Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/BFOQ1xipYhPtnW3G70pfAnmzwzg.roa
File: BFOQ1xipYhPtnW3G70pfAnmzwzg.roa (raw, json)
Hash identifier: /+UHFdHIIgWbmriMU+n5ynXyWKvmniC4nJpXONs4/qY=
Subject key identifier: 04:53:90:D7:18:A9:62:13:ED:9D:6D:C6:EF:4A:5F:02:79:B3:C3:38
Certificate issuer: /CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Certificate serial: 0194274788ED04C6920735DE28E2E94F80A2
Authority key identifier: 56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/BFOQ1xipYhPtnW3G70pfAnmzwzg.roa
Signing time: Thu 02 Jan 2025 13:49:47 +0000
ROA not before: Thu 02 Jan 2025 13:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59451
IP address blocks: 194.165.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:88:ed:04:c6:92:07:35:de:28:e2:e9:4f:80:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Validity
Not Before: Jan 2 13:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=045390d718a96213ed9d6dc6ef4a5f0279b3c338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ad:f3:14:9f:8d:d5:f5:01:39:b7:e8:26:83:
01:e2:af:88:6e:a2:7c:dc:dc:45:f2:66:6f:29:9f:
b9:c6:3d:41:15:14:a7:f5:f3:2d:2f:13:86:b9:57:
84:4c:86:35:a4:15:9f:c5:56:18:c7:66:d9:e7:58:
ec:6a:59:9d:62:53:b0:ed:24:f2:83:a3:65:6d:ca:
fe:46:06:63:95:d3:de:03:2f:a9:cd:df:6e:9d:71:
19:1e:53:d0:f3:48:d6:47:ad:a9:be:d9:f3:3f:05:
09:ee:a8:06:2f:9e:1c:3c:b6:9d:23:e3:ff:e5:c6:
73:a1:2d:c2:1b:5f:57:63:c7:c6:3c:b4:2e:d8:7b:
c2:5e:33:d2:1c:f8:28:76:3a:c2:75:08:ae:64:56:
38:3f:bc:25:c6:a8:d7:be:06:dc:99:d0:9d:83:3c:
ce:f0:a2:4c:d1:00:c3:63:79:2f:03:9a:17:76:43:
62:08:93:19:7a:54:63:31:9d:d7:96:31:d2:29:a6:
f2:ec:bf:9d:3f:90:a6:d5:bc:48:71:a3:87:76:64:
be:31:7b:0f:87:0d:a3:29:df:48:52:27:56:12:a0:
bd:47:69:13:86:28:58:97:e7:b6:1d:87:93:1d:5d:
5d:7f:ef:6f:eb:b1:4c:ff:fd:7e:3c:97:04:d3:d1:
15:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:53:90:D7:18:A9:62:13:ED:9D:6D:C6:EF:4A:5F:02:79:B3:C3:38
X509v3 Authority Key Identifier:
keyid:56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/BFOQ1xipYhPtnW3G70pfAnmzwzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.165.131.0/24
Signature Algorithm: sha256WithRSAEncryption
93:3c:f5:7f:81:d9:cc:a7:41:11:34:cf:2e:eb:b0:f8:fa:47:
82:d9:00:db:f9:07:0d:53:5b:6d:e6:99:44:2b:95:91:f4:e3:
70:a1:45:bf:b4:45:c7:15:66:58:bb:b7:46:98:24:ce:8d:16:
02:45:10:2a:9f:8d:95:fc:25:0b:02:1c:62:34:60:e2:25:a7:
bf:ac:6b:c7:5b:71:af:e4:96:15:98:5c:86:cf:86:55:d3:46:
80:dd:ce:83:23:e4:c0:02:59:80:e1:8a:31:a6:79:87:ea:89:
d5:b6:37:70:27:8b:61:58:a6:85:71:bf:82:19:b9:a8:f1:b6:
62:23:55:a2:4a:91:f1:c7:fe:c5:ed:96:c0:dd:4c:a6:6c:b5:
2e:d0:3d:12:c9:a8:4a:f5:46:04:7e:1b:f9:8c:0d:a2:43:eb:
11:7b:a2:06:37:df:00:f2:ca:d5:b5:43:6c:8f:f3:1d:40:c4:
26:ea:73:22:ec:6b:66:18:11:a8:f1:85:d7:96:06:2d:61:e8:
89:1f:a9:40:ea:5f:23:06:e1:6f:18:9a:3f:5a:35:00:6f:23:
9f:6d:8f:e7:95:cc:d4:2a:83:1d:89:52:c2:fe:c6:7f:ef:81:
3a:3d:28:56:24:4a:ff:9d:8a:3f:2f:11:66:35:75:bf:1a:6e:
4b:40:93:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR4jtBMaSBzXeKOLpT4CiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZDBlM2IyOGYyYmUzM2VjNWE5ZDJjYTAwYWM2NDE1NTUz
NmNiYzYwHhcNMjUwMTAyMTM0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDUzOTBkNzE4YTk2MjEzZWQ5ZDZkYzZlZjRhNWYwMjc5YjNjMzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxa3zFJ+N1fUBObfoJoMB4q+IbqJ8
3NxF8mZvKZ+5xj1BFRSn9fMtLxOGuVeETIY1pBWfxVYYx2bZ51jsalmdYlOw7STy
g6Nlbcr+RgZjldPeAy+pzd9unXEZHlPQ80jWR62pvtnzPwUJ7qgGL54cPLadI+P/
5cZzoS3CG19XY8fGPLQu2HvCXjPSHPgodjrCdQiuZFY4P7wlxqjXvgbcmdCdgzzO
8KJM0QDDY3kvA5oXdkNiCJMZelRjMZ3XljHSKaby7L+dP5Cm1bxIcaOHdmS+MXsP
hw2jKd9IUidWEqC9R2kThihYl+e2HYeTHV1df+9v67FM//1+PJcE09EVewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFARTkNcYqWIT7Z1txu9KXwJ5s8M4MB8GA1UdIwQY
MBaAFFbQ47KPK+M+xanSygCsZBVVNsvGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMt
OGI4ZDcyMTcyMDkwLzEvQkZPUTF4aXBZaFB0blczRzcwcGZBbm16d3pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMtOGI4ZDcyMTcyMDkw
LzEvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqWDMA0G
CSqGSIb3DQEBCwUAA4IBAQCTPPV/gdnMp0ERNM8u67D4+keC2QDb+QcNU1tt5plE
K5WR9ONwoUW/tEXHFWZYu7dGmCTOjRYCRRAqn42V/CULAhxiNGDiJae/rGvHW3Gv
5JYVmFyGz4ZV00aA3c6DI+TAAlmA4YoxpnmH6onVtjdwJ4thWKaFcb+CGbmo8bZi
I1WiSpHxx/7F7ZbA3UymbLUu0D0SyahK9UYEfhv5jA2iQ+sRe6IGN98A8srVtUNs
j/MdQMQm6nMi7GtmGBGo8YXXlgYtYeiJH6lA6l8jBuFvGJo/WjUAbyOfbY/nlczU
KoMdiVLC/sZ/74E6PShWJEr/nYo/LxFmNXW/Gm5LQJPv
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:52:07 2025 by rpki-client