Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/38ec5b-336d-4a1c-a84a-f6c6859b30f0/1/BfpSqqWPnz2zm8axpIU080CSsRs.roa
File: BfpSqqWPnz2zm8axpIU080CSsRs.roa (raw, json)
Hash identifier: i9cs+yG6O1Ft1obwZZ0jOFlWDCTv2KU1uV2QUmB00UQ=
Subject key identifier: 05:FA:52:AA:A5:8F:9F:3D:B3:9B:C6:B1:A4:85:34:F3:40:92:B1:1B
Certificate issuer: /CN=e29ed9a9d1b6b5383ebf946d5fc54980612563ea
Certificate serial: 0194228E215D2B88802C9F71FAC0CEE89722
Authority key identifier: E2:9E:D9:A9:D1:B6:B5:38:3E:BF:94:6D:5F:C5:49:80:61:25:63:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4p7ZqdG2tTg-v5RtX8VJgGElY-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/38ec5b-336d-4a1c-a84a-f6c6859b30f0/1/BfpSqqWPnz2zm8axpIU080CSsRs.roa
Signing time: Wed 01 Jan 2025 15:48:47 +0000
ROA not before: Wed 01 Jan 2025 15:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197745
IP address blocks: 185.2.0.0/22 maxlen: 24
2a00:90c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:21:5d:2b:88:80:2c:9f:71:fa:c0:ce:e8:97:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29ed9a9d1b6b5383ebf946d5fc54980612563ea
Validity
Not Before: Jan 1 15:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05fa52aaa58f9f3db39bc6b1a48534f34092b11b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:da:c5:f1:77:ef:30:d9:33:02:8c:60:68:e3:
40:1a:88:f8:b3:c9:10:20:25:bb:0b:2a:c7:f9:06:
0e:94:ec:7e:37:9d:48:e9:8e:49:d4:92:22:9f:07:
b2:33:1a:7f:06:ae:e7:e7:bb:9f:b3:0e:cd:a4:12:
9f:66:03:ec:61:12:2a:cd:ff:88:d2:97:f7:31:e6:
5a:03:fb:bb:3e:7b:a2:2c:ba:e5:b4:0d:29:09:e9:
ff:97:74:8f:67:71:6b:64:d9:1e:bd:f4:31:57:50:
dd:dd:2d:a8:8f:be:18:91:21:64:3a:37:f3:79:95:
90:fa:0a:fa:00:3c:86:86:3f:ba:1d:b2:0b:74:d9:
08:3c:13:09:e0:92:ae:c2:99:07:77:ab:02:77:3b:
d2:c3:71:0b:8c:0f:48:79:53:f4:3a:d5:1d:98:88:
03:c5:09:f5:27:e7:ec:c6:f5:f0:f4:1d:b8:33:5a:
b9:27:e0:ff:3a:10:f2:b2:b0:3f:1b:5a:bf:0b:47:
32:22:01:c2:e4:9c:1f:e5:8b:7a:4e:32:d3:49:13:
99:f9:af:18:62:b5:74:c4:48:a8:79:be:5e:12:8d:
a6:b8:71:9b:38:53:c3:ba:cb:d4:6e:a7:05:c2:fe:
d1:cf:d2:b6:61:d3:09:30:98:1f:96:f8:0d:6f:69:
37:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FA:52:AA:A5:8F:9F:3D:B3:9B:C6:B1:A4:85:34:F3:40:92:B1:1B
X509v3 Authority Key Identifier:
keyid:E2:9E:D9:A9:D1:B6:B5:38:3E:BF:94:6D:5F:C5:49:80:61:25:63:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4p7ZqdG2tTg-v5RtX8VJgGElY-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/38ec5b-336d-4a1c-a84a-f6c6859b30f0/1/BfpSqqWPnz2zm8axpIU080CSsRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/38ec5b-336d-4a1c-a84a-f6c6859b30f0/1/4p7ZqdG2tTg-v5RtX8VJgGElY-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.0.0/22
IPv6:
2a00:90c0::/29
Signature Algorithm: sha256WithRSAEncryption
5f:a2:91:24:ce:3e:1b:7e:5a:bc:79:2f:57:99:d3:b0:cb:c6:
44:f5:27:41:7b:00:5c:3a:ce:59:41:31:3e:a6:f4:ba:e5:e9:
c8:24:4d:c2:42:6b:d1:38:d0:42:e0:d7:4b:60:63:1e:0f:69:
e5:d8:f1:0b:d3:26:6d:4b:33:5e:ab:75:15:2e:76:ef:a5:3c:
1e:c4:ee:f2:72:e5:2c:f9:63:12:ff:ea:b9:f2:58:e2:53:db:
fd:cb:86:54:4c:b6:04:3d:b2:7c:ee:73:5b:b6:b0:b5:00:f0:
73:d9:25:c9:2d:46:42:20:51:e8:e2:b0:ad:b5:19:e1:7c:7d:
94:7b:34:e1:98:68:17:0f:fb:4b:eb:4d:4f:5d:db:97:43:4c:
ff:00:07:ff:1f:3b:8c:fc:da:c4:9d:90:4c:9a:3d:26:52:3b:
55:04:48:b4:78:f7:50:02:e4:13:aa:62:44:22:a8:4c:4c:e0:
23:ca:fa:ac:27:c0:36:13:1c:69:9b:05:3e:28:af:04:4f:d3:
40:86:4b:d8:61:7c:35:6d:3a:61:fd:56:21:9f:1f:f3:fc:d3:
e2:f0:6e:92:74:f7:8c:bd:0b:d9:9b:f5:a3:2b:c4:bc:fa:8c:
fb:11:09:9e:4a:d1:26:69:ff:49:b9:a5:79:c0:2a:16:a6:65:
b4:7f:47:a1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijiFdK4iALJ9x+sDO6JciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWVkOWE5ZDFiNmI1MzgzZWJmOTQ2ZDVmYzU0OTgwNjEy
NTYzZWEwHhcNMjUwMTAxMTU0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWZhNTJhYWE1OGY5ZjNkYjM5YmM2YjFhNDg1MzRmMzQwOTJiMTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NrF8XfvMNkzAoxgaONAGoj4s8kQ
ICW7CyrH+QYOlOx+N51I6Y5J1JIinweyMxp/Bq7n57ufsw7NpBKfZgPsYRIqzf+I
0pf3MeZaA/u7PnuiLLrltA0pCen/l3SPZ3FrZNkevfQxV1Dd3S2oj74YkSFkOjfz
eZWQ+gr6ADyGhj+6HbILdNkIPBMJ4JKuwpkHd6sCdzvSw3ELjA9IeVP0OtUdmIgD
xQn1J+fsxvXw9B24M1q5J+D/OhDysrA/G1q/C0cyIgHC5Jwf5Yt6TjLTSROZ+a8Y
YrV0xEioeb5eEo2muHGbOFPDusvUbqcFwv7Rz9K2YdMJMJgflvgNb2k3ZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAX6Uqqlj589s5vGsaSFNPNAkrEbMB8GA1UdIwQY
MBaAFOKe2anRtrU4Pr+UbV/FSYBhJWPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHA3WnFkRzJ0VGctdjVSdFg4VkpnR0VsWS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8zOGVjNWItMzM2ZC00YTFjLWE4NGEt
ZjZjNjg1OWIzMGYwLzEvQmZwU3FxV1BuejJ6bThheHBJVTA4MENTc1JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8zOGVjNWItMzM2ZC00YTFjLWE4NGEtZjZjNjg1OWIzMGYw
LzEvNHA3WnFkRzJ0VGctdjVSdFg4VkpnR0VsWS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQIAMA0E
AgACMAcDBQMqAJDAMA0GCSqGSIb3DQEBCwUAA4IBAQBfopEkzj4bflq8eS9XmdOw
y8ZE9SdBewBcOs5ZQTE+pvS65enIJE3CQmvRONBC4NdLYGMeD2nl2PEL0yZtSzNe
q3UVLnbvpTwexO7ycuUs+WMS/+q58ljiU9v9y4ZUTLYEPbJ87nNbtrC1APBz2SXJ
LUZCIFHo4rCttRnhfH2UezThmGgXD/tL601PXduXQ0z/AAf/HzuM/NrEnZBMmj0m
UjtVBEi0ePdQAuQTqmJEIqhMTOAjyvqsJ8A2ExxpmwU+KK8ET9NAhkvYYXw1bTph
/VYhnx/z/NPi8G6SdPeMvQvZm/WjK8S8+oz7EQmeStEmaf9JuaV5wCoWpmW0f0eh
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:04:36 2025 by rpki-client