Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/3d046c-1178-46a3-82e0-74d56c441dc1/1/bklfILZGU-_joVJ7shEdpn3K16Y.roa
File: bklfILZGU-_joVJ7shEdpn3K16Y.roa (raw, json)
Hash identifier: tvaGyYA4vrdZ1U8vrVJlMZUtPWquTZrNaUD1zejS5PE=
Subject key identifier: 6E:49:5F:20:B6:46:53:EF:E3:A1:52:7B:B2:11:1D:A6:7D:CA:D7:A6
Certificate issuer: /CN=ad3cc1a7870b610c355c6ec299b166edaba3df04
Certificate serial: 0194266B60A9B35F6B6491EDE452892DFDDF
Authority key identifier: AD:3C:C1:A7:87:0B:61:0C:35:5C:6E:C2:99:B1:66:ED:AB:A3:DF:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rTzBp4cLYQw1XG7CmbFm7auj3wQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/3d046c-1178-46a3-82e0-74d56c441dc1/1/bklfILZGU-_joVJ7shEdpn3K16Y.roa
Signing time: Thu 02 Jan 2025 09:49:18 +0000
ROA not before: Thu 02 Jan 2025 09:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44001
IP address blocks: 91.229.36.0/24 maxlen: 24
2001:67c:cf0::/48 maxlen: 48
2001:67c:cf4::/48 maxlen: 48
2001:67c:cf8::/48 maxlen: 48
2001:67c:2cc4::/48 maxlen: 48
2001:67c:2f38::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:60:a9:b3:5f:6b:64:91:ed:e4:52:89:2d:fd:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad3cc1a7870b610c355c6ec299b166edaba3df04
Validity
Not Before: Jan 2 09:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e495f20b64653efe3a1527bb2111da67dcad7a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7c:7e:41:fd:a6:46:1d:ff:58:ad:dc:a8:6d:
d4:e5:04:90:f6:d5:7d:6d:c9:2f:ae:8f:ff:db:39:
84:63:d9:dc:65:d8:57:0c:13:63:aa:72:c7:51:9c:
d6:eb:08:81:29:c1:4f:56:a0:ca:2f:68:48:a5:59:
db:cb:3b:4f:cb:86:8a:e5:a6:94:f6:03:0e:e4:5d:
38:5b:f7:4d:49:ac:51:ed:54:81:16:7a:66:ef:fd:
6f:89:d1:66:3a:6b:3b:3d:3f:e3:58:cc:c3:43:44:
8c:a1:81:90:66:54:4a:5f:c4:fc:f7:81:99:51:c1:
a0:71:4f:3e:36:1d:ba:32:1a:ed:46:b6:ba:61:e6:
0d:7c:c3:8b:77:f1:7d:bd:e1:1b:47:9f:2a:04:8a:
eb:d1:b0:ce:55:56:89:34:4c:56:46:57:a4:4d:35:
77:94:28:45:00:3c:41:61:0f:b1:2c:7e:94:56:d8:
bf:a6:c6:6d:60:a0:cc:4e:2e:8b:f4:15:44:e6:f4:
90:7e:13:f9:fe:77:f7:eb:dc:7a:8d:9d:50:2d:62:
26:2d:df:ed:e0:23:33:13:19:c0:9d:13:f4:85:1e:
d2:ce:ec:76:35:1e:1b:02:4b:84:22:ef:4c:e2:5f:
71:60:7f:e7:26:23:8c:79:b6:66:5e:a6:e3:56:48:
08:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:49:5F:20:B6:46:53:EF:E3:A1:52:7B:B2:11:1D:A6:7D:CA:D7:A6
X509v3 Authority Key Identifier:
keyid:AD:3C:C1:A7:87:0B:61:0C:35:5C:6E:C2:99:B1:66:ED:AB:A3:DF:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTzBp4cLYQw1XG7CmbFm7auj3wQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/3d046c-1178-46a3-82e0-74d56c441dc1/1/bklfILZGU-_joVJ7shEdpn3K16Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/3d046c-1178-46a3-82e0-74d56c441dc1/1/rTzBp4cLYQw1XG7CmbFm7auj3wQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.36.0/24
IPv6:
2001:67c:cf0::/48
2001:67c:cf4::/48
2001:67c:cf8::/48
2001:67c:2cc4::/48
2001:67c:2f38::/48
Signature Algorithm: sha256WithRSAEncryption
70:66:7f:70:08:05:84:43:4a:65:65:27:25:34:75:24:4c:21:
b2:14:86:b2:e9:7c:57:2c:74:a1:b8:df:17:99:6d:e3:eb:a9:
80:5f:6c:48:95:93:f5:ab:f6:fd:44:5c:aa:29:35:68:1f:f8:
de:81:be:ed:cf:b4:4a:28:39:f8:c2:a9:11:c7:7e:39:dd:5a:
7f:da:57:0e:17:30:35:b0:15:8e:ef:c4:8a:dc:91:54:04:84:
82:af:70:c7:40:3f:e5:01:55:ff:10:36:2b:2d:e3:17:1b:f9:
a3:6f:f2:e4:1e:03:b5:06:46:c8:f0:a6:ae:02:b3:ab:2c:8a:
e7:ed:b1:ce:cc:03:dc:b6:7f:0a:3f:c5:7e:54:70:33:e5:c6:
f8:f7:7c:3d:0a:12:75:10:64:f9:29:e3:6e:d2:d1:bc:b0:34:
01:df:71:3a:98:c9:80:b2:75:47:1c:98:f2:9f:3e:64:f1:56:
79:bf:e7:42:60:46:02:a6:c8:12:84:07:ae:8b:86:60:3c:de:
19:bd:7f:ca:8f:ae:37:38:59:30:25:1a:37:ee:5c:36:9f:0b:
7a:42:be:bf:5f:79:9d:fb:8f:c3:f0:61:a6:45:9a:e8:0b:6f:
ef:6e:c5:7c:70:94:98:4c:e1:9d:a7:24:be:b0:4a:23:76:d4:
c2:c2:0d:4d
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQma2Cps19rZJHt5FKJLf3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkM2NjMWE3ODcwYjYxMGMzNTVjNmVjMjk5YjE2NmVkYWJh
M2RmMDQwHhcNMjUwMTAyMDk0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQ5NWYyMGI2NDY1M2VmZTNhMTUyN2JiMjExMWRhNjdkY2FkN2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3x+Qf2mRh3/WK3cqG3U5QSQ9tV9
bckvro//2zmEY9ncZdhXDBNjqnLHUZzW6wiBKcFPVqDKL2hIpVnbyztPy4aK5aaU
9gMO5F04W/dNSaxR7VSBFnpm7/1vidFmOms7PT/jWMzDQ0SMoYGQZlRKX8T894GZ
UcGgcU8+Nh26MhrtRra6YeYNfMOLd/F9veEbR58qBIrr0bDOVVaJNExWRlekTTV3
lChFADxBYQ+xLH6UVti/psZtYKDMTi6L9BVE5vSQfhP5/nf369x6jZ1QLWImLd/t
4CMzExnAnRP0hR7Szux2NR4bAkuEIu9M4l9xYH/nJiOMebZmXqbjVkgIpwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFG5JXyC2RlPv46FSe7IRHaZ9ytemMB8GA1UdIwQY
MBaAFK08waeHC2EMNVxuwpmxZu2ro98EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclR6QnA0Y0xZUXcxWEc3Q21iRm03YXVqM3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zZDA0NmMtMTE3OC00NmEzLTgyZTAt
NzRkNTZjNDQxZGMxLzEvYmtsZklMWkdVLV9qb1ZKN3NoRWRwbjNLMTZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zZDA0NmMtMTE3OC00NmEzLTgyZTAtNzRkNTZjNDQxZGMx
LzEvclR6QnA0Y0xZUXcxWEc3Q21iRm03YXVqM3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAMBAIAATAGAwQAW+UkMDME
AgACMC0DBwAgAQZ8DPADBwAgAQZ8DPQDBwAgAQZ8DPgDBwAgAQZ8LMQDBwAgAQZ8
LzgwDQYJKoZIhvcNAQELBQADggEBAHBmf3AIBYRDSmVlJyU0dSRMIbIUhrLpfFcs
dKG43xeZbePrqYBfbEiVk/Wr9v1EXKopNWgf+N6Bvu3PtEooOfjCqRHHfjndWn/a
Vw4XMDWwFY7vxIrckVQEhIKvcMdAP+UBVf8QNist4xcb+aNv8uQeA7UGRsjwpq4C
s6ssiuftsc7MA9y2fwo/xX5UcDPlxvj3fD0KEnUQZPkp427S0bywNAHfcTqYyYCy
dUccmPKfPmTxVnm/50JgRgKmyBKEB66LhmA83hm9f8qPrjc4WTAlGjfuXDafC3pC
vr9feZ37j8PwYaZFmugLb+9uxXxwlJhM4Z2nJL6wSiN21MLCDU0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:54:25 2025 by rpki-client