYY3pNYmh3dFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jNmI5MDYtOTE1MC00NDNkLWJhMzAt
NzM5YzE5OGM1MTNmLzEvQkN4OXVIUjQ0N0VxblVBVDZMRFhEbWMtVTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jNmI5MDYtOTE1MC00NDNkLWJhMzAtNzM5YzE5OGM1MTNm
LzEvR3RYUmRNdTBhcS1HVlZ1QTRYY3pNYmh3dFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwctjMA0G
CSqGSIb3DQEBCwUAA4IBAQCHdyhf6IEglFeXOGkx86JTR8yh1fe0qx15Ul0Vj7kI
VTZlW/LU7LI7UZvO34sTlr8p9SwL4DoIYJL20RGcjNEnmxQPzADMUhVHk4QhtpbC
nGc+v0mPIQmaq98s7RaqypG1oN15OysPuMO8DzofVLTadPKg1hDE5mWVD6F1fU/W
Aod8N0PwkitPSj74mef+Ket+GZ++nLpGFj6tKNkcGYefzG3OIXq5dZK6nZAnPtCO
xFZbmKwJElJ02H3quIu+G0X+CTqFumvJBD/dZ/BJ1pMDujnQvPjbyzPk3raVKXIq
n+X0yG/84zv/49VA/kRFMYL6r1PowXKRsva94wbbHO5h
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:44:52 2025 by rpki-client