Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/bxRO7kfiXfIBzrwx6__-lx4GD-Q.roa
File: bxRO7kfiXfIBzrwx6__-lx4GD-Q.roa (raw, json)
Hash identifier: Yl6am4vWUQXhAPFuVgrQF79QPPtS7MoD02zbAbTLBHQ=
Subject key identifier: 6F:14:4E:EE:47:E2:5D:F2:01:CE:BC:31:EB:FF:FE:97:1E:06:0F:E4
Certificate issuer: /CN=3be9593d290e0250278a73b313550329327bd589
Certificate serial: 019425222059541C1BB3741F052C5FA21382
Authority key identifier: 3B:E9:59:3D:29:0E:02:50:27:8A:73:B3:13:55:03:29:32:7B:D5:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/bxRO7kfiXfIBzrwx6__-lx4GD-Q.roa
Signing time: Thu 02 Jan 2025 03:49:40 +0000
ROA not before: Thu 02 Jan 2025 03:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201466
IP address blocks: 2.57.108.0/22 maxlen: 22
45.134.152.0/22 maxlen: 22
185.73.168.0/22 maxlen: 22
185.160.168.0/22 maxlen: 22
185.222.164.0/22 maxlen: 22
193.36.144.0/22 maxlen: 22
195.191.48.0/24 maxlen: 24
195.242.72.0/22 maxlen: 22
2a03:4460::/32 maxlen: 32
2a07:bec0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:20:59:54:1c:1b:b3:74:1f:05:2c:5f:a2:13:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3be9593d290e0250278a73b313550329327bd589
Validity
Not Before: Jan 2 03:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f144eee47e25df201cebc31ebfffe971e060fe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:58:ea:10:90:88:81:f3:bb:f9:ec:94:a8:47:
27:e2:15:30:c9:98:ef:19:e8:8d:fe:7a:60:16:b3:
a6:b7:dc:ee:ee:b6:cc:71:a1:88:0a:0c:28:7b:27:
45:55:1d:7c:b3:dd:c7:1c:ad:2c:03:e2:72:e3:97:
01:b1:a1:ed:93:b0:e0:4e:5f:4f:86:68:ae:df:59:
05:50:c1:99:c3:db:17:38:7a:51:58:9b:41:3a:0f:
6b:bd:c8:35:57:97:02:36:18:4e:53:0b:fe:5e:b4:
1c:f8:b9:04:24:87:46:ae:77:90:2a:d8:b1:7c:40:
57:a8:d6:bc:34:46:ce:9a:3b:a2:fd:49:ed:90:f1:
a9:3f:49:38:21:29:a0:a5:58:09:83:a7:fd:51:0c:
17:84:2e:87:3d:2f:55:f9:d1:a8:a1:7b:45:10:74:
b6:87:09:e9:01:92:37:c6:55:ca:82:c2:d4:03:16:
3c:8d:8c:6f:ac:2d:95:51:1f:cf:64:eb:8b:5d:b4:
8a:f9:01:f6:37:0d:34:67:ec:3d:a8:e2:1b:3c:9c:
8c:e1:a1:5c:31:2e:e4:25:97:39:96:27:98:4c:32:
87:b0:8d:a6:cf:90:29:a8:b0:60:98:0e:08:a7:c5:
88:90:a9:b1:c7:1d:3e:fe:43:a3:61:45:ea:eb:b7:
31:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:14:4E:EE:47:E2:5D:F2:01:CE:BC:31:EB:FF:FE:97:1E:06:0F:E4
X509v3 Authority Key Identifier:
keyid:3B:E9:59:3D:29:0E:02:50:27:8A:73:B3:13:55:03:29:32:7B:D5:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/bxRO7kfiXfIBzrwx6__-lx4GD-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.108.0/22
45.134.152.0/22
185.73.168.0/22
185.160.168.0/22
185.222.164.0/22
193.36.144.0/22
195.191.48.0/24
195.242.72.0/22
IPv6:
2a03:4460::/32
2a07:bec0::/29
Signature Algorithm: sha256WithRSAEncryption
b0:b2:f5:8b:4f:07:d1:98:fe:c7:93:08:d9:d3:5c:e8:ec:a2:
f7:97:db:36:5e:c8:1c:ee:aa:43:b9:21:57:67:53:83:ab:6a:
9f:57:93:bf:c4:05:d9:14:ea:07:89:71:c1:fa:1f:1a:4d:a1:
77:5e:aa:35:36:65:a0:94:07:82:9c:09:62:07:c1:20:a9:79:
df:04:e8:64:c6:fa:b2:0f:4a:8f:71:09:05:e0:7f:29:47:59:
f2:23:79:f5:ad:2c:f0:b8:45:cc:cb:03:5c:88:05:7b:cd:e0:
0d:14:ae:de:b2:52:9a:25:28:90:2f:67:0b:9f:19:ec:3b:0a:
2d:de:4d:80:28:90:73:43:ac:9b:ad:f0:f3:28:d5:d4:1d:16:
f9:cd:67:34:88:11:98:84:45:d5:28:1e:93:b5:fe:67:0b:a9:
32:9d:ed:62:9d:d0:85:de:34:0a:c1:03:8b:15:dd:e7:ac:36:
8a:b7:66:1b:9a:7c:02:aa:2c:94:73:d3:26:0e:f3:e2:40:53:
dc:2c:a8:88:28:04:66:17:db:0c:d9:5e:03:48:03:a9:03:61:
d8:b3:3e:f9:17:95:ba:d7:f4:5a:fa:0c:ce:58:fa:86:d4:3e:
37:72:b3:e5:09:da:f8:45:d0:c5:51:97:de:6e:10:54:c6:31:
f3:b4:31:2e
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZQlIiBZVBwbs3QfBSxfohOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZTk1OTNkMjkwZTAyNTAyNzhhNzNiMzEzNTUwMzI5MzI3
YmQ1ODkwHhcNMjUwMTAyMDM0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjE0NGVlZTQ3ZTI1ZGYyMDFjZWJjMzFlYmZmZmU5NzFlMDYwZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1jqEJCIgfO7+eyUqEcn4hUwyZjv
GeiN/npgFrOmt9zu7rbMcaGICgwoeydFVR18s93HHK0sA+Jy45cBsaHtk7DgTl9P
hmiu31kFUMGZw9sXOHpRWJtBOg9rvcg1V5cCNhhOUwv+XrQc+LkEJIdGrneQKtix
fEBXqNa8NEbOmjui/UntkPGpP0k4ISmgpVgJg6f9UQwXhC6HPS9V+dGooXtFEHS2
hwnpAZI3xlXKgsLUAxY8jYxvrC2VUR/PZOuLXbSK+QH2Nw00Z+w9qOIbPJyM4aFc
MS7kJZc5lieYTDKHsI2mz5ApqLBgmA4Ip8WIkKmxxx0+/kOjYUXq67cx+wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFG8UTu5H4l3yAc68Mev//pceBg/kMB8GA1UdIwQY
MBaAFDvpWT0pDgJQJ4pzsxNVAykye9WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS83NDRhNmUtZjNhMi00MGRkLWEwMmUt
NGVhYjA2MGYxNWZhLzEvYnhSTzdrZmlYZklCenJ3eDZfXy1seDRHRC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS83NDRhNmUtZjNhMi00MGRkLWEwMmUtNGVhYjA2MGYxNWZh
LzEvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQCAjlsAwQC
LYaYAwQCuUmoAwQCuaCoAwQCud6kAwQCwSSQAwQAw78wAwQCw/JIMBQEAgACMA4D
BQAqA0RgAwUDKge+wDANBgkqhkiG9w0BAQsFAAOCAQEAsLL1i08H0Zj+x5MI2dNc
6Oyi95fbNl7IHO6qQ7khV2dTg6tqn1eTv8QF2RTqB4lxwfofGk2hd16qNTZloJQH
gpwJYgfBIKl53wToZMb6sg9Kj3EJBeB/KUdZ8iN59a0s8LhFzMsDXIgFe83gDRSu
3rJSmiUokC9nC58Z7DsKLd5NgCiQc0Osm63w8yjV1B0W+c1nNIgRmIRF1Sgek7X+
ZwupMp3tYp3Qhd40CsEDixXd56w2irdmG5p8AqoslHPTJg7z4kBT3CyoiCgEZhfb
DNleA0gDqQNh2LM++ReVutf0WvoMzlj6htQ+N3Kz5Qna+EXQxVGX3m4QVMYx87Qx
Lg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:06:42 2025 by rpki-client