Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/bpfV9qpUqRU7ZbL5m4qH_-0K2rg.roa
File: bpfV9qpUqRU7ZbL5m4qH_-0K2rg.roa (raw, json)
Hash identifier: 4P0zOtuiLjjQhgT/25d48jeUAEanfYakXWIUUX0ljiU=
Subject key identifier: 6E:97:D5:F6:AA:54:A9:15:3B:65:B2:F9:9B:8A:87:FF:ED:0A:DA:B8
Certificate issuer: /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial: 0195C3E34F529A316856561D1B4EF0CDB76E
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/bpfV9qpUqRU7ZbL5m4qH_-0K2rg.roa
Signing time: Sun 23 Mar 2025 16:43:28 +0000
ROA not before: Sun 23 Mar 2025 16:43:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133210
IP address blocks: 194.15.115.0/24 maxlen: 24
2a0d:5140::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c3:e3:4f:52:9a:31:68:56:56:1d:1b:4e:f0:cd:b7:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Validity
Not Before: Mar 23 16:43:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e97d5f6aa54a9153b65b2f99b8a87ffed0adab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:35:33:79:85:42:a2:34:24:60:21:38:81:4a:
80:2d:67:a9:84:8d:4a:30:e0:14:82:fe:9a:ed:a5:
73:c6:b7:37:5b:06:00:46:87:dc:27:70:bb:05:f4:
1b:c2:c0:09:a7:98:13:ed:46:2e:ba:d0:71:21:fa:
9e:9c:cd:3e:ed:f4:28:14:b1:75:d1:f3:d3:6b:61:
1c:37:cc:c1:61:66:d6:9c:35:66:fa:8d:46:57:f0:
88:9e:39:fa:21:d3:bd:1b:d6:5a:82:0f:61:66:7a:
31:15:c6:f8:ff:f3:1d:fb:d7:49:ec:bf:6d:0a:a4:
52:31:1f:17:b7:5e:81:c8:73:74:bd:f5:9b:64:ec:
c1:fa:c8:74:3f:76:9f:6a:a0:bb:16:81:45:11:4b:
2b:a7:e9:6b:b4:86:56:1a:72:a1:a9:96:70:95:05:
bb:5b:b4:d7:60:09:08:62:51:7d:7b:97:d7:42:1a:
71:61:13:95:e3:17:9e:bd:43:13:d2:2a:60:1e:23:
80:45:c3:9e:3d:18:68:27:27:bd:ef:b1:2b:08:c4:
fe:1d:9a:06:1b:15:44:3e:35:df:5c:92:fb:c4:4b:
42:54:12:ac:7d:1f:0b:5c:26:e1:e2:4d:37:fd:09:
33:78:16:ee:7d:9d:a1:fb:82:eb:63:86:7b:d6:80:
97:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:97:D5:F6:AA:54:A9:15:3B:65:B2:F9:9B:8A:87:FF:ED:0A:DA:B8
X509v3 Authority Key Identifier:
keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/bpfV9qpUqRU7ZbL5m4qH_-0K2rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.115.0/24
IPv6:
2a0d:5140::/32
Signature Algorithm: sha256WithRSAEncryption
c3:e3:15:77:b9:5e:8e:ec:aa:98:47:69:4d:22:fb:7b:82:74:
82:d4:99:5d:16:f5:78:16:7c:85:7b:28:3a:df:5e:57:71:db:
b2:60:37:25:42:fd:16:ee:b4:22:b1:cc:f3:d5:35:8a:67:cc:
e6:a0:8d:23:a3:e4:0c:71:8d:b0:4a:60:7e:3a:0a:ec:ab:ac:
73:42:93:79:2b:fe:81:89:2a:a8:ad:fc:fe:d1:28:2c:7f:7b:
4d:d1:89:ee:c9:55:78:82:80:33:49:0e:9a:95:10:dd:28:d6:
3e:d7:23:0b:dd:2c:64:e5:72:4d:58:6c:4b:32:da:b7:71:1d:
6b:3a:a6:57:30:55:3d:09:38:49:48:ec:d5:0f:23:62:6e:8a:
08:27:6c:2d:7b:d4:d0:c3:0f:cf:25:d6:98:d5:a5:77:ba:e0:
e9:09:7a:2e:c2:91:d7:2c:89:1f:ea:56:53:b0:77:8f:aa:1e:
bf:0c:34:2f:c9:78:0c:84:f3:c9:99:56:7e:d9:5f:c8:d2:16:
4e:9d:b9:41:44:a2:71:42:7b:70:b3:24:2c:0e:c3:0c:88:cc:
77:4b:9d:1f:a2:85:e1:1c:17:a4:9c:53:c9:92:5f:4e:e8:40:
00:b0:09:7f:3d:5c:d3:0a:60:0d:ce:bc:a6:c1:a5:33:3f:5d:
a6:14:c0:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZXD409SmjFoVlYdG07wzbduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjUwMzIzMTY0MzI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTk3ZDVmNmFhNTRhOTE1M2I2NWIyZjk5YjhhODdmZmVkMGFkYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDUzeYVCojQkYCE4gUqALWephI1K
MOAUgv6a7aVzxrc3WwYARofcJ3C7BfQbwsAJp5gT7UYuutBxIfqenM0+7fQoFLF1
0fPTa2EcN8zBYWbWnDVm+o1GV/CInjn6IdO9G9Zagg9hZnoxFcb4//Md+9dJ7L9t
CqRSMR8Xt16ByHN0vfWbZOzB+sh0P3afaqC7FoFFEUsrp+lrtIZWGnKhqZZwlQW7
W7TXYAkIYlF9e5fXQhpxYROV4xeevUMT0ipgHiOARcOePRhoJye977ErCMT+HZoG
GxVEPjXfXJL7xEtCVBKsfR8LXCbh4k03/QkzeBbufZ2h+4LrY4Z71oCXEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG6X1faqVKkVO2Wy+ZuKh//tCtq4MB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEvYnBmVjlxcFVxUlU3WmJMNW00cUhfLTBLMnJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwg9zMA0E
AgACMAcDBQAqDVFAMA0GCSqGSIb3DQEBCwUAA4IBAQDD4xV3uV6O7KqYR2lNIvt7
gnSC1JldFvV4FnyFeyg6315XcduyYDclQv0W7rQisczz1TWKZ8zmoI0jo+QMcY2w
SmB+Ogrsq6xzQpN5K/6BiSqorfz+0Sgsf3tN0YnuyVV4goAzSQ6alRDdKNY+1yML
3Sxk5XJNWGxLMtq3cR1rOqZXMFU9CThJSOzVDyNibooIJ2wte9TQww/PJdaY1aV3
uuDpCXouwpHXLIkf6lZTsHePqh6/DDQvyXgMhPPJmVZ+2V/I0hZOnblBRKJxQntw
syQsDsMMiMx3S50fooXhHBeknFPJkl9O6EAAsAl/PVzTCmANzrymwaUzP12mFMC8
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:37:29 2025 by rpki-client