Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/BgyYhjdlX54FNLBOgRi8uw75ivU.roa
File: BgyYhjdlX54FNLBOgRi8uw75ivU.roa (raw, json)
Hash identifier: zzLTHJ8bOyhzXoEVwavpxvrPBboJmkVXfTzNirwZrsg=
Subject key identifier: 06:0C:98:86:37:65:5F:9E:05:34:B0:4E:81:18:BC:BB:0E:F9:8A:F5
Certificate issuer: /CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Certificate serial: 019423D7561E7E1D843A81634A2DB4386348
Authority key identifier: DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/BgyYhjdlX54FNLBOgRi8uw75ivU.roa
Signing time: Wed 01 Jan 2025 21:48:22 +0000
ROA not before: Wed 01 Jan 2025 21:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49423
IP address blocks: 176.118.185.0/24 maxlen: 24
2a0d:ca47:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:56:1e:7e:1d:84:3a:81:63:4a:2d:b4:38:63:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Validity
Not Before: Jan 1 21:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=060c988637655f9e0534b04e8118bcbb0ef98af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ff:25:6a:0e:93:73:c4:5b:bf:1a:e2:ac:3f:
00:cd:9b:29:d0:10:ef:f3:26:6a:e4:d1:8a:c5:cf:
35:dc:4e:96:8b:15:79:22:b2:ef:1a:eb:f5:e2:90:
a9:c4:1f:77:9c:0f:f5:fd:eb:a9:4b:15:56:d5:de:
63:6f:68:10:2d:a5:9b:2c:01:48:ae:96:d1:84:84:
7a:fb:28:29:83:db:62:07:75:16:68:c7:73:35:62:
c8:bd:f3:c1:80:63:d8:f4:b2:2e:ba:89:6c:20:49:
c2:84:af:c9:f2:04:49:41:fa:7a:28:c5:37:e4:72:
1d:be:9e:80:9f:82:c6:6f:6b:ae:8f:73:93:3d:48:
3d:87:33:0d:a7:dc:2b:ab:6c:ab:2a:e4:85:a6:47:
5c:95:fb:9c:c3:c6:d2:89:37:00:00:84:5e:c6:74:
06:15:bf:f1:2a:60:1c:df:38:b0:3f:43:88:ea:3e:
ad:2d:d6:0c:c5:39:ac:b2:44:2c:67:a6:2a:50:d1:
86:fc:83:2f:c0:91:d2:b2:cb:6d:f4:eb:35:d1:df:
56:42:85:08:13:e4:dd:5d:bc:48:98:f1:51:79:cb:
99:ac:1b:98:b5:f3:91:b3:dc:7f:97:7d:25:a7:a4:
92:ca:4a:a7:5b:f6:6b:5a:ce:6e:ab:ae:0e:36:ab:
fe:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:0C:98:86:37:65:5F:9E:05:34:B0:4E:81:18:BC:BB:0E:F9:8A:F5
X509v3 Authority Key Identifier:
keyid:DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/BgyYhjdlX54FNLBOgRi8uw75ivU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.185.0/24
IPv6:
2a0d:ca47:2::/48
Signature Algorithm: sha256WithRSAEncryption
6f:c6:77:cd:b3:2e:a4:f1:3d:c3:a5:d9:29:bc:d6:66:b0:c0:
ac:03:c2:28:ab:b9:13:1c:63:f3:8d:15:08:41:52:25:a0:13:
78:ba:6a:99:14:16:9c:fd:49:10:b1:ce:00:96:eb:d5:a8:95:
47:5f:29:68:06:54:1d:96:57:8e:36:e0:41:25:7b:8b:ca:08:
d5:f0:9e:cc:a8:6f:c7:e1:19:63:58:bc:9d:a5:2f:4e:64:36:
18:4a:b1:5f:fe:e0:ab:2f:61:80:c0:14:28:0f:96:64:50:b1:
90:fd:24:e5:51:2f:81:ec:de:dd:04:26:33:a7:8e:c5:8f:83:
a7:d4:b3:f6:27:2d:b5:b5:be:f9:34:a6:9e:e6:58:a5:a6:f1:
cf:26:8f:e1:29:e4:ee:e2:26:4a:64:53:9a:3a:9f:bb:1d:9a:
3a:e7:02:e2:49:6f:5b:bd:f3:09:e5:28:ed:1a:ca:ac:0d:2e:
89:2a:67:3c:21:d9:e8:6d:03:b9:97:d6:18:71:7d:bb:51:01:
4c:52:dc:d8:38:03:8b:55:54:2d:3d:8e:41:5d:e1:44:1a:bb:
7b:72:ac:6a:8e:32:3e:d0:77:73:76:62:5f:5e:ac:2e:e0:98:
f0:7c:17:af:4f:c4:24:c8:4f:82:37:65:97:06:28:a8:1d:48:
f3:89:54:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQj11Yefh2EOoFjSi20OGNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlN2M4MmIyMjc2Y2JkZjEzMGNjYWQwNDZiNjVmZWFiMmMy
N2VkNDkwHhcNMjUwMTAxMjE0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjBjOTg4NjM3NjU1ZjllMDUzNGIwNGU4MTE4YmNiYjBlZjk4YWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv8lag6Tc8RbvxrirD8AzZsp0BDv
8yZq5NGKxc813E6WixV5IrLvGuv14pCpxB93nA/1/eupSxVW1d5jb2gQLaWbLAFI
rpbRhIR6+ygpg9tiB3UWaMdzNWLIvfPBgGPY9LIuuolsIEnChK/J8gRJQfp6KMU3
5HIdvp6An4LGb2uuj3OTPUg9hzMNp9wrq2yrKuSFpkdclfucw8bSiTcAAIRexnQG
Fb/xKmAc3ziwP0OI6j6tLdYMxTmsskQsZ6YqUNGG/IMvwJHSsstt9Os10d9WQoUI
E+TdXbxImPFRecuZrBuYtfORs9x/l30lp6SSykqnW/ZrWs5uq64ONqv+iQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAYMmIY3ZV+eBTSwToEYvLsO+Yr1MB8GA1UdIwQY
MBaAFN58grInbL3xMMytBGtl/qssJ+1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODkt
N2ZhZjdjMWRlN2IwLzEvQmd5WWhqZGxYNTRGTkxCT2dSaTh1dzc1aXZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODktN2ZhZjdjMWRlN2Iw
LzEvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAsHa5MA8E
AgACMAkDBwAqDcpHAAIwDQYJKoZIhvcNAQELBQADggEBAG/Gd82zLqTxPcOl2Sm8
1mawwKwDwiiruRMcY/ONFQhBUiWgE3i6apkUFpz9SRCxzgCW69WolUdfKWgGVB2W
V4424EEle4vKCNXwnsyob8fhGWNYvJ2lL05kNhhKsV/+4KsvYYDAFCgPlmRQsZD9
JOVRL4Hs3t0EJjOnjsWPg6fUs/YnLbW1vvk0pp7mWKWm8c8mj+Ep5O7iJkpkU5o6
n7sdmjrnAuJJb1u98wnlKO0ayqwNLokqZzwh2ehtA7mX1hhxfbtRAUxS3Ng4A4tV
VC09jkFd4UQau3tyrGqOMj7Qd3N2Yl9erC7gmPB8F69PxCTIT4I3ZZcGKKgdSPOJ
VDk=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:02:48 2025 by rpki-client