Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/bnbXE0LB2sJ-3xPp9gl0zqeYVdg.roa
File: bnbXE0LB2sJ-3xPp9gl0zqeYVdg.roa (raw, json)
Hash identifier: lXm2LQ5WwZ2z7IUjIQHsBfFUMjbDD822KeQ1jjdetK4=
Subject key identifier: 6E:76:D7:13:42:C1:DA:C2:7E:DF:13:E9:F6:09:74:CE:A7:98:55:D8
Certificate issuer: /CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
Certificate serial: 01856F9DAEB953AF629101E41CED26291F0F
Authority key identifier: 4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/bnbXE0LB2sJ-3xPp9gl0zqeYVdg.roa
Signing time: Sun 01 Jan 2023 23:14:42 +0000
ROA not before: Sun 01 Jan 2023 23:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24995
IP address blocks: 185.194.188.0/22 maxlen: 24
193.201.60.0/22 maxlen: 24
94.199.160.0/22 maxlen: 22
94.199.160.0/21 maxlen: 24
2a02:680::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:ae:b9:53:af:62:91:01:e4:1c:ed:26:29:1f:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
Validity
Not Before: Jan 1 23:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e76d71342c1dac27edf13e9f60974cea79855d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:15:b5:14:7c:1e:36:4a:9e:76:40:2a:1f:ae:
4f:38:23:19:5a:18:66:62:c7:5d:42:88:63:d8:b0:
e2:0e:02:9c:05:ce:aa:96:67:77:46:17:92:20:c3:
02:3d:86:60:cf:a0:47:da:d2:e5:24:ae:d0:de:da:
61:20:db:ae:03:c7:6e:e5:16:a4:00:93:9a:6b:80:
cf:64:4a:dd:43:2b:82:fa:87:73:03:96:23:59:eb:
1b:2e:03:b0:8f:ab:c5:d0:f4:09:58:a4:72:4b:46:
c1:93:8c:5b:ac:46:c5:43:ac:84:90:79:61:94:21:
f4:47:6f:b9:24:cc:55:61:0e:c1:39:6b:59:3d:4c:
02:64:43:e2:23:63:ae:d9:7f:0c:54:ad:84:f9:64:
bc:87:50:df:3f:f1:23:62:b0:f4:70:7e:d2:27:93:
db:da:ee:03:75:34:21:85:85:46:4c:c7:49:d3:d3:
0c:d5:50:41:c0:ed:7c:25:55:14:94:eb:60:32:77:
21:28:fd:3f:36:8f:ec:a8:e6:26:95:a1:65:01:94:
62:ac:08:47:9d:ad:4a:76:64:b2:cd:66:cf:bc:9a:
e7:20:38:d0:cb:b4:bc:80:7d:ae:03:e0:4d:7a:bd:
17:8b:14:e8:06:ca:29:61:74:d1:f7:18:b3:95:09:
c7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:76:D7:13:42:C1:DA:C2:7E:DF:13:E9:F6:09:74:CE:A7:98:55:D8
X509v3 Authority Key Identifier:
keyid:4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/bnbXE0LB2sJ-3xPp9gl0zqeYVdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.160.0/21
185.194.188.0/22
193.201.60.0/22
IPv6:
2a02:680::/36
Signature Algorithm: sha256WithRSAEncryption
af:7d:18:3e:51:cc:75:91:71:bc:e2:de:88:6c:2e:90:17:f3:
f0:3f:6b:e4:a3:92:eb:99:61:54:18:dd:56:2b:ab:41:b3:35:
e6:f7:32:1c:dc:c3:57:e4:af:00:6f:25:2c:70:08:60:d0:9b:
b7:03:d5:94:81:69:c5:9f:60:4a:55:07:3d:38:c3:c0:d5:77:
f2:eb:66:57:bd:a8:74:d0:f5:5b:85:9f:01:6f:18:2f:83:3b:
ba:e1:ee:57:04:87:52:bd:6a:ce:eb:8b:e5:3d:ea:bc:0d:08:
25:ed:a1:72:f7:bd:d4:ef:7e:f7:22:95:a9:38:e6:b0:df:2f:
08:bc:f1:0f:14:f7:bf:c6:a5:be:7f:79:9c:30:7e:70:9f:ee:
df:72:e4:01:80:93:26:c9:37:e4:ed:04:c5:be:44:18:bb:dd:
f6:45:9d:19:fd:7f:15:4b:16:9b:8d:11:4b:94:a4:80:1f:8d:
d0:c2:62:cc:d6:56:68:d3:6c:01:f2:3b:40:ba:8d:6c:1c:79:
90:ff:10:54:da:6d:20:f6:e8:23:be:41:e9:5c:68:5b:37:14:
f6:e9:8f:4f:28:e0:bd:2e:4e:e9:74:46:94:9e:b2:07:01:f8:
9a:fc:ac:de:f9:c8:b2:46:dd:7a:d3:8e:45:c9:4c:54:8b:f8:
75:49:fa:0c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVvna65U69ikQHkHO0mKR8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTExMzI0ZTg2OWJjNGNhNWVjOGJhZDBkM2RkZmY2ODU0
NDE5NzkwHhcNMjMwMTAxMjMxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTc2ZDcxMzQyYzFkYWMyN2VkZjEzZTlmNjA5NzRjZWE3OTg1NWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBW1FHweNkqedkAqH65POCMZWhhm
YsddQohj2LDiDgKcBc6qlmd3RheSIMMCPYZgz6BH2tLlJK7Q3tphINuuA8du5Rak
AJOaa4DPZErdQyuC+odzA5YjWesbLgOwj6vF0PQJWKRyS0bBk4xbrEbFQ6yEkHlh
lCH0R2+5JMxVYQ7BOWtZPUwCZEPiI2Ou2X8MVK2E+WS8h1DfP/EjYrD0cH7SJ5Pb
2u4DdTQhhYVGTMdJ09MM1VBBwO18JVUUlOtgMnchKP0/No/sqOYmlaFlAZRirAhH
na1KdmSyzWbPvJrnIDjQy7S8gH2uA+BNer0XixToBsopYXTR9xizlQnHBQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFG521xNCwdrCft8T6fYJdM6nmFXYMB8GA1UdIwQY
MBaAFEyREyToabxMpeyLrQ093/aFRBl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUt
YjdkMWNhYzUxZTBjLzEvYm5iWEUwTEIyc0otM3hQcDlnbDB6cWVZVmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUtYjdkMWNhYzUxZTBj
LzEvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQDXsegAwQC
ucK8AwQCwck8MA4EAgACMAgDBgQqAgaAADANBgkqhkiG9w0BAQsFAAOCAQEAr30Y
PlHMdZFxvOLeiGwukBfz8D9r5KOS65lhVBjdViurQbM15vcyHNzDV+SvAG8lLHAI
YNCbtwPVlIFpxZ9gSlUHPTjDwNV38utmV72odND1W4WfAW8YL4M7uuHuVwSHUr1q
zuuL5T3qvA0IJe2hcve91O9+9yKVqTjmsN8vCLzxDxT3v8alvn95nDB+cJ/u33Lk
AYCTJsk35O0Exb5EGLvd9kWdGf1/FUsWm40RS5SkgB+N0MJizNZWaNNsAfI7QLqN
bBx5kP8QVNptIPboI75B6VxoWzcU9umPTyjgvS5O6XRGlJ6yBwH4mvys3vnIskbd
etOORclMVIv4dUn6DA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:47:26 2025 by rpki-client