Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/bkcA--0WNiYiBUFLVWCc6rt9t-I.roa
File: bkcA--0WNiYiBUFLVWCc6rt9t-I.roa (raw, json)
Hash identifier: +NP1bJN82cg71E6eu7sVvNdzRPe5pdFkKCFMqojWink=
Subject key identifier: 6E:47:00:FB:ED:16:36:26:22:05:41:4B:55:60:9C:EA:BB:7D:B7:E2
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018FB566782826C6BF3C53E760625826139B
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/bkcA--0WNiYiBUFLVWCc6rt9t-I.roa
Signing time: Sun 26 May 2024 14:55:42 +0000
ROA not before: Sun 26 May 2024 14:55:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.128.248.0/22 maxlen: 24
95.82.0.0/20 maxlen: 20
109.111.32.0/20 maxlen: 24
176.221.16.0/21 maxlen: 21
176.221.24.0/22 maxlen: 24
176.221.26.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b5:66:78:28:26:c6:bf:3c:53:e7:60:62:58:26:13:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: May 26 14:55:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e4700fbed1636262205414b55609ceabb7db7e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:60:7b:ef:04:2e:fd:70:d2:64:e5:4f:da:58:
97:87:40:3f:58:cb:58:10:1d:5b:de:55:f3:38:92:
50:9d:c0:22:17:09:9a:ce:5f:b2:81:3e:96:9c:68:
f2:e8:c2:fc:23:c0:cd:ee:63:f7:de:a9:ac:e6:5d:
e0:71:1e:40:f0:6b:2f:a9:04:81:7f:35:f7:87:73:
58:e2:b7:1f:dd:e6:4e:32:b3:3a:df:63:77:de:4e:
32:05:92:bb:6b:ce:b1:65:38:4b:7a:a8:f8:dc:cd:
fd:91:70:7c:b8:ce:7d:c3:88:73:b8:69:ec:10:84:
fb:1a:04:19:85:a7:b9:3a:8a:40:95:12:bc:0d:4f:
ea:93:9c:7e:ab:16:79:cb:b7:ea:2e:04:88:e7:49:
01:da:aa:18:86:3f:c0:10:8b:1f:9c:48:95:33:8b:
cc:1f:48:70:8f:41:cc:1a:c1:5c:71:5e:b8:9d:1f:
e5:0a:f4:0f:6d:b6:46:1d:46:99:36:7d:70:c7:ae:
d4:6d:4f:91:f9:9b:83:79:51:48:b8:d8:94:83:dc:
ee:e7:16:03:a8:49:88:96:b7:03:f8:93:b0:3c:83:
5c:5d:25:c0:6c:c0:fc:94:17:c0:ab:64:39:f1:2f:
71:d6:5a:46:f0:f7:b8:65:69:e9:cb:34:ec:65:f4:
5c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:47:00:FB:ED:16:36:26:22:05:41:4B:55:60:9C:EA:BB:7D:B7:E2
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/bkcA--0WNiYiBUFLVWCc6rt9t-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
95.82.0.0/20
109.111.32.0/20
176.221.16.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
81:e7:56:7e:dc:e7:f5:f1:72:6e:f2:15:0b:0a:ca:1f:1a:69:
49:ea:90:74:95:2e:9e:63:67:77:55:74:b4:c2:7f:b5:8f:74:
14:fe:25:e1:8e:59:3d:c2:be:e9:4c:15:fe:53:79:50:29:68:
ba:19:a9:c3:22:a2:1a:a4:54:78:49:ce:c3:ae:64:fb:97:a5:
4d:a6:3c:47:cc:06:cc:ae:44:be:ee:50:ac:cd:ee:e1:94:db:
ff:cd:52:b8:25:93:c1:a1:58:17:fb:c5:04:42:5d:92:c2:36:
d4:9d:4d:d8:6e:c9:5f:40:d2:e5:ec:1a:28:06:38:3e:99:ab:
cd:8a:5b:cd:01:2d:28:32:f1:a8:5c:31:6f:7d:2e:1b:c2:4f:
b9:21:49:db:31:31:0a:10:8a:1b:8d:c1:f8:7d:a8:4f:7b:f0:
44:c6:a4:83:df:ce:67:19:6a:13:5a:32:ed:f9:bf:d4:2a:ff:
4d:41:6e:21:f3:9e:85:23:52:cd:28:93:29:3e:f4:e8:6e:8e:
a6:68:12:1e:9e:40:81:fd:4b:d1:f7:07:ea:8e:21:0f:2e:16:
2e:ec:da:fe:07:43:5a:eb:e3:2f:2f:7d:f9:b3:7d:d3:ee:4a:
59:85:40:7b:5b:0b:ec:7c:91:a2:0c:09:76:3b:5b:fd:fd:ed:
5d:6b:d6:1c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY+1ZngoJsa/PFPnYGJYJhObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNTI2MTQ1NTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQ3MDBmYmVkMTYzNjI2MjIwNTQxNGI1NTYwOWNlYWJiN2RiN2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGB77wQu/XDSZOVP2liXh0A/WMtY
EB1b3lXzOJJQncAiFwmazl+ygT6WnGjy6ML8I8DN7mP33qms5l3gcR5A8GsvqQSB
fzX3h3NY4rcf3eZOMrM632N33k4yBZK7a86xZThLeqj43M39kXB8uM59w4hzuGns
EIT7GgQZhae5OopAlRK8DU/qk5x+qxZ5y7fqLgSI50kB2qoYhj/AEIsfnEiVM4vM
H0hwj0HMGsFccV64nR/lCvQPbbZGHUaZNn1wx67UbU+R+ZuDeVFIuNiUg9zu5xYD
qEmIlrcD+JOwPINcXSXAbMD8lBfAq2Q58S9x1lpG8Pe4ZWnpyzTsZfRcvQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFG5HAPvtFjYmIgVBS1VgnOq7fbfiMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvYmtjQS0tMFdOaVlpQlVGTFZXQ2M2cnQ5dC1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCJYD4AwQE
X1IAAwQEbW8gMAwDBASw3RADBAKw3RgwDQYJKoZIhvcNAQELBQADggEBAIHnVn7c
5/Xxcm7yFQsKyh8aaUnqkHSVLp5jZ3dVdLTCf7WPdBT+JeGOWT3CvulMFf5TeVAp
aLoZqcMiohqkVHhJzsOuZPuXpU2mPEfMBsyuRL7uUKzN7uGU2//NUrglk8GhWBf7
xQRCXZLCNtSdTdhuyV9A0uXsGigGOD6Zq82KW80BLSgy8ahcMW99LhvCT7khSdsx
MQoQihuNwfh9qE978ETGpIPfzmcZahNaMu35v9Qq/01BbiHznoUjUs0okyk+9Ohu
jqZoEh6eQIH9S9H3B+qOIQ8uFi7s2v4HQ1rr4y8vffmzfdPuSlmFQHtbC+x8kaIM
CXY7W/397V1r1hw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:59 2025 by rpki-client