Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/BplJia-ZoczvfY3zyCLH397GSxk.roa
File: BplJia-ZoczvfY3zyCLH397GSxk.roa (raw, json)
Hash identifier: e9cG/rJRiI+U3b0pwm32vawpsLaml3Pfe4vct+/L0kM=
Subject key identifier: 06:99:49:89:AF:99:A1:CC:EF:7D:8D:F3:C8:22:C7:DF:DE:C6:4B:19
Certificate issuer: /CN=c089423af1be03027196d1f81df22992978cda6e
Certificate serial: 018757978B93FD41B6968723E1E54F57D296
Authority key identifier: C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/BplJia-ZoczvfY3zyCLH397GSxk.roa
Signing time: Thu 06 Apr 2023 17:22:42 +0000
ROA not before: Thu 06 Apr 2023 17:22:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213220
IP address blocks: 185.245.42.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:97:8b:93:fd:41:b6:96:87:23:e1:e5:4f:57:d2:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c089423af1be03027196d1f81df22992978cda6e
Validity
Not Before: Apr 6 17:22:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06994989af99a1ccef7d8df3c822c7dfdec64b19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6b:e6:4a:ba:d5:68:23:84:96:4e:74:d9:6b:
96:18:d2:f9:fb:31:d1:9b:13:ab:22:3d:63:59:68:
25:2d:9c:96:72:30:98:08:c4:ab:82:33:15:2f:2d:
62:f9:8c:3d:da:cc:e8:fb:e0:47:97:30:d6:c3:46:
f0:41:1d:37:df:71:2b:f6:ca:08:5f:33:46:7f:64:
7c:bb:39:99:07:98:a0:de:66:78:eb:99:d3:87:ff:
b1:5c:13:63:02:a2:4f:0b:ce:39:fb:ef:ee:dc:14:
c6:dd:e9:bb:bc:0a:95:8f:a7:12:83:36:63:0c:c0:
1f:f2:e0:37:0a:d0:84:7a:42:48:9f:ff:57:68:d2:
ea:4f:e8:c8:bd:67:ad:d0:a1:45:95:18:ff:2e:24:
11:c8:ad:21:94:2e:45:4a:a1:99:f1:05:d1:e4:e8:
67:77:d2:f9:61:34:01:b9:55:53:85:2b:d9:44:83:
e6:23:b3:74:40:dc:19:e2:44:ae:44:d9:17:51:07:
02:61:69:f1:ff:5a:9c:a7:ba:79:29:08:d0:3a:b3:
65:7a:56:f1:a7:8d:12:56:19:33:1e:c5:7f:1d:c9:
cc:6b:1d:00:d6:f5:4a:fe:0b:f8:71:f6:11:72:74:
df:91:79:5a:fd:99:46:74:7b:4e:94:10:13:25:93:
2b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:99:49:89:AF:99:A1:CC:EF:7D:8D:F3:C8:22:C7:DF:DE:C6:4B:19
X509v3 Authority Key Identifier:
keyid:C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/BplJia-ZoczvfY3zyCLH397GSxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.42.0/23
Signature Algorithm: sha256WithRSAEncryption
47:e3:52:fe:d3:01:96:53:48:f7:40:7a:19:31:cf:18:44:f1:
eb:49:c2:3e:ee:10:aa:8c:c9:56:3b:5c:29:ca:05:87:20:cc:
80:e8:91:ac:6d:7d:73:57:65:cc:ea:7f:ee:11:c6:2c:f2:17:
df:d2:77:fb:11:b4:cc:56:0d:cc:8d:85:73:04:5f:96:16:13:
e3:2a:75:98:e5:58:c9:7f:f8:bf:0c:d1:68:77:d6:06:d9:08:
6b:14:e3:9a:d0:c5:d4:8c:c4:4e:72:50:b9:72:12:8c:33:d5:
bc:67:02:30:2e:ef:57:91:cd:ca:3c:90:cf:f4:0b:fd:7c:c6:
4d:05:c0:e0:6c:18:49:0f:0e:22:6c:0b:61:35:5f:4b:63:6f:
37:fd:47:77:08:a3:64:58:c0:65:35:7f:9d:bc:37:dc:dc:6a:
fe:f0:89:4b:87:ec:60:42:45:1c:de:9e:16:42:21:2b:5d:b9:
78:c2:d3:60:c5:d1:2e:64:39:02:dc:53:3b:9c:fa:95:f1:25:
7a:e8:e6:a1:62:9c:98:cc:83:9c:1c:1f:33:6a:19:4f:66:74:
97:ae:8b:f6:02:93:b9:ba:bd:26:3f:a7:d8:6f:79:d6:23:fb:
fb:8e:e6:34:a9:69:26:37:e3:4b:09:ef:f5:61:ca:1f:e9:4e:
5e:4a:47:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdXl4uT/UG2locj4eVPV9KWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODk0MjNhZjFiZTAzMDI3MTk2ZDFmODFkZjIyOTkyOTc4
Y2RhNmUwHhcNMjMwNDA2MTcyMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjk5NDk4OWFmOTlhMWNjZWY3ZDhkZjNjODIyYzdkZmRlYzY0YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2vmSrrVaCOElk502WuWGNL5+zHR
mxOrIj1jWWglLZyWcjCYCMSrgjMVLy1i+Yw92szo++BHlzDWw0bwQR0333Er9soI
XzNGf2R8uzmZB5ig3mZ465nTh/+xXBNjAqJPC845++/u3BTG3em7vAqVj6cSgzZj
DMAf8uA3CtCEekJIn/9XaNLqT+jIvWet0KFFlRj/LiQRyK0hlC5FSqGZ8QXR5Ohn
d9L5YTQBuVVThSvZRIPmI7N0QNwZ4kSuRNkXUQcCYWnx/1qcp7p5KQjQOrNlelbx
p40SVhkzHsV/HcnMax0A1vVK/gv4cfYRcnTfkXla/ZlGdHtOlBATJZMr9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAaZSYmvmaHM732N88gix9/exksZMB8GA1UdIwQY
MBaAFMCJQjrxvgMCcZbR+B3yKZKXjNpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgt
NjUzMzJiNDdmNWViLzEvQnBsSmlhLVpvY3p2ZlkzenlDTEgzOTdHU3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgtNjUzMzJiNDdmNWVi
LzEvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufUqMA0G
CSqGSIb3DQEBCwUAA4IBAQBH41L+0wGWU0j3QHoZMc8YRPHrScI+7hCqjMlWO1wp
ygWHIMyA6JGsbX1zV2XM6n/uEcYs8hff0nf7EbTMVg3MjYVzBF+WFhPjKnWY5VjJ
f/i/DNFod9YG2QhrFOOa0MXUjMROclC5chKMM9W8ZwIwLu9Xkc3KPJDP9Av9fMZN
BcDgbBhJDw4ibAthNV9LY283/Ud3CKNkWMBlNX+dvDfc3Gr+8IlLh+xgQkUc3p4W
QiErXbl4wtNgxdEuZDkC3FM7nPqV8SV66OahYpyYzIOcHB8zahlPZnSXrov2ApO5
ur0mP6fYb3nWI/v7juY0qWkmN+NLCe/1Ycof6U5eSkcs
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:23 2025 by rpki-client