Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/d7d296-16b5-491d-958f-0f387a081db0/1/BhOVPrkz9toZLp5QKMIq_QNipqY.roa
File: BhOVPrkz9toZLp5QKMIq_QNipqY.roa (raw, json)
Hash identifier: 3zoy6+8GSjKPgYvI7u9JbFY3lHT7krvKwJlTbvx30bE=
Subject key identifier: 06:13:95:3E:B9:33:F6:DA:19:2E:9E:50:28:C2:2A:FD:03:62:A6:A6
Certificate issuer: /CN=d4e4f402f77a9d68a2ff4d15458a24a03dcd07c7
Certificate serial: 018CC8DF1F284D8595AD456739BB663E199A
Authority key identifier: D4:E4:F4:02:F7:7A:9D:68:A2:FF:4D:15:45:8A:24:A0:3D:CD:07:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OT0Avd6nWii_00VRYokoD3NB8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/d7d296-16b5-491d-958f-0f387a081db0/1/BhOVPrkz9toZLp5QKMIq_QNipqY.roa
Signing time: Tue 02 Jan 2024 06:31:54 +0000
ROA not before: Tue 02 Jan 2024 06:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61961
IP address blocks: 185.204.12.0/23 maxlen: 23
2a0a:f040::/29 maxlen: 29
2001:678:5e4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:1f:28:4d:85:95:ad:45:67:39:bb:66:3e:19:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e4f402f77a9d68a2ff4d15458a24a03dcd07c7
Validity
Not Before: Jan 2 06:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0613953eb933f6da192e9e5028c22afd0362a6a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2f:d7:44:73:c5:cd:d0:02:b0:42:f9:73:a4:
7d:59:7e:98:a7:50:65:25:5f:90:65:6f:55:1a:fa:
17:fe:9d:4b:12:e4:20:3b:0d:b8:68:79:5c:db:42:
cc:dd:bf:70:d0:e4:d7:53:0f:fd:ed:c4:1a:da:f4:
ba:02:26:ab:8d:22:95:79:0b:0f:00:e4:42:d0:d4:
88:29:e3:18:d0:88:ef:57:fb:d1:8d:58:24:82:b6:
23:3a:97:7c:af:6b:92:81:c7:32:6d:78:e6:a8:da:
f0:8c:71:a2:02:a0:8e:be:ab:e3:89:11:75:fc:3d:
cc:92:20:9b:01:ea:c3:05:01:2d:5f:cc:e8:29:18:
5e:c9:ad:43:74:fe:1b:8f:3a:05:87:bb:64:13:be:
41:01:c7:68:68:63:62:91:fa:84:3a:1e:ff:41:18:
fc:46:0c:cc:42:e7:f0:ad:ae:1a:25:5f:46:98:6b:
53:f4:c1:c8:32:ed:7f:1e:37:59:3d:37:a6:53:9e:
7f:5e:cc:39:58:e0:f3:9d:90:01:53:12:17:3a:0e:
30:ed:af:ac:3f:d2:e0:cc:b9:97:4d:da:a6:8f:ea:
5d:f2:45:11:79:bb:99:34:36:1e:07:2a:a7:20:6a:
c3:50:f3:94:25:8e:55:ed:43:b9:f4:41:c8:da:03:
d5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:13:95:3E:B9:33:F6:DA:19:2E:9E:50:28:C2:2A:FD:03:62:A6:A6
X509v3 Authority Key Identifier:
keyid:D4:E4:F4:02:F7:7A:9D:68:A2:FF:4D:15:45:8A:24:A0:3D:CD:07:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OT0Avd6nWii_00VRYokoD3NB8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/d7d296-16b5-491d-958f-0f387a081db0/1/BhOVPrkz9toZLp5QKMIq_QNipqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/d7d296-16b5-491d-958f-0f387a081db0/1/1OT0Avd6nWii_00VRYokoD3NB8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.12.0/23
IPv6:
2001:678:5e4::/48
2a0a:f040::/29
Signature Algorithm: sha256WithRSAEncryption
2f:de:60:6f:07:66:40:1b:87:fd:f7:3e:67:38:97:2f:d3:25:
d6:5f:5b:1e:1a:26:c2:e9:71:40:69:59:98:6c:64:b3:bc:f3:
88:ee:1e:5a:5c:06:fd:64:8b:e8:02:0c:4d:f1:22:fc:c4:d3:
36:18:a6:2d:e6:05:45:32:64:8a:55:af:3f:66:91:cd:8e:22:
96:2b:86:23:2e:0f:70:39:e4:63:2a:0c:2a:97:82:b7:f3:8c:
56:1e:55:0d:41:8b:5f:f3:7a:da:3c:61:a2:df:a5:7a:31:a7:
da:8c:bf:62:24:f1:78:db:f8:d9:69:d3:b4:7d:16:d6:ab:af:
a4:c2:d6:1b:2f:db:a8:18:99:f0:74:6e:e2:2d:83:40:0e:5c:
99:85:86:45:72:47:26:b3:02:59:00:d0:10:cb:7d:d3:4d:b9:
30:21:30:a0:54:81:ae:b3:59:5f:6a:90:2f:2d:bf:41:38:0d:
cc:22:fe:37:00:13:94:35:da:2a:9b:e2:70:90:54:d8:4f:6b:
9c:3e:10:d1:84:8f:1d:f1:27:b3:3a:ee:06:b6:2d:91:e5:77:
13:88:95:66:db:aa:bd:e0:d1:fd:dd:b4:30:28:6a:97:09:d9:
0a:04:a7:be:bb:e9:cb:91:6b:98:34:8b:67:c4:67:a7:77:bc:
b9:af:4b:5c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzI3x8oTYWVrUVnObtmPhmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTRmNDAyZjc3YTlkNjhhMmZmNGQxNTQ1OGEyNGEwM2Rj
ZDA3YzcwHhcNMjQwMTAyMDYzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjEzOTUzZWI5MzNmNmRhMTkyZTllNTAyOGMyMmFmZDAzNjJhNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly/XRHPFzdACsEL5c6R9WX6Yp1Bl
JV+QZW9VGvoX/p1LEuQgOw24aHlc20LM3b9w0OTXUw/97cQa2vS6AiarjSKVeQsP
AORC0NSIKeMY0IjvV/vRjVgkgrYjOpd8r2uSgccybXjmqNrwjHGiAqCOvqvjiRF1
/D3MkiCbAerDBQEtX8zoKRheya1DdP4bjzoFh7tkE75BAcdoaGNikfqEOh7/QRj8
RgzMQufwra4aJV9GmGtT9MHIMu1/HjdZPTemU55/Xsw5WODznZABUxIXOg4w7a+s
P9LgzLmXTdqmj+pd8kURebuZNDYeByqnIGrDUPOUJY5V7UO59EHI2gPV7wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAYTlT65M/baGS6eUCjCKv0DYqamMB8GA1UdIwQY
MBaAFNTk9AL3ep1oov9NFUWKJKA9zQfHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9UMEF2ZDZuV2lpXzAwVlJZb2tvRDNOQjhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kN2QyOTYtMTZiNS00OTFkLTk1OGYt
MGYzODdhMDgxZGIwLzEvQmhPVlBya3o5dG9aTHA1UUtNSXFfUU5pcHFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9kN2QyOTYtMTZiNS00OTFkLTk1OGYtMGYzODdhMDgxZGIw
LzEvMU9UMEF2ZDZuV2lpXzAwVlJZb2tvRDNOQjhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQBucwMMBYE
AgACMBADBwAgAQZ4BeQDBQMqCvBAMA0GCSqGSIb3DQEBCwUAA4IBAQAv3mBvB2ZA
G4f99z5nOJcv0yXWX1seGibC6XFAaVmYbGSzvPOI7h5aXAb9ZIvoAgxN8SL8xNM2
GKYt5gVFMmSKVa8/ZpHNjiKWK4YjLg9wOeRjKgwql4K384xWHlUNQYtf83raPGGi
36V6MafajL9iJPF42/jZadO0fRbWq6+kwtYbL9uoGJnwdG7iLYNADlyZhYZFckcm
swJZANAQy33TTbkwITCgVIGus1lfapAvLb9BOA3MIv43ABOUNdoqm+JwkFTYT2uc
PhDRhI8d8SezOu4Gti2R5XcTiJVm26q94NH93bQwKGqXCdkKBKe+u+nLkWuYNItn
xGend7y5r0tc
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:58:34 2025 by rpki-client