Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/942022-4fb3-461d-b456-1526cb9abf9b/1/BBdbuotjTMjXRl3JAeP7HEvXWvI.roa
File: BBdbuotjTMjXRl3JAeP7HEvXWvI.roa (raw, json)
Hash identifier: oe7eC03oYJfwYH0zG5KTjbcXBldNHb2+R11az4Gn4S0=
Subject key identifier: 04:17:5B:BA:8B:63:4C:C8:D7:46:5D:C9:01:E3:FB:1C:4B:D7:5A:F2
Certificate issuer: /CN=300777c3b44144fd3056bf4b845450cb7fab9c2d
Certificate serial: 019421B24DD70707CD11FD3FEF3851B70F32
Authority key identifier: 30:07:77:C3:B4:41:44:FD:30:56:BF:4B:84:54:50:CB:7F:AB:9C:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAd3w7RBRP0wVr9LhFRQy3-rnC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/942022-4fb3-461d-b456-1526cb9abf9b/1/BBdbuotjTMjXRl3JAeP7HEvXWvI.roa
Signing time: Wed 01 Jan 2025 11:48:40 +0000
ROA not before: Wed 01 Jan 2025 11:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211721
IP address blocks: 194.153.135.0/24 maxlen: 24
2a10:9f40::/29 maxlen: 29
2a10:9f40::/31 maxlen: 31
2a10:9f42::/31 maxlen: 31
2a10:9f44::/31 maxlen: 31
2a10:9f46::/31 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:4d:d7:07:07:cd:11:fd:3f:ef:38:51:b7:0f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=300777c3b44144fd3056bf4b845450cb7fab9c2d
Validity
Not Before: Jan 1 11:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04175bba8b634cc8d7465dc901e3fb1c4bd75af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d2:34:17:b4:1e:52:35:21:c5:09:2c:f8:09:
89:99:fc:b4:f2:d9:a0:17:01:63:dc:94:65:12:08:
44:16:74:cc:55:68:5c:9a:d8:6b:08:3d:71:ac:b3:
ba:de:59:2c:10:d1:2a:66:2c:7a:bc:60:7b:ed:1f:
1f:97:95:72:e5:59:41:96:6d:b1:25:c2:a1:bf:97:
71:53:ae:3e:aa:50:d2:9f:ce:ab:16:be:f3:de:0c:
ff:a5:1b:49:b6:08:fd:2b:fc:7f:2d:f7:dc:c9:44:
aa:5b:d1:8c:34:e1:a4:94:72:a9:eb:b8:31:df:71:
05:f5:4f:c2:fd:66:7d:61:ed:39:d7:b4:76:6e:40:
e4:00:c9:9d:4a:4a:91:6d:72:e3:a1:3c:80:a2:a1:
f9:48:34:7c:f7:91:04:28:4c:cb:80:aa:eb:a8:74:
37:1b:c5:80:27:f4:8e:a4:22:1e:1e:e4:1b:6b:2d:
3b:85:92:15:a5:fa:63:e4:75:a9:66:66:7f:4d:cd:
09:c7:c7:a5:fa:3d:2c:95:c3:c4:8c:55:b9:8b:4c:
36:e6:6c:e6:b8:b7:56:1c:fb:bf:9d:c5:f4:5a:14:
5f:47:7d:7c:50:15:3f:f6:a5:30:b0:14:44:be:cd:
c5:d6:7d:12:12:57:a5:a9:48:97:81:91:7c:60:30:
9f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:17:5B:BA:8B:63:4C:C8:D7:46:5D:C9:01:E3:FB:1C:4B:D7:5A:F2
X509v3 Authority Key Identifier:
keyid:30:07:77:C3:B4:41:44:FD:30:56:BF:4B:84:54:50:CB:7F:AB:9C:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAd3w7RBRP0wVr9LhFRQy3-rnC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/942022-4fb3-461d-b456-1526cb9abf9b/1/BBdbuotjTMjXRl3JAeP7HEvXWvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/942022-4fb3-461d-b456-1526cb9abf9b/1/MAd3w7RBRP0wVr9LhFRQy3-rnC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.135.0/24
IPv6:
2a10:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
bc:19:44:6c:b1:94:6e:a5:b5:27:9f:8e:f5:4c:59:3f:68:15:
03:01:7e:ef:f8:34:c7:a5:0d:99:64:3b:c2:08:10:f0:07:93:
71:3d:bc:77:ad:b0:6c:69:1f:53:df:f4:3a:39:69:b3:69:a9:
07:35:2c:99:2e:68:95:6c:75:1d:fa:90:80:63:43:e3:d5:81:
5a:7a:39:05:3c:96:cb:9a:1c:f7:94:9f:04:61:18:17:a0:b9:
2b:5c:cc:e0:02:98:26:8a:bf:1b:3e:7b:9a:4f:60:fe:1a:e2:
a5:e2:e2:be:19:2e:0f:5b:7b:f0:71:db:5e:ec:26:53:8f:4c:
bf:72:e1:c4:60:2a:45:9e:67:34:b7:29:74:4d:65:4f:c5:e6:
9f:a9:1b:45:37:5c:a6:03:af:e6:9f:d5:50:2e:19:4e:46:15:
e9:ad:17:4f:c6:46:3e:9e:89:19:64:bd:bb:ee:1f:d6:88:49:
2d:da:72:35:a9:fb:d7:9c:1d:99:b5:8a:2e:9b:e2:79:5f:50:
2c:ca:55:bd:0f:38:87:e1:05:df:47:84:cf:62:e1:b2:c3:98:
fa:0b:74:a7:e0:48:ae:c9:52:08:71:3b:3e:07:39:bf:23:88:
26:54:1b:ce:f5:93:be:8a:bb:e7:ba:87:ae:76:e2:dc:4a:02:
00:ab:3f:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsk3XBwfNEf0/7zhRtw8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDc3N2MzYjQ0MTQ0ZmQzMDU2YmY0Yjg0NTQ1MGNiN2Zh
YjljMmQwHhcNMjUwMTAxMTE0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDE3NWJiYThiNjM0Y2M4ZDc0NjVkYzkwMWUzZmIxYzRiZDc1YWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdI0F7QeUjUhxQks+AmJmfy08tmg
FwFj3JRlEghEFnTMVWhcmthrCD1xrLO63lksENEqZix6vGB77R8fl5Vy5VlBlm2x
JcKhv5dxU64+qlDSn86rFr7z3gz/pRtJtgj9K/x/LffcyUSqW9GMNOGklHKp67gx
33EF9U/C/WZ9Ye0517R2bkDkAMmdSkqRbXLjoTyAoqH5SDR895EEKEzLgKrrqHQ3
G8WAJ/SOpCIeHuQbay07hZIVpfpj5HWpZmZ/Tc0Jx8el+j0slcPEjFW5i0w25mzm
uLdWHPu/ncX0WhRfR318UBU/9qUwsBREvs3F1n0SElelqUiXgZF8YDCfJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAQXW7qLY0zI10ZdyQHj+xxL11ryMB8GA1UdIwQY
MBaAFDAHd8O0QUT9MFa/S4RUUMt/q5wtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFkM3c3UkJSUDB3VnI5TGhGUlF5My1ybkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85NDIwMjItNGZiMy00NjFkLWI0NTYt
MTUyNmNiOWFiZjliLzEvQkJkYnVvdGpUTWpYUmwzSkFlUDdIRXZYV3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85NDIwMjItNGZiMy00NjFkLWI0NTYtMTUyNmNiOWFiZjli
LzEvTUFkM3c3UkJSUDB3VnI5TGhGUlF5My1ybkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwpmHMA0E
AgACMAcDBQMqEJ9AMA0GCSqGSIb3DQEBCwUAA4IBAQC8GURssZRupbUnn471TFk/
aBUDAX7v+DTHpQ2ZZDvCCBDwB5NxPbx3rbBsaR9T3/Q6OWmzaakHNSyZLmiVbHUd
+pCAY0Pj1YFaejkFPJbLmhz3lJ8EYRgXoLkrXMzgApgmir8bPnuaT2D+GuKl4uK+
GS4PW3vwcdte7CZTj0y/cuHEYCpFnmc0tyl0TWVPxeafqRtFN1ymA6/mn9VQLhlO
RhXprRdPxkY+nokZZL277h/WiEkt2nI1qfvXnB2ZtYoum+J5X1AsylW9DziH4QXf
R4TPYuGyw5j6C3Sn4EiuyVIIcTs+Bzm/I4gmVBvO9ZO+irvnuoeuduLcSgIAqz+Z
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:39:20 2025 by rpki-client