Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/d16e3e-eb09-4fb9-9081-bd3e7adde8de/1/BD04oGhJezcKgfhBVSPLxiCwx-U.roa
File: BD04oGhJezcKgfhBVSPLxiCwx-U.roa (raw, json)
Hash identifier: 6BJW9GRsg9XqwBDaRIKZatrd81rOIFw+haS77P869vM=
Subject key identifier: 04:3D:38:A0:68:49:7B:37:0A:81:F8:41:55:23:CB:C6:20:B0:C7:E5
Certificate issuer: /CN=e20e3805a1b4f5b61cfe73010e838c2f0d25b44b
Certificate serial: 01942369C00A9AEAD760DEC23266713B79DE
Authority key identifier: E2:0E:38:05:A1:B4:F5:B6:1C:FE:73:01:0E:83:8C:2F:0D:25:B4:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4g44BaG09bYc_nMBDoOMLw0ltEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/d16e3e-eb09-4fb9-9081-bd3e7adde8de/1/BD04oGhJezcKgfhBVSPLxiCwx-U.roa
Signing time: Wed 01 Jan 2025 19:48:40 +0000
ROA not before: Wed 01 Jan 2025 19:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207163
IP address blocks: 185.164.88.0/22 maxlen: 22
2a0a:f400::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c0:0a:9a:ea:d7:60:de:c2:32:66:71:3b:79:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e20e3805a1b4f5b61cfe73010e838c2f0d25b44b
Validity
Not Before: Jan 1 19:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=043d38a068497b370a81f8415523cbc620b0c7e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:85:3d:d7:64:2a:ba:2a:42:a3:98:98:b4:b9:
17:0a:84:48:9b:db:59:d1:5b:e0:f2:20:a6:c1:ac:
28:73:14:9e:e8:2f:0c:0e:b1:72:12:cd:a6:0e:af:
f7:b7:2c:59:a0:3a:3a:35:b4:57:ab:40:ac:88:40:
c8:9b:8e:36:ef:25:da:22:f3:98:c3:44:50:98:8b:
1e:d7:8a:80:6c:0e:8d:fd:83:a2:97:23:66:7f:0e:
cb:2c:6a:a4:82:2c:31:15:4c:db:27:0a:4e:b8:94:
40:cc:61:69:66:e5:2a:96:aa:23:d6:11:93:77:82:
f0:4f:17:fd:21:81:ff:07:b1:5e:fe:26:db:1e:1a:
e5:d0:01:56:da:08:8a:d1:92:e2:2f:ae:1e:70:30:
70:21:b2:3a:6d:3c:52:99:3b:d3:36:ad:f7:be:f5:
8a:36:3b:4f:ea:13:0b:c4:3c:7d:e5:57:9a:57:9d:
97:b7:57:c6:9f:60:22:ec:1a:f6:b0:19:70:79:47:
25:b9:80:33:bc:56:05:23:f6:26:17:e3:f1:d0:46:
ba:25:55:a0:da:de:9a:c3:83:df:6e:02:96:a6:6d:
84:6a:4b:9f:6d:0c:8a:a3:d7:a3:62:aa:c2:39:99:
6b:7e:bc:97:c7:6c:c1:88:12:e8:f8:1a:5b:b8:c9:
a4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:3D:38:A0:68:49:7B:37:0A:81:F8:41:55:23:CB:C6:20:B0:C7:E5
X509v3 Authority Key Identifier:
keyid:E2:0E:38:05:A1:B4:F5:B6:1C:FE:73:01:0E:83:8C:2F:0D:25:B4:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4g44BaG09bYc_nMBDoOMLw0ltEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d16e3e-eb09-4fb9-9081-bd3e7adde8de/1/BD04oGhJezcKgfhBVSPLxiCwx-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d16e3e-eb09-4fb9-9081-bd3e7adde8de/1/4g44BaG09bYc_nMBDoOMLw0ltEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.88.0/22
IPv6:
2a0a:f400::/29
Signature Algorithm: sha256WithRSAEncryption
a3:ac:5f:15:71:6d:4e:e3:14:fe:e5:25:9e:de:f0:a0:16:bd:
e0:2b:21:0e:67:9a:f2:7d:a2:3b:47:96:05:e6:db:46:1f:de:
89:2c:23:a1:9d:b8:28:4f:5f:ae:26:a8:45:60:92:61:d4:c0:
e0:c7:43:b2:be:6c:9a:3d:0b:86:9f:04:51:ff:fd:ed:03:42:
a9:3e:4b:17:c3:8d:a0:a2:6a:b8:47:40:eb:34:dc:1f:65:bd:
48:42:92:a7:e8:07:91:9a:b5:ce:29:ca:dc:b4:87:e8:31:6b:
7d:2e:31:47:23:5f:3c:bb:67:b0:ad:df:18:4b:e7:ed:b8:3f:
84:2d:b4:fe:94:0a:2a:80:ac:21:7b:24:43:53:0a:a4:13:12:
a6:7c:2c:50:7a:7a:d5:28:fc:ef:95:f1:cf:fb:8c:7b:1e:57:
79:36:ae:23:46:46:89:fb:17:85:52:55:b3:03:b3:7b:6c:11:
3f:99:88:70:c5:77:2c:a3:27:ad:ce:13:d6:b8:d7:09:f0:5b:
5f:ae:3f:9f:27:b0:a8:6a:dc:0b:94:e5:4e:a6:a2:e2:0c:9f:
3b:b7:77:76:10:48:cf:f1:d6:22:9a:ce:0e:ab:45:b2:59:80:
c6:d1:b3:00:b5:53:74:98:26:ce:ab:1c:0a:9a:15:bd:f5:5e:
c8:74:25:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjacAKmurXYN7CMmZxO3neMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMGUzODA1YTFiNGY1YjYxY2ZlNzMwMTBlODM4YzJmMGQy
NWI0NGIwHhcNMjUwMTAxMTk0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDNkMzhhMDY4NDk3YjM3MGE4MWY4NDE1NTIzY2JjNjIwYjBjN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYU912QquipCo5iYtLkXCoRIm9tZ
0Vvg8iCmwawocxSe6C8MDrFyEs2mDq/3tyxZoDo6NbRXq0CsiEDIm4427yXaIvOY
w0RQmIse14qAbA6N/YOilyNmfw7LLGqkgiwxFUzbJwpOuJRAzGFpZuUqlqoj1hGT
d4LwTxf9IYH/B7Fe/ibbHhrl0AFW2giK0ZLiL64ecDBwIbI6bTxSmTvTNq33vvWK
NjtP6hMLxDx95VeaV52Xt1fGn2Ai7Br2sBlweUcluYAzvFYFI/YmF+Px0Ea6JVWg
2t6aw4PfbgKWpm2EakufbQyKo9ejYqrCOZlrfryXx2zBiBLo+BpbuMmk3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAQ9OKBoSXs3CoH4QVUjy8YgsMflMB8GA1UdIwQY
MBaAFOIOOAWhtPW2HP5zAQ6DjC8NJbRLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGc0NEJhRzA5YlljX25NQkRvT01MdzBsdEVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kMTZlM2UtZWIwOS00ZmI5LTkwODEt
YmQzZTdhZGRlOGRlLzEvQkQwNG9HaEplemNLZ2ZoQlZTUEx4aUN3eC1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9kMTZlM2UtZWIwOS00ZmI5LTkwODEtYmQzZTdhZGRlOGRl
LzEvNGc0NEJhRzA5YlljX25NQkRvT01MdzBsdEVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaRYMA0E
AgACMAcDBQMqCvQAMA0GCSqGSIb3DQEBCwUAA4IBAQCjrF8VcW1O4xT+5SWe3vCg
Fr3gKyEOZ5ryfaI7R5YF5ttGH96JLCOhnbgoT1+uJqhFYJJh1MDgx0OyvmyaPQuG
nwRR//3tA0KpPksXw42gomq4R0DrNNwfZb1IQpKn6AeRmrXOKcrctIfoMWt9LjFH
I188u2ewrd8YS+ftuD+ELbT+lAoqgKwheyRDUwqkExKmfCxQenrVKPzvlfHP+4x7
Hld5Nq4jRkaJ+xeFUlWzA7N7bBE/mYhwxXcsoyetzhPWuNcJ8Ftfrj+fJ7CoatwL
lOVOpqLiDJ87t3d2EEjP8dYims4Oq0WyWYDG0bMAtVN0mCbOqxwKmhW99V7IdCW7
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:01:38 2025 by rpki-client