Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/bu-aY814oN0zZmuedO0-L6nA1Js.roa
File: bu-aY814oN0zZmuedO0-L6nA1Js.roa (raw, json)
Hash identifier: l9qaLt4gYL7GO6wlotPMWtCoUA115L85+uv76tlCG/s=
Subject key identifier: 6E:EF:9A:63:CD:78:A0:DD:33:66:6B:9E:74:ED:3E:2F:A9:C0:D4:9B
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 0194236A02FB6C08C290E255D37A677817AA
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/bu-aY814oN0zZmuedO0-L6nA1Js.roa
Signing time: Wed 01 Jan 2025 19:48:57 +0000
ROA not before: Wed 01 Jan 2025 19:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135330
IP address blocks: 74.119.193.0/24 maxlen: 24
2a09:7c45::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:02:fb:6c:08:c2:90:e2:55:d3:7a:67:78:17:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Jan 1 19:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6eef9a63cd78a0dd33666b9e74ed3e2fa9c0d49b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:22:2e:05:99:e2:f8:42:41:46:0d:e3:a7:28:
8a:e9:44:4f:24:5b:df:94:42:9b:e8:5d:13:a3:dc:
0b:8c:94:49:bc:ce:0e:76:80:a3:f7:37:ab:84:98:
a1:86:b1:03:f6:40:d9:01:3a:8b:2a:e3:57:db:d8:
58:f5:54:ef:fd:ef:4a:39:7e:ef:e0:97:b6:76:c7:
cf:c6:e4:89:ee:0d:bc:e4:c2:a5:32:2e:ea:3d:83:
3b:f8:35:5e:1e:63:97:ca:69:ca:17:54:44:0c:44:
83:a3:4a:f2:20:e7:94:f7:76:a9:91:42:ee:10:aa:
c2:b2:23:d0:e3:5f:57:18:35:a1:13:6a:9b:c9:57:
02:81:75:6b:20:38:5e:5b:fd:51:ab:9e:01:cf:66:
aa:49:94:cf:8c:12:20:71:ea:59:3f:19:c7:d7:9b:
b5:71:06:6a:65:b7:61:99:4c:40:14:8f:17:fe:d8:
71:42:2c:8b:35:97:9a:a4:72:97:fb:1f:51:7c:c2:
a8:46:4c:07:36:55:a4:ed:6d:99:db:7c:6c:bf:57:
42:e9:d1:51:5b:66:d9:8c:d6:29:55:6f:81:de:ca:
52:cb:05:2a:9b:5d:81:f5:dc:fe:36:35:d0:4f:a2:
f3:13:eb:ce:dd:2a:ff:1a:d1:0a:7c:45:c4:51:03:
37:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:EF:9A:63:CD:78:A0:DD:33:66:6B:9E:74:ED:3E:2F:A9:C0:D4:9B
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/bu-aY814oN0zZmuedO0-L6nA1Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.119.193.0/24
IPv6:
2a09:7c45::/32
Signature Algorithm: sha256WithRSAEncryption
72:52:99:0d:44:61:49:19:23:5b:6e:50:27:ac:53:52:1f:97:
76:b3:35:2f:9f:ec:be:81:be:92:97:98:8b:69:6f:8a:63:fa:
a7:e9:18:6b:0e:73:ec:1c:d8:62:d8:f1:43:99:55:f4:60:55:
30:fd:a0:a1:bf:ba:a7:5d:d6:42:29:73:eb:50:12:ea:a2:8e:
56:b7:09:0a:c0:c5:25:60:39:e0:ab:35:72:46:a0:7a:80:27:
23:e9:40:63:de:56:a8:f9:88:fe:1c:02:eb:4e:33:28:f3:cc:
b9:c4:fb:b6:1c:a6:b3:1e:6c:46:a4:1e:bf:d6:00:56:6a:64:
3c:39:2f:b9:fa:8a:97:32:e5:9c:80:fb:a7:2a:19:91:74:2d:
5c:35:d9:50:87:fd:10:96:90:73:2b:72:08:84:35:ba:79:5c:
07:f2:09:ba:9d:27:b1:02:5b:64:e1:54:57:28:81:f4:60:ba:
e6:fc:05:c6:a5:c6:d4:90:2a:20:a9:14:56:7e:5a:b2:ba:30:
48:7d:da:0e:ad:14:74:9e:0d:c6:49:92:b0:b5:9c:12:ac:fd:
0d:20:e1:e3:f0:4d:71:83:d9:46:fe:7e:c2:75:04:2d:ca:22:
41:af:58:a2:e7:9e:48:e9:62:8a:10:2d:f1:5b:2c:da:51:ad:
e1:47:a3:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjagL7bAjCkOJV03pneBeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwMTAxMTk0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWVmOWE2M2NkNzhhMGRkMzM2NjZiOWU3NGVkM2UyZmE5YzBkNDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCIuBZni+EJBRg3jpyiK6URPJFvf
lEKb6F0To9wLjJRJvM4OdoCj9zerhJihhrED9kDZATqLKuNX29hY9VTv/e9KOX7v
4Je2dsfPxuSJ7g285MKlMi7qPYM7+DVeHmOXymnKF1REDESDo0ryIOeU93apkULu
EKrCsiPQ419XGDWhE2qbyVcCgXVrIDheW/1Rq54Bz2aqSZTPjBIgcepZPxnH15u1
cQZqZbdhmUxAFI8X/thxQiyLNZeapHKX+x9RfMKoRkwHNlWk7W2Z23xsv1dC6dFR
W2bZjNYpVW+B3spSywUqm12B9dz+NjXQT6LzE+vO3Sr/GtEKfEXEUQM3vwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG7vmmPNeKDdM2ZrnnTtPi+pwNSbMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvYnUtYVk4MTRvTjB6Wm11ZWRPMC1MNm5BMUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQASnfBMA0E
AgACMAcDBQAqCXxFMA0GCSqGSIb3DQEBCwUAA4IBAQByUpkNRGFJGSNbblAnrFNS
H5d2szUvn+y+gb6Sl5iLaW+KY/qn6RhrDnPsHNhi2PFDmVX0YFUw/aChv7qnXdZC
KXPrUBLqoo5WtwkKwMUlYDngqzVyRqB6gCcj6UBj3lao+Yj+HALrTjMo88y5xPu2
HKazHmxGpB6/1gBWamQ8OS+5+oqXMuWcgPunKhmRdC1cNdlQh/0QlpBzK3IIhDW6
eVwH8gm6nSexAltk4VRXKIH0YLrm/AXGpcbUkCogqRRWflqyujBIfdoOrRR0ng3G
SZKwtZwSrP0NIOHj8E1xg9lG/n7CdQQtyiJBr1ii555I6WKKEC3xWyzaUa3hR6M2
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:11:40 2025 by rpki-client