Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/BMnaeNS37mpSKfMIWskWpOK2_Qc.roa
File: BMnaeNS37mpSKfMIWskWpOK2_Qc.roa (raw, json)
Hash identifier: TNyxadSwxYBa91zf90YopMUe5EkJM97I/y0UTRtSCB0=
Subject key identifier: 04:C9:DA:78:D4:B7:EE:6A:52:29:F3:08:5A:C9:16:A4:E2:B6:FD:07
Certificate issuer: /CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Certificate serial: 0187CFAA5DBBA31E1897910921990D956EBA
Authority key identifier: 7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/BMnaeNS37mpSKfMIWskWpOK2_Qc.roa
Signing time: Sun 30 Apr 2023 00:57:41 +0000
ROA not before: Sun 30 Apr 2023 00:57:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142594
IP address blocks: 45.139.226.0/24 maxlen: 24
45.139.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:cf:aa:5d:bb:a3:1e:18:97:91:09:21:99:0d:95:6e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Validity
Not Before: Apr 30 00:57:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04c9da78d4b7ee6a5229f3085ac916a4e2b6fd07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f1:21:61:f2:63:b8:61:0b:40:3e:c5:13:2a:
63:d5:00:c8:00:de:52:0d:d7:75:a0:aa:06:2e:22:
03:50:d8:4f:71:42:ba:09:5f:7e:a8:83:0c:4d:85:
26:fa:dd:f7:66:51:a8:19:c4:09:a4:c2:3d:27:27:
21:e2:96:ba:6a:05:55:cb:6d:f3:03:9d:ac:02:a1:
e9:71:64:63:08:5b:b2:6e:3c:05:86:05:0d:93:db:
9f:e8:2c:de:04:21:5e:57:d6:59:e9:10:dd:be:65:
a3:8a:9b:1b:97:3d:3b:8b:06:e9:1d:54:2a:ad:fd:
f5:22:75:a4:23:f5:43:4d:86:1e:45:2f:b8:fb:df:
40:1f:ed:e1:86:30:a8:e9:a4:93:44:eb:f5:7d:f8:
0d:23:ee:13:72:b9:3f:40:e6:78:8b:46:f3:89:8d:
1e:b2:3b:c1:5c:b3:80:ad:84:7e:d9:dc:eb:9f:4e:
6b:c7:4a:cb:26:2f:9f:dc:26:0b:38:3e:79:7c:ab:
94:01:85:39:ff:29:fd:9b:10:6f:42:92:94:62:63:
e1:ee:da:ed:f7:7d:14:76:e0:40:99:0f:d9:72:14:
09:b3:30:0b:8c:e1:25:b6:0e:ee:e3:61:c6:d8:0f:
8d:ec:5f:60:b7:f8:ef:84:4e:0a:ed:3e:64:a5:ea:
3d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C9:DA:78:D4:B7:EE:6A:52:29:F3:08:5A:C9:16:A4:E2:B6:FD:07
X509v3 Authority Key Identifier:
keyid:7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/BMnaeNS37mpSKfMIWskWpOK2_Qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.226.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:6c:31:2a:95:a6:f4:fc:48:e7:f3:49:5c:1e:06:25:4f:75:
c6:f2:30:76:cb:c7:9b:8a:6d:66:ee:ef:2f:2e:70:ed:ff:48:
67:13:e6:ee:a4:f8:63:93:1a:4d:70:b4:07:2b:7c:35:a3:c1:
81:26:6d:5c:ec:d9:4e:43:2e:f7:4f:8e:7f:01:5b:37:25:39:
7d:8c:39:e5:bd:b3:d1:2c:7f:d0:18:3b:ed:e8:ff:7b:46:4a:
c8:3e:fe:63:30:95:31:67:05:cb:91:ec:9f:33:0c:7c:d1:b8:
74:01:39:66:fb:fd:70:c7:88:dd:c7:72:b7:ef:5d:5d:da:11:
dc:c8:fa:16:ba:2a:e0:ea:5b:85:93:ed:90:94:75:da:04:22:
c8:ca:a7:9c:98:df:e9:6f:c5:17:ab:55:b8:a4:18:b0:1a:81:
70:83:00:6d:6f:e8:6c:00:51:d2:84:b9:b3:2b:0c:49:5d:7a:
17:3c:af:ba:8b:dc:27:24:82:ab:4b:27:8b:1e:27:17:88:ba:
6f:d2:f0:fa:a4:9f:07:51:14:52:ba:11:e0:fb:40:c7:18:e7:
c2:59:50:fe:97:c5:03:76:3c:8d:e6:57:9f:3d:f5:e2:f6:79:
93:69:e8:45:fa:c8:de:69:0f:c9:b6:c0:f2:eb:4a:dd:30:53:
87:a4:a8:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfPql27ox4Yl5EJIZkNlW66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDRjMjVjMmY4YjQ3ZTVkYWY1MmQxYzRjNWE1MDk5OWRk
MGEwYTkwHhcNMjMwNDMwMDA1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGM5ZGE3OGQ0YjdlZTZhNTIyOWYzMDg1YWM5MTZhNGUyYjZmZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/EhYfJjuGELQD7FEypj1QDIAN5S
Ddd1oKoGLiIDUNhPcUK6CV9+qIMMTYUm+t33ZlGoGcQJpMI9Jych4pa6agVVy23z
A52sAqHpcWRjCFuybjwFhgUNk9uf6CzeBCFeV9ZZ6RDdvmWjipsblz07iwbpHVQq
rf31InWkI/VDTYYeRS+4+99AH+3hhjCo6aSTROv1ffgNI+4Tcrk/QOZ4i0bziY0e
sjvBXLOArYR+2dzrn05rx0rLJi+f3CYLOD55fKuUAYU5/yn9mxBvQpKUYmPh7trt
930UduBAmQ/ZchQJszALjOEltg7u42HG2A+N7F9gt/jvhE4K7T5kpeo9nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFATJ2njUt+5qUinzCFrJFqTitv0HMB8GA1UdIwQY
MBaAFH0Ewlwvi0fl2vUtHExaUJmd0KCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMt
ZTYzZTk0Y2JhMDlmLzEvQk1uYWVOUzM3bXBTS2ZNSVdza1dwT0syX1FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMtZTYzZTk0Y2JhMDlm
LzEvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYviMA0G
CSqGSIb3DQEBCwUAA4IBAQA8bDEqlab0/Ejn80lcHgYlT3XG8jB2y8ebim1m7u8v
LnDt/0hnE+bupPhjkxpNcLQHK3w1o8GBJm1c7NlOQy73T45/AVs3JTl9jDnlvbPR
LH/QGDvt6P97RkrIPv5jMJUxZwXLkeyfMwx80bh0ATlm+/1wx4jdx3K3711d2hHc
yPoWuirg6luFk+2QlHXaBCLIyqecmN/pb8UXq1W4pBiwGoFwgwBtb+hsAFHShLmz
KwxJXXoXPK+6i9wnJIKrSyeLHicXiLpv0vD6pJ8HURRSuhHg+0DHGOfCWVD+l8UD
djyN5lefPfXi9nmTaehF+sjeaQ/JtsDy60rdMFOHpKiy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:08 2025 by rpki-client