Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/bz-D4SDkYNJX3doa4B8jZgURHwo.roa
File: bz-D4SDkYNJX3doa4B8jZgURHwo.roa (raw, json)
Hash identifier: VAiwBxvkCmw7A0ZcRk66dwA9/yhNQQmsm9xLmf72FPw=
Subject key identifier: 6F:3F:83:E1:20:E4:60:D2:57:DD:DA:1A:E0:1F:23:66:05:11:1F:0A
Certificate issuer: /CN=22a44566764ebb511683cb6228fa91997b559379
Certificate serial: 019427482CAFEEFE6EE0E6BA004AED0D4985
Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/bz-D4SDkYNJX3doa4B8jZgURHwo.roa
Signing time: Thu 02 Jan 2025 13:50:28 +0000
ROA not before: Thu 02 Jan 2025 13:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 78.153.131.0/24 maxlen: 24
78.153.139.0/24 maxlen: 24
78.153.144.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:2c:af:ee:fe:6e:e0:e6:ba:00:4a:ed:0d:49:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a44566764ebb511683cb6228fa91997b559379
Validity
Not Before: Jan 2 13:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f3f83e120e460d257ddda1ae01f236605111f0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:62:b9:14:df:bc:83:3c:a2:06:0f:eb:66:31:
a4:a7:76:93:ee:da:a6:15:91:8c:76:76:34:8d:5f:
f1:33:dd:59:eb:41:3e:aa:04:b1:4c:e0:c0:2a:0f:
e5:ce:4c:cd:0d:ef:66:45:59:ec:00:de:fd:b8:9a:
16:b2:3f:bc:3a:df:c9:8b:1d:53:9d:87:d2:23:34:
1f:ba:c9:73:90:dd:fe:86:95:18:79:b0:ae:c3:02:
67:b3:0f:0c:0b:59:cf:0a:cd:5a:d2:fd:4a:f6:cc:
86:65:6a:71:ed:76:75:4a:29:68:bc:6c:d1:2c:00:
fa:5c:bb:48:ee:28:7a:83:3b:f2:06:81:f1:92:6d:
b9:0f:00:31:03:72:0c:ee:db:49:57:91:10:d9:8e:
68:fd:25:3b:1f:66:2d:49:33:44:b4:37:37:3e:e8:
a6:3f:48:ba:cf:57:59:6b:c1:35:a7:96:14:98:b4:
13:77:8e:57:89:7d:f1:24:a0:c2:8b:dd:c4:05:42:
8e:cb:53:c7:e2:81:18:44:19:00:1f:5c:01:87:3c:
a1:ef:f0:87:7f:31:fb:15:5a:5d:ed:f7:84:c3:f8:
d3:51:ba:11:fd:29:b2:c1:bd:14:2e:2f:cc:13:a2:
a6:ca:c3:c1:d8:e4:db:58:02:8d:f0:71:ea:2d:b7:
52:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:3F:83:E1:20:E4:60:D2:57:DD:DA:1A:E0:1F:23:66:05:11:1F:0A
X509v3 Authority Key Identifier:
keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/bz-D4SDkYNJX3doa4B8jZgURHwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.153.131.0/24
78.153.139.0/24
78.153.144.0/24
Signature Algorithm: sha256WithRSAEncryption
92:17:30:f9:d0:b7:57:e5:20:6e:75:c7:82:04:13:a2:43:36:
ea:c2:93:75:c4:57:2d:f1:8b:fc:5a:c6:d2:d9:9e:9e:71:4e:
ca:30:1e:dc:cb:db:aa:08:0a:5b:88:d7:76:52:84:87:2f:f5:
f2:3f:45:18:64:57:70:36:63:9d:59:a8:1d:18:00:85:8f:58:
79:ec:df:93:a2:13:fe:81:de:16:24:72:e2:44:1a:c5:ba:69:
59:f9:1f:76:66:a3:3a:6f:f7:6c:8b:18:f4:da:49:77:91:43:
10:5d:0c:70:e3:f4:4d:9e:95:6b:8f:02:5d:7d:34:89:7b:5b:
5c:49:68:cc:99:2f:16:29:5e:71:2b:59:a7:34:40:22:92:22:
33:d3:69:6d:bd:87:fd:a0:4a:8c:4c:2f:3a:63:0f:af:eb:e2:
4b:bc:a6:19:7f:79:08:49:bd:61:48:34:ee:ee:5c:0d:25:7b:
63:a6:c1:9e:d7:06:f5:ba:86:92:cc:f3:2a:db:a7:63:30:0d:
2d:c9:45:1f:b1:01:f7:e7:e7:b9:ac:22:24:82:e2:cd:de:cf:
ef:cb:c8:8b:59:62:d1:4c:ab:d7:e1:ec:ee:85:46:a9:1d:f4:
95:b5:d1:94:c6:83:65:ac:4c:05:f4:d1:1d:39:08:08:ca:cc:
04:cf:c8:18
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnSCyv7v5u4Oa6AErtDUmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1
NTkzNzkwHhcNMjUwMTAyMTM1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjNmODNlMTIwZTQ2MGQyNTdkZGRhMWFlMDFmMjM2NjA1MTExZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GK5FN+8gzyiBg/rZjGkp3aT7tqm
FZGMdnY0jV/xM91Z60E+qgSxTODAKg/lzkzNDe9mRVnsAN79uJoWsj+8Ot/Jix1T
nYfSIzQfuslzkN3+hpUYebCuwwJnsw8MC1nPCs1a0v1K9syGZWpx7XZ1SilovGzR
LAD6XLtI7ih6gzvyBoHxkm25DwAxA3IM7ttJV5EQ2Y5o/SU7H2YtSTNEtDc3Puim
P0i6z1dZa8E1p5YUmLQTd45XiX3xJKDCi93EBUKOy1PH4oEYRBkAH1wBhzyh7/CH
fzH7FVpd7feEw/jTUboR/Smywb0ULi/ME6KmysPB2OTbWAKN8HHqLbdSbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG8/g+Eg5GDSV93aGuAfI2YFER8KMB8GA1UdIwQY
MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt
MTZiODBhYTI4ZGQ2LzEvYnotRDRTRGtZTkpYM2RvYTRCOGpaZ1VSSHdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2
LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATpmDAwQA
TpmLAwQATpmQMA0GCSqGSIb3DQEBCwUAA4IBAQCSFzD50LdX5SBudceCBBOiQzbq
wpN1xFct8Yv8WsbS2Z6ecU7KMB7cy9uqCApbiNd2UoSHL/XyP0UYZFdwNmOdWagd
GACFj1h57N+TohP+gd4WJHLiRBrFumlZ+R92ZqM6b/dsixj02kl3kUMQXQxw4/RN
npVrjwJdfTSJe1tcSWjMmS8WKV5xK1mnNEAikiIz02ltvYf9oEqMTC86Yw+v6+JL
vKYZf3kISb1hSDTu7lwNJXtjpsGe1wb1uoaSzPMq26djMA0tyUUfsQH35+e5rCIk
guLN3s/vy8iLWWLRTKvX4ezuhUapHfSVtdGUxoNlrEwF9NEdOQgIyswEz8gY
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:01:31 2025 by rpki-client