Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/86d2ae-7c37-4344-a1e6-e8edf29245c0/1/bmxfR1YI28e9AvruScrILUTRG3I.roa
File: bmxfR1YI28e9AvruScrILUTRG3I.roa (raw, json)
Hash identifier: cqN9qg0IAUOQT2Uuvb3v+aRnSBYZJQOZClfPWFzUISg=
Subject key identifier: 6E:6C:5F:47:56:08:DB:C7:BD:02:FA:EE:49:CA:C8:2D:44:D1:1B:72
Certificate issuer: /CN=67047b987be9742785ba8e8b33ac077bf9c7a222
Certificate serial: 0194236A3045375D45D3A0E22AAF6D64F81B
Authority key identifier: 67:04:7B:98:7B:E9:74:27:85:BA:8E:8B:33:AC:07:7B:F9:C7:A2:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZwR7mHvpdCeFuo6LM6wHe_nHoiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/86d2ae-7c37-4344-a1e6-e8edf29245c0/1/bmxfR1YI28e9AvruScrILUTRG3I.roa
Signing time: Wed 01 Jan 2025 19:49:09 +0000
ROA not before: Wed 01 Jan 2025 19:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9091
IP address blocks: 194.8.10.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:30:45:37:5d:45:d3:a0:e2:2a:af:6d:64:f8:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67047b987be9742785ba8e8b33ac077bf9c7a222
Validity
Not Before: Jan 1 19:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e6c5f475608dbc7bd02faee49cac82d44d11b72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:87:20:63:a7:06:a6:cf:e5:fc:2f:2c:4c:13:
11:e3:45:fa:e5:a7:cd:e9:eb:6d:26:b7:35:23:4d:
11:7e:06:4c:0b:07:77:86:a7:3a:7f:e7:e7:8e:c3:
1f:e8:28:04:03:bb:96:1a:a4:dc:85:70:35:9a:fe:
d5:34:0b:6c:69:a0:58:c0:22:21:c4:bf:cc:71:60:
fb:2b:a6:3c:7f:4c:fd:d8:56:64:96:54:7d:d2:da:
03:61:31:61:da:34:15:59:6f:c2:b8:7a:15:66:15:
8a:f7:53:ab:71:67:43:b6:0b:cd:be:b0:74:e5:3e:
cc:5d:6a:84:55:b6:bd:a8:f2:c8:d8:41:76:ac:3e:
b6:0d:23:e7:2a:07:02:12:c5:70:b2:0d:f1:d9:e9:
67:88:61:01:33:b3:40:00:48:cf:a9:6e:79:6a:85:
af:6c:6d:58:38:ac:dd:3c:3f:c2:b6:c1:a8:90:6d:
cb:76:b9:f9:3f:e8:a6:0e:37:bb:3a:f0:a8:9c:5e:
8f:5c:91:d2:f6:5d:cb:17:54:21:a5:10:68:61:fe:
b3:29:73:44:d7:01:45:11:eb:88:10:71:5e:d5:f1:
d0:be:5b:58:d6:59:e6:38:76:a7:f7:4b:bc:72:16:
aa:e2:d7:23:ac:f4:40:60:da:7c:dc:d4:8c:81:e6:
e5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:6C:5F:47:56:08:DB:C7:BD:02:FA:EE:49:CA:C8:2D:44:D1:1B:72
X509v3 Authority Key Identifier:
keyid:67:04:7B:98:7B:E9:74:27:85:BA:8E:8B:33:AC:07:7B:F9:C7:A2:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZwR7mHvpdCeFuo6LM6wHe_nHoiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/86d2ae-7c37-4344-a1e6-e8edf29245c0/1/bmxfR1YI28e9AvruScrILUTRG3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/86d2ae-7c37-4344-a1e6-e8edf29245c0/1/ZwR7mHvpdCeFuo6LM6wHe_nHoiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.10.0/23
Signature Algorithm: sha256WithRSAEncryption
67:78:65:30:9e:82:78:6e:7d:25:21:e0:44:79:64:a2:79:a3:
75:26:63:f9:3f:0c:94:db:a5:aa:3c:e4:e5:82:a1:c4:e6:c5:
91:d2:c6:c7:97:84:a6:cd:c3:c4:e7:a5:49:4c:a3:cc:d7:cd:
69:f2:28:e8:2c:c7:81:9d:ce:93:6c:51:1c:f6:1f:79:35:fc:
24:b9:28:61:19:e4:7a:87:64:16:82:29:c4:84:97:1f:43:ad:
bf:2f:05:21:4c:41:81:2f:c1:5b:bf:f2:3c:be:02:00:52:46:
d6:01:d3:ca:fd:9d:4a:08:62:30:0f:07:b8:68:84:75:76:85:
c6:d3:4b:c0:df:96:e3:54:63:23:cf:ec:b0:7f:6a:2e:92:c6:
c5:5e:8a:74:8b:18:19:2d:ce:cc:0c:3b:b1:e0:67:71:f3:ec:
d3:2b:6c:27:08:7e:99:fc:c5:b2:8c:12:c6:22:5c:b8:d8:bc:
33:3a:f7:eb:2f:e3:04:04:d0:70:82:28:ea:92:b3:40:f4:af:
aa:42:42:55:fe:b3:79:98:b3:8f:12:c0:bd:e2:59:c8:f2:ec:
eb:67:13:8b:7d:7d:12:f5:d2:2f:98:6a:c4:59:c7:51:47:1b:
80:5e:2c:0e:e5:45:e0:53:50:72:04:ad:5e:72:a6:c1:29:da:
15:ec:90:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjajBFN11F06DiKq9tZPgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MDQ3Yjk4N2JlOTc0Mjc4NWJhOGU4YjMzYWMwNzdiZjlj
N2EyMjIwHhcNMjUwMTAxMTk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTZjNWY0NzU2MDhkYmM3YmQwMmZhZWU0OWNhYzgyZDQ0ZDExYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6YcgY6cGps/l/C8sTBMR40X65afN
6ettJrc1I00RfgZMCwd3hqc6f+fnjsMf6CgEA7uWGqTchXA1mv7VNAtsaaBYwCIh
xL/McWD7K6Y8f0z92FZkllR90toDYTFh2jQVWW/CuHoVZhWK91OrcWdDtgvNvrB0
5T7MXWqEVba9qPLI2EF2rD62DSPnKgcCEsVwsg3x2elniGEBM7NAAEjPqW55aoWv
bG1YOKzdPD/CtsGokG3Ldrn5P+imDje7OvConF6PXJHS9l3LF1QhpRBoYf6zKXNE
1wFFEeuIEHFe1fHQvltY1lnmOHan90u8chaq4tcjrPRAYNp83NSMgeblsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5sX0dWCNvHvQL67knKyC1E0RtyMB8GA1UdIwQY
MBaAFGcEe5h76XQnhbqOizOsB3v5x6IiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWndSN21IdnBkQ2VGdW82TE02d0hlX25Ib2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84NmQyYWUtN2MzNy00MzQ0LWExZTYt
ZThlZGYyOTI0NWMwLzEvYm14ZlIxWUkyOGU5QXZydVNjcklMVVRSRzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84NmQyYWUtN2MzNy00MzQ0LWExZTYtZThlZGYyOTI0NWMw
LzEvWndSN21IdnBkQ2VGdW82TE02d0hlX25Ib2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwggKMA0G
CSqGSIb3DQEBCwUAA4IBAQBneGUwnoJ4bn0lIeBEeWSieaN1JmP5PwyU26WqPOTl
gqHE5sWR0sbHl4SmzcPE56VJTKPM181p8ijoLMeBnc6TbFEc9h95NfwkuShhGeR6
h2QWginEhJcfQ62/LwUhTEGBL8Fbv/I8vgIAUkbWAdPK/Z1KCGIwDwe4aIR1doXG
00vA35bjVGMjz+ywf2ouksbFXop0ixgZLc7MDDux4Gdx8+zTK2wnCH6Z/MWyjBLG
Ily42LwzOvfrL+MEBNBwgijqkrNA9K+qQkJV/rN5mLOPEsC94lnI8uzrZxOLfX0S
9dIvmGrEWcdRRxuAXiwO5UXgU1ByBK1ecqbBKdoV7JBN
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:11 2025 by rpki-client