Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/b9df5a-a454-4e27-86af-13d380715cef/1/BDxLMkKnaceqpe6Gqca_PK3aI0Q.roa
File: BDxLMkKnaceqpe6Gqca_PK3aI0Q.roa (raw, json)
Hash identifier: g477khgykIY2Mcl6yKjre2phFpHAMbTwNboQthw3CVw=
Subject key identifier: 04:3C:4B:32:42:A7:69:C7:AA:A5:EE:86:A9:C6:BF:3C:AD:DA:23:44
Certificate issuer: /CN=e204e1c20114d7731694ddc4f277c4df1bffc4f8
Certificate serial: 019427483B0DB8A2F4C826EC948C8006DA5E
Authority key identifier: E2:04:E1:C2:01:14:D7:73:16:94:DD:C4:F2:77:C4:DF:1B:FF:C4:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gThwgEU13MWlN3E8nfE3xv_xPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/b9df5a-a454-4e27-86af-13d380715cef/1/BDxLMkKnaceqpe6Gqca_PK3aI0Q.roa
Signing time: Thu 02 Jan 2025 13:50:32 +0000
ROA not before: Thu 02 Jan 2025 13:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39532
IP address blocks: 89.104.128.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:3b:0d:b8:a2:f4:c8:26:ec:94:8c:80:06:da:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e204e1c20114d7731694ddc4f277c4df1bffc4f8
Validity
Not Before: Jan 2 13:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=043c4b3242a769c7aaa5ee86a9c6bf3cadda2344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:20:0d:08:12:29:c9:dc:83:20:4b:57:1f:c1:
ed:c9:8a:8e:0c:13:b1:a4:1d:fd:d3:4b:b1:43:10:
bf:5c:ed:e1:a3:28:94:e8:ad:37:41:a4:39:54:15:
09:cd:a7:9a:82:59:9b:7e:16:ca:a9:d4:f5:f4:eb:
e5:f0:3c:9d:30:37:d0:47:69:5f:d1:26:35:6c:00:
1d:8b:f6:16:13:46:e3:a6:45:28:73:33:75:bf:d3:
5a:0a:a5:1e:84:85:35:1a:cf:63:c8:74:43:52:00:
33:15:91:f9:3b:71:08:44:39:24:38:36:b8:6c:04:
99:24:1d:24:00:69:4c:48:4d:a4:6d:de:a7:42:84:
e6:d1:bc:3b:7b:33:ab:fb:ce:30:f2:71:2e:c2:d9:
3f:85:b7:48:b3:56:cc:93:a9:06:c4:4c:c9:9b:e2:
2b:18:33:0f:75:fe:7f:10:38:53:b3:a5:25:e5:be:
e0:4e:e5:06:e9:30:b6:81:28:d5:90:bb:48:aa:a2:
86:ac:d1:e8:5b:c9:2a:a3:a9:63:b8:05:5b:b2:da:
08:9b:be:f0:a4:a0:0a:f9:e9:fb:8c:1b:e0:b5:35:
f5:82:48:13:72:ee:2c:47:a3:45:72:0b:91:e5:49:
46:f7:c9:69:7f:c2:3f:73:34:98:20:80:b8:fc:b6:
65:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:3C:4B:32:42:A7:69:C7:AA:A5:EE:86:A9:C6:BF:3C:AD:DA:23:44
X509v3 Authority Key Identifier:
keyid:E2:04:E1:C2:01:14:D7:73:16:94:DD:C4:F2:77:C4:DF:1B:FF:C4:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gThwgEU13MWlN3E8nfE3xv_xPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/b9df5a-a454-4e27-86af-13d380715cef/1/BDxLMkKnaceqpe6Gqca_PK3aI0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/b9df5a-a454-4e27-86af-13d380715cef/1/4gThwgEU13MWlN3E8nfE3xv_xPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.104.128.0/19
Signature Algorithm: sha256WithRSAEncryption
52:43:0a:0c:2a:12:bf:c1:20:9c:2a:c9:5b:e3:58:e3:8d:fc:
94:83:ab:a9:32:f9:6a:8c:52:6c:8a:5c:96:d4:03:34:03:44:
23:d7:e1:aa:10:ea:66:9c:dc:c2:51:db:90:fe:db:98:54:91:
f8:a9:34:a9:35:41:6b:45:91:6c:2a:ec:70:a5:e9:f2:1f:23:
f9:7e:20:54:ce:98:5d:76:d9:26:93:f7:e0:db:48:e0:55:04:
fe:16:87:94:f9:0e:53:b8:48:35:cc:74:e1:88:6f:d0:fd:da:
e2:a6:cb:32:21:15:7a:51:7f:6a:ad:1c:41:f9:73:88:0d:42:
40:b5:61:37:ba:eb:38:8d:1a:b2:f6:89:64:87:2e:bc:5c:3a:
78:6c:76:ad:df:0c:cd:fc:75:9d:ef:67:58:bd:10:d3:64:a0:
47:b8:45:3a:08:b1:d9:81:f9:eb:6e:8d:15:f8:5f:4d:76:ee:
aa:c9:16:49:8c:5b:24:bc:f2:07:75:e3:f0:a4:20:65:f9:8d:
8b:89:7d:0c:56:d2:a6:4f:db:7b:36:c1:03:78:71:a7:4a:83:
45:62:e7:c3:98:e2:d6:6d:44:e0:5f:c8:c2:7f:6b:a9:7c:6d:
67:a2:39:cc:6a:97:3b:21:1d:e9:17:42:f1:73:38:f9:8a:84:
24:35:6b:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSDsNuKL0yCbslIyABtpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMDRlMWMyMDExNGQ3NzMxNjk0ZGRjNGYyNzdjNGRmMWJm
ZmM0ZjgwHhcNMjUwMTAyMTM1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDNjNGIzMjQyYTc2OWM3YWFhNWVlODZhOWM2YmYzY2FkZGEyMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSANCBIpydyDIEtXH8HtyYqODBOx
pB3900uxQxC/XO3hoyiU6K03QaQ5VBUJzaeaglmbfhbKqdT19Ovl8DydMDfQR2lf
0SY1bAAdi/YWE0bjpkUoczN1v9NaCqUehIU1Gs9jyHRDUgAzFZH5O3EIRDkkODa4
bASZJB0kAGlMSE2kbd6nQoTm0bw7ezOr+84w8nEuwtk/hbdIs1bMk6kGxEzJm+Ir
GDMPdf5/EDhTs6Ul5b7gTuUG6TC2gSjVkLtIqqKGrNHoW8kqo6ljuAVbstoIm77w
pKAK+en7jBvgtTX1gkgTcu4sR6NFcguR5UlG98lpf8I/czSYIIC4/LZl7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAQ8SzJCp2nHqqXuhqnGvzyt2iNEMB8GA1UdIwQY
MBaAFOIE4cIBFNdzFpTdxPJ3xN8b/8T4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGdUaHdnRVUxM01XbE4zRThuZkUzeHZfeFBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9iOWRmNWEtYTQ1NC00ZTI3LTg2YWYt
MTNkMzgwNzE1Y2VmLzEvQkR4TE1rS25hY2VxcGU2R3FjYV9QSzNhSTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9iOWRmNWEtYTQ1NC00ZTI3LTg2YWYtMTNkMzgwNzE1Y2Vm
LzEvNGdUaHdnRVUxM01XbE4zRThuZkUzeHZfeFBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFWWiAMA0G
CSqGSIb3DQEBCwUAA4IBAQBSQwoMKhK/wSCcKslb41jjjfyUg6upMvlqjFJsilyW
1AM0A0Qj1+GqEOpmnNzCUduQ/tuYVJH4qTSpNUFrRZFsKuxwpenyHyP5fiBUzphd
dtkmk/fg20jgVQT+FoeU+Q5TuEg1zHThiG/Q/dripssyIRV6UX9qrRxB+XOIDUJA
tWE3uus4jRqy9olkhy68XDp4bHat3wzN/HWd72dYvRDTZKBHuEU6CLHZgfnrbo0V
+F9Ndu6qyRZJjFskvPIHdePwpCBl+Y2LiX0MVtKmT9t7NsEDeHGnSoNFYufDmOLW
bUTgX8jCf2upfG1nojnMapc7IR3pF0Lxczj5ioQkNWv3
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:31:20 2025 by rpki-client