Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/1d7b0c-2251-4dd3-8690-52874611cd21/1/BcOVvuTPDGO0_pL0GbcBWO1VZhM.roa
File: BcOVvuTPDGO0_pL0GbcBWO1VZhM.roa (raw, json)
Hash identifier: 7+ASLxZPu0A91rGfBxu8JIyIDtUrfljYYLKOifrTTzQ=
Subject key identifier: 05:C3:95:BE:E4:CF:0C:63:B4:FE:92:F4:19:B7:01:58:ED:55:66:13
Certificate issuer: /CN=b93d4908d9c43a85f85be19334a26f5d51350bcb
Certificate serial: 019499BE33A17A4D3290DE5CB280997F8421
Authority key identifier: B9:3D:49:08:D9:C4:3A:85:F8:5B:E1:93:34:A2:6F:5D:51:35:0B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uT1JCNnEOoX4W-GTNKJvXVE1C8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/1d7b0c-2251-4dd3-8690-52874611cd21/1/BcOVvuTPDGO0_pL0GbcBWO1VZhM.roa
Signing time: Fri 24 Jan 2025 19:16:06 +0000
ROA not before: Fri 24 Jan 2025 19:16:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 45.89.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:99:be:33:a1:7a:4d:32:90:de:5c:b2:80:99:7f:84:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93d4908d9c43a85f85be19334a26f5d51350bcb
Validity
Not Before: Jan 24 19:16:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05c395bee4cf0c63b4fe92f419b70158ed556613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:45:5c:d1:5c:7b:99:2d:7e:8b:4a:8e:64:c5:
6e:d8:4d:be:04:74:44:cb:b3:4f:a7:ee:ce:9b:7d:
4b:84:c2:3c:bb:36:bd:3a:ff:9f:fc:7e:56:0c:0d:
dd:55:3c:cf:60:b8:09:a7:b2:f4:9b:be:16:8a:28:
7d:7a:73:d0:96:be:27:d0:25:38:f3:59:08:4d:e7:
b2:4c:82:a5:fd:aa:f2:02:97:cc:a4:9e:91:e0:f7:
a3:48:45:ed:33:cc:e6:9e:9c:f2:35:e0:23:68:1e:
ad:86:2c:83:5b:7f:fb:b0:2f:25:1b:dc:1a:1d:c6:
0c:7a:79:4b:6c:82:5d:d7:ea:48:33:43:59:ce:dc:
5b:3c:0a:77:ed:96:d0:f6:95:1f:f6:2c:6d:8d:df:
2b:9f:72:29:3e:15:7d:8e:12:27:18:85:54:89:6e:
85:57:44:6f:ca:3f:98:a2:9a:31:c8:c0:e0:3c:62:
6c:d4:c6:e0:83:f7:f7:b5:7c:13:58:c2:0b:fa:6a:
0c:e5:aa:59:1c:98:75:09:87:6a:21:92:89:44:3a:
4e:87:20:ac:cd:af:c2:2c:a0:7f:2d:bf:3d:b6:51:
13:c1:58:89:70:aa:ac:e8:f2:dd:33:b2:2f:14:52:
be:43:b8:05:4b:5f:68:8f:92:34:42:59:37:df:29:
de:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C3:95:BE:E4:CF:0C:63:B4:FE:92:F4:19:B7:01:58:ED:55:66:13
X509v3 Authority Key Identifier:
keyid:B9:3D:49:08:D9:C4:3A:85:F8:5B:E1:93:34:A2:6F:5D:51:35:0B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uT1JCNnEOoX4W-GTNKJvXVE1C8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/1d7b0c-2251-4dd3-8690-52874611cd21/1/BcOVvuTPDGO0_pL0GbcBWO1VZhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/1d7b0c-2251-4dd3-8690-52874611cd21/1/uT1JCNnEOoX4W-GTNKJvXVE1C8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.223.0/24
Signature Algorithm: sha256WithRSAEncryption
04:b1:9a:2b:58:29:da:41:78:83:37:99:c4:a6:c0:6e:56:b3:
66:c8:cd:e0:a9:ad:80:30:68:92:4f:3e:09:98:b8:f0:82:ca:
97:9c:1f:28:9d:e9:31:fb:17:42:48:f3:07:42:a5:8d:9d:65:
26:89:e9:9e:81:c4:93:35:52:21:3e:d4:f5:e5:d9:ee:a4:33:
12:de:09:48:2a:0c:3a:ed:af:45:bb:58:77:a8:bf:6b:0d:1a:
4a:71:25:35:9f:d8:92:af:aa:09:37:69:6d:e8:db:b0:b2:57:
3f:67:0d:cf:af:25:cd:ba:bb:e6:69:3e:94:7f:e6:1b:fd:ff:
e6:aa:ff:43:e0:e8:02:33:8b:f7:5a:6c:a4:0e:f7:42:73:f8:
ae:65:51:2a:4f:ac:85:83:61:6f:cd:74:69:96:45:23:bb:9f:
9b:ef:ae:b7:57:81:b4:07:05:d6:80:99:17:de:21:c3:1f:50:
51:c8:6e:cf:a2:60:fb:ed:ef:0c:0c:20:27:5e:76:a7:2f:da:
bd:67:f0:13:3d:06:43:24:d9:5e:df:af:22:7a:58:a2:f6:93:
bc:f7:49:4a:ae:8e:41:07:3a:3d:35:a8:d4:3c:dd:09:ee:1c:
89:2d:26:e4:34:30:58:87:5e:44:56:83:43:58:fe:7c:53:22:
b6:14:d5:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSZvjOhek0ykN5csoCZf4QhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5M2Q0OTA4ZDljNDNhODVmODViZTE5MzM0YTI2ZjVkNTEz
NTBiY2IwHhcNMjUwMTI0MTkxNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWMzOTViZWU0Y2YwYzYzYjRmZTkyZjQxOWI3MDE1OGVkNTU2NjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kVc0Vx7mS1+i0qOZMVu2E2+BHRE
y7NPp+7Om31LhMI8uza9Ov+f/H5WDA3dVTzPYLgJp7L0m74Wiih9enPQlr4n0CU4
81kITeeyTIKl/aryApfMpJ6R4PejSEXtM8zmnpzyNeAjaB6thiyDW3/7sC8lG9wa
HcYMenlLbIJd1+pIM0NZztxbPAp37ZbQ9pUf9ixtjd8rn3IpPhV9jhInGIVUiW6F
V0Rvyj+YopoxyMDgPGJs1Mbgg/f3tXwTWMIL+moM5apZHJh1CYdqIZKJRDpOhyCs
za/CLKB/Lb89tlETwViJcKqs6PLdM7IvFFK+Q7gFS19oj5I0Qlk33ynerwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXDlb7kzwxjtP6S9Bm3AVjtVWYTMB8GA1UdIwQY
MBaAFLk9SQjZxDqF+FvhkzSib11RNQvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVQxSkNObkVPb1g0Vy1HVE5LSnZYVkUxQzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8xZDdiMGMtMjI1MS00ZGQzLTg2OTAt
NTI4NzQ2MTFjZDIxLzEvQmNPVnZ1VFBER08wX3BMMEdiY0JXTzFWWmhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8xZDdiMGMtMjI1MS00ZGQzLTg2OTAtNTI4NzQ2MTFjZDIx
LzEvdVQxSkNObkVPb1g0Vy1HVE5LSnZYVkUxQzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVnfMA0G
CSqGSIb3DQEBCwUAA4IBAQAEsZorWCnaQXiDN5nEpsBuVrNmyM3gqa2AMGiSTz4J
mLjwgsqXnB8onekx+xdCSPMHQqWNnWUmiemegcSTNVIhPtT15dnupDMS3glIKgw6
7a9Fu1h3qL9rDRpKcSU1n9iSr6oJN2lt6Nuwslc/Zw3PryXNurvmaT6Uf+Yb/f/m
qv9D4OgCM4v3WmykDvdCc/iuZVEqT6yFg2FvzXRplkUju5+b7663V4G0BwXWgJkX
3iHDH1BRyG7PomD77e8MDCAnXnanL9q9Z/ATPQZDJNle368ielii9pO890lKro5B
Bzo9NajUPN0J7hyJLSbkNDBYh15EVoNDWP58UyK2FNU2
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:49:59 2025 by rpki-client