Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/f328ff-927f-4116-8e33-4043b2c77bbf/1/BneHQ-af6etJYnzgVpFHJTLWtfI.roa
File: BneHQ-af6etJYnzgVpFHJTLWtfI.roa (raw, json)
Hash identifier: SK4P5sVwHnq6qFE+d1xG/bjzaly1qgrqi3Y+RExkIAE=
Subject key identifier: 06:77:87:43:E6:9F:E9:EB:49:62:7C:E0:56:91:47:25:32:D6:B5:F2
Certificate issuer: /CN=3c6bcaff3e80ae419a15d1bcb36e3198def8e227
Certificate serial: 0194236A15D8EADDD675D35AACFFAE8900C3
Authority key identifier: 3C:6B:CA:FF:3E:80:AE:41:9A:15:D1:BC:B3:6E:31:98:DE:F8:E2:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PGvK_z6ArkGaFdG8s24xmN744ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/f328ff-927f-4116-8e33-4043b2c77bbf/1/BneHQ-af6etJYnzgVpFHJTLWtfI.roa
Signing time: Wed 01 Jan 2025 19:49:02 +0000
ROA not before: Wed 01 Jan 2025 19:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200374
IP address blocks: 194.53.64.0/22 maxlen: 22
195.5.98.0/23 maxlen: 23
2a0c:f7c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:15:d8:ea:dd:d6:75:d3:5a:ac:ff:ae:89:00:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c6bcaff3e80ae419a15d1bcb36e3198def8e227
Validity
Not Before: Jan 1 19:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06778743e69fe9eb49627ce05691472532d6b5f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:91:d5:5a:c4:9c:31:f4:65:d1:e6:60:36:64:
96:c8:e2:44:92:28:9f:5c:99:d4:86:2f:1f:21:e6:
e3:6f:aa:c9:ea:2f:79:b6:11:b1:c5:13:62:b1:08:
a3:51:99:44:00:d8:81:dd:a6:f0:d7:09:8f:00:20:
93:2a:33:ac:e7:45:0f:5a:ab:c9:34:ad:8e:85:a0:
02:61:65:16:59:cd:1e:09:bc:05:ef:7e:49:6d:88:
72:b1:8d:5e:c1:29:cf:18:f8:93:f7:6f:a9:96:52:
3b:34:ec:9f:cd:59:81:6a:98:c5:c5:46:fa:22:71:
87:8d:19:dc:f3:e0:e4:cd:ce:b3:48:af:25:35:60:
dc:bb:77:cf:d6:41:3a:dc:2f:ce:8a:d6:f8:72:68:
78:f1:aa:2f:05:a7:fe:b9:ec:18:ee:46:a8:b1:4a:
ed:3b:b5:19:b3:3c:d0:a9:29:6b:f3:b4:30:12:19:
c2:56:c0:2f:40:88:13:dc:2e:87:27:61:31:03:99:
2f:b3:20:16:10:aa:11:9a:9a:36:e1:44:fd:3c:ad:
a5:5e:46:42:87:6b:19:95:a7:f3:70:ac:21:66:e3:
cd:29:53:02:d6:95:a3:f6:65:66:e7:2a:c8:33:7b:
6c:a7:c5:6b:73:67:c6:26:2c:3c:48:99:b5:77:e2:
9e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:77:87:43:E6:9F:E9:EB:49:62:7C:E0:56:91:47:25:32:D6:B5:F2
X509v3 Authority Key Identifier:
keyid:3C:6B:CA:FF:3E:80:AE:41:9A:15:D1:BC:B3:6E:31:98:DE:F8:E2:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PGvK_z6ArkGaFdG8s24xmN744ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/f328ff-927f-4116-8e33-4043b2c77bbf/1/BneHQ-af6etJYnzgVpFHJTLWtfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/f328ff-927f-4116-8e33-4043b2c77bbf/1/PGvK_z6ArkGaFdG8s24xmN744ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.53.64.0/22
195.5.98.0/23
IPv6:
2a0c:f7c0::/29
Signature Algorithm: sha256WithRSAEncryption
87:8f:88:81:4c:03:cf:6c:85:34:ca:e3:d0:90:8c:96:bd:2d:
90:32:9c:b9:a8:d4:80:09:08:3a:54:07:2a:41:3a:df:2e:d5:
af:7c:65:57:73:25:74:ed:ba:6e:86:bf:fb:9f:bc:3e:9c:b1:
e4:71:aa:22:88:d8:55:53:d3:9b:1c:d1:64:f0:1a:22:6d:f6:
c6:a8:77:9e:97:71:56:0f:ef:7e:5c:91:b8:6e:a5:da:7a:ad:
1a:5d:8e:41:c6:ed:54:cc:f7:37:a9:a8:e1:ef:53:16:16:37:
0f:54:88:d0:ca:e3:08:61:f1:c2:ad:62:6a:22:0d:6d:ee:33:
8f:02:7c:4b:da:04:a2:27:d3:cd:45:53:95:5b:ef:2a:51:86:
2b:ba:c6:91:7d:56:51:0e:ef:d3:b4:d0:d0:1e:5a:d6:ab:1b:
4c:ce:32:83:b5:ff:f6:50:a9:54:39:bf:bd:a9:0a:9c:ad:03:
74:7e:ac:8b:39:69:04:f9:f3:58:7f:7e:ac:71:43:f4:e0:a4:
c6:4a:88:85:54:fa:55:15:9c:0f:6f:93:0c:7f:41:13:ac:6f:
22:b5:f7:ec:a3:a7:d1:dc:b5:73:31:f2:a8:25:1b:da:8b:54:
69:f6:78:4b:63:1d:f8:49:65:33:5d:83:4d:80:f7:80:b6:5c:
1e:1a:86:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjahXY6t3WddNarP+uiQDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNmJjYWZmM2U4MGFlNDE5YTE1ZDFiY2IzNmUzMTk4ZGVm
OGUyMjcwHhcNMjUwMTAxMTk0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjc3ODc0M2U2OWZlOWViNDk2MjdjZTA1NjkxNDcyNTMyZDZiNWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9JHVWsScMfRl0eZgNmSWyOJEkiif
XJnUhi8fIebjb6rJ6i95thGxxRNisQijUZlEANiB3abw1wmPACCTKjOs50UPWqvJ
NK2OhaACYWUWWc0eCbwF735JbYhysY1ewSnPGPiT92+pllI7NOyfzVmBapjFxUb6
InGHjRnc8+Dkzc6zSK8lNWDcu3fP1kE63C/Oitb4cmh48aovBaf+uewY7kaosUrt
O7UZszzQqSlr87QwEhnCVsAvQIgT3C6HJ2ExA5kvsyAWEKoRmpo24UT9PK2lXkZC
h2sZlafzcKwhZuPNKVMC1pWj9mVm5yrIM3tsp8Vrc2fGJiw8SJm1d+KeXQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAZ3h0Pmn+nrSWJ84FaRRyUy1rXyMB8GA1UdIwQY
MBaAFDxryv8+gK5BmhXRvLNuMZje+OInMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEd2S196NkFya0dhRmRHOHMyNHhtTjc0NGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9mMzI4ZmYtOTI3Zi00MTE2LThlMzMt
NDA0M2IyYzc3YmJmLzEvQm5lSFEtYWY2ZXRKWW56Z1ZwRkhKVExXdGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9mMzI4ZmYtOTI3Zi00MTE2LThlMzMtNDA0M2IyYzc3YmJm
LzEvUEd2S196NkFya0dhRmRHOHMyNHhtTjc0NGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwjVAAwQB
wwViMA0EAgACMAcDBQMqDPfAMA0GCSqGSIb3DQEBCwUAA4IBAQCHj4iBTAPPbIU0
yuPQkIyWvS2QMpy5qNSACQg6VAcqQTrfLtWvfGVXcyV07bpuhr/7n7w+nLHkcaoi
iNhVU9ObHNFk8BoibfbGqHeel3FWD+9+XJG4bqXaeq0aXY5Bxu1UzPc3qajh71MW
FjcPVIjQyuMIYfHCrWJqIg1t7jOPAnxL2gSiJ9PNRVOVW+8qUYYrusaRfVZRDu/T
tNDQHlrWqxtMzjKDtf/2UKlUOb+9qQqcrQN0fqyLOWkE+fNYf36scUP04KTGSoiF
VPpVFZwPb5MMf0ETrG8itffso6fR3LVzMfKoJRvai1Rp9nhLYx34SWUzXYNNgPeA
tlweGoY0
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:02:03 2025 by rpki-client