Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/bZgYlhSyas6jkoOEyrwcXOR0hvE.roa
File: bZgYlhSyas6jkoOEyrwcXOR0hvE.roa (raw, json)
Hash identifier: AxoK66j3PTXcpGi8RIs3xTO0dPL2H9RDi+3wQ5dUCKs=
Subject key identifier: 6D:98:18:96:14:B2:6A:CE:A3:92:83:84:CA:BC:1C:5C:E4:74:86:F1
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FA25666948AD1A5DFA15116BF797A
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/bZgYlhSyas6jkoOEyrwcXOR0hvE.roa
Signing time: Thu 02 Jan 2025 05:49:17 +0000
ROA not before: Thu 02 Jan 2025 05:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44200
IP address blocks: 93.171.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a2:56:66:94:8a:d1:a5:df:a1:51:16:bf:79:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d98189614b26acea3928384cabc1c5ce47486f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a7:e5:5a:60:b1:f0:c4:b5:9c:4f:0b:4f:25:
79:e8:54:2f:79:4a:cb:93:8d:c3:c1:d6:8d:ad:14:
4d:16:ef:91:d9:65:9a:2c:11:cc:78:00:2d:f7:c5:
4f:17:de:f3:b7:b3:af:9d:12:6d:ca:f1:4a:15:16:
14:82:9a:23:b1:d4:a0:54:98:64:da:a8:d5:6e:7e:
9c:3a:26:5c:51:23:39:06:96:db:70:49:e0:83:00:
a6:a9:5f:6d:71:43:5f:5e:f8:81:55:85:fb:64:b4:
6d:98:e7:90:14:c2:34:9d:b8:20:85:d5:06:07:97:
0e:5c:b5:8e:61:d8:32:fa:0a:73:d3:27:d8:61:c1:
87:35:d2:b4:75:1b:97:25:6e:3c:63:61:ce:6a:d3:
b1:7c:63:e7:9f:d3:c9:9f:a3:8d:9e:15:48:64:a1:
06:17:aa:ef:6f:24:c7:52:0e:1f:f8:76:c9:03:ef:
b4:93:ac:3f:9b:17:de:23:10:c1:4a:24:b1:11:0f:
4f:0f:cc:2e:32:bc:48:a4:af:0b:94:64:5e:76:04:
43:f0:8a:de:1e:c9:3a:3e:19:5a:29:1f:61:5f:07:
db:fd:0b:39:8e:4a:46:b7:fa:3d:a0:91:82:38:51:
d9:06:70:ba:dc:0d:e6:4c:71:f6:c6:d5:5f:28:be:
be:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:98:18:96:14:B2:6A:CE:A3:92:83:84:CA:BC:1C:5C:E4:74:86:F1
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/bZgYlhSyas6jkoOEyrwcXOR0hvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.209.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:4d:a0:f0:0f:cf:99:11:51:0d:05:a4:b6:bb:dd:b7:86:04:
d4:79:27:d5:4a:07:e2:98:9e:cf:9a:ba:ea:e7:59:71:56:43:
8e:40:d2:8d:a5:e1:49:96:f6:13:ba:44:a5:5d:0a:75:8b:44:
2e:49:43:80:c5:05:7c:08:4c:14:a3:b6:40:b3:c6:68:86:49:
b1:f0:4f:71:70:52:33:d7:e9:ea:a3:96:f3:25:e2:85:c8:52:
5d:21:e9:1c:b7:76:30:6d:a6:9f:0b:09:04:88:0a:b2:31:d6:
37:ef:e6:e8:fb:a4:ab:7d:1c:8c:e0:47:89:d4:2e:2a:94:4e:
3d:82:50:11:1d:f7:0f:c2:24:2a:9f:6a:f0:59:3f:52:b0:40:
e1:39:6b:65:9d:aa:07:9d:cc:19:76:c4:ce:5a:89:fb:6e:76:
28:e3:72:43:2c:c8:52:a3:74:d9:85:6b:59:87:f9:29:11:b9:
39:5f:b1:b5:4d:5d:ae:b0:ef:0d:26:3f:98:8b:90:d2:7a:66:
71:07:64:78:a1:67:de:89:7d:c0:c4:e6:21:b1:1b:20:47:a9:
bb:94:27:5d:22:e7:15:31:da:46:dd:92:56:e8:be:14:c9:55:
85:7d:66:75:43:7e:87:29:0a:2a:3a:e6:b2:f4:e4:55:09:d1:
75:50:1b:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj6JWZpSK0aXfoVEWv3l6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDk4MTg5NjE0YjI2YWNlYTM5MjgzODRjYWJjMWM1Y2U0NzQ4NmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaflWmCx8MS1nE8LTyV56FQveUrL
k43DwdaNrRRNFu+R2WWaLBHMeAAt98VPF97zt7OvnRJtyvFKFRYUgpojsdSgVJhk
2qjVbn6cOiZcUSM5BpbbcEnggwCmqV9tcUNfXviBVYX7ZLRtmOeQFMI0nbgghdUG
B5cOXLWOYdgy+gpz0yfYYcGHNdK0dRuXJW48Y2HOatOxfGPnn9PJn6ONnhVIZKEG
F6rvbyTHUg4f+HbJA++0k6w/mxfeIxDBSiSxEQ9PD8wuMrxIpK8LlGRedgRD8Ire
Hsk6PhlaKR9hXwfb/Qs5jkpGt/o9oJGCOFHZBnC63A3mTHH2xtVfKL6+qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2YGJYUsmrOo5KDhMq8HFzkdIbxMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvYlpnWWxoU3lhczZqa29PRXlyd2NYT1IwaHZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXavRMA0G
CSqGSIb3DQEBCwUAA4IBAQBqTaDwD8+ZEVENBaS2u923hgTUeSfVSgfimJ7Pmrrq
51lxVkOOQNKNpeFJlvYTukSlXQp1i0QuSUOAxQV8CEwUo7ZAs8Zohkmx8E9xcFIz
1+nqo5bzJeKFyFJdIekct3YwbaafCwkEiAqyMdY37+bo+6SrfRyM4EeJ1C4qlE49
glARHfcPwiQqn2rwWT9SsEDhOWtlnaoHncwZdsTOWon7bnYo43JDLMhSo3TZhWtZ
h/kpEbk5X7G1TV2usO8NJj+Yi5DSemZxB2R4oWfeiX3AxOYhsRsgR6m7lCddIucV
MdpG3ZJW6L4UyVWFfWZ1Q36HKQoqOuay9ORVCdF1UBsa
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:23 2025 by rpki-client