Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/bf0a54-0774-4aa5-a91a-bc36edbdfa05/1/B5jNdPQ8ltaE9vfKldSfKJUTJ0w.roa
File: B5jNdPQ8ltaE9vfKldSfKJUTJ0w.roa (raw, json)
Hash identifier: Zu0XeysyY7VdqYnyHPi1F8bnsikh2QXdhocG8xXpetc=
Subject key identifier: 07:98:CD:74:F4:3C:96:D6:84:F6:F7:CA:95:D4:9F:28:95:13:27:4C
Certificate issuer: /CN=df75b63b3c04abdd0bba9a5b6d4c4c4c4bee357f
Certificate serial: 016AB010
Authority key identifier: DF:75:B6:3B:3C:04:AB:DD:0B:BA:9A:5B:6D:4C:4C:4C:4B:EE:35:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33W2OzwEq90LuppbbUxMTEvuNX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/bf0a54-0774-4aa5-a91a-bc36edbdfa05/1/B5jNdPQ8ltaE9vfKldSfKJUTJ0w.roa
Signing time: Sat 01 Jan 2022 16:07:27 +0000
ROA not before: Sat 01 Jan 2022 16:07:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202692
IP address blocks: 185.156.208.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23769104 (0x16ab010)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df75b63b3c04abdd0bba9a5b6d4c4c4c4bee357f
Validity
Not Before: Jan 1 16:07:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0798cd74f43c96d684f6f7ca95d49f289513274c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:fe:8a:8e:60:82:ab:f4:d4:d2:08:84:62:95:
ce:d5:fe:72:8a:15:64:5d:46:52:b3:81:db:52:2d:
98:dd:a1:93:78:83:96:a4:bb:d5:3f:5f:44:c6:20:
b3:71:ca:02:37:9c:87:4e:a0:dc:0b:62:83:b8:64:
e2:8d:04:23:c2:24:f1:b5:f0:90:1a:8e:21:8b:18:
5d:bb:97:a8:1b:62:61:22:4e:df:e8:e0:57:26:09:
3a:3d:e2:b2:f1:60:db:dd:07:7b:8e:41:eb:3d:d8:
42:9d:3c:b7:03:df:a8:d4:ed:c6:3a:22:3c:69:ad:
0e:95:70:98:e0:0d:60:85:5b:b2:26:a0:bd:4f:3e:
08:11:b2:ad:b2:17:79:56:5a:50:b0:d6:c5:83:00:
b5:74:f3:80:79:cb:79:4a:9e:cb:e4:02:cc:a1:e7:
7c:66:94:82:6d:38:d1:a9:95:4a:6b:6c:f9:c2:3e:
67:aa:bd:4a:b9:c6:7a:06:24:bc:76:17:22:75:d6:
6f:d3:a5:05:4b:c3:47:ed:e2:df:51:64:79:b2:16:
06:92:ea:ee:7c:08:ba:11:13:f6:58:46:3b:74:9e:
c0:c7:63:d2:6c:f8:d1:b4:2f:9a:05:70:44:13:4d:
ba:49:9b:1c:ba:2e:49:52:4d:48:f1:ed:7c:61:27:
d1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:98:CD:74:F4:3C:96:D6:84:F6:F7:CA:95:D4:9F:28:95:13:27:4C
X509v3 Authority Key Identifier:
keyid:DF:75:B6:3B:3C:04:AB:DD:0B:BA:9A:5B:6D:4C:4C:4C:4B:EE:35:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33W2OzwEq90LuppbbUxMTEvuNX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/bf0a54-0774-4aa5-a91a-bc36edbdfa05/1/B5jNdPQ8ltaE9vfKldSfKJUTJ0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/bf0a54-0774-4aa5-a91a-bc36edbdfa05/1/33W2OzwEq90LuppbbUxMTEvuNX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.208.0/22
Signature Algorithm: sha256WithRSAEncryption
77:1e:81:89:ab:a5:9f:f8:24:7b:ed:d4:21:3b:79:a8:08:3d:
0c:52:d6:94:1e:9a:28:9d:65:64:8f:f8:c9:f4:e2:49:50:7d:
52:86:e9:c5:c8:db:54:5d:1e:26:b1:5a:71:9d:66:fb:6f:35:
d3:c0:ba:da:4b:33:3c:7f:82:09:88:da:18:64:2d:f9:97:53:
c3:28:50:9a:ca:05:76:9a:6b:a8:de:0d:11:ba:3f:24:8a:b0:
f3:78:fd:38:39:90:ad:64:07:98:1a:c0:e5:c9:48:3e:c7:78:
af:46:00:ce:e7:90:28:dd:22:3f:88:7e:f5:5c:ea:99:e9:6a:
c8:55:84:6d:60:4e:fe:e9:3a:0e:44:68:7b:f9:22:e5:5b:d8:
6a:65:ac:83:c2:76:a9:60:ac:39:3c:16:8e:cd:a6:51:b2:70:
9c:95:3a:d9:18:23:b1:28:5a:b3:e0:4a:b9:b7:ce:16:c4:3e:
27:1c:47:28:70:4c:0e:d1:c4:f7:32:2c:ff:07:7f:a1:2b:cf:
35:82:ba:52:f2:67:1c:bc:77:12:5b:6e:37:f4:a1:42:d3:89:
be:7a:b0:0d:5f:cb:78:1c:d3:a2:f0:3c:11:c9:65:33:cc:4d:
bb:60:a3:15:9e:7d:85:93:ae:72:c0:6e:d4:45:13:53:ce:ca:
b5:7f:7a:f2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAWqwEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Zjc1YjYzYjNjMDRhYmRkMGJiYTlhNWI2ZDRjNGM0YzRiZWUzNTdmMB4XDTIyMDEw
MTE2MDcyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDc5OGNkNzRmNDNj
OTZkNjg0ZjZmN2NhOTVkNDlmMjg5NTEzMjc0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOb+io5ggqv01NIIhGKVztX+cooVZF1GUrOB21ItmN2hk3iD
lqS71T9fRMYgs3HKAjech06g3Atig7hk4o0EI8Ik8bXwkBqOIYsYXbuXqBtiYSJO
3+jgVyYJOj3isvFg290He45B6z3YQp08twPfqNTtxjoiPGmtDpVwmOANYIVbsiag
vU8+CBGyrbIXeVZaULDWxYMAtXTzgHnLeUqey+QCzKHnfGaUgm040amVSmts+cI+
Z6q9SrnGegYkvHYXInXWb9OlBUvDR+3i31FkebIWBpLq7nwIuhET9lhGO3SewMdj
0mz40bQvmgVwRBNNukmbHLouSVJNSPHtfGEn0f0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQHmM109DyW1oT298qV1J8olRMnTDAfBgNVHSMEGDAWgBTfdbY7PASr3Qu6
mlttTExMS+41fzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzMzVzJPendFcTkwTHVwcGJiVXhNVEV2dU5YOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvYmYwYTU0LTA3NzQtNGFhNS1hOTFhLWJjMzZlZGJkZmEwNS8x
L0I1ak5kUFE4bHRhRTl2ZktsZFNmS0pVVEowdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
YmYwYTU0LTA3NzQtNGFhNS1hOTFhLWJjMzZlZGJkZmEwNS8xLzMzVzJPendFcTkw
THVwcGJiVXhNVEV2dU5YOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmc0DANBgkqhkiG9w0BAQsFAAOC
AQEAdx6Biauln/gke+3UITt5qAg9DFLWlB6aKJ1lZI/4yfTiSVB9UobpxcjbVF0e
JrFacZ1m+28108C62kszPH+CCYjaGGQt+ZdTwyhQmsoFdpprqN4NEbo/JIqw83j9
ODmQrWQHmBrA5clIPsd4r0YAzueQKN0iP4h+9VzqmelqyFWEbWBO/uk6DkRoe/ki
5VvYamWsg8J2qWCsOTwWjs2mUbJwnJU62RgjsShas+BKubfOFsQ+JxxHKHBMDtHE
9zIs/wd/oSvPNYK6UvJnHLx3EltuN/ShQtOJvnqwDV/LeBzTovA8EcllM8xNu2Cj
FZ59hZOucsBu1EUTU87KtX968g==
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:08:25 2025 by rpki-client