Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/066509-7a91-45f9-9e18-a9e7b343bc66/1/BfRloUJHji-lEUaufwMc19LxiqE.roa
File: BfRloUJHji-lEUaufwMc19LxiqE.roa (raw, json)
Hash identifier: 94Vq30eYX4ShhMgHZx9s+4a5DKBY3zN9CTPT6BVaH44=
Subject key identifier: 05:F4:65:A1:42:47:8E:2F:A5:11:46:AE:7F:03:1C:D7:D2:F1:8A:A1
Certificate issuer: /CN=a585e5e15aa34287cae4368cb58e7227fd87ecba
Certificate serial: 01941F8C282A101BF0CE486417E6DC211ED1
Authority key identifier: A5:85:E5:E1:5A:A3:42:87:CA:E4:36:8C:B5:8E:72:27:FD:87:EC:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pYXl4VqjQofK5DaMtY5yJ_2H7Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/066509-7a91-45f9-9e18-a9e7b343bc66/1/BfRloUJHji-lEUaufwMc19LxiqE.roa
Signing time: Wed 01 Jan 2025 01:47:46 +0000
ROA not before: Wed 01 Jan 2025 01:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41966
IP address blocks: 109.206.192.0/19 maxlen: 24
185.20.172.0/22 maxlen: 24
194.11.24.0/24 maxlen: 24
194.153.119.0/24 maxlen: 24
2a00:54c0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:28:2a:10:1b:f0:ce:48:64:17:e6:dc:21:1e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a585e5e15aa34287cae4368cb58e7227fd87ecba
Validity
Not Before: Jan 1 01:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05f465a142478e2fa51146ae7f031cd7d2f18aa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b2:d3:c3:a1:3b:e8:0e:4c:0b:64:ee:fd:b1:
d1:0f:83:a5:35:28:c9:dd:22:55:65:a5:20:ad:ab:
70:ef:dd:3a:d5:67:9a:df:61:06:5d:28:dd:1f:b5:
99:f4:62:65:80:ce:8c:01:df:a8:fc:a0:17:a1:6d:
53:c6:bd:15:f4:c1:b3:be:2a:06:f4:af:fa:1c:ef:
5d:41:20:67:35:92:86:4b:3b:6c:a8:75:71:79:6f:
2a:b3:07:7b:2f:47:e4:b3:c3:83:ca:14:d0:aa:9a:
cb:50:b0:d2:2b:8d:79:c1:de:89:0d:0b:3e:87:db:
0e:ff:38:d7:d9:d9:29:c6:3d:23:7f:e0:3d:be:04:
60:21:cd:96:32:d8:88:e0:55:d0:c1:5e:4b:ed:5a:
20:d6:92:11:17:79:43:7c:9a:02:90:6b:a1:2e:97:
9a:a3:d8:4c:a9:bd:0a:17:e2:1f:ec:1d:52:64:c5:
34:b5:d3:b6:35:9b:ec:61:fb:81:55:9c:cf:e0:4b:
c7:ae:d0:59:7a:82:b7:e6:c5:c0:b1:63:dd:5e:e9:
1c:92:b2:6f:63:a4:fd:aa:73:ee:f4:ae:49:d3:34:
bc:c7:48:34:4c:76:08:19:a3:4d:c0:bd:dc:60:b0:
5e:b4:b5:ed:8c:a9:5c:fa:95:40:a5:b1:05:62:24:
51:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F4:65:A1:42:47:8E:2F:A5:11:46:AE:7F:03:1C:D7:D2:F1:8A:A1
X509v3 Authority Key Identifier:
keyid:A5:85:E5:E1:5A:A3:42:87:CA:E4:36:8C:B5:8E:72:27:FD:87:EC:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pYXl4VqjQofK5DaMtY5yJ_2H7Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/066509-7a91-45f9-9e18-a9e7b343bc66/1/BfRloUJHji-lEUaufwMc19LxiqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/066509-7a91-45f9-9e18-a9e7b343bc66/1/pYXl4VqjQofK5DaMtY5yJ_2H7Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.192.0/19
185.20.172.0/22
194.11.24.0/24
194.153.119.0/24
IPv6:
2a00:54c0::/32
Signature Algorithm: sha256WithRSAEncryption
44:9f:62:74:7a:57:79:2d:72:54:fe:33:38:ba:8a:9d:f2:08:
88:7a:4e:ee:82:01:d3:c1:94:91:2e:83:25:36:e3:ea:03:65:
58:94:72:5d:e9:3e:56:41:98:ea:3d:59:2e:1d:f9:12:8a:65:
60:25:f2:d3:8f:ea:8e:2c:33:ff:f9:43:58:e1:0f:fe:a4:12:
49:5b:9f:82:f4:d7:3a:58:9e:20:ef:71:d7:2f:c7:bf:1c:e7:
3e:eb:b9:5b:52:bd:d8:35:bd:c4:8f:ee:18:13:6d:7c:4a:75:
2c:1e:21:bd:83:6e:d5:7f:15:df:7a:23:db:74:9c:bc:49:e8:
12:ae:66:ad:a6:a5:7c:e5:c7:8e:c0:c3:a2:ec:bd:b2:05:2b:
f1:c1:97:e3:3d:c0:44:98:8d:41:3a:cc:26:ca:84:e5:92:5e:
90:c2:73:1e:50:18:88:ff:de:3c:94:88:f5:b5:75:98:ec:89:
dc:e2:22:68:79:e7:a4:38:e3:df:c7:c2:30:55:cd:de:8d:7a:
b4:81:3f:6b:d9:ea:b0:ff:77:22:ea:f6:55:27:7c:7d:f6:05:
f2:f6:4c:ef:61:17:e7:a7:76:47:76:94:d1:68:5b:97:5c:7a:
20:59:a6:80:c7:e2:54:fb:ec:9a:62:29:0c:68:0b:96:f8:64:
65:9c:07:77
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQfjCgqEBvwzkhkF+bcIR7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ODVlNWUxNWFhMzQyODdjYWU0MzY4Y2I1OGU3MjI3ZmQ4
N2VjYmEwHhcNMjUwMTAxMDE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWY0NjVhMTQyNDc4ZTJmYTUxMTQ2YWU3ZjAzMWNkN2QyZjE4YWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bLTw6E76A5MC2Tu/bHRD4OlNSjJ
3SJVZaUgratw79061Wea32EGXSjdH7WZ9GJlgM6MAd+o/KAXoW1Txr0V9MGzvioG
9K/6HO9dQSBnNZKGSztsqHVxeW8qswd7L0fks8ODyhTQqprLULDSK415wd6JDQs+
h9sO/zjX2dkpxj0jf+A9vgRgIc2WMtiI4FXQwV5L7Vog1pIRF3lDfJoCkGuhLpea
o9hMqb0KF+If7B1SZMU0tdO2NZvsYfuBVZzP4EvHrtBZeoK35sXAsWPdXukckrJv
Y6T9qnPu9K5J0zS8x0g0THYIGaNNwL3cYLBetLXtjKlc+pVApbEFYiRRywIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAX0ZaFCR44vpRFGrn8DHNfS8YqhMB8GA1UdIwQY
MBaAFKWF5eFao0KHyuQ2jLWOcif9h+y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFlYbDRWcWpRb2ZLNURhTXRZNXlKXzJIN0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8wNjY1MDktN2E5MS00NWY5LTllMTgt
YTllN2IzNDNiYzY2LzEvQmZSbG9VSkhqaS1sRVVhdWZ3TWMxOUx4aXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8wNjY1MDktN2E5MS00NWY5LTllMTgtYTllN2IzNDNiYzY2
LzEvcFlYbDRWcWpRb2ZLNURhTXRZNXlKXzJIN0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFbc7AAwQC
uRSsAwQAwgsYAwQAwpl3MA0EAgACMAcDBQAqAFTAMA0GCSqGSIb3DQEBCwUAA4IB
AQBEn2J0eld5LXJU/jM4uoqd8giIek7uggHTwZSRLoMlNuPqA2VYlHJd6T5WQZjq
PVkuHfkSimVgJfLTj+qOLDP/+UNY4Q/+pBJJW5+C9Nc6WJ4g73HXL8e/HOc+67lb
Ur3YNb3Ej+4YE218SnUsHiG9g27VfxXfeiPbdJy8SegSrmatpqV85ceOwMOi7L2y
BSvxwZfjPcBEmI1BOswmyoTlkl6QwnMeUBiI/948lIj1tXWY7Inc4iJoeeekOOPf
x8IwVc3ejXq0gT9r2eqw/3ci6vZVJ3x99gXy9kzvYRfnp3ZHdpTRaFuXXHogWaaA
x+JU++yaYikMaAuW+GRlnAd3
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:35:22 2025 by rpki-client