Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/BOD3dcxTc2yY6D5t1Z9HjEwK_rU.roa
File: BOD3dcxTc2yY6D5t1Z9HjEwK_rU.roa (raw, json)
Hash identifier: GaifOabvqdT7+yzCu9A/2BB5BkajLIn0jWyTPBEgmVc=
Subject key identifier: 04:E0:F7:75:CC:53:73:6C:98:E8:3E:6D:D5:9F:47:8C:4C:0A:FE:B5
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 019422FB5B1D8771136B6FE79A2A218C798B
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/BOD3dcxTc2yY6D5t1Z9HjEwK_rU.roa
Signing time: Wed 01 Jan 2025 17:48:05 +0000
ROA not before: Wed 01 Jan 2025 17:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50098
IP address blocks: 195.211.220.0/24 maxlen: 24
195.211.221.0/24 maxlen: 24
195.211.222.0/24 maxlen: 24
195.211.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:5b:1d:87:71:13:6b:6f:e7:9a:2a:21:8c:79:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Jan 1 17:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04e0f775cc53736c98e83e6dd59f478c4c0afeb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5e:52:ba:c0:4f:d3:e5:59:d5:22:33:1c:9c:
b0:c4:66:00:bb:c1:85:8b:f9:1b:b4:5c:5b:15:aa:
97:41:87:cd:b2:7a:a1:e3:ee:57:8d:83:6e:17:d1:
12:4c:20:cb:fd:2d:52:b2:92:6a:67:81:91:c0:96:
67:29:9f:83:04:d9:5e:0b:6f:77:28:13:91:17:0c:
56:69:b7:95:d6:4d:c3:05:50:99:32:b8:f4:a7:86:
39:94:ad:8f:d3:f3:04:c3:fd:db:b5:8f:5e:45:24:
72:be:a1:e3:21:82:27:d3:77:bb:b4:c3:09:6b:2f:
01:17:72:e6:a1:cd:55:e2:24:17:be:f2:25:a6:46:
fd:4a:d3:eb:77:85:63:99:3e:ab:1f:1f:08:bc:40:
95:44:0d:37:2a:83:6b:0c:9a:dc:85:59:a6:64:e3:
46:9d:12:3e:97:7c:d9:a9:f0:14:ae:af:40:bb:7d:
15:64:5f:27:79:f6:9a:e3:dc:23:82:25:62:c7:cc:
f8:82:6b:e1:7d:da:16:b3:01:ca:8c:76:d1:2a:77:
f2:4d:e0:25:93:d5:b2:26:61:e4:77:da:8c:40:aa:
cf:72:30:70:0e:14:d1:c2:d5:62:02:d4:64:c0:df:
db:f6:80:bf:39:15:e2:67:40:24:10:e4:55:15:4a:
6e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E0:F7:75:CC:53:73:6C:98:E8:3E:6D:D5:9F:47:8C:4C:0A:FE:B5
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/BOD3dcxTc2yY6D5t1Z9HjEwK_rU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.220.0/22
Signature Algorithm: sha256WithRSAEncryption
38:2c:eb:84:86:b3:5a:ef:4a:54:6f:30:96:20:5f:5e:7d:e4:
b0:fe:df:69:42:d6:c7:3e:b8:e4:7a:67:56:c8:09:e4:78:86:
4a:9f:25:af:7f:a3:4d:23:bd:dd:4a:c2:89:e9:c6:2f:43:72:
a5:25:24:99:68:8b:75:92:dc:44:d6:67:89:82:d2:58:7c:bd:
5a:3f:bb:75:f9:2c:bc:dc:4f:c1:7b:11:0b:d0:d8:98:d4:00:
98:08:5c:dd:c9:50:45:86:99:48:1b:7d:5e:ac:2a:b1:35:44:
6b:fd:01:21:9a:51:1c:2b:86:ec:f3:65:1d:d8:9d:c7:1f:89:
61:c6:8d:f3:a0:92:1d:bf:01:57:eb:7d:7b:0f:33:eb:58:e7:
6b:d7:2e:05:7c:ea:4a:96:7c:7b:36:1e:7c:5c:13:cf:2b:d9:
c9:a1:60:09:29:bf:d0:78:97:50:f0:3d:bc:fa:da:61:bb:77:
e2:c2:4d:2b:2b:04:d3:08:d7:ab:40:58:c3:39:fc:57:a2:24:
dd:e0:d3:51:f5:0a:27:c0:08:50:44:6f:f1:2c:05:6b:03:f5:
22:f3:64:2d:20:4f:26:ec:53:82:0a:c6:2b:2d:0d:59:ba:d7:
76:ec:92:0e:a6:28:0e:3e:e5:fd:fc:1d:15:10:75:35:2c:22:
a1:e1:87:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+1sdh3ETa2/nmiohjHmLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjUwMTAxMTc0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGUwZjc3NWNjNTM3MzZjOThlODNlNmRkNTlmNDc4YzRjMGFmZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxF5SusBP0+VZ1SIzHJywxGYAu8GF
i/kbtFxbFaqXQYfNsnqh4+5XjYNuF9ESTCDL/S1SspJqZ4GRwJZnKZ+DBNleC293
KBORFwxWabeV1k3DBVCZMrj0p4Y5lK2P0/MEw/3btY9eRSRyvqHjIYIn03e7tMMJ
ay8BF3Lmoc1V4iQXvvIlpkb9StPrd4VjmT6rHx8IvECVRA03KoNrDJrchVmmZONG
nRI+l3zZqfAUrq9Au30VZF8nefaa49wjgiVix8z4gmvhfdoWswHKjHbRKnfyTeAl
k9WyJmHkd9qMQKrPcjBwDhTRwtViAtRkwN/b9oC/ORXiZ0AkEORVFUpuFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFATg93XMU3NsmOg+bdWfR4xMCv61MB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvQk9EM2RjeFRjMnlZNkQ1dDFaOUhqRXdLX3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw9PcMA0G
CSqGSIb3DQEBCwUAA4IBAQA4LOuEhrNa70pUbzCWIF9efeSw/t9pQtbHPrjkemdW
yAnkeIZKnyWvf6NNI73dSsKJ6cYvQ3KlJSSZaIt1ktxE1meJgtJYfL1aP7t1+Sy8
3E/BexEL0NiY1ACYCFzdyVBFhplIG31erCqxNURr/QEhmlEcK4bs82Ud2J3HH4lh
xo3zoJIdvwFX6317DzPrWOdr1y4FfOpKlnx7Nh58XBPPK9nJoWAJKb/QeJdQ8D28
+tphu3fiwk0rKwTTCNerQFjDOfxXoiTd4NNR9QonwAhQRG/xLAVrA/Ui82QtIE8m
7FOCCsYrLQ1Zutd27JIOpigOPuX9/B0VEHU1LCKh4Yfy
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:59:41 2025 by rpki-client