Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/BXJ7UivZREqfV3oE_cto5-RbCwU.roa
File: BXJ7UivZREqfV3oE_cto5-RbCwU.roa (raw, json)
Hash identifier: H5O0TywJPldSIFgMKfugAhkIQ7kPwBy5/c6iSkGttag=
Subject key identifier: 05:72:7B:52:2B:D9:44:4A:9F:57:7A:04:FD:CB:68:E7:E4:5B:0B:05
Certificate issuer: /CN=477f4b6ec4347157c4d13ef0e7abe1290a0bf57c
Certificate serial: 019420D63535D7B7B001E914646BBD765845
Authority key identifier: 47:7F:4B:6E:C4:34:71:57:C4:D1:3E:F0:E7:AB:E1:29:0A:0B:F5:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R39LbsQ0cVfE0T7w56vhKQoL9Xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/BXJ7UivZREqfV3oE_cto5-RbCwU.roa
Signing time: Wed 01 Jan 2025 07:48:16 +0000
ROA not before: Wed 01 Jan 2025 07:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34087
IP address blocks: 84.16.192.0/19 maxlen: 19
84.52.192.0/18 maxlen: 18
84.52.224.0/19 maxlen: 19
85.89.0.0/19 maxlen: 19
89.151.192.0/19 maxlen: 19
89.151.224.0/19 maxlen: 19
94.246.0.0/18 maxlen: 18
148.252.64.0/18 maxlen: 18
148.252.64.0/19 maxlen: 19
148.252.96.0/19 maxlen: 19
152.65.0.0/19 maxlen: 19
152.65.32.0/19 maxlen: 19
152.65.64.0/19 maxlen: 19
152.65.96.0/19 maxlen: 19
178.164.0.0/17 maxlen: 17
178.164.0.0/19 maxlen: 19
178.164.32.0/19 maxlen: 19
178.164.64.0/19 maxlen: 19
178.164.96.0/19 maxlen: 19
185.161.56.0/22 maxlen: 22
185.161.56.0/23 maxlen: 23
217.168.80.0/20 maxlen: 20
2a01:560::/29 maxlen: 29
2a01:560::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:35:35:d7:b7:b0:01:e9:14:64:6b:bd:76:58:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=477f4b6ec4347157c4d13ef0e7abe1290a0bf57c
Validity
Not Before: Jan 1 07:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05727b522bd9444a9f577a04fdcb68e7e45b0b05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b4:2b:29:2e:d3:be:93:65:93:b4:09:bc:0a:
92:82:cd:c0:36:83:d3:17:b4:a8:69:a2:f8:c2:9d:
99:78:7c:3c:66:7b:80:f0:2a:d2:0c:f4:0c:f5:2e:
2e:ba:2f:15:7f:f5:7f:a0:dd:e8:5c:34:00:e5:6f:
a1:ff:4b:15:a5:ca:b2:c3:b9:27:a9:2f:69:e7:53:
3f:14:30:1f:8c:5c:09:65:38:59:f4:3a:4f:76:91:
9d:b5:b7:80:ee:e6:e2:2d:8c:c3:b2:da:52:31:bc:
49:53:b4:30:d8:d5:ed:ff:51:a9:c1:b8:63:8c:aa:
62:43:04:b2:31:75:1c:bf:13:d3:6c:c3:ae:1a:fe:
5d:b9:3c:8b:2a:38:c3:57:8c:4e:d9:76:cf:94:95:
d2:f9:cd:20:b0:a9:25:d0:2c:84:dc:8e:b1:f5:9f:
17:b2:1f:36:dd:c0:75:98:85:1e:9a:11:08:c4:e1:
85:8b:0c:41:6e:36:d8:56:3a:e8:6d:ec:d4:3d:57:
9e:ba:80:5c:22:70:00:94:ae:89:55:6c:8b:12:cd:
cd:f1:41:70:f7:67:e8:67:32:55:1c:fa:d4:4a:da:
ef:ad:51:60:bd:16:ea:22:01:05:19:75:12:bf:c6:
a2:60:fd:bc:61:26:64:89:3e:a0:3f:a3:e4:73:e2:
1e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:72:7B:52:2B:D9:44:4A:9F:57:7A:04:FD:CB:68:E7:E4:5B:0B:05
X509v3 Authority Key Identifier:
keyid:47:7F:4B:6E:C4:34:71:57:C4:D1:3E:F0:E7:AB:E1:29:0A:0B:F5:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R39LbsQ0cVfE0T7w56vhKQoL9Xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/BXJ7UivZREqfV3oE_cto5-RbCwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/R39LbsQ0cVfE0T7w56vhKQoL9Xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.16.192.0/19
84.52.192.0/18
85.89.0.0/19
89.151.192.0/18
94.246.0.0/18
148.252.64.0/18
152.65.0.0/17
178.164.0.0/17
185.161.56.0/22
217.168.80.0/20
IPv6:
2a01:560::/29
Signature Algorithm: sha256WithRSAEncryption
22:f7:ff:eb:e8:ae:fd:83:e0:57:75:6f:34:dd:12:f0:94:e1:
80:ed:ea:09:09:27:9c:dd:09:0e:3b:c3:18:8d:8a:eb:08:26:
c0:01:03:43:86:75:1b:2f:1e:ad:1e:9d:01:77:17:8e:ea:ac:
b7:2d:f4:d5:00:5a:47:67:e0:46:42:b5:73:c9:b7:cd:d5:d5:
13:02:e4:d8:ee:b9:8f:00:7b:d4:dc:d0:a0:84:bc:5a:25:7c:
4d:cc:76:17:ef:1b:d5:b8:98:47:87:fc:97:f5:91:4b:9a:c6:
7b:df:b6:fd:c1:61:33:20:a5:bd:56:21:d4:94:93:2e:89:18:
c2:3e:23:69:3e:4d:f8:5d:15:ef:87:2e:38:ce:f1:07:ff:65:
a9:c2:ab:75:df:40:f7:17:4a:ed:52:a1:2f:f2:20:49:13:23:
b9:7e:da:eb:ef:3d:5f:26:f7:22:8e:58:b2:bb:1a:6d:53:78:
30:93:d7:42:1e:9b:35:70:6d:5d:81:bd:ca:58:28:20:23:af:
b9:93:d0:6f:23:a4:d9:2b:bd:20:83:a0:dc:ae:eb:dc:54:2f:
1d:54:e4:77:97:60:7a:11:f7:09:cf:b8:c0:33:f8:0e:cc:69:
59:aa:8e:23:70:00:8b:41:7b:5c:64:5d:a7:c5:f7:46:03:73:
75:64:a3:2e
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZQg1jU117ewAekUZGu9dlhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3N2Y0YjZlYzQzNDcxNTdjNGQxM2VmMGU3YWJlMTI5MGEw
YmY1N2MwHhcNMjUwMTAxMDc0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTcyN2I1MjJiZDk0NDRhOWY1NzdhMDRmZGNiNjhlN2U0NWIwYjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7QrKS7TvpNlk7QJvAqSgs3ANoPT
F7SoaaL4wp2ZeHw8ZnuA8CrSDPQM9S4uui8Vf/V/oN3oXDQA5W+h/0sVpcqyw7kn
qS9p51M/FDAfjFwJZThZ9DpPdpGdtbeA7ubiLYzDstpSMbxJU7Qw2NXt/1Gpwbhj
jKpiQwSyMXUcvxPTbMOuGv5duTyLKjjDV4xO2XbPlJXS+c0gsKkl0CyE3I6x9Z8X
sh823cB1mIUemhEIxOGFiwxBbjbYVjrobezUPVeeuoBcInAAlK6JVWyLEs3N8UFw
92foZzJVHPrUStrvrVFgvRbqIgEFGXUSv8aiYP28YSZkiT6gP6Pkc+Ie9QIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFAVye1Ir2URKn1d6BP3LaOfkWwsFMB8GA1UdIwQY
MBaAFEd/S27ENHFXxNE+8Oer4SkKC/V8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjM5TGJzUTBjVmZFMFQ3dzU2dmhLUW9MOVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zOTNlMTYtODk4ZS00NWQ4LTlkNzIt
ZDhiZDI1MGI2NGY5LzEvQlhKN1VpdlpSRXFmVjNvRV9jdG81LVJiQ3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zOTNlMTYtODk4ZS00NWQ4LTlkNzItZDhiZDI1MGI2NGY5
LzEvUjM5TGJzUTBjVmZFMFQ3dzU2dmhLUW9MOVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQFVBDAAwQG
VDTAAwQFVVkAAwQGWZfAAwQGXvYAAwQGlPxAAwQHmEEAAwQHsqQAAwQCuaE4AwQE
2ahQMA0EAgACMAcDBQMqAQVgMA0GCSqGSIb3DQEBCwUAA4IBAQAi9//r6K79g+BX
dW803RLwlOGA7eoJCSec3QkOO8MYjYrrCCbAAQNDhnUbLx6tHp0BdxeO6qy3LfTV
AFpHZ+BGQrVzybfN1dUTAuTY7rmPAHvU3NCghLxaJXxNzHYX7xvVuJhHh/yX9ZFL
msZ737b9wWEzIKW9ViHUlJMuiRjCPiNpPk34XRXvhy44zvEH/2Wpwqt130D3F0rt
UqEv8iBJEyO5ftrr7z1fJvcijliyuxptU3gwk9dCHps1cG1dgb3KWCggI6+5k9Bv
I6TZK70gg6DcruvcVC8dVOR3l2B6EfcJz7jAM/gOzGlZqo4jcACLQXtcZF2nxfdG
A3N1ZKMu
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:53:01 2025 by rpki-client