Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/79f42d-1475-4f83-913a-31797bb3e355/1/BkzA2q0KWboCcPAo0bt1hrPm1MA.roa
File: BkzA2q0KWboCcPAo0bt1hrPm1MA.roa (raw, json)
Hash identifier: jvZdUjy5tRoqNdn38OjlGoeAPBjoUc/Ypzy71cubOLg=
Subject key identifier: 06:4C:C0:DA:AD:0A:59:BA:02:70:F0:28:D1:BB:75:86:B3:E6:D4:C0
Certificate issuer: /CN=1d3df4abd9de641e1eeabcb7abc4c13343135e69
Certificate serial: 01856EC22F4A36E8B797C607CB91FFDEF998
Authority key identifier: 1D:3D:F4:AB:D9:DE:64:1E:1E:EA:BC:B7:AB:C4:C1:33:43:13:5E:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HT30q9neZB4e6ry3q8TBM0MTXmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/79f42d-1475-4f83-913a-31797bb3e355/1/BkzA2q0KWboCcPAo0bt1hrPm1MA.roa
Signing time: Sun 01 Jan 2023 19:14:57 +0000
ROA not before: Sun 01 Jan 2023 19:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60257
IP address blocks: 145.255.240.0/21 maxlen: 24
185.24.12.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:2f:4a:36:e8:b7:97:c6:07:cb:91:ff:de:f9:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d3df4abd9de641e1eeabcb7abc4c13343135e69
Validity
Not Before: Jan 1 19:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=064cc0daad0a59ba0270f028d1bb7586b3e6d4c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8b:14:a5:33:8e:74:a8:e2:cc:45:1e:5f:20:
cb:9c:1b:b2:c7:13:1e:e5:74:69:47:3b:b1:73:ad:
f0:e8:40:ba:f5:31:62:30:a8:2c:96:04:fb:bd:ac:
f0:1e:be:96:ea:5a:e5:a9:23:7c:31:cf:74:68:c4:
a4:e6:be:88:71:ea:de:dd:6f:df:b4:e9:7a:a4:ab:
b4:45:a4:2a:1b:51:9b:c2:f8:9a:e3:b8:9d:bf:0a:
36:db:e9:b0:fb:7f:a1:1d:21:4d:51:92:f3:0f:59:
1a:9e:f8:09:41:fc:f8:f5:7f:ce:00:99:68:4b:af:
bc:ba:11:63:48:65:75:c9:aa:4c:02:a8:11:27:c7:
42:8e:52:11:09:e6:80:56:cf:0b:07:c5:88:15:b4:
5d:3a:1e:66:3f:f3:88:49:7c:35:bd:b5:da:7d:ec:
6c:02:69:69:0d:38:45:a9:57:64:04:81:62:cb:1d:
5f:0f:ea:a9:58:e9:bb:9c:b2:50:7d:01:bb:c2:bd:
37:19:dd:1a:4a:20:01:e0:6a:3d:6c:53:de:18:2f:
7a:b4:d2:ef:b1:77:14:c3:83:21:bb:c0:b0:16:f5:
46:31:67:7a:16:8e:ac:44:52:c2:29:26:66:9d:80:
28:f3:00:4f:fd:53:9e:2b:a2:73:b4:e0:b3:84:d3:
87:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:4C:C0:DA:AD:0A:59:BA:02:70:F0:28:D1:BB:75:86:B3:E6:D4:C0
X509v3 Authority Key Identifier:
keyid:1D:3D:F4:AB:D9:DE:64:1E:1E:EA:BC:B7:AB:C4:C1:33:43:13:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HT30q9neZB4e6ry3q8TBM0MTXmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/79f42d-1475-4f83-913a-31797bb3e355/1/BkzA2q0KWboCcPAo0bt1hrPm1MA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/79f42d-1475-4f83-913a-31797bb3e355/1/HT30q9neZB4e6ry3q8TBM0MTXmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.255.240.0/21
185.24.12.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:83:dd:ee:9d:8f:37:d2:19:a7:42:8f:41:9f:84:fa:7c:da:
9c:69:5e:18:16:06:3f:93:b9:bb:82:f8:d5:e0:88:40:de:d5:
49:ec:2a:24:1f:8e:60:50:78:95:61:51:4c:c3:9e:5a:5d:17:
10:71:f5:99:ba:0f:3d:70:b0:2c:cf:55:ee:07:2c:47:6c:94:
e7:f6:fb:fa:fd:27:dc:6d:e5:35:b3:91:25:13:1a:b0:0f:7f:
72:5c:b3:2a:00:61:d2:ed:a4:65:40:8e:80:97:ed:ea:a5:01:
56:c5:dd:f7:58:5e:e7:40:e0:d7:89:98:47:48:1d:b4:bb:cb:
32:84:82:ec:7b:d5:bf:89:b3:79:ef:9c:0c:60:c6:1b:83:f8:
30:aa:e4:f9:09:16:b7:95:4c:a0:d9:02:e4:c3:b9:1a:62:a8:
f1:69:6b:56:84:20:1b:7d:98:2d:b7:43:bf:c3:6d:00:22:e5:
06:33:6b:91:f8:b4:a1:3c:e7:d4:a0:d6:63:08:f3:c5:29:54:
01:57:74:aa:a8:91:b4:b2:4e:c6:4a:57:44:5e:0c:f4:07:2b:
67:fe:94:a3:41:04:82:1f:a8:fa:e5:a5:26:a0:85:e2:a9:ec:
e1:b4:33:e9:f0:23:15:67:5c:e7:d7:b6:05:0d:87:ba:78:69:
08:76:2a:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuwi9KNui3l8YHy5H/3vmYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkM2RmNGFiZDlkZTY0MWUxZWVhYmNiN2FiYzRjMTMzNDMx
MzVlNjkwHhcNMjMwMTAxMTkxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjRjYzBkYWFkMGE1OWJhMDI3MGYwMjhkMWJiNzU4NmIzZTZkNGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYsUpTOOdKjizEUeXyDLnBuyxxMe
5XRpRzuxc63w6EC69TFiMKgslgT7vazwHr6W6lrlqSN8Mc90aMSk5r6Icere3W/f
tOl6pKu0RaQqG1Gbwvia47idvwo22+mw+3+hHSFNUZLzD1kanvgJQfz49X/OAJlo
S6+8uhFjSGV1yapMAqgRJ8dCjlIRCeaAVs8LB8WIFbRdOh5mP/OISXw1vbXafexs
AmlpDThFqVdkBIFiyx1fD+qpWOm7nLJQfQG7wr03Gd0aSiAB4Go9bFPeGC96tNLv
sXcUw4Mhu8CwFvVGMWd6Fo6sRFLCKSZmnYAo8wBP/VOeK6JztOCzhNOHdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAZMwNqtClm6AnDwKNG7dYaz5tTAMB8GA1UdIwQY
MBaAFB099KvZ3mQeHuq8t6vEwTNDE15pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFQzMHE5bmVaQjRlNnJ5M3E4VEJNME1UWG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi83OWY0MmQtMTQ3NS00ZjgzLTkxM2Et
MzE3OTdiYjNlMzU1LzEvQmt6QTJxMEtXYm9DY1BBbzBidDFoclBtMU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi83OWY0MmQtMTQ3NS00ZjgzLTkxM2EtMzE3OTdiYjNlMzU1
LzEvSFQzMHE5bmVaQjRlNnJ5M3E4VEJNME1UWG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDkf/wAwQC
uRgMMA0GCSqGSIb3DQEBCwUAA4IBAQBNg93unY830hmnQo9Bn4T6fNqcaV4YFgY/
k7m7gvjV4IhA3tVJ7CokH45gUHiVYVFMw55aXRcQcfWZug89cLAsz1XuByxHbJTn
9vv6/SfcbeU1s5ElExqwD39yXLMqAGHS7aRlQI6Al+3qpQFWxd33WF7nQODXiZhH
SB20u8syhILse9W/ibN575wMYMYbg/gwquT5CRa3lUyg2QLkw7kaYqjxaWtWhCAb
fZgtt0O/w20AIuUGM2uR+LShPOfUoNZjCPPFKVQBV3SqqJG0sk7GSldEXgz0Bytn
/pSjQQSCH6j65aUmoIXiqezhtDPp8CMVZ1zn17YFDYe6eGkIdipl
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:50:32 2025 by rpki-client