Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/BriG5n_d334rZ6dRB6OmkxalNXQ.roa
File: BriG5n_d334rZ6dRB6OmkxalNXQ.roa (raw, json)
Hash identifier: gR3OKMrFwiMtW4+rQqu+QkKInRaAYo99fA48hRcfRho=
Subject key identifier: 06:B8:86:E6:7F:DD:DF:7E:2B:67:A7:51:07:A3:A6:93:16:A5:35:74
Certificate issuer: /CN=412ac83a27ca8723c61b1446c3e678110c650689
Certificate serial: 019427B6194704DC53C209C724160BD2E3AA
Authority key identifier: 41:2A:C8:3A:27:CA:87:23:C6:1B:14:46:C3:E6:78:11:0C:65:06:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSrIOifKhyPGGxRGw-Z4EQxlBok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/BriG5n_d334rZ6dRB6OmkxalNXQ.roa
Signing time: Thu 02 Jan 2025 15:50:32 +0000
ROA not before: Thu 02 Jan 2025 15:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44207
IP address blocks: 193.111.108.0/22 maxlen: 22
193.111.112.0/23 maxlen: 23
194.9.168.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:19:47:04:dc:53:c2:09:c7:24:16:0b:d2:e3:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=412ac83a27ca8723c61b1446c3e678110c650689
Validity
Not Before: Jan 2 15:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06b886e67fdddf7e2b67a75107a3a69316a53574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:45:f1:40:57:50:4c:7f:54:b0:11:86:4e:1e:
c4:98:f9:2a:c3:43:70:f5:94:49:30:62:53:69:fa:
8c:0c:e0:bf:d2:8a:74:a5:4f:42:31:99:8d:e1:71:
51:93:d1:0a:24:bf:95:d4:06:5b:4b:fe:2e:4d:87:
61:40:85:8c:b1:fe:05:3c:50:44:96:ee:be:bb:ed:
8f:e8:07:02:70:89:b3:a2:9a:a4:6a:1d:43:74:7f:
14:b2:df:a3:e7:a4:3d:4b:fa:d0:06:d9:9f:29:d3:
39:12:f3:12:8e:b6:f6:57:fd:94:b2:82:d9:6a:d3:
b4:de:27:ad:31:51:fd:f3:86:6b:20:d1:3c:05:9c:
fd:08:f9:5c:6a:a0:e8:e9:a2:ce:2e:60:a3:3a:d3:
92:c2:45:39:e2:8c:88:a2:49:a9:5a:ed:6e:88:e2:
df:ae:06:6a:65:6c:6c:cd:a2:59:72:54:f4:64:ba:
d6:13:29:66:0f:85:1f:69:dc:ed:ea:e5:ed:a3:82:
e5:92:b1:8c:de:bd:b4:1b:19:d6:04:75:e8:ff:10:
ba:11:76:e2:27:58:2f:16:10:24:2d:47:9c:b9:6c:
80:94:e9:a9:83:68:bd:8a:8d:c6:bb:bb:6a:2a:34:
29:10:7a:3a:d0:8e:4f:99:18:ac:25:c9:76:2f:84:
32:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B8:86:E6:7F:DD:DF:7E:2B:67:A7:51:07:A3:A6:93:16:A5:35:74
X509v3 Authority Key Identifier:
keyid:41:2A:C8:3A:27:CA:87:23:C6:1B:14:46:C3:E6:78:11:0C:65:06:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSrIOifKhyPGGxRGw-Z4EQxlBok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/BriG5n_d334rZ6dRB6OmkxalNXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/QSrIOifKhyPGGxRGw-Z4EQxlBok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.108.0-193.111.113.255
194.9.168.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:fd:98:b7:67:9a:5f:d2:70:96:0d:77:34:10:0b:5e:04:c9:
8d:fd:62:78:a5:26:0a:dc:f1:ef:81:e7:b0:05:25:02:61:57:
75:00:bd:70:ac:f4:ec:26:86:7f:56:ee:6c:c8:28:6d:8c:9d:
4a:7b:25:59:6c:9a:9c:b3:93:5e:82:b5:fd:92:b1:da:1c:7d:
c1:dd:d4:11:1f:bf:45:77:4e:13:c2:c1:34:68:f3:51:e5:39:
d7:34:0c:be:ab:d9:1a:33:1c:b5:0d:b8:6c:01:45:9d:c8:27:
ad:7b:4f:4f:95:74:5d:58:0e:37:f8:1d:ab:8a:e8:c2:25:fc:
5c:ff:11:58:c6:dd:2c:ed:f0:ee:87:6b:21:35:83:69:ac:9c:
80:8a:18:5b:ae:e6:f2:61:ed:65:98:c7:00:01:17:26:03:8b:
f8:60:c6:1f:0c:7f:4e:ee:9e:47:8e:b4:2e:8b:09:8a:5c:68:
b5:33:51:d1:c8:ce:86:2b:ee:c8:9b:d9:11:56:7b:4c:ca:01:
fb:2d:80:9b:22:2b:66:23:12:4e:bb:c4:d9:59:85:9d:2e:38:
28:5e:e9:9b:a2:2e:84:ea:35:9f:6e:84:9e:3f:60:02:69:a1:
2d:30:18:72:01:2f:ea:60:c2:d1:45:b4:03:90:d8:ff:d9:e7:
22:cb:4e:78
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQnthlHBNxTwgnHJBYL0uOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMmFjODNhMjdjYTg3MjNjNjFiMTQ0NmMzZTY3ODExMGM2
NTA2ODkwHhcNMjUwMTAyMTU1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmI4ODZlNjdmZGRkZjdlMmI2N2E3NTEwN2EzYTY5MzE2YTUzNTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UXxQFdQTH9UsBGGTh7EmPkqw0Nw
9ZRJMGJTafqMDOC/0op0pU9CMZmN4XFRk9EKJL+V1AZbS/4uTYdhQIWMsf4FPFBE
lu6+u+2P6AcCcImzopqkah1DdH8Ust+j56Q9S/rQBtmfKdM5EvMSjrb2V/2UsoLZ
atO03ietMVH984ZrINE8BZz9CPlcaqDo6aLOLmCjOtOSwkU54oyIokmpWu1uiOLf
rgZqZWxszaJZclT0ZLrWEylmD4Ufadzt6uXto4LlkrGM3r20GxnWBHXo/xC6EXbi
J1gvFhAkLUecuWyAlOmpg2i9io3Gu7tqKjQpEHo60I5PmRisJcl2L4Qy1wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAa4huZ/3d9+K2enUQejppMWpTV0MB8GA1UdIwQY
MBaAFEEqyDonyocjxhsURsPmeBEMZQaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVNySU9pZktoeVBHR3hSR3ctWjRFUXhsQm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zMjFjMGQtMzY3MS00OTI3LTg5Mzct
MWY4NTZjMDkzYWU4LzEvQnJpRzVuX2QzMzRyWjZkUkI2T21reGFsTlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zMjFjMGQtMzY3MS00OTI3LTg5MzctMWY4NTZjMDkzYWU4
LzEvUVNySU9pZktoeVBHR3hSR3ctWjRFUXhsQm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBALBb2wD
BAHBb3ADBAHCCagwDQYJKoZIhvcNAQELBQADggEBACr9mLdnml/ScJYNdzQQC14E
yY39YnilJgrc8e+B57AFJQJhV3UAvXCs9Owmhn9W7mzIKG2MnUp7JVlsmpyzk16C
tf2SsdocfcHd1BEfv0V3ThPCwTRo81HlOdc0DL6r2RozHLUNuGwBRZ3IJ617T0+V
dF1YDjf4HauK6MIl/Fz/EVjG3Szt8O6HayE1g2msnICKGFuu5vJh7WWYxwABFyYD
i/hgxh8Mf07unkeOtC6LCYpcaLUzUdHIzoYr7sib2RFWe0zKAfstgJsiK2YjEk67
xNlZhZ0uOChe6ZuiLoTqNZ9uhJ4/YAJpoS0wGHIBL+pgwtFFtAOQ2P/Z5yLLTng=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:48 2025 by rpki-client