Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/BiKfALvUrbmz3ELiU2Cie_RebNQ.roa
File: BiKfALvUrbmz3ELiU2Cie_RebNQ.roa (raw, json)
Hash identifier: YTvSWKiRU8RjXS9YxNmzHNkFBB7gumyZX++knrRqEtA=
Subject key identifier: 06:22:9F:00:BB:D4:AD:B9:B3:DC:42:E2:53:60:A2:7B:F4:5E:6C:D4
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAEFAA875D9A5D95D3D527944118B1
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/BiKfALvUrbmz3ELiU2Cie_RebNQ.roa
Signing time: Sun 01 Jan 2023 14:44:54 +0000
ROA not before: Sun 01 Jan 2023 14:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56862
IP address blocks: 195.91.146.0/23 maxlen: 23
195.91.144.0/23 maxlen: 23
195.91.140.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ef:aa:87:5d:9a:5d:95:d3:d5:27:94:41:18:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06229f00bbd4adb9b3dc42e25360a27bf45e6cd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6e:27:1e:d6:b4:98:cd:b6:f0:fb:ee:4f:9a:
dd:e6:56:78:1b:01:48:34:70:2c:e5:54:49:99:09:
36:fb:e4:46:0c:11:35:50:8b:f8:4e:2b:ac:76:bf:
04:72:4b:28:09:f2:17:0c:89:61:a2:62:fb:53:58:
ac:70:b7:f3:61:e0:dc:1a:81:8c:0e:7f:aa:4a:b7:
b1:e8:2e:08:56:25:4b:a0:94:61:e5:d3:69:88:f1:
69:e7:f7:a8:26:e1:16:08:7a:0d:bf:6d:ba:6d:01:
d7:2c:1a:56:51:b3:bb:8b:a7:9a:bc:fb:e9:3a:9c:
91:2b:4d:f4:b9:ef:85:a0:d8:16:db:e4:77:91:47:
b2:bf:51:18:6d:1e:12:a5:3e:5c:39:af:28:fd:05:
81:7c:0c:aa:7e:b2:10:2c:90:59:12:39:f2:75:14:
3a:54:d1:6b:13:0e:a5:5d:34:a5:03:fa:9b:04:39:
b3:cd:b3:29:41:21:d2:6b:2f:6a:a4:84:37:a7:21:
ba:84:af:8a:a2:4c:17:7b:63:3c:c3:28:8b:0b:b1:
63:9b:b9:5d:7a:63:93:24:07:9e:a8:6b:61:4f:1f:
7e:ef:9a:ec:07:69:17:5a:7c:ae:d3:9e:e0:e1:11:
5f:33:dc:62:c8:22:94:68:cd:a9:43:c5:df:71:02:
a8:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:22:9F:00:BB:D4:AD:B9:B3:DC:42:E2:53:60:A2:7B:F4:5E:6C:D4
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/BiKfALvUrbmz3ELiU2Cie_RebNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.91.140.0/23
195.91.144.0/22
Signature Algorithm: sha256WithRSAEncryption
53:82:c6:49:ab:66:9f:f0:a1:14:09:8e:8e:c9:26:42:41:56:
1e:88:02:35:2c:de:00:01:4a:88:8c:a6:0c:85:6a:00:85:b5:
92:4f:ed:33:64:00:4b:a1:f3:56:ea:92:b0:5b:bf:7c:44:dc:
01:9b:ec:cf:a0:7f:e2:8b:3f:0c:98:89:d8:47:f2:9c:3f:d1:
68:5b:3e:b1:f4:54:64:61:03:11:f9:fc:fd:e1:19:79:a8:84:
d1:d0:5e:6e:eb:3d:6f:c9:30:79:55:a7:2a:ee:63:f7:98:46:
63:13:d3:64:7e:45:a6:a2:57:9a:95:84:4d:38:8b:73:7a:d5:
dd:eb:90:35:53:e2:9e:f4:cd:b7:31:d2:b4:38:7b:8d:89:ea:
a5:fc:cd:98:19:5f:6a:df:d4:2d:e4:d4:46:06:7a:89:5c:29:
cb:93:81:d1:85:b9:29:4d:da:7b:f3:6e:a0:e3:e7:fc:05:58:
3a:1c:6d:bb:d2:6a:18:3b:ca:a5:23:62:dc:b1:5f:13:8b:75:
9a:1d:6e:64:7d:6b:0e:fe:0d:78:06:b4:6f:19:b3:55:2c:e8:
8c:bb:77:b3:3e:e9:34:92:f6:95:5c:61:10:68:fa:46:b8:92:
5c:21:40:8a:e5:60:85:fe:96:14:26:df:ac:33:f2:05:9a:69:
f8:2f:bf:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtyu+qh12aXZXT1SeUQRixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjIyOWYwMGJiZDRhZGI5YjNkYzQyZTI1MzYwYTI3YmY0NWU2Y2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm4nHta0mM228PvuT5rd5lZ4GwFI
NHAs5VRJmQk2++RGDBE1UIv4Tiusdr8EcksoCfIXDIlhomL7U1iscLfzYeDcGoGM
Dn+qSrex6C4IViVLoJRh5dNpiPFp5/eoJuEWCHoNv226bQHXLBpWUbO7i6eavPvp
OpyRK030ue+FoNgW2+R3kUeyv1EYbR4SpT5cOa8o/QWBfAyqfrIQLJBZEjnydRQ6
VNFrEw6lXTSlA/qbBDmzzbMpQSHSay9qpIQ3pyG6hK+KokwXe2M8wyiLC7Fjm7ld
emOTJAeeqGthTx9+75rsB2kXWnyu057g4RFfM9xiyCKUaM2pQ8XfcQKoRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAYinwC71K25s9xC4lNgonv0XmzUMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvQmlLZkFMdlVyYm16M0VMaVUyQ2llX1JlYk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw1uMAwQC
w1uQMA0GCSqGSIb3DQEBCwUAA4IBAQBTgsZJq2af8KEUCY6OySZCQVYeiAI1LN4A
AUqIjKYMhWoAhbWST+0zZABLofNW6pKwW798RNwBm+zPoH/iiz8MmInYR/KcP9Fo
Wz6x9FRkYQMR+fz94Rl5qITR0F5u6z1vyTB5Vacq7mP3mEZjE9NkfkWmolealYRN
OItzetXd65A1U+Ke9M23MdK0OHuNieql/M2YGV9q39Qt5NRGBnqJXCnLk4HRhbkp
Tdp7826g4+f8BVg6HG270moYO8qlI2LcsV8Ti3WaHW5kfWsO/g14BrRvGbNVLOiM
u3ezPuk0kvaVXGEQaPpGuJJcIUCK5WCF/pYUJt+sM/IFmmn4L7/i
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:13 2025 by rpki-client