Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/BKGB0xu8toNLRNE3TtbV03PJFx0.roa
File: BKGB0xu8toNLRNE3TtbV03PJFx0.roa (raw, json)
Hash identifier: FdiXQgpM3MPZ1o0fk4HNEhE38JmZapk1+2ih8Lu8DEA=
Subject key identifier: 04:A1:81:D3:1B:BC:B6:83:4B:44:D1:37:4E:D6:D5:D3:73:C9:17:1D
Certificate issuer: /CN=c67e2a46e34f491433c8b62f319b902bddfde831
Certificate serial: 0194274840E03E02EEF5DAC79A66BE5EB3DC
Authority key identifier: C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/BKGB0xu8toNLRNE3TtbV03PJFx0.roa
Signing time: Thu 02 Jan 2025 13:50:34 +0000
ROA not before: Thu 02 Jan 2025 13:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216014
IP address blocks: 45.143.220.0/24 maxlen: 24
45.143.221.0/24 maxlen: 24
45.143.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:40:e0:3e:02:ee:f5:da:c7:9a:66:be:5e:b3:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c67e2a46e34f491433c8b62f319b902bddfde831
Validity
Not Before: Jan 2 13:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04a181d31bbcb6834b44d1374ed6d5d373c9171d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e8:b9:c3:98:8d:1c:97:a9:e2:65:49:28:cf:
39:66:2c:20:45:52:5e:86:a0:54:a0:38:27:a0:19:
03:49:f6:9e:af:c9:0e:bb:69:41:4e:f2:ea:53:51:
17:62:93:50:28:08:d5:a6:86:71:e2:ba:c5:0f:1b:
55:9c:14:0a:67:fa:72:fb:58:7b:d2:ca:15:f3:e3:
cb:e3:99:6e:5b:f5:a0:46:76:12:aa:aa:ce:c8:5a:
59:1e:d0:18:a4:16:5c:a5:22:55:f5:08:26:49:90:
73:f1:eb:fc:85:ee:24:4a:eb:df:4a:65:f3:7a:83:
8f:62:61:ab:cd:a9:c2:b3:40:ca:c4:7e:72:63:4b:
59:ad:45:e8:1a:ed:48:a2:bb:13:26:cc:49:12:b8:
17:2f:6a:f4:03:f8:f8:36:d4:9e:c8:4d:31:56:f4:
a9:8e:0a:d1:28:01:d8:fc:b4:87:8c:16:13:1d:6b:
09:71:90:f5:6c:15:bb:59:57:c7:fc:49:38:2d:67:
32:d8:79:a1:c1:54:59:59:6b:c4:c1:eb:17:80:b0:
ea:18:e9:dc:ec:ff:3e:b1:ae:2c:06:03:1f:1b:65:
e6:a5:3f:5f:88:ea:58:c8:5f:f8:dd:54:34:d1:0e:
77:40:9f:b0:41:da:33:47:a4:45:74:cc:cc:da:8a:
bb:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A1:81:D3:1B:BC:B6:83:4B:44:D1:37:4E:D6:D5:D3:73:C9:17:1D
X509v3 Authority Key Identifier:
keyid:C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/BKGB0xu8toNLRNE3TtbV03PJFx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/xn4qRuNPSRQzyLYvMZuQK9396DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.220.0-45.143.222.255
Signature Algorithm: sha256WithRSAEncryption
49:a4:1e:c7:37:d1:51:15:d2:db:e0:ab:d3:65:7b:f1:55:9f:
c5:42:97:9e:52:db:3f:5c:89:12:ea:14:39:2d:21:85:7b:0c:
ba:e4:7d:56:f9:bc:d4:51:d1:1f:22:9e:5e:c9:50:06:5a:2f:
fd:43:12:3b:18:2b:77:b4:09:f7:45:9b:c2:73:d8:d6:c2:69:
c9:bf:b4:f0:4c:d8:c2:f9:9a:79:94:b1:18:b3:b2:fa:3a:c4:
89:e4:50:aa:75:b6:db:99:d5:26:c7:0e:cb:5a:01:43:a0:6c:
94:12:70:48:bc:f4:6b:74:59:50:7d:a0:a0:59:51:8e:56:fe:
c1:e4:11:32:bc:07:5f:76:b1:55:fa:ea:fd:2b:e6:eb:4d:2c:
73:77:dd:5c:4a:a5:7f:20:81:8d:d9:be:53:da:02:24:72:e4:
d5:cc:68:c0:a7:ea:71:41:b7:f8:b4:97:61:29:01:18:87:e1:
c6:c9:7c:3e:cf:47:b1:4d:1f:d1:44:07:36:04:1c:0e:09:b5:
ba:76:b1:3f:2c:d9:d0:07:0c:d1:4e:df:d3:b3:26:c1:51:3d:
c1:52:03:61:d6:d1:d5:ff:02:bf:b3:9d:e2:85:b1:12:10:95:
62:91:12:ab:2b:77:db:d2:80:30:5a:19:af:a8:fa:58:97:81:
e7:4b:6b:13
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQnSEDgPgLu9drHmma+XrPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2N2UyYTQ2ZTM0ZjQ5MTQzM2M4YjYyZjMxOWI5MDJiZGRm
ZGU4MzEwHhcNMjUwMTAyMTM1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGExODFkMzFiYmNiNjgzNGI0NGQxMzc0ZWQ2ZDVkMzczYzkxNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+i5w5iNHJep4mVJKM85ZiwgRVJe
hqBUoDgnoBkDSfaer8kOu2lBTvLqU1EXYpNQKAjVpoZx4rrFDxtVnBQKZ/py+1h7
0soV8+PL45luW/WgRnYSqqrOyFpZHtAYpBZcpSJV9QgmSZBz8ev8he4kSuvfSmXz
eoOPYmGrzanCs0DKxH5yY0tZrUXoGu1IorsTJsxJErgXL2r0A/j4NtSeyE0xVvSp
jgrRKAHY/LSHjBYTHWsJcZD1bBW7WVfH/Ek4LWcy2HmhwVRZWWvEwesXgLDqGOnc
7P8+sa4sBgMfG2XmpT9fiOpYyF/43VQ00Q53QJ+wQdozR6RFdMzM2oq7BwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAShgdMbvLaDS0TRN07W1dNzyRcdMB8GA1UdIwQY
MBaAFMZ+KkbjT0kUM8i2LzGbkCvd/egxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQt
MDY2ODY2ZjJkZWQwLzEvQktHQjB4dTh0b05MUk5FM1R0YlYwM1BKRngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQtMDY2ODY2ZjJkZWQw
LzEveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAItj9wD
BAAtj94wDQYJKoZIhvcNAQELBQADggEBAEmkHsc30VEV0tvgq9Nle/FVn8VCl55S
2z9ciRLqFDktIYV7DLrkfVb5vNRR0R8inl7JUAZaL/1DEjsYK3e0CfdFm8Jz2NbC
acm/tPBM2ML5mnmUsRizsvo6xInkUKp1ttuZ1SbHDstaAUOgbJQScEi89Gt0WVB9
oKBZUY5W/sHkETK8B192sVX66v0r5utNLHN33VxKpX8ggY3ZvlPaAiRy5NXMaMCn
6nFBt/i0l2EpARiH4cbJfD7PR7FNH9FEBzYEHA4Jtbp2sT8s2dAHDNFO39OzJsFR
PcFSA2HW0dX/Ar+zneKFsRIQlWKREqsrd9vSgDBaGa+o+liXgedLaxM=
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:22:46 2025 by rpki-client