Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/bmd97yvzsY5Yo2HfnEE_aGsiLVw.roa
File: bmd97yvzsY5Yo2HfnEE_aGsiLVw.roa (raw, json)
Hash identifier: rBbiHBTIds8AVFd6SWdPqBeLyfTxB+l6zirCVR5u1u4=
Subject key identifier: 6E:67:7D:EF:2B:F3:B1:8E:58:A3:61:DF:9C:41:3F:68:6B:22:2D:5C
Certificate issuer: /CN=9868a1992bb8037dde81d0c8cdc0695fcee17c27
Certificate serial: 0194236A475FD2E9EA7884EF7487CD4942B8
Authority key identifier: 98:68:A1:99:2B:B8:03:7D:DE:81:D0:C8:CD:C0:69:5F:CE:E1:7C:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mGihmSu4A33egdDIzcBpX87hfCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/bmd97yvzsY5Yo2HfnEE_aGsiLVw.roa
Signing time: Wed 01 Jan 2025 19:49:14 +0000
ROA not before: Wed 01 Jan 2025 19:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55410
IP address blocks: 80.94.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:47:5f:d2:e9:ea:78:84:ef:74:87:cd:49:42:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9868a1992bb8037dde81d0c8cdc0695fcee17c27
Validity
Not Before: Jan 1 19:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e677def2bf3b18e58a361df9c413f686b222d5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cf:0f:1f:48:99:c9:a6:6b:11:12:a4:36:0a:
4c:3b:37:a9:83:89:2c:66:ef:82:d4:8d:af:e5:b1:
59:a7:1e:1f:1f:17:48:30:91:c9:6f:d1:43:6f:aa:
66:05:4b:0b:15:fb:a8:5d:e4:41:43:1d:95:72:91:
3f:b9:d1:06:76:a9:6a:04:0f:d0:74:b1:6a:24:cf:
95:f8:dd:f3:52:3e:b3:0e:0a:78:ba:3d:04:70:10:
10:9a:68:a6:4e:84:95:f7:dc:83:fd:02:59:31:4c:
dc:b1:c3:31:62:22:92:7f:bf:3b:c0:ce:d2:6e:d2:
ae:99:79:10:63:bb:a3:72:cc:3b:41:c2:80:7c:2c:
ef:74:10:98:fc:79:f7:10:90:42:52:44:e1:21:67:
b8:d6:33:b5:03:8d:f0:33:f8:5a:85:95:cc:37:ab:
a9:72:7f:ea:71:f6:64:42:b4:2b:14:00:c9:5f:e2:
0e:1c:99:65:9e:46:c1:bf:14:70:0b:31:fa:e9:6f:
ff:69:52:91:26:8f:00:24:3f:f1:a0:9e:92:68:21:
2d:36:f4:1c:11:f2:8f:af:32:89:82:93:22:ac:4a:
6d:8a:a9:37:07:bc:ae:f0:9f:ce:8b:81:29:a2:97:
cd:46:55:c0:47:e0:12:0a:e8:cf:2c:e5:18:4f:67:
a8:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:67:7D:EF:2B:F3:B1:8E:58:A3:61:DF:9C:41:3F:68:6B:22:2D:5C
X509v3 Authority Key Identifier:
keyid:98:68:A1:99:2B:B8:03:7D:DE:81:D0:C8:CD:C0:69:5F:CE:E1:7C:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mGihmSu4A33egdDIzcBpX87hfCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/bmd97yvzsY5Yo2HfnEE_aGsiLVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/mGihmSu4A33egdDIzcBpX87hfCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.91.0/24
Signature Algorithm: sha256WithRSAEncryption
25:eb:0b:6d:98:c5:28:1d:91:a4:13:71:ed:5e:ec:7f:64:25:
d7:d8:40:5b:6a:3b:30:66:c1:2e:8e:8b:91:87:c7:97:39:cc:
5d:67:51:30:9c:2e:c9:fa:a5:ad:5b:ea:02:63:8d:9a:8e:45:
1a:27:07:f6:18:d4:78:f7:3b:53:93:48:1a:2f:9b:d1:35:27:
c7:47:14:d6:d0:2b:e9:d9:9b:d9:e7:76:4b:99:cc:d7:89:48:
b9:6b:e7:10:08:a5:5f:61:16:93:c4:99:5e:e1:dc:44:03:48:
19:1e:12:1b:08:d4:08:ff:c1:9c:2f:f8:c0:8a:0c:45:3c:3d:
0e:98:f3:3a:d6:27:bc:b7:38:91:3c:e3:d4:2c:f1:05:38:4f:
18:5e:38:1f:2f:38:67:75:01:2f:30:b2:3f:e6:17:8f:83:a7:
aa:91:81:d6:5a:c1:bd:33:82:44:e0:e6:e4:d0:b1:71:82:53:
54:f2:f9:12:59:41:a8:bf:63:b8:cd:4b:a5:59:2e:72:1f:f6:
aa:25:fe:5e:ef:40:d8:f4:e2:66:6e:d7:cb:22:41:73:80:d7:
bd:be:63:3a:0c:bc:12:3e:47:42:47:99:8b:4b:b1:d2:38:7c:
90:ff:93:31:fc:fe:28:f5:ee:95:1e:d7:2d:b2:7b:ed:9f:95:
54:90:2d:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjakdf0unqeITvdIfNSUK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NjhhMTk5MmJiODAzN2RkZTgxZDBjOGNkYzA2OTVmY2Vl
MTdjMjcwHhcNMjUwMTAxMTk0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTY3N2RlZjJiZjNiMThlNThhMzYxZGY5YzQxM2Y2ODZiMjIyZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAls8PH0iZyaZrERKkNgpMOzepg4ks
Zu+C1I2v5bFZpx4fHxdIMJHJb9FDb6pmBUsLFfuoXeRBQx2VcpE/udEGdqlqBA/Q
dLFqJM+V+N3zUj6zDgp4uj0EcBAQmmimToSV99yD/QJZMUzcscMxYiKSf787wM7S
btKumXkQY7ujcsw7QcKAfCzvdBCY/Hn3EJBCUkThIWe41jO1A43wM/hahZXMN6up
cn/qcfZkQrQrFADJX+IOHJllnkbBvxRwCzH66W//aVKRJo8AJD/xoJ6SaCEtNvQc
EfKPrzKJgpMirEptiqk3B7yu8J/Oi4EpopfNRlXAR+ASCujPLOUYT2eogwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5nfe8r87GOWKNh35xBP2hrIi1cMB8GA1UdIwQY
MBaAFJhooZkruAN93oHQyM3AaV/O4XwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUdpaG1TdTRBMzNlZ2RESXpjQnBYODdoZkNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82YjIyZTYtMzUyZi00ZTg4LTgyN2It
ZDc4ZDU2MzFkN2Y2LzEvYm1kOTd5dnpzWTVZbzJIZm5FRV9hR3NpTFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82YjIyZTYtMzUyZi00ZTg4LTgyN2ItZDc4ZDU2MzFkN2Y2
LzEvbUdpaG1TdTRBMzNlZ2RESXpjQnBYODdoZkNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUF5bMA0G
CSqGSIb3DQEBCwUAA4IBAQAl6wttmMUoHZGkE3HtXux/ZCXX2EBbajswZsEujouR
h8eXOcxdZ1EwnC7J+qWtW+oCY42ajkUaJwf2GNR49ztTk0gaL5vRNSfHRxTW0Cvp
2ZvZ53ZLmczXiUi5a+cQCKVfYRaTxJle4dxEA0gZHhIbCNQI/8GcL/jAigxFPD0O
mPM61ie8tziRPOPULPEFOE8YXjgfLzhndQEvMLI/5hePg6eqkYHWWsG9M4JE4Obk
0LFxglNU8vkSWUGov2O4zUulWS5yH/aqJf5e70DY9OJmbtfLIkFzgNe9vmM6DLwS
PkdCR5mLS7HSOHyQ/5Mx/P4o9e6VHtctsnvtn5VUkC3+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:13 2025 by rpki-client