Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/bwa5iKVoMD_FsLqvtHF_bhXzpL4.roa
File: bwa5iKVoMD_FsLqvtHF_bhXzpL4.roa (raw, json)
Hash identifier: 5b2KQY/m1ET2Mc5q/koCmeqGs5gcn1FYFiiyrXt7lGQ=
Subject key identifier: 6F:06:B9:88:A5:68:30:3F:C5:B0:BA:AF:B4:71:7F:6E:15:F3:A4:BE
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 0191BED12397BCECF188390C9A158713F32A
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/bwa5iKVoMD_FsLqvtHF_bhXzpL4.roa
Signing time: Wed 04 Sep 2024 20:54:22 +0000
ROA not before: Wed 04 Sep 2024 20:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 94.137.78.0/24 maxlen: 24
94.137.79.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:be:d1:23:97:bc:ec:f1:88:39:0c:9a:15:87:13:f3:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Sep 4 20:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f06b988a568303fc5b0baafb4717f6e15f3a4be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:86:fd:f4:4a:d7:79:0c:44:3a:fa:76:bc:07:
6c:d2:24:0d:c4:23:f1:61:77:ea:83:71:69:5b:de:
4d:1b:b7:e3:53:80:57:71:7e:41:db:02:55:28:e2:
c2:a9:eb:d9:59:23:51:7b:2a:5b:1f:c9:f9:27:42:
c7:c4:11:f4:b3:fb:2a:9d:be:d2:92:be:e9:e1:a0:
16:d5:c4:91:97:36:c1:ae:9b:23:ae:93:4e:cf:9d:
a8:e6:f5:bb:85:56:a7:e5:6f:64:06:5a:50:1e:4b:
ff:d2:bf:aa:e5:d9:d4:8c:7b:28:7a:0c:b4:97:8a:
94:5e:01:84:c2:5b:f2:75:53:86:79:8b:f1:31:a1:
40:c1:4f:db:2b:47:1b:90:62:b0:6e:4c:c4:ba:67:
76:d6:42:18:7c:3b:7c:19:07:cf:7e:71:60:e1:2e:
bf:0d:4a:1d:4a:87:fb:00:14:6c:f6:aa:41:1b:ec:
72:6b:02:3d:51:6c:70:a4:bc:ca:df:5d:76:41:0b:
81:58:e7:6c:94:98:03:f0:24:01:96:7d:1d:18:58:
f4:89:21:5b:cc:00:4f:d6:c7:22:f5:df:8b:8d:98:
09:33:81:cf:89:b8:73:a7:bc:34:99:a9:56:c3:1f:
23:aa:2c:cd:53:0e:1e:8c:b0:48:1b:fe:ae:9a:3b:
29:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:06:B9:88:A5:68:30:3F:C5:B0:BA:AF:B4:71:7F:6E:15:F3:A4:BE
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/bwa5iKVoMD_FsLqvtHF_bhXzpL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.137.78.0/23
94.137.90.0/23
Signature Algorithm: sha256WithRSAEncryption
22:2f:6b:0b:c7:ee:78:9e:85:98:d3:7f:9c:5f:e1:b0:52:37:
bb:78:43:a4:63:95:15:f4:3c:64:07:b7:ed:18:cb:22:20:97:
b6:95:2b:a2:4d:46:5a:23:d3:9a:ef:27:b5:60:d5:ff:23:7a:
b1:73:62:28:5d:98:a5:72:1d:d0:48:3f:b1:35:a8:2a:35:d4:
bc:2b:8d:42:1c:0a:ee:c8:c0:6e:a9:a7:69:df:72:ed:43:95:
cc:8f:25:93:21:94:e8:1d:5b:77:7f:ec:28:32:2a:01:21:e2:
a5:37:e2:54:fa:59:ad:a8:2e:57:15:0a:47:cb:d5:9d:8a:7a:
86:ea:61:55:39:07:11:88:40:3d:ab:cd:9c:7a:d7:5d:39:da:
a3:4c:16:13:09:ff:cd:77:eb:8f:d2:c5:b6:5c:f4:b6:15:c6:
88:3c:13:ac:d8:63:f1:44:e0:8c:a2:b3:4d:3e:1c:98:cf:d0:
9f:bc:d7:46:a6:0d:0d:55:4e:44:e4:7f:19:39:62:ae:9f:10:
ca:60:52:77:47:3e:53:02:c6:4c:16:94:65:44:10:c0:2a:30:
f7:17:d0:39:5e:32:f9:df:0c:0b:4b:a3:58:be:f2:3d:79:98:
55:a6:39:d9:86:e8:4a:b1:0e:f8:dd:be:33:81:77:bd:c7:70:
51:2e:bd:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZG+0SOXvOzxiDkMmhWHE/MqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjQwOTA0MjA1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjA2Yjk4OGE1NjgzMDNmYzViMGJhYWZiNDcxN2Y2ZTE1ZjNhNGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtob99ErXeQxEOvp2vAds0iQNxCPx
YXfqg3FpW95NG7fjU4BXcX5B2wJVKOLCqevZWSNReypbH8n5J0LHxBH0s/sqnb7S
kr7p4aAW1cSRlzbBrpsjrpNOz52o5vW7hVan5W9kBlpQHkv/0r+q5dnUjHsoegy0
l4qUXgGEwlvydVOGeYvxMaFAwU/bK0cbkGKwbkzEumd21kIYfDt8GQfPfnFg4S6/
DUodSof7ABRs9qpBG+xyawI9UWxwpLzK3112QQuBWOdslJgD8CQBln0dGFj0iSFb
zABP1sci9d+LjZgJM4HPibhzp7w0malWwx8jqizNUw4ejLBIG/6umjspsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG8GuYilaDA/xbC6r7Rxf24V86S+MB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEvYndhNWlLVm9NRF9Gc0xxdnRIRl9iaFh6cEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXolOAwQB
XolaMA0GCSqGSIb3DQEBCwUAA4IBAQAiL2sLx+54noWY03+cX+GwUje7eEOkY5UV
9DxkB7ftGMsiIJe2lSuiTUZaI9Oa7ye1YNX/I3qxc2IoXZilch3QSD+xNagqNdS8
K41CHAruyMBuqadp33LtQ5XMjyWTIZToHVt3f+woMioBIeKlN+JU+lmtqC5XFQpH
y9WdinqG6mFVOQcRiEA9q82cetddOdqjTBYTCf/Nd+uP0sW2XPS2FcaIPBOs2GPx
ROCMorNNPhyYz9CfvNdGpg0NVU5E5H8ZOWKunxDKYFJ3Rz5TAsZMFpRlRBDAKjD3
F9A5XjL53wwLS6NYvvI9eZhVpjnZhuhKsQ743b4zgXe9x3BRLr3Q
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:05 2025 by rpki-client