Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/34cc12-c824-4499-a5af-29ef17540222/1/bXTr3E6VnWX26W0oqBoPPL1PlHA.roa
File: bXTr3E6VnWX26W0oqBoPPL1PlHA.roa (raw, json)
Hash identifier: G0OUsQqR41YHtb5AbPT1gfl1AXhku70rwPK53DaTikA=
Subject key identifier: 6D:74:EB:DC:4E:95:9D:65:F6:E9:6D:28:A8:1A:0F:3C:BD:4F:94:70
Certificate issuer: /CN=fbb0a25810d02646656f909c44eb2ba939d23209
Certificate serial: 019421B1EA940AD50694906E644A9E2EDF16
Authority key identifier: FB:B0:A2:58:10:D0:26:46:65:6F:90:9C:44:EB:2B:A9:39:D2:32:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-7CiWBDQJkZlb5CcROsrqTnSMgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/34cc12-c824-4499-a5af-29ef17540222/1/bXTr3E6VnWX26W0oqBoPPL1PlHA.roa
Signing time: Wed 01 Jan 2025 11:48:15 +0000
ROA not before: Wed 01 Jan 2025 11:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209171
IP address blocks: 2.58.140.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ea:94:0a:d5:06:94:90:6e:64:4a:9e:2e:df:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbb0a25810d02646656f909c44eb2ba939d23209
Validity
Not Before: Jan 1 11:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d74ebdc4e959d65f6e96d28a81a0f3cbd4f9470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:52:a6:14:b5:48:f5:d9:5b:d0:b6:58:21:1c:
ee:9b:95:2c:e1:dc:0a:63:5b:4a:25:a9:00:ff:04:
34:b3:f4:b0:12:00:e1:6c:49:90:b3:31:99:58:e3:
f2:f0:c1:82:83:38:5a:39:45:71:c6:3d:b2:26:1e:
78:a6:8a:52:12:e6:68:16:15:38:f9:e0:2e:a9:28:
17:86:96:9e:90:14:97:a1:a6:1c:18:a6:c2:22:9b:
cf:8b:2b:57:a4:67:90:7d:db:98:28:b2:dc:b6:a5:
d9:2d:2b:f1:66:9b:68:62:93:46:bd:8b:53:bf:6c:
28:38:5c:4b:8e:4f:7e:9a:37:a7:55:f7:a8:d5:c3:
92:ac:6d:44:cb:32:a7:ba:9e:91:bb:86:7b:c6:74:
49:fa:59:fb:07:3c:af:d4:e6:d1:ca:e3:5a:f3:cb:
01:3f:48:95:c4:29:85:1e:80:88:c9:ef:a9:54:47:
36:97:13:de:b3:c1:2d:a0:56:59:a1:56:76:06:a2:
1b:46:32:5e:2b:65:5a:e7:d9:4a:3a:ea:2a:68:0a:
19:c7:35:1d:54:0d:15:b7:a2:b2:38:9b:a4:40:aa:
74:30:29:7c:74:78:40:5e:46:e4:ef:7c:93:de:d9:
74:b5:ff:e4:b9:dc:9c:1b:52:48:36:68:f5:81:1a:
29:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:74:EB:DC:4E:95:9D:65:F6:E9:6D:28:A8:1A:0F:3C:BD:4F:94:70
X509v3 Authority Key Identifier:
keyid:FB:B0:A2:58:10:D0:26:46:65:6F:90:9C:44:EB:2B:A9:39:D2:32:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-7CiWBDQJkZlb5CcROsrqTnSMgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/34cc12-c824-4499-a5af-29ef17540222/1/bXTr3E6VnWX26W0oqBoPPL1PlHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/34cc12-c824-4499-a5af-29ef17540222/1/1-7CiWBDQJkZlb5CcROsrqTnSMgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.140.0/22
Signature Algorithm: sha256WithRSAEncryption
11:13:af:5a:4c:1e:97:75:e7:84:42:fc:35:52:f1:7a:e0:bd:
48:d6:10:05:57:95:89:c9:cb:7a:cf:71:af:6a:e4:b0:ca:a9:
3c:ae:50:de:60:ce:3e:23:0a:ad:c0:c0:eb:27:ca:30:21:e0:
e4:c4:af:56:d9:65:a8:ef:82:5e:35:45:ed:17:99:85:c7:8d:
ae:99:ca:04:18:02:d7:1e:27:c7:42:cb:be:0a:e3:d9:1f:44:
b6:56:96:82:51:fc:5c:f0:73:07:2c:89:88:ff:ca:7c:c8:5c:
5e:59:5a:ab:db:ec:df:1e:f9:28:a8:21:e9:a0:97:3c:51:97:
86:a3:6f:e0:5b:05:ca:4c:9b:1b:e6:dd:c0:b9:72:bd:d7:82:
91:e7:4f:c5:e2:b4:4b:af:0d:1a:8a:7d:e0:9f:d2:bc:c2:75:
6d:56:e7:ba:0a:73:07:9c:23:60:b0:13:ef:ec:bf:42:64:20:
57:c3:89:1f:f1:ff:f3:c9:1a:28:6a:b6:44:f0:6c:59:f7:59:
39:04:d5:61:16:be:5f:2d:00:9f:4a:bd:48:4c:ff:e6:ff:51:
03:3a:55:03:cb:a9:5c:9f:c4:c9:34:1b:4a:3b:10:27:e8:3e:
56:cc:14:0d:25:de:86:80:69:58:f6:36:f0:6c:49:19:fd:b0:
a6:05:18:c7
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQhseqUCtUGlJBuZEqeLt8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiYjBhMjU4MTBkMDI2NDY2NTZmOTA5YzQ0ZWIyYmE5Mzlk
MjMyMDkwHhcNMjUwMTAxMTE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDc0ZWJkYzRlOTU5ZDY1ZjZlOTZkMjhhODFhMGYzY2JkNGY5NDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8lKmFLVI9dlb0LZYIRzum5Us4dwK
Y1tKJakA/wQ0s/SwEgDhbEmQszGZWOPy8MGCgzhaOUVxxj2yJh54popSEuZoFhU4
+eAuqSgXhpaekBSXoaYcGKbCIpvPiytXpGeQfduYKLLctqXZLSvxZptoYpNGvYtT
v2woOFxLjk9+mjenVfeo1cOSrG1EyzKnup6Ru4Z7xnRJ+ln7Bzyv1ObRyuNa88sB
P0iVxCmFHoCIye+pVEc2lxPes8EtoFZZoVZ2BqIbRjJeK2Va59lKOuoqaAoZxzUd
VA0Vt6KyOJukQKp0MCl8dHhAXkbk73yT3tl0tf/kudycG1JINmj1gRopgQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFG1069xOlZ1l9ultKKgaDzy9T5RwMB8GA1UdIwQY
MBaAFPuwolgQ0CZGZW+QnETrK6k50jIJMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS03Q2lXQkRRSmtabGI1Q2NST3NycVRuU01nay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYvMzRjYzEyLWM4MjQtNDQ5OS1hNWFm
LTI5ZWYxNzU0MDIyMi8xL2JYVHIzRTZWbldYMjZXMG9xQm9QUEwxUGxIQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODYvMzRjYzEyLWM4MjQtNDQ5OS1hNWFmLTI5ZWYxNzU0MDIy
Mi8xLzEtN0NpV0JEUUprWmxiNUNjUk9zcnFUblNNZ2suY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAICOoww
DQYJKoZIhvcNAQELBQADggEBABETr1pMHpd154RC/DVS8XrgvUjWEAVXlYnJy3rP
ca9q5LDKqTyuUN5gzj4jCq3AwOsnyjAh4OTEr1bZZajvgl41Re0XmYXHja6ZygQY
AtceJ8dCy74K49kfRLZWloJR/FzwcwcsiYj/ynzIXF5ZWqvb7N8e+SioIemglzxR
l4ajb+BbBcpMmxvm3cC5cr3XgpHnT8XitEuvDRqKfeCf0rzCdW1W57oKcwecI2Cw
E+/sv0JkIFfDiR/x//PJGihqtkTwbFn3WTkE1WEWvl8tAJ9KvUhM/+b/UQM6VQPL
qVyfxMk0G0o7ECfoPlbMFA0l3oaAaVj2NvBsSRn9sKYFGMc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:17:48 2025 by rpki-client