Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/bAjDorqsH0l1Z5y5sLAQ1L3oxPI.roa
File: bAjDorqsH0l1Z5y5sLAQ1L3oxPI.roa (raw, json)
Hash identifier: hy33S2WmDHWhsVWNOD45uiD/OAwJxK2zH5rOVfuPuyk=
Subject key identifier: 6C:08:C3:A2:BA:AC:1F:49:75:67:9C:B9:B0:B0:10:D4:BD:E8:C4:F2
Certificate issuer: /CN=3b3daef89306a75f0b88191440742a720afb3f20
Certificate serial: 019421B198DADCEA0F965107235EA0D9E355
Authority key identifier: 3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/bAjDorqsH0l1Z5y5sLAQ1L3oxPI.roa
Signing time: Wed 01 Jan 2025 11:47:54 +0000
ROA not before: Wed 01 Jan 2025 11:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.1.218.0/24 maxlen: 24
193.201.28.0/23 maxlen: 23
2001:7f8:10::/48 maxlen: 48
2001:7f8:10::/64 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:98:da:dc:ea:0f:96:51:07:23:5e:a0:d9:e3:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b3daef89306a75f0b88191440742a720afb3f20
Validity
Not Before: Jan 1 11:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c08c3a2baac1f4975679cb9b0b010d4bde8c4f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9f:b6:93:c8:23:a0:27:fe:9c:32:f5:f3:e0:
2f:ff:e2:d9:ae:9b:62:b8:ab:e0:cf:05:b7:5c:11:
c9:f5:14:4b:10:bc:43:79:eb:47:17:e6:7d:4d:07:
6e:1b:f4:a9:8c:8b:f1:d1:a9:fe:80:f5:9f:ff:6b:
0a:4c:e4:77:65:02:d1:cd:79:96:4f:2a:cb:34:b1:
25:de:e7:d5:17:8a:df:db:dd:69:86:46:ad:1c:b7:
14:6b:3c:6d:5f:03:b6:fb:eb:c3:56:3a:7f:03:12:
ee:d3:1d:dc:83:e4:93:ed:d0:a5:02:ee:e6:7d:a7:
a0:e4:eb:40:d3:94:72:c6:01:95:53:cd:15:42:f4:
2b:a0:f0:26:cc:32:93:ce:20:ed:b8:90:18:fb:f7:
16:63:28:71:b0:93:8c:12:fe:b9:bd:04:7d:12:d9:
a4:70:d2:a0:a3:1f:ab:6f:b1:09:a9:20:97:aa:22:
6c:50:06:92:41:06:b9:d5:e7:0e:b8:df:db:d9:ea:
c8:20:76:84:61:87:f0:1a:f1:25:05:ea:b2:05:90:
ae:b7:85:98:64:a7:7c:ba:4f:d0:75:cb:da:af:66:
26:40:98:1a:0a:c0:09:5e:ee:cc:23:c6:f2:14:8c:
bd:e1:c9:1a:69:85:5f:e3:17:2c:b0:fc:b7:64:d4:
e2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:08:C3:A2:BA:AC:1F:49:75:67:9C:B9:B0:B0:10:D4:BD:E8:C4:F2
X509v3 Authority Key Identifier:
keyid:3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/bAjDorqsH0l1Z5y5sLAQ1L3oxPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/Oz2u-JMGp18LiBkUQHQqcgr7PyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.218.0/24
193.201.28.0/23
IPv6:
2001:7f8:10::/48
Signature Algorithm: sha256WithRSAEncryption
53:ef:5d:b9:dd:ce:6c:8f:67:e1:d4:02:9e:fa:10:02:97:cc:
16:47:54:50:b4:8d:73:b3:d8:9e:82:86:c9:b0:c0:15:9f:6b:
45:96:9c:fd:02:ff:72:13:7c:c5:5f:da:b0:82:9f:28:d0:1a:
27:2d:f6:fd:a9:95:6b:c1:fd:65:30:55:31:2f:98:54:be:ff:
2f:53:19:ab:f7:d6:b2:c9:fd:fb:02:d4:dc:df:bb:5e:57:27:
2c:a3:1b:d0:0b:6d:5c:0d:63:36:36:83:3c:68:06:4c:1b:c9:
61:4b:0c:de:11:0f:d0:96:e2:72:7b:da:f0:17:8c:b8:59:34:
f0:64:91:2e:8b:cc:39:32:c0:33:e1:16:11:a4:ff:b7:2c:bc:
05:19:b7:7b:c9:83:54:8a:b1:eb:ec:b9:ac:8d:58:e2:51:67:
81:de:b5:eb:8e:db:df:8a:b4:58:dd:ba:db:dd:e3:4f:76:ec:
9b:1b:d8:9a:d6:c3:07:17:f9:95:25:dd:f4:44:97:d0:15:5f:
26:fc:07:10:2a:9e:63:0d:59:87:29:a3:0b:0d:59:46:7a:75:
52:96:3c:c3:f0:84:eb:27:0a:1b:19:84:67:b1:c2:24:e0:ca:
2c:e9:81:53:af:c8:a6:6e:27:10:77:b7:30:a7:d2:22:5d:fd:
97:dd:40:f8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQhsZja3OoPllEHI16g2eNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiM2RhZWY4OTMwNmE3NWYwYjg4MTkxNDQwNzQyYTcyMGFm
YjNmMjAwHhcNMjUwMTAxMTE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzA4YzNhMmJhYWMxZjQ5NzU2NzljYjliMGIwMTBkNGJkZThjNGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnp+2k8gjoCf+nDL18+Av/+LZrpti
uKvgzwW3XBHJ9RRLELxDeetHF+Z9TQduG/SpjIvx0an+gPWf/2sKTOR3ZQLRzXmW
TyrLNLEl3ufVF4rf291phkatHLcUazxtXwO2++vDVjp/AxLu0x3cg+ST7dClAu7m
faeg5OtA05RyxgGVU80VQvQroPAmzDKTziDtuJAY+/cWYyhxsJOMEv65vQR9Etmk
cNKgox+rb7EJqSCXqiJsUAaSQQa51ecOuN/b2erIIHaEYYfwGvElBeqyBZCut4WY
ZKd8uk/Qdcvar2YmQJgaCsAJXu7MI8byFIy94ckaaYVf4xcssPy3ZNTi0QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGwIw6K6rB9JdWecubCwENS96MTyMB8GA1UdIwQY
MBaAFDs9rviTBqdfC4gZFEB0KnIK+z8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3oydS1KTUdwMThMaUJrVVFIUXFjZ3I3UHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9mMTUwYjEtNDNiOS00OTExLWEwMDUt
YWFjYWQ4NmM2MTdkLzEvYkFqRG9ycXNIMGwxWjV5NXNMQVExTDNveFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9mMTUwYjEtNDNiOS00OTExLWEwMDUtYWFjYWQ4NmM2MTdk
LzEvT3oydS1KTUdwMThMaUJrVVFIUXFjZ3I3UHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuQHaAwQB
wckcMA8EAgACMAkDBwAgAQf4ABAwDQYJKoZIhvcNAQELBQADggEBAFPvXbndzmyP
Z+HUAp76EAKXzBZHVFC0jXOz2J6ChsmwwBWfa0WWnP0C/3ITfMVf2rCCnyjQGict
9v2plWvB/WUwVTEvmFS+/y9TGav31rLJ/fsC1Nzfu15XJyyjG9ALbVwNYzY2gzxo
BkwbyWFLDN4RD9CW4nJ72vAXjLhZNPBkkS6LzDkywDPhFhGk/7csvAUZt3vJg1SK
sevsuayNWOJRZ4HeteuO29+KtFjdutvd40927Jsb2JrWwwcX+ZUl3fREl9AVXyb8
BxAqnmMNWYcpowsNWUZ6dVKWPMPwhOsnChsZhGexwiTgyizpgVOvyKZuJxB3tzCn
0iJd/ZfdQPg=
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:26:51 2025 by rpki-client