Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/BYEpO3dKB_ok3YL5Nvkz1BqvKfY.roa
File: BYEpO3dKB_ok3YL5Nvkz1BqvKfY.roa (raw, json)
Hash identifier: tzMMybSfOyrsE8fXw9tkAmX7iTeiSe2VTc77bmai8Ps=
Subject key identifier: 05:81:29:3B:77:4A:07:FA:24:DD:82:F9:36:F9:33:D4:1A:AF:29:F6
Certificate issuer: /CN=5b5bff9d41f719f62600c32d3410ddb99eccb30c
Certificate serial: 019422FC08E48164A2F13B156A8C2A7633E3
Authority key identifier: 5B:5B:FF:9D:41:F7:19:F6:26:00:C3:2D:34:10:DD:B9:9E:CC:B3:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1v_nUH3GfYmAMMtNBDduZ7Msww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/BYEpO3dKB_ok3YL5Nvkz1BqvKfY.roa
Signing time: Wed 01 Jan 2025 17:48:50 +0000
ROA not before: Wed 01 Jan 2025 17:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 78.138.4.0/22 maxlen: 24
78.138.36.0/22 maxlen: 24
83.229.52.0/22 maxlen: 24
83.229.100.0/23 maxlen: 24
83.229.102.0/24 maxlen: 24
185.10.6.0/24 maxlen: 24
185.115.108.0/22 maxlen: 24
213.255.212.0/22 maxlen: 24
213.255.220.0/22 maxlen: 24
213.255.232.0/21 maxlen: 24
213.255.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:08:e4:81:64:a2:f1:3b:15:6a:8c:2a:76:33:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b5bff9d41f719f62600c32d3410ddb99eccb30c
Validity
Not Before: Jan 1 17:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0581293b774a07fa24dd82f936f933d41aaf29f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ff:84:66:47:76:ee:f3:d8:f1:90:3d:8f:7a:
e8:f1:df:2e:02:a7:58:2e:26:2b:c9:59:98:01:9d:
32:c0:bb:68:f1:a5:14:af:5b:78:2e:95:ff:22:4b:
5c:38:2e:bd:86:55:b1:36:d3:96:3f:b1:32:7c:2e:
d6:7a:cd:4e:08:3d:29:73:59:46:88:fa:b6:07:3d:
99:df:1b:cc:26:99:02:cd:81:8e:46:84:1d:0c:97:
6f:54:35:91:b6:8c:94:0e:b9:2f:4b:84:18:f2:ee:
58:17:cb:f5:74:2b:ea:57:35:4e:ba:c1:24:0d:9b:
11:de:c4:c2:fb:c2:9f:03:28:6d:6a:4e:fa:1f:a4:
69:68:52:03:4a:1f:93:de:50:92:76:e1:e0:2b:e3:
2e:38:1b:2c:2b:27:42:dd:e8:1a:88:b6:43:a2:a0:
f4:ca:2e:0f:8a:0d:eb:d3:5c:ba:72:92:45:0a:58:
b2:6b:de:ff:52:55:ca:0c:37:1f:21:f5:15:42:07:
98:34:08:bd:37:22:06:8e:86:be:62:37:8e:8c:e6:
59:95:44:f2:e1:52:4d:55:16:80:22:f1:a7:af:dc:
f8:17:92:c1:72:90:2b:92:8e:c3:6e:1f:71:93:a9:
c6:8f:08:b8:37:5e:70:21:cc:44:47:0d:2a:b6:dc:
d1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:81:29:3B:77:4A:07:FA:24:DD:82:F9:36:F9:33:D4:1A:AF:29:F6
X509v3 Authority Key Identifier:
keyid:5B:5B:FF:9D:41:F7:19:F6:26:00:C3:2D:34:10:DD:B9:9E:CC:B3:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1v_nUH3GfYmAMMtNBDduZ7Msww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/BYEpO3dKB_ok3YL5Nvkz1BqvKfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/W1v_nUH3GfYmAMMtNBDduZ7Msww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.4.0/22
78.138.36.0/22
83.229.52.0/22
83.229.100.0-83.229.102.255
185.10.6.0/24
185.115.108.0/22
213.255.212.0/22
213.255.220.0/22
213.255.232.0/21
213.255.252.0/22
Signature Algorithm: sha256WithRSAEncryption
98:16:6d:3a:13:9a:57:f0:6e:b0:1a:24:6b:e6:34:d5:12:c7:
a1:bd:03:6a:f0:ee:5b:c6:71:62:6c:34:73:f0:d9:38:2b:91:
53:10:eb:d4:9c:82:c3:c7:b0:51:ee:82:82:77:08:ab:18:0a:
fb:0f:c9:5d:f8:e4:d3:13:9f:60:11:e9:b2:cf:73:f6:64:51:
9e:f2:cf:06:d9:7f:7d:19:06:7c:1f:73:88:74:d8:f3:bb:0f:
47:a6:0d:db:10:8f:f6:b7:09:e6:81:cd:c8:d5:20:e6:c4:23:
84:80:2f:30:cb:24:f8:aa:d5:06:fe:2d:24:57:a6:62:46:ed:
2d:3b:96:aa:0f:de:41:61:fd:62:a2:51:51:93:2a:a4:ea:0b:
f8:dd:f0:08:23:d8:36:86:af:e6:90:28:a4:2f:03:48:90:aa:
16:4e:3e:99:50:5b:b9:4a:3a:42:fd:28:c0:20:e9:55:64:b5:
88:be:e7:48:54:9f:52:ab:98:bc:95:c7:ad:75:d3:da:ce:20:
8c:f2:d4:da:ea:91:3d:93:20:33:71:19:fe:7f:b4:f1:45:74:
11:a4:b5:10:fe:ee:ec:c5:92:44:86:19:5e:84:95:04:15:8e:
28:bc:34:2b:a2:57:25:a8:c4:51:68:cc:93:5c:aa:dd:86:5d:
80:32:d0:d0
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQi/AjkgWSi8TsVaowqdjPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNWJmZjlkNDFmNzE5ZjYyNjAwYzMyZDM0MTBkZGI5OWVj
Y2IzMGMwHhcNMjUwMTAxMTc0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTgxMjkzYjc3NGEwN2ZhMjRkZDgyZjkzNmY5MzNkNDFhYWYyOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP+EZkd27vPY8ZA9j3ro8d8uAqdY
LiYryVmYAZ0ywLto8aUUr1t4LpX/IktcOC69hlWxNtOWP7EyfC7Wes1OCD0pc1lG
iPq2Bz2Z3xvMJpkCzYGORoQdDJdvVDWRtoyUDrkvS4QY8u5YF8v1dCvqVzVOusEk
DZsR3sTC+8KfAyhtak76H6RpaFIDSh+T3lCSduHgK+MuOBssKydC3egaiLZDoqD0
yi4Pig3r01y6cpJFCliya97/UlXKDDcfIfUVQgeYNAi9NyIGjoa+YjeOjOZZlUTy
4VJNVRaAIvGnr9z4F5LBcpArko7Dbh9xk6nGjwi4N15wIcxERw0qttzRfwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFAWBKTt3Sgf6JN2C+Tb5M9Qaryn2MB8GA1UdIwQY
MBaAFFtb/51B9xn2JgDDLTQQ3bmezLMMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzF2X25VSDNHZlltQU1NdE5CRGR1WjdNc3d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi80ZjQzZmMtNDE4Ny00YmI5LTkwNWEt
ZjBjNjI1OGI5YTA0LzEvQllFcE8zZEtCX29rM1lMNU52a3oxQnF2S2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi80ZjQzZmMtNDE4Ny00YmI5LTkwNWEtZjBjNjI1OGI5YTA0
LzEvVzF2X25VSDNHZlltQU1NdE5CRGR1WjdNc3d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCTooEAwQC
TookAwQCU+U0MAwDBAJT5WQDBABT5WYDBAC5CgYDBAK5c2wDBALV/9QDBALV/9wD
BAPV/+gDBALV//wwDQYJKoZIhvcNAQELBQADggEBAJgWbToTmlfwbrAaJGvmNNUS
x6G9A2rw7lvGcWJsNHPw2TgrkVMQ69ScgsPHsFHugoJ3CKsYCvsPyV345NMTn2AR
6bLPc/ZkUZ7yzwbZf30ZBnwfc4h02PO7D0emDdsQj/a3CeaBzcjVIObEI4SALzDL
JPiq1Qb+LSRXpmJG7S07lqoP3kFh/WKiUVGTKqTqC/jd8Agj2DaGr+aQKKQvA0iQ
qhZOPplQW7lKOkL9KMAg6VVktYi+50hUn1KrmLyVx61109rOIIzy1NrqkT2TIDNx
Gf5/tPFFdBGktRD+7uzFkkSGGV6ElQQVjii8NCuiVyWoxFFozJNcqt2GXYAy0NA=
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:15:00 2025 by rpki-client