Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/BYLPzOMe1DxWdpXNE62DtzO9Fb0.roa
File: BYLPzOMe1DxWdpXNE62DtzO9Fb0.roa (raw, json)
Hash identifier: SqdsHTomHrhRooCsvxMkFhbSdd3KRws8NQEmMcUSL9s=
Subject key identifier: 05:82:CF:CC:E3:1E:D4:3C:56:76:95:CD:13:AD:83:B7:33:BD:15:BD
Certificate issuer: /CN=d79ea47ae161cbb3daef97789730d70c4cba89d0
Certificate serial: 019420D5F8520694D02C1975185E94B8C846
Authority key identifier: D7:9E:A4:7A:E1:61:CB:B3:DA:EF:97:78:97:30:D7:0C:4C:BA:89:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/BYLPzOMe1DxWdpXNE62DtzO9Fb0.roa
Signing time: Wed 01 Jan 2025 07:48:01 +0000
ROA not before: Wed 01 Jan 2025 07:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2200
IP address blocks: 129.88.0.0/16 maxlen: 16
147.171.0.0/16 maxlen: 16
152.77.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f8:52:06:94:d0:2c:19:75:18:5e:94:b8:c8:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79ea47ae161cbb3daef97789730d70c4cba89d0
Validity
Not Before: Jan 1 07:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0582cfcce31ed43c567695cd13ad83b733bd15bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7f:7c:81:96:d8:e9:d3:e6:ee:f8:11:a8:ef:
52:fe:bf:03:4a:9f:7c:42:34:04:63:c1:ec:a1:e1:
ea:91:5a:45:db:05:56:82:5d:e7:8e:33:66:07:4d:
f8:a1:1c:33:95:40:5e:76:3e:f5:e7:3d:0b:77:5d:
ed:c6:0a:ee:45:70:fa:15:81:63:5f:51:2d:f8:af:
5f:f0:d6:98:39:f8:dd:fe:07:aa:24:6b:08:be:02:
54:63:57:6b:e7:78:f2:5e:ec:74:ad:8d:da:d6:c1:
1c:1f:96:37:3e:98:6c:94:fb:d2:a2:42:f5:fe:ee:
14:6b:e1:a0:30:14:ab:a2:6a:9b:7f:7a:8f:55:8f:
4f:93:fd:bf:c2:c0:05:9c:c3:a6:da:b1:83:65:24:
96:4d:c8:b8:a4:52:74:58:db:13:2c:bf:a4:ff:61:
2b:49:c9:9b:f3:66:c0:a4:d5:3f:43:32:14:e9:fc:
23:f8:b2:a3:c6:70:57:7a:84:65:db:98:95:de:85:
ff:a5:f0:ef:55:37:32:67:3f:f6:a0:f9:f6:15:fb:
0f:b1:a2:3b:0a:61:fd:61:3c:45:cf:64:11:e1:48:
a0:92:b8:99:ab:57:42:60:0f:fa:87:22:44:85:95:
b7:78:00:f2:5c:b5:0f:0a:84:12:9a:08:b2:54:42:
dc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:82:CF:CC:E3:1E:D4:3C:56:76:95:CD:13:AD:83:B7:33:BD:15:BD
X509v3 Authority Key Identifier:
keyid:D7:9E:A4:7A:E1:61:CB:B3:DA:EF:97:78:97:30:D7:0C:4C:BA:89:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/BYLPzOMe1DxWdpXNE62DtzO9Fb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/156keuFhy7Pa75d4lzDXDEy6idA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.88.0.0/16
147.171.0.0/16
152.77.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a8:ba:cf:6c:b4:9c:90:25:fa:ce:34:12:ac:67:d2:1e:0b:20:
d8:b2:b9:0c:ee:bb:ba:71:67:68:17:fc:81:9e:31:bb:82:e7:
b5:b7:f0:89:59:04:53:d8:47:8a:7f:2a:3c:57:21:d3:1f:93:
67:47:3a:c1:c7:fe:ef:f2:94:48:ac:74:b8:18:e5:17:f6:8a:
73:fa:5b:30:fb:f1:da:b7:84:87:e8:47:17:c7:31:79:bb:64:
f0:bb:5f:b1:02:10:a6:06:7c:4d:57:13:33:39:62:18:c3:48:
4d:9f:fb:de:f1:1a:40:d1:68:c6:33:7d:64:95:aa:0d:d8:ad:
ac:76:f2:81:41:e9:0d:96:83:11:84:c3:51:05:06:0f:fd:d2:
06:88:b1:c2:0a:1a:25:46:37:65:79:2f:91:30:33:d5:ea:0d:
14:9b:d4:1f:01:d9:01:51:53:2f:0e:24:51:55:a9:c7:ff:ed:
2d:73:9f:68:71:54:13:2b:e0:fb:2a:6c:55:84:28:34:fc:2f:
fb:b3:84:c5:b0:9e:ee:0e:b0:de:fc:cc:55:72:1b:63:0f:93:
8c:11:46:14:43:24:b5:55:4d:6e:9c:c5:46:f0:ab:3e:5c:21:
bc:8d:6f:de:b8:76:4d:bb:d9:a2:b4:79:6e:af:65:7e:f3:a6:
58:bd:cf:f2
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZQg1fhSBpTQLBl1GF6UuMhGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OWVhNDdhZTE2MWNiYjNkYWVmOTc3ODk3MzBkNzBjNGNi
YTg5ZDAwHhcNMjUwMTAxMDc0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTgyY2ZjY2UzMWVkNDNjNTY3Njk1Y2QxM2FkODNiNzMzYmQxNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmH98gZbY6dPm7vgRqO9S/r8DSp98
QjQEY8HsoeHqkVpF2wVWgl3njjNmB034oRwzlUBedj715z0Ld13txgruRXD6FYFj
X1Et+K9f8NaYOfjd/geqJGsIvgJUY1dr53jyXux0rY3a1sEcH5Y3PphslPvSokL1
/u4Ua+GgMBSromqbf3qPVY9Pk/2/wsAFnMOm2rGDZSSWTci4pFJ0WNsTLL+k/2Er
Scmb82bApNU/QzIU6fwj+LKjxnBXeoRl25iV3oX/pfDvVTcyZz/2oPn2FfsPsaI7
CmH9YTxFz2QR4UigkriZq1dCYA/6hyJEhZW3eADyXLUPCoQSmgiyVELcLwIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFAWCz8zjHtQ8VnaVzROtg7czvRW9MB8GA1UdIwQY
MBaAFNeepHrhYcuz2u+XeJcw1wxMuonQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTU2a2V1Rmh5N1BhNzVkNGx6RFhERXk2aWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOWNiNDEtMWMzYi00NmFiLWE5OTMt
M2MzZTUwZGRhNmNjLzEvQllMUHpPTWUxRHhXZHBYTkU2MkR0ek85RmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kOWNiNDEtMWMzYi00NmFiLWE5OTMtM2MzZTUwZGRhNmNj
LzEvMTU2a2V1Rmh5N1BhNzVkNGx6RFhERXk2aWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAATAPAwMAgVgDAwCT
qwMDAJhNMA0GCSqGSIb3DQEBCwUAA4IBAQCous9stJyQJfrONBKsZ9IeCyDYsrkM
7ru6cWdoF/yBnjG7gue1t/CJWQRT2EeKfyo8VyHTH5NnRzrBx/7v8pRIrHS4GOUX
9opz+lsw+/Hat4SH6EcXxzF5u2Twu1+xAhCmBnxNVxMzOWIYw0hNn/ve8RpA0WjG
M31klaoN2K2sdvKBQekNloMRhMNRBQYP/dIGiLHCCholRjdleS+RMDPV6g0Um9Qf
AdkBUVMvDiRRVanH/+0tc59ocVQTK+D7KmxVhCg0/C/7s4TFsJ7uDrDe/MxVchtj
D5OMEUYUQyS1VU1unMVG8Ks+XCG8jW/euHZNu9mitHlur2V+86ZYvc/y
-----END CERTIFICATE-----
Generated at Fri Apr 25 23:21:27 2025 by rpki-client