Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/bhkCmw6Utz1WDIi1a3ZQnDXW25w.roa
File: bhkCmw6Utz1WDIi1a3ZQnDXW25w.roa (raw, json)
Hash identifier: vuvSrc/xAi8bu4mOjDMbPo9yb6kp8ev2fK1dkeS76Yo=
Subject key identifier: 6E:19:02:9B:0E:94:B7:3D:56:0C:88:B5:6B:76:50:9C:35:D6:DB:9C
Certificate issuer: /CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Certificate serial: 019424B33163FD32AA29FDB01456C5F11D2F
Authority key identifier: DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/bhkCmw6Utz1WDIi1a3ZQnDXW25w.roa
Signing time: Thu 02 Jan 2025 01:48:30 +0000
ROA not before: Thu 02 Jan 2025 01:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35280
IP address blocks: 5.182.212.0/22 maxlen: 24
84.54.60.0/22 maxlen: 24
185.56.152.0/24 maxlen: 24
185.56.154.0/23 maxlen: 24
185.94.140.0/22 maxlen: 22
185.94.140.0/23 maxlen: 24
185.94.140.0/24 maxlen: 24
185.94.141.0/24 maxlen: 24
185.94.142.0/23 maxlen: 24
185.160.8.0/23 maxlen: 24
185.160.9.0/24 maxlen: 24
185.160.10.0/23 maxlen: 24
193.16.213.0/24 maxlen: 24
193.16.221.0/24 maxlen: 24
193.16.236.0/24 maxlen: 24
2a02:53a0::/32 maxlen: 32
2a05:f440::/29 maxlen: 48
2a07:b7c0::/29 maxlen: 29
2a09:4b00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:31:63:fd:32:aa:29:fd:b0:14:56:c5:f1:1d:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Validity
Not Before: Jan 2 01:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e19029b0e94b73d560c88b56b76509c35d6db9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cb:35:00:c3:5e:b8:95:4a:1f:a4:b5:b9:00:
66:2a:eb:f9:43:d4:7a:60:64:00:c2:56:0f:56:ea:
0a:12:08:b5:63:9c:e0:f0:dc:f0:49:12:ca:fb:ee:
2f:63:1f:f2:d4:5c:ab:0f:17:70:ed:5d:cb:16:b0:
fe:7c:9e:a1:18:1f:fd:91:de:92:86:82:7b:e4:ff:
12:f9:9e:aa:2a:8f:2c:f7:a4:2f:3a:4d:8a:41:b7:
99:cf:9c:fe:f3:3a:11:0e:52:4c:29:58:7d:ed:91:
77:d6:21:af:44:13:e9:f3:42:b7:9a:71:24:d3:6c:
07:c6:f5:ac:5d:ce:51:2b:47:0f:81:c3:f1:7b:74:
56:82:94:6f:20:2b:d7:f7:94:90:7b:b6:bd:71:10:
fe:64:7a:e5:54:b2:b5:22:8f:8c:93:0b:e2:79:da:
09:61:48:35:22:c1:3e:7f:21:3f:65:0c:98:f0:a8:
4a:f6:c9:bb:92:bd:d1:9e:a3:e7:ea:45:54:a0:56:
6b:af:d0:7a:08:bb:24:dc:34:7f:0c:95:96:8d:8d:
34:8b:f3:9d:67:fd:dd:f7:86:14:b2:5b:17:1f:cd:
d5:6a:c6:96:44:aa:d8:00:96:ba:8f:43:9f:2f:f0:
c8:99:32:8d:71:62:86:23:48:a8:32:55:05:8b:5e:
b5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:19:02:9B:0E:94:B7:3D:56:0C:88:B5:6B:76:50:9C:35:D6:DB:9C
X509v3 Authority Key Identifier:
keyid:DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/bhkCmw6Utz1WDIi1a3ZQnDXW25w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.212.0/22
84.54.60.0/22
185.56.152.0/24
185.56.154.0/23
185.94.140.0/22
185.160.8.0/22
193.16.213.0/24
193.16.221.0/24
193.16.236.0/24
IPv6:
2a02:53a0::/32
2a05:f440::/29
2a07:b7c0::/29
2a09:4b00::/32
Signature Algorithm: sha256WithRSAEncryption
a8:36:4a:fd:af:82:6b:33:f8:73:2d:75:e3:1c:56:cd:ca:6e:
6e:1b:e6:13:47:ef:04:9a:3a:ab:f9:cc:ce:ac:e9:82:ba:60:
61:7a:76:84:a2:92:0b:9a:e0:94:79:0f:50:08:ff:58:40:a9:
70:e3:df:01:6b:5d:52:bb:57:ef:6c:50:d1:71:5c:fa:45:11:
8f:23:92:1a:82:c3:01:9e:5c:71:7c:d0:40:23:79:dc:c7:d9:
c4:47:3f:93:37:3f:48:0f:f0:56:3a:2b:79:db:1a:ba:d1:7f:
5a:49:c5:fa:c3:87:18:d5:10:f4:a9:23:7f:c8:e9:2f:12:84:
65:1d:c3:5f:3c:66:de:3c:0a:9d:c1:b4:e7:b0:dc:19:9e:81:
09:13:1f:2c:3b:1a:8c:db:05:93:37:67:e8:9e:e7:92:a0:bc:
7a:6b:27:1b:1b:11:b8:e8:8d:b6:68:40:f4:75:1e:6a:69:65:
1b:e3:63:5c:d2:d2:c4:8b:58:64:53:d4:9c:f8:a0:2d:53:e2:
b5:a3:e5:77:01:c3:d7:d5:99:c2:c9:b1:78:52:fe:89:de:87:
42:ac:ff:81:09:f8:39:8d:4c:ac:b1:3b:e1:21:10:b9:96:4d:
1e:f5:fa:0e:8e:99:6f:e0:cc:6e:bb:bc:8d:56:06:82:99:6e:
2c:4e:98:f2
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZQkszFj/TKqKf2wFFbF8R0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOWM2NzI5ZTFlODk4OTk4NGRkODAyZDFhOTBlODljZTJm
ZTM3M2MwHhcNMjUwMTAyMDE0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTE5MDI5YjBlOTRiNzNkNTYwYzg4YjU2Yjc2NTA5YzM1ZDZkYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycs1AMNeuJVKH6S1uQBmKuv5Q9R6
YGQAwlYPVuoKEgi1Y5zg8NzwSRLK++4vYx/y1FyrDxdw7V3LFrD+fJ6hGB/9kd6S
hoJ75P8S+Z6qKo8s96QvOk2KQbeZz5z+8zoRDlJMKVh97ZF31iGvRBPp80K3mnEk
02wHxvWsXc5RK0cPgcPxe3RWgpRvICvX95SQe7a9cRD+ZHrlVLK1Io+MkwviedoJ
YUg1IsE+fyE/ZQyY8KhK9sm7kr3RnqPn6kVUoFZrr9B6CLsk3DR/DJWWjY00i/Od
Z/3d94YUslsXH83VasaWRKrYAJa6j0OfL/DImTKNcWKGI0ioMlUFi161AQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFG4ZApsOlLc9VgyItWt2UJw11tucMB8GA1UdIwQY
MBaAFNqcZynh6JiZhN2ALRqQ6Jzi/jc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQt
NjljNjhlMmVmMjdkLzEvYmhrQ213NlV0ejFXRElpMWEzWlFuRFhXMjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQtNjljNjhlMmVmMjdk
LzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjA8BAIAATA2AwQCBbbUAwQC
VDY8AwQAuTiYAwQBuTiaAwQCuV6MAwQCuaAIAwQAwRDVAwQAwRDdAwQAwRDsMCIE
AgACMBwDBQAqAlOgAwUDKgX0QAMFAyoHt8ADBQAqCUsAMA0GCSqGSIb3DQEBCwUA
A4IBAQCoNkr9r4JrM/hzLXXjHFbNym5uG+YTR+8Emjqr+czOrOmCumBhenaEopIL
muCUeQ9QCP9YQKlw498Ba11Su1fvbFDRcVz6RRGPI5IagsMBnlxxfNBAI3ncx9nE
Rz+TNz9ID/BWOit52xq60X9aScX6w4cY1RD0qSN/yOkvEoRlHcNfPGbePAqdwbTn
sNwZnoEJEx8sOxqM2wWTN2fonueSoLx6aycbGxG46I22aED0dR5qaWUb42Nc0tLE
i1hkU9Sc+KAtU+K1o+V3AcPX1ZnCybF4Uv6J3odCrP+BCfg5jUyssTvhIRC5lk0e
9foOjplv4Mxuu7yNVgaCmW4sTpjy
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:47:47 2025 by rpki-client