Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/BGPtN6UeNB6gxVs3merGZGk1kns.roa
File: BGPtN6UeNB6gxVs3merGZGk1kns.roa (raw, json)
Hash identifier: hrSuHlNxsE/yi+6e5xU/QtKRxyKAm/eD9FqzGlKPQGg=
Subject key identifier: 04:63:ED:37:A5:1E:34:1E:A0:C5:5B:37:99:EA:C6:64:69:35:92:7B
Certificate issuer: /CN=706d64134faa746293c0384edac0371950f3b224
Certificate serial: 019425FBF348445A6FDBC739DA89060B1981
Authority key identifier: 70:6D:64:13:4F:AA:74:62:93:C0:38:4E:DA:C0:37:19:50:F3:B2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/BGPtN6UeNB6gxVs3merGZGk1kns.roa
Signing time: Thu 02 Jan 2025 07:47:36 +0000
ROA not before: Thu 02 Jan 2025 07:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203231
IP address blocks: 193.218.160.0/20 maxlen: 20
193.218.160.0/24 maxlen: 24
193.218.161.0/24 maxlen: 24
2a0a:5180::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fb:f3:48:44:5a:6f:db:c7:39:da:89:06:0b:19:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d64134faa746293c0384edac0371950f3b224
Validity
Not Before: Jan 2 07:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0463ed37a51e341ea0c55b3799eac6646935927b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:27:61:54:29:d1:ce:b4:29:b8:2b:6d:4f:2b:
d6:ef:5e:ae:cb:66:c7:4c:93:81:07:7a:53:0d:3f:
9e:a5:ed:04:b6:57:04:4c:bf:d0:25:6a:0b:e1:a2:
e5:dc:1c:ad:df:3b:f9:66:3f:45:33:e5:6d:1b:9a:
18:fe:46:fa:1a:86:74:a4:ae:e3:94:b6:0f:de:57:
8f:c1:dc:2a:df:aa:5a:79:93:93:be:77:15:20:f7:
49:4b:4e:9a:7f:3d:36:85:c2:27:2c:16:9d:1c:9e:
9d:49:01:3f:87:05:b0:67:aa:31:4d:60:0f:22:0c:
9f:c1:be:39:75:a9:0f:59:3b:51:ba:9b:d6:cb:ab:
b3:41:11:90:59:f3:e1:db:2a:9a:f7:e0:c2:18:e9:
a6:2d:05:80:0e:33:75:99:a6:85:9d:f6:5c:dd:74:
52:fa:a1:17:67:97:7b:0c:6a:ae:f0:ea:7d:ec:63:
20:00:1a:fe:70:ac:38:cd:0a:11:1b:f1:17:43:2e:
36:91:53:37:9b:05:ae:12:83:a2:e0:0b:51:b9:83:
fd:6c:38:a7:98:b9:f5:bd:bc:1d:29:15:82:3a:d9:
a5:a9:d2:38:d2:93:90:90:ac:d0:f2:70:57:22:43:
2c:d9:26:d6:22:a4:f4:78:b7:39:80:a1:c0:bf:1a:
5c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:63:ED:37:A5:1E:34:1E:A0:C5:5B:37:99:EA:C6:64:69:35:92:7B
X509v3 Authority Key Identifier:
keyid:70:6D:64:13:4F:AA:74:62:93:C0:38:4E:DA:C0:37:19:50:F3:B2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/BGPtN6UeNB6gxVs3merGZGk1kns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.160.0/20
IPv6:
2a0a:5180::/29
Signature Algorithm: sha256WithRSAEncryption
66:a1:46:3a:77:3d:51:88:ca:e9:d2:90:a2:57:09:f6:03:c8:
2d:26:5e:f8:4d:f4:31:a6:da:8c:ea:4d:71:c7:e8:70:ac:90:
e9:27:6c:b1:79:41:01:5b:72:e7:f2:e9:bd:f5:7f:74:98:e8:
63:69:db:5f:43:74:3b:a8:fb:17:b9:2a:f6:38:92:91:94:f9:
4b:0c:73:09:47:b6:a3:30:a4:96:a2:06:29:99:5a:9b:ac:f5:
51:6a:23:10:00:ad:3a:97:7d:56:c9:cb:b7:de:b7:86:7b:81:
b6:97:5a:48:96:6e:75:b7:d3:7f:7e:c2:74:44:03:a4:6f:f8:
65:07:d0:b3:b6:33:20:5b:c0:fb:fd:e4:a1:fa:5d:90:77:32:
06:38:79:dc:99:c2:7f:16:51:83:fa:a9:49:67:78:a5:31:82:
c9:a9:c9:e1:d7:7e:05:fa:8a:d8:40:2e:7d:ec:21:dd:f4:e7:
51:0a:d9:3d:71:87:2e:a4:a3:15:ea:9b:89:ca:87:a2:9b:34:
cc:24:45:98:a7:25:bf:b1:be:de:bd:51:9b:9e:c6:db:77:dd:
03:10:fa:b1:9b:4a:e6:bc:54:e3:7a:b9:5d:14:a3:04:3e:1a:
c4:cd:b0:18:d2:37:5e:6c:6c:b1:48:7f:ea:43:85:08:e7:d7:
0a:39:f8:72
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl+/NIRFpv28c52okGCxmBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmQ2NDEzNGZhYTc0NjI5M2MwMzg0ZWRhYzAzNzE5NTBm
M2IyMjQwHhcNMjUwMTAyMDc0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDYzZWQzN2E1MWUzNDFlYTBjNTViMzc5OWVhYzY2NDY5MzU5MjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsidhVCnRzrQpuCttTyvW716uy2bH
TJOBB3pTDT+epe0EtlcETL/QJWoL4aLl3Byt3zv5Zj9FM+VtG5oY/kb6GoZ0pK7j
lLYP3lePwdwq36paeZOTvncVIPdJS06afz02hcInLBadHJ6dSQE/hwWwZ6oxTWAP
Igyfwb45dakPWTtRupvWy6uzQRGQWfPh2yqa9+DCGOmmLQWADjN1maaFnfZc3XRS
+qEXZ5d7DGqu8Op97GMgABr+cKw4zQoRG/EXQy42kVM3mwWuEoOi4AtRuYP9bDin
mLn1vbwdKRWCOtmlqdI40pOQkKzQ8nBXIkMs2SbWIqT0eLc5gKHAvxpc1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFARj7TelHjQeoMVbN5nqxmRpNZJ7MB8GA1UdIwQY
MBaAFHBtZBNPqnRik8A4TtrANxlQ87IkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0cxa0UwLXFkR0tUd0RoTzJzQTNHVkR6c2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zMjk4ZTMtOWE1MC00Y2ZiLTg0ZTYt
ZDEzN2FkZTE2NmQxLzEvQkdQdE42VWVOQjZneFZzM21lckdaR2sxa25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zMjk4ZTMtOWE1MC00Y2ZiLTg0ZTYtZDEzN2FkZTE2NmQx
LzEvY0cxa0UwLXFkR0tUd0RoTzJzQTNHVkR6c2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEwdqgMA0E
AgACMAcDBQMqClGAMA0GCSqGSIb3DQEBCwUAA4IBAQBmoUY6dz1RiMrp0pCiVwn2
A8gtJl74TfQxptqM6k1xx+hwrJDpJ2yxeUEBW3Ln8um99X90mOhjadtfQ3Q7qPsX
uSr2OJKRlPlLDHMJR7ajMKSWogYpmVqbrPVRaiMQAK06l31Wycu33reGe4G2l1pI
lm51t9N/fsJ0RAOkb/hlB9CztjMgW8D7/eSh+l2QdzIGOHncmcJ/FlGD+qlJZ3il
MYLJqcnh134F+orYQC597CHd9OdRCtk9cYcupKMV6puJyoeimzTMJEWYpyW/sb7e
vVGbnsbbd90DEPqxm0rmvFTjerldFKMEPhrEzbAY0jdebGyxSH/qQ4UI59cKOfhy
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:47:03 2025 by rpki-client