Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/5acd78-d670-4192-b564-040e0644fbe8/1/BKyeRj9qftx8WGEdxVWFVc1273A.roa
File: BKyeRj9qftx8WGEdxVWFVc1273A.roa (raw, json)
Hash identifier: nhVWVpplcnh6PS/kPe42Tn4vpV4Cv/wcOxTwDykaiQM=
Subject key identifier: 04:AC:9E:46:3F:6A:7E:DC:7C:58:61:1D:C5:55:85:55:CD:76:EF:70
Certificate issuer: /CN=d0de618822b8af6f9ecaffcd7d5459b7cc11449a
Certificate serial: 0194221FEE9EE8F43DAE1CA8D5D0E07DCBFC
Authority key identifier: D0:DE:61:88:22:B8:AF:6F:9E:CA:FF:CD:7D:54:59:B7:CC:11:44:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0N5hiCK4r2-eyv_NfVRZt8wRRJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/5acd78-d670-4192-b564-040e0644fbe8/1/BKyeRj9qftx8WGEdxVWFVc1273A.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52093
IP address blocks: 185.156.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ee:9e:e8:f4:3d:ae:1c:a8:d5:d0:e0:7d:cb:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0de618822b8af6f9ecaffcd7d5459b7cc11449a
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04ac9e463f6a7edc7c58611dc5558555cd76ef70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fa:3a:08:9f:96:2e:a9:f0:88:64:17:c6:b0:
0e:82:38:2f:93:7a:82:d6:ab:ef:f4:41:e4:84:ac:
03:5a:6c:b9:60:2b:99:87:72:32:4a:c4:b0:44:6d:
0a:93:ee:12:39:a4:c3:f2:e6:5c:0a:a6:3a:fd:b2:
0d:3f:2c:e9:8a:10:8d:9c:72:74:21:51:2d:d1:59:
1c:ba:6e:9a:51:9b:fc:3a:4d:23:3b:8a:b8:ed:33:
e7:3d:18:32:40:a7:99:f1:2e:d2:7b:66:91:7c:a0:
53:85:da:82:b6:d5:e3:2a:64:7d:c4:57:bf:1b:67:
f7:96:32:3e:f3:24:e7:b4:bc:2b:23:76:67:b6:0f:
ff:8e:25:22:c3:f1:88:4c:63:48:b5:9e:1e:37:0b:
5a:ce:af:16:13:69:f9:33:77:26:af:8d:9b:55:e4:
34:ea:29:e7:00:39:e7:07:5e:40:67:f0:f8:6a:5f:
1f:5c:cd:b0:97:4a:c5:09:6d:60:1e:eb:6c:ab:14:
8c:2d:4c:b6:1b:ac:94:60:13:ba:45:eb:cc:bf:53:
63:ca:82:6e:b3:9c:26:b3:90:0f:4e:7b:15:5d:49:
3c:ed:cc:87:75:50:06:db:3a:6d:00:5f:23:5d:7d:
87:ef:b6:39:9a:e5:a7:1b:a8:41:a1:ab:8c:dc:0a:
10:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:AC:9E:46:3F:6A:7E:DC:7C:58:61:1D:C5:55:85:55:CD:76:EF:70
X509v3 Authority Key Identifier:
keyid:D0:DE:61:88:22:B8:AF:6F:9E:CA:FF:CD:7D:54:59:B7:CC:11:44:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0N5hiCK4r2-eyv_NfVRZt8wRRJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5acd78-d670-4192-b564-040e0644fbe8/1/BKyeRj9qftx8WGEdxVWFVc1273A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5acd78-d670-4192-b564-040e0644fbe8/1/0N5hiCK4r2-eyv_NfVRZt8wRRJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.4.0/24
Signature Algorithm: sha256WithRSAEncryption
51:02:57:95:42:a3:00:2f:02:87:b4:6d:b8:cd:8f:d6:0d:6b:
1f:ff:a7:fb:33:51:be:5d:f0:b1:70:87:f8:cd:71:a8:20:33:
a0:9d:41:0e:61:5b:65:ca:75:8e:b9:e8:45:fb:a8:4d:20:b6:
c0:4d:91:d8:f7:ef:ca:ce:21:d0:d2:27:c6:fe:e7:88:03:2b:
9d:8f:64:12:84:72:3b:11:44:53:bc:65:5d:7e:4e:60:53:83:
45:db:68:67:db:c1:9c:47:2d:70:44:5a:71:52:50:74:f3:84:
da:26:aa:21:58:37:0f:69:0e:92:3f:cd:97:0b:5b:8a:0c:93:
22:a0:f3:a9:c3:02:1f:b2:6f:2d:ed:f8:bf:72:c5:ac:4c:29:
d2:ab:0b:ef:b6:01:d9:96:97:d8:68:52:8d:f6:cc:d6:13:ff:
38:ed:63:42:fa:d5:9a:59:d3:bc:83:fd:d9:f2:27:4d:c3:4b:
4b:5b:f6:cf:e2:7e:94:a3:d8:2f:d8:93:10:0f:26:de:98:e6:
1a:a4:59:cf:d2:4f:7d:5f:bf:f0:1a:7e:9a:c8:3a:c3:98:be:
0b:30:36:f1:87:ef:8c:aa:41:f2:47:5e:7c:05:c3:91:91:76:
5e:5e:fa:aa:d9:d3:fa:ba:60:70:b9:fb:cb:3c:83:40:41:05:
b4:4c:51:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH+6e6PQ9rhyo1dDgfcv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZGU2MTg4MjJiOGFmNmY5ZWNhZmZjZDdkNTQ1OWI3Y2Mx
MTQ0OWEwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGFjOWU0NjNmNmE3ZWRjN2M1ODYxMWRjNTU1ODU1NWNkNzZlZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/o6CJ+WLqnwiGQXxrAOgjgvk3qC
1qvv9EHkhKwDWmy5YCuZh3IySsSwRG0Kk+4SOaTD8uZcCqY6/bINPyzpihCNnHJ0
IVEt0Vkcum6aUZv8Ok0jO4q47TPnPRgyQKeZ8S7Se2aRfKBThdqCttXjKmR9xFe/
G2f3ljI+8yTntLwrI3Zntg//jiUiw/GITGNItZ4eNwtazq8WE2n5M3cmr42bVeQ0
6innADnnB15AZ/D4al8fXM2wl0rFCW1gHutsqxSMLUy2G6yUYBO6RevMv1NjyoJu
s5wms5APTnsVXUk87cyHdVAG2zptAF8jXX2H77Y5muWnG6hBoauM3AoQ2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFASsnkY/an7cfFhhHcVVhVXNdu9wMB8GA1UdIwQY
MBaAFNDeYYgiuK9vnsr/zX1UWbfMEUSaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME41aGlDSzRyMi1leXZfTmZWUlp0OHdSUkpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81YWNkNzgtZDY3MC00MTkyLWI1NjQt
MDQwZTA2NDRmYmU4LzEvQkt5ZVJqOXFmdHg4V0dFZHhWV0ZWYzEyNzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81YWNkNzgtZDY3MC00MTkyLWI1NjQtMDQwZTA2NDRmYmU4
LzEvME41aGlDSzRyMi1leXZfTmZWUlp0OHdSUkpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZwEMA0G
CSqGSIb3DQEBCwUAA4IBAQBRAleVQqMALwKHtG24zY/WDWsf/6f7M1G+XfCxcIf4
zXGoIDOgnUEOYVtlynWOuehF+6hNILbATZHY9+/KziHQ0ifG/ueIAyudj2QShHI7
EURTvGVdfk5gU4NF22hn28GcRy1wRFpxUlB084TaJqohWDcPaQ6SP82XC1uKDJMi
oPOpwwIfsm8t7fi/csWsTCnSqwvvtgHZlpfYaFKN9szWE/847WNC+tWaWdO8g/3Z
8idNw0tLW/bP4n6Uo9gv2JMQDybemOYapFnP0k99X7/wGn6ayDrDmL4LMDbxh++M
qkHyR158BcORkXZeXvqq2dP6umBwufvLPINAQQW0TFFr
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:20:07 2025 by rpki-client