Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d2a19-4746-478f-9936-2733f699cb62/1/BDHKukDv4jqfvg5mUVq9SOfKkHk.roa
File: BDHKukDv4jqfvg5mUVq9SOfKkHk.roa (raw, json)
Hash identifier: r69AyZ5q//j/yv/BwLLu5AvuWEdbokVUHIhkdE53vJk=
Subject key identifier: 04:31:CA:BA:40:EF:E2:3A:9F:BE:0E:66:51:5A:BD:48:E7:CA:90:79
Certificate issuer: /CN=03a62b309a378542590a12b39c5f70cdb0e7b150
Certificate serial: 019423D7DE2B251831E45AF83C6A3C082D85
Authority key identifier: 03:A6:2B:30:9A:37:85:42:59:0A:12:B3:9C:5F:70:CD:B0:E7:B1:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A6YrMJo3hUJZChKznF9wzbDnsVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d2a19-4746-478f-9936-2733f699cb62/1/BDHKukDv4jqfvg5mUVq9SOfKkHk.roa
Signing time: Wed 01 Jan 2025 21:48:57 +0000
ROA not before: Wed 01 Jan 2025 21:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43928
IP address blocks: 194.0.164.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:de:2b:25:18:31:e4:5a:f8:3c:6a:3c:08:2d:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03a62b309a378542590a12b39c5f70cdb0e7b150
Validity
Not Before: Jan 1 21:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0431caba40efe23a9fbe0e66515abd48e7ca9079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e0:5a:33:70:ad:11:6e:d2:9f:94:02:b0:d4:
1e:1a:e2:d7:55:7a:09:64:8a:d4:66:ce:c3:6c:08:
54:6d:bb:c3:2d:c5:61:be:7d:aa:ed:05:e0:d2:30:
58:f0:9a:b5:d5:40:6f:88:6b:a1:f3:27:b9:c5:b3:
f9:52:67:84:60:25:b8:31:7f:d2:68:19:cf:c0:1c:
02:3c:25:91:b7:45:66:41:af:8b:06:af:36:a3:89:
1f:44:08:34:f4:cb:0e:ef:99:ec:57:f3:8e:39:22:
64:7a:ba:b9:c3:75:45:09:1f:f8:7c:af:02:1c:6e:
28:23:3e:6b:dd:a8:c3:c7:ad:e1:87:53:55:c7:a4:
db:d0:d1:b4:de:6f:2e:6e:f6:92:6c:01:ad:90:18:
37:ef:58:33:dc:6d:d3:f0:65:3d:39:ae:ec:7d:95:
55:12:a9:a9:1d:25:e6:5f:e3:70:db:01:c7:81:5f:
90:b7:c5:19:5b:e2:c6:c4:fc:9e:48:f5:ab:d1:39:
90:82:0a:fa:de:a8:41:28:47:e7:39:ad:e0:49:7b:
a1:9a:b3:a3:e2:2b:3d:82:ae:79:db:26:39:0a:dd:
ad:ec:cb:37:73:42:06:0a:60:45:c3:b7:c5:b9:a0:
8a:a6:50:ca:c2:4a:9f:41:4b:58:d1:3a:9c:20:eb:
47:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:31:CA:BA:40:EF:E2:3A:9F:BE:0E:66:51:5A:BD:48:E7:CA:90:79
X509v3 Authority Key Identifier:
keyid:03:A6:2B:30:9A:37:85:42:59:0A:12:B3:9C:5F:70:CD:B0:E7:B1:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A6YrMJo3hUJZChKznF9wzbDnsVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d2a19-4746-478f-9936-2733f699cb62/1/BDHKukDv4jqfvg5mUVq9SOfKkHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d2a19-4746-478f-9936-2733f699cb62/1/A6YrMJo3hUJZChKznF9wzbDnsVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.164.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:f6:0a:c0:e0:b5:56:20:f1:94:dc:31:ce:7e:5a:d9:a9:78:
94:86:6a:7a:c4:10:06:a3:cb:85:d7:7a:22:42:b0:cb:71:35:
3c:f7:bf:be:b8:99:17:f1:29:6d:8b:3e:4b:3c:7c:0b:30:85:
37:05:5d:c2:38:62:de:8b:a1:b2:a8:35:50:f1:19:53:af:3e:
86:3e:5d:fd:9f:e0:62:9b:b4:76:50:8d:3e:7a:fb:9f:da:30:
d3:c4:5d:95:65:cb:d0:a7:f6:97:b2:cb:bf:8d:ef:30:8e:e1:
c1:1a:73:ea:86:a7:3c:30:5f:8f:42:98:fc:44:12:90:c1:5a:
59:c3:b1:24:62:84:69:49:2c:c4:a8:93:c7:0f:a4:fb:fd:73:
89:52:e3:c5:37:bc:9b:43:bc:ce:14:b8:db:32:a5:bc:b0:b7:
82:d9:f6:7a:54:b5:70:fc:42:17:40:15:b0:8c:2b:05:ec:2a:
87:92:5a:1f:69:0d:d2:92:9c:4f:e2:dc:26:a8:9d:f0:36:76:
2f:27:09:8e:cb:e2:74:5a:c0:4a:58:3b:b4:c4:0c:e5:e0:3d:
b5:46:7a:da:a6:c3:82:a9:60:a4:f5:bc:b4:96:4e:c1:0e:a1:
1e:3b:26:28:ee:96:29:8a:7a:3f:6d:28:56:c5:dc:4e:78:23:
a2:c3:29:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj194rJRgx5Fr4PGo8CC2FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYTYyYjMwOWEzNzg1NDI1OTBhMTJiMzljNWY3MGNkYjBl
N2IxNTAwHhcNMjUwMTAxMjE0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDMxY2FiYTQwZWZlMjNhOWZiZTBlNjY1MTVhYmQ0OGU3Y2E5MDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2eBaM3CtEW7Sn5QCsNQeGuLXVXoJ
ZIrUZs7DbAhUbbvDLcVhvn2q7QXg0jBY8Jq11UBviGuh8ye5xbP5UmeEYCW4MX/S
aBnPwBwCPCWRt0VmQa+LBq82o4kfRAg09MsO75nsV/OOOSJkerq5w3VFCR/4fK8C
HG4oIz5r3ajDx63hh1NVx6Tb0NG03m8ubvaSbAGtkBg371gz3G3T8GU9Oa7sfZVV
EqmpHSXmX+Nw2wHHgV+Qt8UZW+LGxPyeSPWr0TmQggr63qhBKEfnOa3gSXuhmrOj
4is9gq552yY5Ct2t7Ms3c0IGCmBFw7fFuaCKplDKwkqfQUtY0TqcIOtHFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAQxyrpA7+I6n74OZlFavUjnypB5MB8GA1UdIwQY
MBaAFAOmKzCaN4VCWQoSs5xfcM2w57FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTZZck1KbzNoVUpaQ2hLem5GOXd6YkRuc1ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDJhMTktNDc0Ni00NzhmLTk5MzYt
MjczM2Y2OTljYjYyLzEvQkRIS3VrRHY0anFmdmc1bVVWcTlTT2ZLa0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZDJhMTktNDc0Ni00NzhmLTk5MzYtMjczM2Y2OTljYjYy
LzEvQTZZck1KbzNoVUpaQ2hLem5GOXd6YkRuc1ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgCkMA0G
CSqGSIb3DQEBCwUAA4IBAQA/9grA4LVWIPGU3DHOflrZqXiUhmp6xBAGo8uF13oi
QrDLcTU897++uJkX8Sltiz5LPHwLMIU3BV3COGLei6GyqDVQ8RlTrz6GPl39n+Bi
m7R2UI0+evuf2jDTxF2VZcvQp/aXssu/je8wjuHBGnPqhqc8MF+PQpj8RBKQwVpZ
w7EkYoRpSSzEqJPHD6T7/XOJUuPFN7ybQ7zOFLjbMqW8sLeC2fZ6VLVw/EIXQBWw
jCsF7CqHklofaQ3SkpxP4twmqJ3wNnYvJwmOy+J0WsBKWDu0xAzl4D21RnrapsOC
qWCk9by0lk7BDqEeOyYo7pYpino/bShWxdxOeCOiwylR
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:40:02 2025 by rpki-client