Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/bsQ79sopvmytFgIfVjKeVkU1gag.roa
File: bsQ79sopvmytFgIfVjKeVkU1gag.roa (raw, json)
Hash identifier: QxyAvAZB9QJoIOi8Wnqy68Z4vmJR/0QuMU+vWQKlGE4=
Subject key identifier: 6E:C4:3B:F6:CA:29:BE:6C:AD:16:02:1F:56:32:9E:56:45:35:81:A8
Certificate issuer: /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial: 01941FFAA76EB9F937591064366F9AFD9F98
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/bsQ79sopvmytFgIfVjKeVkU1gag.roa
Signing time: Wed 01 Jan 2025 03:48:28 +0000
ROA not before: Wed 01 Jan 2025 03:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212490
IP address blocks: 185.41.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a7:6e:b9:f9:37:59:10:64:36:6f:9a:fd:9f:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Validity
Not Before: Jan 1 03:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ec43bf6ca29be6cad16021f56329e56453581a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b8:c0:09:53:7f:b0:2b:1f:34:cd:de:17:66:
24:a2:18:08:9d:b7:d3:76:8b:d0:2d:be:5d:0d:fd:
8f:24:3c:a9:57:3f:70:7b:c2:cb:29:fa:6c:7b:80:
04:14:d5:9f:c8:4a:f2:dd:7f:8a:34:21:37:56:47:
6a:be:4a:2d:73:cc:d2:7d:6f:af:ed:3b:97:52:88:
f4:b3:b3:14:32:5a:37:fb:ec:bc:57:d8:33:5a:78:
01:01:66:65:ba:be:6e:ca:56:77:64:f4:e6:fc:ab:
78:b5:e7:09:b3:36:3d:68:b2:d1:1d:65:fb:64:9c:
eb:63:a6:e9:c2:8e:94:4e:68:19:fa:19:c6:af:e5:
d9:98:a4:29:a8:cc:07:e4:37:6b:7b:e6:ce:8c:cb:
38:2d:c2:4f:8e:15:c0:d7:d3:af:9b:d7:1f:3b:3d:
dd:db:56:1b:ec:3f:ac:ad:b8:67:26:28:00:f6:4f:
40:8f:c9:cd:07:85:8c:f7:9a:73:77:5b:03:69:75:
f2:08:a5:68:7c:ab:8d:f5:e3:1d:7e:63:94:de:fe:
40:bf:a3:31:b6:a4:a7:dd:68:72:94:cd:7b:9a:3e:
89:d5:03:54:33:2c:17:d4:9b:0f:65:39:21:0c:3a:
53:c0:25:a4:30:46:ce:cf:ab:7d:59:1d:a4:3f:73:
58:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C4:3B:F6:CA:29:BE:6C:AD:16:02:1F:56:32:9E:56:45:35:81:A8
X509v3 Authority Key Identifier:
keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/bsQ79sopvmytFgIfVjKeVkU1gag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.184.0/24
Signature Algorithm: sha256WithRSAEncryption
31:76:83:0b:e3:d5:9b:b1:77:92:ff:b4:ec:b2:bf:3c:30:30:
08:c8:e4:bc:c3:b9:0e:a9:78:d8:04:5c:13:bd:3f:8c:7c:e6:
c4:1f:61:1a:ad:db:90:f5:7c:7f:db:78:27:6e:17:49:dc:65:
a2:77:13:8b:7d:7d:e1:2f:ce:8f:b6:f8:d2:ab:01:ba:01:22:
d1:b3:79:bd:a3:80:98:52:58:86:50:e8:d9:5d:b3:63:af:f4:
5f:84:b3:21:6f:bf:00:08:39:28:00:c4:54:0f:75:80:18:25:
f1:f7:8b:40:73:7a:1a:d8:21:2d:3f:c6:cb:0f:89:4f:83:8e:
1d:49:be:4e:9e:13:72:a9:57:46:29:f2:25:ad:5c:12:40:79:
2a:81:ba:51:17:db:91:59:fc:8f:a8:c9:60:50:bb:cf:ea:45:
32:52:36:c6:aa:ff:d0:58:00:cb:df:12:7f:cb:c0:a9:90:e5:
cb:ae:40:97:88:af:e9:19:33:48:c9:81:f8:e7:75:2a:d8:cc:
7e:63:ca:51:2b:17:42:2a:29:44:e7:0a:f9:e7:25:ed:72:82:
89:cf:76:62:e2:d3:fe:53:a1:ed:b5:f4:cc:12:e0:3d:55:02:
58:ec:ff:99:6a:1b:4f:c2:7d:ad:36:d7:a8:b9:ba:f0:0f:50:
03:d0:ad:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qduufk3WRBkNm+a/Z+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OTFjNDQ4ODY5OWU2ZDAyNGUzOWNjNGQ2MWVlZWFiZDM4
MDEwZmEwHhcNMjUwMTAxMDM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWM0M2JmNmNhMjliZTZjYWQxNjAyMWY1NjMyOWU1NjQ1MzU4MWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrjACVN/sCsfNM3eF2YkohgInbfT
dovQLb5dDf2PJDypVz9we8LLKfpse4AEFNWfyEry3X+KNCE3Vkdqvkotc8zSfW+v
7TuXUoj0s7MUMlo3++y8V9gzWngBAWZlur5uylZ3ZPTm/Kt4tecJszY9aLLRHWX7
ZJzrY6bpwo6UTmgZ+hnGr+XZmKQpqMwH5Ddre+bOjMs4LcJPjhXA19Ovm9cfOz3d
21Yb7D+srbhnJigA9k9Aj8nNB4WM95pzd1sDaXXyCKVofKuN9eMdfmOU3v5Av6Mx
tqSn3WhylM17mj6J1QNUMywX1JsPZTkhDDpTwCWkMEbOz6t9WR2kP3NYXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG7EO/bKKb5srRYCH1YynlZFNYGoMB8GA1UdIwQY
MBaAFJiRxEiGmebQJOOcxNYe7qvTgBD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUt
ZTEwYTYwNTk2YzI2LzEvYnNRNzlzb3B2bXl0RmdJZlZqS2VWa1UxZ2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUtZTEwYTYwNTk2YzI2
LzEvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSm4MA0G
CSqGSIb3DQEBCwUAA4IBAQAxdoML49WbsXeS/7Tssr88MDAIyOS8w7kOqXjYBFwT
vT+MfObEH2EarduQ9Xx/23gnbhdJ3GWidxOLfX3hL86PtvjSqwG6ASLRs3m9o4CY
UliGUOjZXbNjr/RfhLMhb78ACDkoAMRUD3WAGCXx94tAc3oa2CEtP8bLD4lPg44d
Sb5OnhNyqVdGKfIlrVwSQHkqgbpRF9uRWfyPqMlgULvP6kUyUjbGqv/QWADL3xJ/
y8CpkOXLrkCXiK/pGTNIyYH453Uq2Mx+Y8pRKxdCKilE5wr55yXtcoKJz3Zi4tP+
U6HttfTMEuA9VQJY7P+ZahtPwn2tNteoubrwD1AD0K3B
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:18:57 2025 by rpki-client