Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/bFdS6Z9odio9q-vWjVJd2U4_RXY.roa
File: bFdS6Z9odio9q-vWjVJd2U4_RXY.roa (raw, json)
Hash identifier: 0lIWTq7zDaRXk2oNHIa2UJG3U8riAM5UGXf3Gj4peFg=
Subject key identifier: 6C:57:52:E9:9F:68:76:2A:3D:AB:EB:D6:8D:52:5D:D9:4E:3F:45:76
Certificate issuer: /CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Certificate serial: 0194BCCFDBE6D5556A430B6F133E85629D4F
Authority key identifier: 9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/bFdS6Z9odio9q-vWjVJd2U4_RXY.roa
Signing time: Fri 31 Jan 2025 14:42:06 +0000
ROA not before: Fri 31 Jan 2025 14:42:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202918
IP address blocks: 185.150.156.0/22 maxlen: 24
185.246.28.0/23 maxlen: 24
2a07:71c0::/29 maxlen: 48
2a0d:7380::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:cf:db:e6:d5:55:6a:43:0b:6f:13:3e:85:62:9d:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Validity
Not Before: Jan 31 14:42:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c5752e99f68762a3dabebd68d525dd94e3f4576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:46:b3:c1:4b:22:4e:a3:4c:a4:11:be:c4:2b:
a1:fd:53:19:ed:3c:6c:5c:52:72:44:a5:ed:20:44:
9f:bd:e9:f5:d8:81:04:15:f1:1f:77:b7:8e:c8:31:
d4:e2:5a:aa:dd:90:90:c7:97:b5:f7:a9:59:ed:1d:
1e:a5:b9:26:1f:3e:f0:90:5f:3a:d1:49:10:9c:2c:
1f:c8:2c:96:d2:79:94:49:24:50:1e:c3:be:98:41:
f2:88:43:75:80:74:fc:48:df:99:67:7a:2f:c1:6e:
39:5b:67:74:7c:2d:fa:25:c1:f4:e7:8b:1b:82:74:
6a:4b:13:99:1a:5a:82:2c:bf:7b:d5:51:a7:8d:25:
3f:aa:db:d0:fa:86:d9:eb:ed:c5:1f:32:ce:c4:cd:
ca:20:16:4a:27:88:30:09:30:bc:58:8e:ce:c3:dc:
ce:dc:b3:07:5a:17:90:d6:da:96:91:95:3c:d8:2b:
df:f2:02:92:b4:97:fc:3f:6f:9a:19:e3:ca:ca:6b:
cc:4c:a7:9d:c0:91:8f:e6:5a:ee:41:3c:cc:3c:4c:
6d:fa:f7:98:3d:88:06:60:16:2b:74:4f:f5:03:68:
d7:6e:5d:ce:70:3c:cb:2c:1b:9d:3f:0d:59:b8:6f:
82:bd:26:e6:03:75:0e:55:1e:13:62:29:7e:a3:7b:
34:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:57:52:E9:9F:68:76:2A:3D:AB:EB:D6:8D:52:5D:D9:4E:3F:45:76
X509v3 Authority Key Identifier:
keyid:9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/bFdS6Z9odio9q-vWjVJd2U4_RXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.156.0/22
185.246.28.0/23
IPv6:
2a07:71c0::/29
2a0d:7380::/29
Signature Algorithm: sha256WithRSAEncryption
4a:6f:b0:73:38:8d:0d:9c:ba:f9:d2:e4:3d:92:93:d8:58:a8:
42:95:6d:de:be:20:d3:c2:02:c0:5f:ae:1f:d7:7d:b3:44:aa:
20:56:57:54:68:eb:c5:fa:5c:b9:c4:47:5e:3a:f4:9f:23:1e:
ba:fe:fe:52:d8:67:79:c9:e9:4b:25:df:e9:7e:03:03:49:ae:
4b:f8:a2:13:c1:41:31:30:fa:26:fb:b0:2c:92:4a:ad:54:64:
ba:49:2c:21:e5:11:f2:c0:f2:55:b1:40:07:f9:fd:43:f4:4a:
35:a4:be:da:ea:1e:c1:d1:9b:cc:70:51:c1:53:ba:fc:e4:49:
f6:db:c5:30:a3:42:9c:96:57:73:5e:88:e1:df:9c:f2:64:7e:
6d:eb:f4:bf:af:45:22:b0:2a:5f:28:b0:fd:b5:93:9e:70:5d:
be:15:6e:89:e2:2a:47:89:23:4f:87:96:14:91:cf:60:fe:e7:
4a:73:40:20:e8:59:9e:3c:5c:a1:85:ae:3a:16:0f:bb:24:df:
b4:da:1d:69:4d:3f:de:0e:3c:db:bb:19:0b:22:a1:67:f3:03:
d7:70:2a:2f:76:14:c9:13:08:ab:d5:06:d1:78:9a:47:34:2b:
b3:97:f0:4e:f2:72:33:30:1c:8e:c4:61:86:32:c4:62:f6:21:
be:f9:22:94
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZS8z9vm1VVqQwtvEz6FYp1PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjM5YzA4ZWFkOTRiYjA0ZmMzZTZiNGE2NWU2ZTFjN2Rj
ZjM4ZjQwHhcNMjUwMTMxMTQ0MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzU3NTJlOTlmNjg3NjJhM2RhYmViZDY4ZDUyNWRkOTRlM2Y0NTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00azwUsiTqNMpBG+xCuh/VMZ7Txs
XFJyRKXtIESfven12IEEFfEfd7eOyDHU4lqq3ZCQx5e196lZ7R0epbkmHz7wkF86
0UkQnCwfyCyW0nmUSSRQHsO+mEHyiEN1gHT8SN+ZZ3ovwW45W2d0fC36JcH054sb
gnRqSxOZGlqCLL971VGnjSU/qtvQ+obZ6+3FHzLOxM3KIBZKJ4gwCTC8WI7Ow9zO
3LMHWheQ1tqWkZU82Cvf8gKStJf8P2+aGePKymvMTKedwJGP5lruQTzMPExt+veY
PYgGYBYrdE/1A2jXbl3OcDzLLBudPw1ZuG+CvSbmA3UOVR4TYil+o3s0sQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGxXUumfaHYqPavr1o1SXdlOP0V2MB8GA1UdIwQY
MBaAFJ0jnAjq2UuwT8PmtKZebhx9zzj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAt
ZGJiMjkzMWEwZjY0LzEvYkZkUzZaOW9kaW85cS12V2pWSmQyVTRfUlhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAtZGJiMjkzMWEwZjY0
LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuZacAwQB
ufYcMBQEAgACMA4DBQMqB3HAAwUDKg1zgDANBgkqhkiG9w0BAQsFAAOCAQEASm+w
cziNDZy6+dLkPZKT2FioQpVt3r4g08ICwF+uH9d9s0SqIFZXVGjrxfpcucRHXjr0
nyMeuv7+UthnecnpSyXf6X4DA0muS/iiE8FBMTD6JvuwLJJKrVRkukksIeUR8sDy
VbFAB/n9Q/RKNaS+2uoewdGbzHBRwVO6/ORJ9tvFMKNCnJZXc16I4d+c8mR+bev0
v69FIrAqXyiw/bWTnnBdvhVuieIqR4kjT4eWFJHPYP7nSnNAIOhZnjxcoYWuOhYP
uyTftNodaU0/3g4827sZCyKhZ/MD13AqL3YUyRMIq9UG0XiaRzQrs5fwTvJyMzAc
jsRhhjLEYvYhvvkilA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:38:38 2025 by rpki-client