Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BdXDsqzYg2v6FRaPHQizU-8Nugs.roa
File: BdXDsqzYg2v6FRaPHQizU-8Nugs.roa (raw, json)
Hash identifier: Jw2OasIhVqaAV5V1lTXRHR3NrIcHwVX+wRH6bT7E8eg=
Subject key identifier: 05:D5:C3:B2:AC:D8:83:6B:FA:15:16:8F:1D:08:B3:53:EF:0D:BA:0B
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FE303B9FC13A07BEE05025A5D7760
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BdXDsqzYg2v6FRaPHQizU-8Nugs.roa
Signing time: Thu 02 Jan 2025 05:49:34 +0000
ROA not before: Thu 02 Jan 2025 05:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62447
IP address blocks: 93.170.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:e3:03:b9:fc:13:a0:7b:ee:05:02:5a:5d:77:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05d5c3b2acd8836bfa15168f1d08b353ef0dba0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5e:2f:a0:98:73:7a:62:0c:8a:1a:c1:5a:11:
ff:cc:48:c6:f6:f6:26:82:a1:86:68:db:20:a9:14:
98:47:17:6b:48:90:a6:8e:fb:0f:66:c5:ca:61:9d:
af:b0:4f:de:d7:db:4e:d3:62:bb:f6:dd:93:d6:76:
07:30:ef:66:6a:7a:0d:e3:51:98:0f:c2:e9:f9:4a:
cf:44:be:37:4a:ee:28:d3:ff:e6:d6:b4:f7:c2:2d:
78:0e:e4:a9:32:ef:96:25:1b:5b:3a:04:8e:9b:1e:
e5:35:a4:d4:d8:ad:51:ff:52:70:07:20:fc:b7:29:
87:ef:b9:ff:1d:6f:52:44:d6:db:0c:19:2d:ec:05:
15:62:c0:ae:ad:a9:5e:5c:76:1a:36:f3:4f:bc:43:
14:cb:a1:02:ca:f6:46:23:2a:8a:d1:56:ca:e1:a5:
b8:27:5c:a1:3b:66:2b:43:b3:ed:28:d2:d3:22:09:
25:4a:1d:84:df:3a:dc:ad:02:d4:07:aa:df:bf:27:
1a:4d:6e:cd:83:94:80:61:c5:84:3e:f4:19:e7:dd:
e7:ed:9f:f1:f7:cd:db:15:8c:a2:3d:93:c6:d9:f3:
49:54:0e:d4:a3:40:5e:d8:3e:f7:b2:1f:ec:ea:0e:
02:6a:47:98:c0:2f:3f:01:aa:e0:b7:7a:47:13:e2:
93:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D5:C3:B2:AC:D8:83:6B:FA:15:16:8F:1D:08:B3:53:EF:0D:BA:0B
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BdXDsqzYg2v6FRaPHQizU-8Nugs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.102.0/24
Signature Algorithm: sha256WithRSAEncryption
70:b8:6c:52:6c:82:b3:c5:eb:96:fa:81:40:e3:bd:40:75:82:
c4:22:5e:c5:de:08:03:6e:68:7c:e8:b3:5b:bb:3c:65:90:9b:
1f:bc:50:05:62:54:b6:9e:67:d8:4d:85:ff:c0:9c:88:d2:46:
c5:fc:b6:36:7f:a2:1a:b8:e8:d4:4d:61:c3:79:02:a4:0b:8a:
79:ca:b8:e5:53:b1:16:ad:46:69:4c:dd:fd:c5:b6:42:11:af:
c2:da:14:13:ba:d3:40:10:33:a7:fe:d5:b9:93:0c:d4:b0:e3:
82:77:59:c6:c6:92:79:5a:1e:00:c7:69:58:e1:f9:ba:68:0f:
c6:13:d0:51:36:d0:f5:03:40:02:e1:85:b4:f7:cb:f2:bd:00:
99:b8:79:8e:31:9b:ed:02:90:95:a1:de:00:a2:11:7a:56:6b:
ae:08:cd:c5:07:0d:7d:fc:b0:d0:78:7c:6a:ed:d0:ff:23:9b:
9e:59:c5:fb:84:fe:d9:00:3f:60:32:5b:56:6d:3a:d0:1a:c4:
ae:0a:f5:a6:7f:db:b1:4c:c9:5d:f6:86:23:4d:28:75:e7:2a:
ca:da:a5:e7:99:14:0d:d7:96:7a:d1:59:f2:81:8b:aa:ec:aa:
72:a5:8b:5e:11:43:47:45:70:6f:e9:54:56:fa:44:d2:4a:a3:
e9:90:4c:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj+MDufwToHvuBQJaXXdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQ1YzNiMmFjZDg4MzZiZmExNTE2OGYxZDA4YjM1M2VmMGRiYTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs14voJhzemIMihrBWhH/zEjG9vYm
gqGGaNsgqRSYRxdrSJCmjvsPZsXKYZ2vsE/e19tO02K79t2T1nYHMO9manoN41GY
D8Lp+UrPRL43Su4o0//m1rT3wi14DuSpMu+WJRtbOgSOmx7lNaTU2K1R/1JwByD8
tymH77n/HW9SRNbbDBkt7AUVYsCuraleXHYaNvNPvEMUy6ECyvZGIyqK0VbK4aW4
J1yhO2YrQ7PtKNLTIgklSh2E3zrcrQLUB6rfvycaTW7Ng5SAYcWEPvQZ593n7Z/x
983bFYyiPZPG2fNJVA7Uo0Be2D73sh/s6g4CakeYwC8/Aargt3pHE+KTDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXVw7Ks2INr+hUWjx0Is1PvDboLMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvQmRYRHNxellnMnY2RlJhUEhRaXpVLThOdWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXapmMA0G
CSqGSIb3DQEBCwUAA4IBAQBwuGxSbIKzxeuW+oFA471AdYLEIl7F3ggDbmh86LNb
uzxlkJsfvFAFYlS2nmfYTYX/wJyI0kbF/LY2f6IauOjUTWHDeQKkC4p5yrjlU7EW
rUZpTN39xbZCEa/C2hQTutNAEDOn/tW5kwzUsOOCd1nGxpJ5Wh4Ax2lY4fm6aA/G
E9BRNtD1A0AC4YW098vyvQCZuHmOMZvtApCVod4AohF6VmuuCM3FBw19/LDQeHxq
7dD/I5ueWcX7hP7ZAD9gMltWbTrQGsSuCvWmf9uxTMld9oYjTSh15yrK2qXnmRQN
15Z60VnygYuq7KpypYteEUNHRXBv6VRW+kTSSqPpkEzQ
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:32 2025 by rpki-client