Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/42fc92-1663-4688-a31d-cf6a63e4efb6/1/BhzUAWAmqJa_PA-L7yjY7FT9Af0.roa
File: BhzUAWAmqJa_PA-L7yjY7FT9Af0.roa (raw, json)
Hash identifier: MUBzsjqvQyVXx3qdpZLrInMDFQqgnqT5UakUiyluBrA=
Subject key identifier: 06:1C:D4:01:60:26:A8:96:BF:3C:0F:8B:EF:28:D8:EC:54:FD:01:FD
Certificate issuer: /CN=5dfb074d47b7e0bc891ed06ea8fc67e38ecf50a1
Certificate serial: 0194228E023ED9868BCFEBC9518CD47AA461
Authority key identifier: 5D:FB:07:4D:47:B7:E0:BC:89:1E:D0:6E:A8:FC:67:E3:8E:CF:50:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfsHTUe34LyJHtBuqPxn447PUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/42fc92-1663-4688-a31d-cf6a63e4efb6/1/BhzUAWAmqJa_PA-L7yjY7FT9Af0.roa
Signing time: Wed 01 Jan 2025 15:48:39 +0000
ROA not before: Wed 01 Jan 2025 15:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203437
IP address blocks: 193.218.8.0/22 maxlen: 22
194.77.185.0/24 maxlen: 24
194.105.40.0/21 maxlen: 21
2a02:db00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:02:3e:d9:86:8b:cf:eb:c9:51:8c:d4:7a:a4:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dfb074d47b7e0bc891ed06ea8fc67e38ecf50a1
Validity
Not Before: Jan 1 15:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=061cd4016026a896bf3c0f8bef28d8ec54fd01fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a4:3a:7d:bf:38:ed:d8:ae:0f:f9:b0:43:07:
ea:66:56:e3:f2:72:df:1a:51:d0:7a:b4:51:6b:4b:
76:bf:63:d2:56:55:a9:59:b7:e3:d3:b4:42:a6:6e:
c4:be:8a:77:45:27:b0:b2:2a:f2:10:58:63:fe:34:
5c:d7:99:ee:5a:87:6b:0d:31:d0:da:5f:ca:bc:58:
5a:a3:b2:a8:31:fb:4a:29:00:9b:17:98:b6:75:29:
96:4d:9b:da:19:86:e0:e1:66:b6:da:e4:ec:1c:bf:
bf:96:c8:4a:97:fd:13:c5:01:aa:11:b8:1e:bd:b6:
14:15:24:9d:50:b6:e8:39:51:2f:6a:18:3f:b7:3e:
20:bb:98:fa:03:6b:ef:b4:f2:ca:3e:27:a0:05:48:
17:db:d0:6e:25:1e:00:48:3c:53:65:e7:41:61:3a:
8f:26:2d:b4:5a:f8:52:bd:2e:67:aa:fe:8d:e9:7b:
33:9f:39:ed:f3:27:7c:74:e0:53:69:ef:e9:3e:65:
ae:5f:af:c6:55:f4:48:12:a1:f3:27:28:0a:69:74:
2a:6d:e8:7e:57:93:79:e8:5d:db:62:1e:67:56:8c:
ff:0c:b4:21:98:0d:c6:b0:6c:99:6b:34:68:47:c2:
0a:85:9b:0d:60:0e:68:0b:1b:87:dd:13:de:be:4c:
11:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:1C:D4:01:60:26:A8:96:BF:3C:0F:8B:EF:28:D8:EC:54:FD:01:FD
X509v3 Authority Key Identifier:
keyid:5D:FB:07:4D:47:B7:E0:BC:89:1E:D0:6E:A8:FC:67:E3:8E:CF:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfsHTUe34LyJHtBuqPxn447PUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/42fc92-1663-4688-a31d-cf6a63e4efb6/1/BhzUAWAmqJa_PA-L7yjY7FT9Af0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/42fc92-1663-4688-a31d-cf6a63e4efb6/1/XfsHTUe34LyJHtBuqPxn447PUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.8.0/22
194.77.185.0/24
194.105.40.0/21
IPv6:
2a02:db00::/29
Signature Algorithm: sha256WithRSAEncryption
52:06:6d:53:36:17:92:a0:38:5d:3a:5d:23:25:2f:c4:ff:cd:
41:e9:c4:9d:6c:0d:6f:f7:4d:06:9d:72:d0:ef:75:bc:14:34:
f9:5b:67:00:70:e4:a9:c2:20:fd:a8:92:4f:bf:3e:af:72:75:
b1:08:f6:b3:c3:45:54:ca:18:40:ab:66:0b:94:8d:f7:8a:26:
b4:d0:31:72:44:1f:05:35:21:f0:04:77:18:52:80:da:fc:64:
01:d7:9e:1b:29:1b:c0:26:c2:5e:c9:be:c5:5b:7e:fc:66:d6:
78:92:87:57:ba:4f:38:31:5f:80:d8:40:c5:ed:34:67:f2:54:
cb:bd:8f:75:fd:7d:cd:36:b2:54:45:be:41:6f:be:72:9b:24:
e2:fc:94:fd:91:b8:52:2b:6c:4f:02:0a:b7:cc:ae:00:45:31:
d3:b6:69:60:21:50:5b:14:58:2a:51:0f:88:06:53:de:13:24:
f9:d3:6f:61:24:76:50:3d:fe:5f:be:ba:8e:d1:41:ee:3d:b1:
cf:75:bd:c2:7a:90:4e:0b:f0:54:58:fc:26:d9:29:e6:b7:d2:
57:87:45:22:b1:e3:e1:26:a7:77:2c:ec:d7:56:ed:63:f6:c7:
f3:39:f1:96:2c:7d:20:d8:7f:79:60:e4:f0:76:35:0b:68:e0:
0c:08:65:d1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQijgI+2YaLz+vJUYzUeqRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmIwNzRkNDdiN2UwYmM4OTFlZDA2ZWE4ZmM2N2UzOGVj
ZjUwYTEwHhcNMjUwMTAxMTU0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjFjZDQwMTYwMjZhODk2YmYzYzBmOGJlZjI4ZDhlYzU0ZmQwMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6Q6fb847diuD/mwQwfqZlbj8nLf
GlHQerRRa0t2v2PSVlWpWbfj07RCpm7Evop3RSewsiryEFhj/jRc15nuWodrDTHQ
2l/KvFhao7KoMftKKQCbF5i2dSmWTZvaGYbg4Wa22uTsHL+/lshKl/0TxQGqEbge
vbYUFSSdULboOVEvahg/tz4gu5j6A2vvtPLKPiegBUgX29BuJR4ASDxTZedBYTqP
Ji20WvhSvS5nqv6N6Xsznznt8yd8dOBTae/pPmWuX6/GVfRIEqHzJygKaXQqbeh+
V5N56F3bYh5nVoz/DLQhmA3GsGyZazRoR8IKhZsNYA5oCxuH3RPevkwRfwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAYc1AFgJqiWvzwPi+8o2OxU/QH9MB8GA1UdIwQY
MBaAFF37B01Ht+C8iR7Qbqj8Z+OOz1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZzSFRVZTM0THlKSHRCdXFQeG40NDdQVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MmZjOTItMTY2My00Njg4LWEzMWQt
Y2Y2YTYzZTRlZmI2LzEvQmh6VUFXQW1xSmFfUEEtTDd5alk3RlQ5QWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MmZjOTItMTY2My00Njg4LWEzMWQtY2Y2YTYzZTRlZmI2
LzEvWGZzSFRVZTM0THlKSHRCdXFQeG40NDdQVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCwdoIAwQA
wk25AwQDwmkoMA0EAgACMAcDBQMqAtsAMA0GCSqGSIb3DQEBCwUAA4IBAQBSBm1T
NheSoDhdOl0jJS/E/81B6cSdbA1v900GnXLQ73W8FDT5W2cAcOSpwiD9qJJPvz6v
cnWxCPazw0VUyhhAq2YLlI33iia00DFyRB8FNSHwBHcYUoDa/GQB154bKRvAJsJe
yb7FW378ZtZ4kodXuk84MV+A2EDF7TRn8lTLvY91/X3NNrJURb5Bb75ymyTi/JT9
kbhSK2xPAgq3zK4ARTHTtmlgIVBbFFgqUQ+IBlPeEyT5029hJHZQPf5fvrqO0UHu
PbHPdb3CepBOC/BUWPwm2Snmt9JXh0UisePhJqd3LOzXVu1j9sfzOfGWLH0g2H95
YOTwdjULaOAMCGXR
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:39 2025 by rpki-client