Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/BhPcXGYnux6Htrr0geNPo2dWGdU.roa
File: BhPcXGYnux6Htrr0geNPo2dWGdU.roa (raw, json)
Hash identifier: PTzfPxeNLPc/h/6D3ZpRk3JrHog5IaXB8oZUZl5iIcI=
Subject key identifier: 06:13:DC:5C:66:27:BB:1E:87:B6:BA:F4:81:E3:4F:A3:67:56:19:D5
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 0194258F7E202B0444F819781922B35451FE
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/BhPcXGYnux6Htrr0geNPo2dWGdU.roa
Signing time: Thu 02 Jan 2025 05:49:08 +0000
ROA not before: Thu 02 Jan 2025 05:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20562
IP address blocks: 82.150.150.0/24 maxlen: 24
82.150.151.0/24 maxlen: 24
82.150.153.0/24 maxlen: 24
82.150.154.0/24 maxlen: 24
82.150.155.0/24 maxlen: 24
82.150.156.0/24 maxlen: 24
82.150.157.0/24 maxlen: 24
82.150.158.0/24 maxlen: 24
82.150.159.0/24 maxlen: 24
213.207.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:7e:20:2b:04:44:f8:19:78:19:22:b3:54:51:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 2 05:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0613dc5c6627bb1e87b6baf481e34fa3675619d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c6:bc:f9:ad:b2:3a:d1:30:a7:06:e9:4a:89:
f5:cf:3e:4b:54:9a:7f:45:2f:cd:65:72:a2:4c:3c:
3f:dc:7a:c7:02:fa:44:42:08:0c:0a:58:02:41:f0:
c7:e4:76:69:75:71:02:dc:c7:5e:91:26:03:34:db:
f2:03:8d:16:b4:3e:b6:bc:ef:2f:d3:00:95:29:61:
7d:5e:5c:6d:63:2a:1d:64:fc:59:92:ac:81:b4:38:
52:64:de:0a:e3:0b:94:31:da:2f:be:9b:d1:e1:a8:
9f:60:0c:b7:11:3d:43:ca:fa:57:e8:bc:c4:09:63:
11:cd:f0:ca:c4:a8:2d:f8:db:0d:9a:cf:b8:d5:f4:
e1:4e:77:f2:14:aa:f4:f8:23:b6:a6:6f:81:ce:eb:
89:33:e0:ce:41:c2:4d:44:58:61:28:a0:01:b3:bc:
40:75:74:da:ec:e8:1d:4d:78:f8:a7:0c:0d:ff:54:
77:41:c1:14:64:50:74:a8:cc:f0:46:93:4f:f6:04:
bc:6c:cf:d2:ff:4f:39:c7:4c:91:6f:ff:c9:d2:00:
8c:c5:2c:32:b4:f8:c9:f5:5a:1d:9e:78:96:2d:99:
21:9e:ce:fb:77:7d:1d:79:0f:e3:a7:f8:03:c9:08:
58:b0:e8:b0:02:5b:61:fe:e4:17:2a:c8:aa:28:e8:
23:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:13:DC:5C:66:27:BB:1E:87:B6:BA:F4:81:E3:4F:A3:67:56:19:D5
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/BhPcXGYnux6Htrr0geNPo2dWGdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.150.150.0/23
82.150.153.0-82.150.159.255
213.207.20.0/24
Signature Algorithm: sha256WithRSAEncryption
08:23:0f:11:f9:ef:db:8c:3b:1c:4a:64:c7:92:dc:2d:e8:4d:
51:b3:5e:e1:58:8d:22:33:4b:5e:c4:90:c7:96:48:de:a7:e8:
0d:85:c9:77:3d:e3:db:d8:ed:06:e4:9c:d4:b9:66:9b:63:c3:
cb:bf:de:f5:18:13:95:0e:48:37:f5:65:33:69:93:bc:c6:08:
f6:ae:c1:a6:0a:59:2d:1a:5a:aa:48:b9:cf:c0:0a:8a:2f:4e:
12:91:de:4b:c9:72:72:d9:3a:99:c2:29:a3:ac:0a:8d:db:a2:
f9:fd:b8:c9:39:b6:b1:ec:fc:c4:fd:0e:c1:a8:92:1c:20:84:
8e:68:1e:3f:39:1b:cc:6c:34:d2:bf:3c:e5:4b:3d:b1:94:35:
f4:4f:14:32:bf:64:07:65:81:fc:2b:ce:15:b1:c2:1a:62:1e:
47:64:54:5c:05:46:0b:4d:05:fc:6c:08:a0:60:65:3b:42:d4:
02:69:4f:4c:d2:df:20:2a:83:c3:5f:90:33:d5:77:2a:f6:9a:
1a:a4:74:8c:0c:49:11:5b:73:0b:1f:ff:74:cd:a1:04:a9:c5:
60:dd:a9:3a:f3:e2:19:26:ff:c3:e7:6a:8d:03:43:ff:50:ed:
4c:fa:27:c1:15:9d:c2:6e:93:be:b4:73:81:9f:9c:2e:45:d0:
04:1f:36:6b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQlj34gKwRE+Bl4GSKzVFH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjUwMTAyMDU0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjEzZGM1YzY2MjdiYjFlODdiNmJhZjQ4MWUzNGZhMzY3NTYxOWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8a8+a2yOtEwpwbpSon1zz5LVJp/
RS/NZXKiTDw/3HrHAvpEQggMClgCQfDH5HZpdXEC3MdekSYDNNvyA40WtD62vO8v
0wCVKWF9XlxtYyodZPxZkqyBtDhSZN4K4wuUMdovvpvR4aifYAy3ET1DyvpX6LzE
CWMRzfDKxKgt+NsNms+41fThTnfyFKr0+CO2pm+BzuuJM+DOQcJNRFhhKKABs7xA
dXTa7OgdTXj4pwwN/1R3QcEUZFB0qMzwRpNP9gS8bM/S/085x0yRb//J0gCMxSwy
tPjJ9VodnniWLZkhns77d30deQ/jp/gDyQhYsOiwAlth/uQXKsiqKOgjTQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAYT3FxmJ7seh7a69IHjT6NnVhnVMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvQmhQY1hHWW51eDZIdHJyMGdlTlBvMmRXR2RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBUpaWMAwD
BABSlpkDBAVSloADBADVzxQwDQYJKoZIhvcNAQELBQADggEBAAgjDxH579uMOxxK
ZMeS3C3oTVGzXuFYjSIzS17EkMeWSN6n6A2FyXc949vY7QbknNS5Zptjw8u/3vUY
E5UOSDf1ZTNpk7zGCPauwaYKWS0aWqpIuc/ACoovThKR3kvJcnLZOpnCKaOsCo3b
ovn9uMk5trHs/MT9DsGokhwghI5oHj85G8xsNNK/POVLPbGUNfRPFDK/ZAdlgfwr
zhWxwhpiHkdkVFwFRgtNBfxsCKBgZTtC1AJpT0zS3yAqg8NfkDPVdyr2mhqkdIwM
SRFbcwsf/3TNoQSpxWDdqTrz4hkm/8Pnao0DQ/9Q7Uz6J8EVncJuk760c4GfnC5F
0AQfNms=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:31:50 2025 by rpki-client