Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7bdd07-6e55-4a05-9d1b-eeedd99b8cc4/1/rAM6r2SFYvSQGaseydRgOte_bds.roa
File: rAM6r2SFYvSQGaseydRgOte_bds.roa (raw, json)
Hash identifier: RYGmm+YYhr7YTk+o6zMn3og3hxzFO1fF/P5WPNoHQX8=
Subject key identifier: AC:03:3A:AF:64:85:62:F4:90:19:AB:1E:C9:D4:60:3A:D7:BF:6D:DB
Certificate issuer: /CN=5e7c7736945c29a77bacd5b18b0ff58751117bad
Certificate serial: 019425FCC4561B7A703BB11E7ABF02F3E407
Authority key identifier: 5E:7C:77:36:94:5C:29:A7:7B:AC:D5:B1:8B:0F:F5:87:51:11:7B:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xnx3NpRcKad7rNWxiw_1h1ERe60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7bdd07-6e55-4a05-9d1b-eeedd99b8cc4/1/rAM6r2SFYvSQGaseydRgOte_bds.roa
Signing time: Thu 02 Jan 2025 07:48:29 +0000
ROA not before: Thu 02 Jan 2025 07:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48789
IP address blocks: 193.104.229.0/24 maxlen: 24
2a12:6cc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:c4:56:1b:7a:70:3b:b1:1e:7a:bf:02:f3:e4:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e7c7736945c29a77bacd5b18b0ff58751117bad
Validity
Not Before: Jan 2 07:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac033aaf648562f49019ab1ec9d4603ad7bf6ddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:41:d2:eb:ae:d6:00:88:54:df:de:5e:9d:bf:
de:07:0b:19:dc:60:30:d3:1c:e6:43:c6:4b:64:54:
af:ee:82:9a:09:dd:06:35:28:8f:21:f4:9f:2a:20:
f0:6e:05:1e:2f:b0:af:c0:b2:07:68:f8:bd:c7:cd:
4b:53:a2:a9:82:85:53:b3:d9:29:a3:13:ac:86:81:
ce:a3:11:e9:7d:0d:0f:f0:fc:f3:75:a2:11:e7:06:
8e:70:a4:a2:f0:83:8d:2f:d1:19:0f:0a:5b:f9:87:
e6:7f:47:0a:75:50:86:fb:26:d6:8f:7d:21:cc:46:
6a:a3:7c:5b:75:90:23:18:98:f9:38:f1:6d:dc:6e:
46:78:5c:b6:8a:fc:bb:7a:0c:9f:c3:7c:d0:fd:d1:
3a:a4:85:99:b3:d3:c4:55:8a:54:a7:0b:1a:46:0f:
06:fd:cf:7a:0a:ee:41:ec:0e:4b:32:2e:a5:63:62:
93:97:d4:bf:0d:03:a5:77:2d:06:0a:26:c8:93:5c:
4b:27:93:30:4d:00:3f:5f:70:29:bb:65:9a:6a:db:
c9:1d:b5:e4:f6:ec:53:5b:38:47:8f:48:65:9a:b5:
ff:38:ee:0c:64:40:c0:7f:ce:bc:cd:93:f2:31:26:
b6:2f:3f:a4:2d:c8:84:d6:23:1a:08:02:39:a7:23:
b4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:03:3A:AF:64:85:62:F4:90:19:AB:1E:C9:D4:60:3A:D7:BF:6D:DB
X509v3 Authority Key Identifier:
keyid:5E:7C:77:36:94:5C:29:A7:7B:AC:D5:B1:8B:0F:F5:87:51:11:7B:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xnx3NpRcKad7rNWxiw_1h1ERe60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7bdd07-6e55-4a05-9d1b-eeedd99b8cc4/1/rAM6r2SFYvSQGaseydRgOte_bds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7bdd07-6e55-4a05-9d1b-eeedd99b8cc4/1/Xnx3NpRcKad7rNWxiw_1h1ERe60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.229.0/24
IPv6:
2a12:6cc0::/32
Signature Algorithm: sha256WithRSAEncryption
61:dc:58:5b:b0:d6:93:2d:40:3d:4c:db:13:4d:69:de:21:7c:
76:f6:e8:f4:1c:7b:1a:8d:1d:f4:97:15:15:03:a9:c5:11:8c:
eb:73:d0:84:1d:da:13:66:16:f6:c7:bf:3c:b1:16:21:d9:38:
c8:68:33:84:39:bf:f0:f2:f4:0a:e3:37:d6:c5:29:de:79:08:
bf:d6:14:c4:22:1c:4b:7e:9e:4a:17:17:c0:f8:95:f2:5c:a8:
7b:56:4e:b0:42:11:b5:66:9f:1e:4e:f5:7d:52:41:e2:5d:7e:
6b:3f:1f:4d:46:44:84:65:fc:43:31:b1:84:84:02:80:c7:30:
05:ef:c4:e5:89:e0:fa:e7:9e:27:ab:32:79:8e:81:80:3c:49:
93:a2:b0:10:a7:9e:d8:20:cd:fd:21:60:b6:9d:e9:10:32:d1:
60:41:a2:d1:5d:ea:92:c7:a0:48:7d:6e:85:40:39:fc:52:7d:
93:52:32:db:0f:5e:bf:62:13:63:da:e5:80:d9:62:b8:3e:de:
fd:f4:51:55:fe:7a:df:79:a5:99:0d:ee:9f:14:2b:90:63:ca:
61:3b:9d:dd:c1:e5:80:39:ef:76:e4:34:eb:b6:d1:4e:14:99:
69:94:b2:ac:9d:1d:b0:31:70:e0:72:bd:c0:50:db:ba:cb:6b:
bb:d6:23:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/MRWG3pwO7Eeer8C8+QHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlN2M3NzM2OTQ1YzI5YTc3YmFjZDViMThiMGZmNTg3NTEx
MTdiYWQwHhcNMjUwMTAyMDc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzAzM2FhZjY0ODU2MmY0OTAxOWFiMWVjOWQ0NjAzYWQ3YmY2ZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUHS667WAIhU395enb/eBwsZ3GAw
0xzmQ8ZLZFSv7oKaCd0GNSiPIfSfKiDwbgUeL7CvwLIHaPi9x81LU6KpgoVTs9kp
oxOshoHOoxHpfQ0P8PzzdaIR5waOcKSi8IONL9EZDwpb+Yfmf0cKdVCG+ybWj30h
zEZqo3xbdZAjGJj5OPFt3G5GeFy2ivy7egyfw3zQ/dE6pIWZs9PEVYpUpwsaRg8G
/c96Cu5B7A5LMi6lY2KTl9S/DQOldy0GCibIk1xLJ5MwTQA/X3Apu2WaatvJHbXk
9uxTWzhHj0hlmrX/OO4MZEDAf868zZPyMSa2Lz+kLciE1iMaCAI5pyO0VwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKwDOq9khWL0kBmrHsnUYDrXv23bMB8GA1UdIwQY
MBaAFF58dzaUXCmne6zVsYsP9YdREXutMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG54M05wUmNLYWQ3ck5XeGl3XzFoMUVSZTYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83YmRkMDctNmU1NS00YTA1LTlkMWIt
ZWVlZGQ5OWI4Y2M0LzEvckFNNnIyU0ZZdlNRR2FzZXlkUmdPdGVfYmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83YmRkMDctNmU1NS00YTA1LTlkMWItZWVlZGQ5OWI4Y2M0
LzEvWG54M05wUmNLYWQ3ck5XeGl3XzFoMUVSZTYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwWjlMA0E
AgACMAcDBQAqEmzAMA0GCSqGSIb3DQEBCwUAA4IBAQBh3FhbsNaTLUA9TNsTTWne
IXx29uj0HHsajR30lxUVA6nFEYzrc9CEHdoTZhb2x788sRYh2TjIaDOEOb/w8vQK
4zfWxSneeQi/1hTEIhxLfp5KFxfA+JXyXKh7Vk6wQhG1Zp8eTvV9UkHiXX5rPx9N
RkSEZfxDMbGEhAKAxzAF78TlieD6554nqzJ5joGAPEmTorAQp57YIM39IWC2nekQ
MtFgQaLRXeqSx6BIfW6FQDn8Un2TUjLbD16/YhNj2uWA2WK4Pt799FFV/nrfeaWZ
De6fFCuQY8phO53dweWAOe925DTrttFOFJlplLKsnR2wMXDgcr3AUNu6y2u71iME
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:51 2025 by rpki-client