Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/BZsV3WUe5qfyfFTNkT6nV77iHIs.roa
File: BZsV3WUe5qfyfFTNkT6nV77iHIs.roa (raw, json)
Hash identifier: eeskzF4muJZW832nRtA/Tf/llJRFv29undOkDxC5nlk=
Subject key identifier: 05:9B:15:DD:65:1E:E6:A7:F2:7C:54:CD:91:3E:A7:57:BE:E2:1C:8B
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019422FC093646831B05C7771A2E2AE61A3E
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/BZsV3WUe5qfyfFTNkT6nV77iHIs.roa
Signing time: Wed 01 Jan 2025 17:48:50 +0000
ROA not before: Wed 01 Jan 2025 17:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39690
IP address blocks: 45.86.16.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:09:36:46:83:1b:05:c7:77:1a:2e:2a:e6:1a:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 17:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=059b15dd651ee6a7f27c54cd913ea757bee21c8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0f:50:66:44:1f:6b:b2:fd:d5:5e:a7:77:eb:
0b:0e:10:42:2b:42:d4:cc:ab:ec:f9:ad:7b:9c:54:
08:96:4d:c0:6b:00:95:ae:cf:4b:95:0a:0e:6d:47:
48:4f:84:84:10:7d:6e:a3:60:27:c8:c6:77:b2:b6:
5b:4f:28:fc:87:eb:70:12:8e:0b:7f:43:96:64:33:
1f:e8:16:2f:09:66:9c:6e:e8:52:d2:7d:64:e2:a3:
60:9c:e2:73:64:b5:ef:1e:0c:76:13:f1:3b:77:5a:
2c:18:b8:43:3a:5d:91:ab:08:0e:99:6b:6d:67:25:
35:ba:6a:7e:8c:6b:8a:7e:41:7e:3f:22:56:56:f8:
8c:91:12:a8:6e:27:ae:18:fe:b4:d3:9e:95:d8:99:
70:de:04:48:a0:f8:19:7b:28:be:61:f5:40:01:e1:
65:17:6a:40:81:9f:20:94:34:86:e2:24:0f:d1:fa:
03:53:65:1d:09:e6:26:f2:18:82:b6:28:33:8c:5a:
41:b6:8e:44:79:61:35:72:fb:16:ec:d4:86:85:b8:
a8:ab:65:d5:d5:2b:a5:c8:5c:01:b4:ab:39:1b:db:
f1:3f:8f:d3:b8:ad:6d:c7:67:a2:8c:18:59:50:c1:
44:bc:ce:fd:a7:12:f2:66:ac:1b:87:74:b5:13:49:
ec:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:9B:15:DD:65:1E:E6:A7:F2:7C:54:CD:91:3E:A7:57:BE:E2:1C:8B
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/BZsV3WUe5qfyfFTNkT6nV77iHIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.16.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:f7:7f:d5:64:97:9b:fe:91:1c:b5:f7:99:a1:e2:ef:6b:75:
65:35:ad:b7:42:c0:ac:cb:06:31:43:2c:e8:78:76:c7:26:34:
e1:49:9a:6e:19:44:ce:9c:f6:40:3a:db:7c:cb:85:aa:ba:84:
f2:8e:a8:51:6d:9a:93:72:8b:e3:a1:89:a4:9b:76:0a:60:00:
e0:c8:7f:00:84:43:a0:2f:47:ac:67:7f:42:2e:05:75:a1:81:
f1:5b:a9:be:0a:42:66:94:f3:2d:27:a8:f1:05:eb:07:5a:00:
0a:6d:6a:8c:99:6f:30:6b:5f:c6:09:d6:0b:d0:62:89:3d:8e:
fc:26:63:12:7f:a8:a1:1e:df:d0:d9:a6:f3:52:7f:c4:66:39:
6a:61:44:c5:c3:0a:87:0c:8e:36:63:ed:2c:3c:9d:9c:69:52:
b1:65:51:f7:b0:7e:52:f1:8f:a6:f6:7d:99:ce:92:0f:20:6a:
eb:b2:cd:c9:6d:d8:7d:cd:d9:52:6b:0a:0a:af:33:4c:4d:04:
0f:44:64:9f:b7:e0:38:8d:25:84:12:c1:97:38:1b:3f:22:03:
c3:22:5f:6a:3d:a1:90:bf:75:63:72:58:15:e9:7f:80:a3:96:
a8:c9:4d:86:b4:79:10:5a:49:b6:12:38:fe:9d:ca:05:56:f8:
67:52:57:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/Ak2RoMbBcd3Gi4q5ho+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwMTAxMTc0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTliMTVkZDY1MWVlNmE3ZjI3YzU0Y2Q5MTNlYTc1N2JlZTIxYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsw9QZkQfa7L91V6nd+sLDhBCK0LU
zKvs+a17nFQIlk3AawCVrs9LlQoObUdIT4SEEH1uo2AnyMZ3srZbTyj8h+twEo4L
f0OWZDMf6BYvCWacbuhS0n1k4qNgnOJzZLXvHgx2E/E7d1osGLhDOl2RqwgOmWtt
ZyU1ump+jGuKfkF+PyJWVviMkRKobieuGP60056V2Jlw3gRIoPgZeyi+YfVAAeFl
F2pAgZ8glDSG4iQP0foDU2UdCeYm8hiCtigzjFpBto5EeWE1cvsW7NSGhbioq2XV
1SulyFwBtKs5G9vxP4/TuK1tx2eijBhZUMFEvM79pxLyZqwbh3S1E0nstQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAWbFd1lHuan8nxUzZE+p1e+4hyLMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvQlpzVjNXVWU1cWZ5ZkZUTmtUNm5WNzdpSElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLVYQMA0G
CSqGSIb3DQEBCwUAA4IBAQAt93/VZJeb/pEctfeZoeLva3VlNa23QsCsywYxQyzo
eHbHJjThSZpuGUTOnPZAOtt8y4WquoTyjqhRbZqTcovjoYmkm3YKYADgyH8AhEOg
L0esZ39CLgV1oYHxW6m+CkJmlPMtJ6jxBesHWgAKbWqMmW8wa1/GCdYL0GKJPY78
JmMSf6ihHt/Q2abzUn/EZjlqYUTFwwqHDI42Y+0sPJ2caVKxZVH3sH5S8Y+m9n2Z
zpIPIGrrss3Jbdh9zdlSawoKrzNMTQQPRGSft+A4jSWEEsGXOBs/IgPDIl9qPaGQ
v3VjclgV6X+Ao5aoyU2GtHkQWkm2Ejj+ncoFVvhnUldo
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:33:15 2025 by rpki-client