Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BchHAGrsKHvrJovqFwT6jw3tqv0.roa
File: BchHAGrsKHvrJovqFwT6jw3tqv0.roa (raw, json)
Hash identifier: M04jjLG/GkMQ00HQlWb3MFajud7cXOvR3V2X6kzv8R4=
Subject key identifier: 05:C8:47:00:6A:EC:28:7B:EB:26:8B:EA:17:04:FA:8F:0D:ED:AA:FD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019428246824116ECCB04702BF2D73534818
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BchHAGrsKHvrJovqFwT6jw3tqv0.roa
Signing time: Thu 02 Jan 2025 17:51:02 +0000
ROA not before: Thu 02 Jan 2025 17:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24875
IP address blocks: 87.121.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:68:24:11:6e:cc:b0:47:02:bf:2d:73:53:48:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05c847006aec287beb268bea1704fa8f0dedaafd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9c:eb:20:81:9d:1a:4d:ce:69:a5:77:64:ab:
04:45:de:8c:48:f9:42:ae:f4:83:dc:5c:7a:fe:ae:
59:d4:26:ac:28:44:d9:c0:51:a0:12:62:49:84:4b:
b4:eb:f5:26:38:33:45:dc:3f:98:9c:5b:99:fd:bc:
94:63:9c:58:e3:c9:c0:8b:67:0e:f8:ae:54:ef:b9:
66:0e:19:08:27:4e:d9:1b:fb:91:bf:a3:3f:8a:78:
77:e5:09:8a:a4:58:85:f8:b3:a7:5d:26:10:a3:d2:
f0:44:50:0e:bd:9a:9c:1e:69:24:c9:a2:70:a9:cf:
11:36:5d:db:61:d0:1a:d7:6e:58:4a:5a:89:ce:d0:
0c:69:1d:30:46:6d:c9:aa:da:9e:70:87:30:de:e3:
bd:f9:07:65:c4:8e:0d:01:19:49:b6:33:50:c7:6a:
f3:88:38:be:6e:73:3a:37:81:3d:4e:a6:f5:51:c7:
d1:18:cf:11:5f:e0:64:e0:56:90:10:3e:fd:8d:5c:
bc:29:db:fe:a1:58:70:52:29:84:30:d7:36:8d:23:
10:85:02:65:06:78:bb:ea:46:2f:54:1e:e3:8c:bb:
3b:11:5f:46:36:30:69:d0:3d:3f:11:5a:72:e9:cb:
c9:9d:9a:8f:15:59:6b:76:0a:93:44:c9:b4:7d:82:
24:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C8:47:00:6A:EC:28:7B:EB:26:8B:EA:17:04:FA:8F:0D:ED:AA:FD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BchHAGrsKHvrJovqFwT6jw3tqv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.220.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:cb:fa:c4:4e:bc:7e:4c:94:1b:c6:ae:c2:f4:fb:38:98:65:
0b:fb:3c:c3:60:ec:c9:e3:65:56:6e:26:92:3e:0d:c7:b8:f6:
fe:85:b6:c1:32:c0:3d:3d:89:f6:34:f1:fd:3d:91:c9:38:bb:
74:de:00:e9:b8:c7:05:77:fd:1a:3d:f3:f4:f4:46:f8:ec:9e:
43:a2:52:e3:fa:da:14:75:48:e3:02:92:31:c4:83:a9:90:fb:
9d:96:80:e2:9d:46:35:48:a9:75:a8:fc:ce:b4:c8:d5:1b:b5:
9f:66:47:07:11:e1:42:15:d2:89:17:45:15:7e:1d:07:06:39:
fb:70:32:da:ac:2e:db:bb:40:5b:50:33:93:62:8f:f5:ac:12:
f9:24:f9:16:56:23:92:90:b5:d5:a0:6d:23:a4:79:9f:d2:b6:
8b:f3:05:c6:c8:89:66:23:ac:48:cf:47:01:1f:fd:8f:22:89:
95:02:52:4a:b2:a9:4a:29:fa:ab:4c:5f:bd:11:5c:d4:53:3a:
b3:22:05:8e:98:c0:9e:eb:8f:82:88:7c:de:51:11:f9:18:be:
06:a0:9c:45:18:a5:ca:e8:c7:8a:89:00:48:7c:41:37:8f:76:
8c:c2:98:12:10:31:83:d8:a5:35:34:9b:ae:52:c7:0d:54:20:
c4:d5:22:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJGgkEW7MsEcCvy1zU0gYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWM4NDcwMDZhZWMyODdiZWIyNjhiZWExNzA0ZmE4ZjBkZWRhYWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJzrIIGdGk3OaaV3ZKsERd6MSPlC
rvSD3Fx6/q5Z1CasKETZwFGgEmJJhEu06/UmODNF3D+YnFuZ/byUY5xY48nAi2cO
+K5U77lmDhkIJ07ZG/uRv6M/inh35QmKpFiF+LOnXSYQo9LwRFAOvZqcHmkkyaJw
qc8RNl3bYdAa125YSlqJztAMaR0wRm3JqtqecIcw3uO9+QdlxI4NARlJtjNQx2rz
iDi+bnM6N4E9Tqb1UcfRGM8RX+Bk4FaQED79jVy8Kdv+oVhwUimEMNc2jSMQhQJl
Bni76kYvVB7jjLs7EV9GNjBp0D0/EVpy6cvJnZqPFVlrdgqTRMm0fYIkVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXIRwBq7Ch76yaL6hcE+o8N7ar9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQmNoSEFHcnNLSHZySm92cUZ3VDZqdzN0cXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3ncMA0G
CSqGSIb3DQEBCwUAA4IBAQCKy/rETrx+TJQbxq7C9Ps4mGUL+zzDYOzJ42VWbiaS
Pg3HuPb+hbbBMsA9PYn2NPH9PZHJOLt03gDpuMcFd/0aPfP09Eb47J5DolLj+toU
dUjjApIxxIOpkPudloDinUY1SKl1qPzOtMjVG7WfZkcHEeFCFdKJF0UVfh0HBjn7
cDLarC7bu0BbUDOTYo/1rBL5JPkWViOSkLXVoG0jpHmf0raL8wXGyIlmI6xIz0cB
H/2PIomVAlJKsqlKKfqrTF+9EVzUUzqzIgWOmMCe64+CiHzeURH5GL4GoJxFGKXK
6MeKiQBIfEE3j3aMwpgSEDGD2KU1NJuuUscNVCDE1SKi
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:31:39 2025 by rpki-client