Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b5f2ec-b77f-4c8f-9e7d-e183342ea882/1/Bj9KKojGqnPF_O_iC2_lsdgMbA0.roa
File: Bj9KKojGqnPF_O_iC2_lsdgMbA0.roa (raw, json)
Hash identifier: ojGMTr2ABFokGTEnWkKmvvG25TnDX3kYvkWtDB8hVz4=
Subject key identifier: 06:3F:4A:2A:88:C6:AA:73:C5:FC:EF:E2:0B:6F:E5:B1:D8:0C:6C:0D
Certificate issuer: /CN=fffc13feb9a290a08d200d719f2cb31b0c10583b
Certificate serial: 01856DE66F7EC6A88B60E02F9620F90F69BC
Authority key identifier: FF:FC:13:FE:B9:A2:90:A0:8D:20:0D:71:9F:2C:B3:1B:0C:10:58:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/__wT_rmikKCNIA1xnyyzGwwQWDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b5f2ec-b77f-4c8f-9e7d-e183342ea882/1/Bj9KKojGqnPF_O_iC2_lsdgMbA0.roa
Signing time: Sun 01 Jan 2023 15:14:56 +0000
ROA not before: Sun 01 Jan 2023 15:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201554
IP address blocks: 185.71.85.0/24 maxlen: 24
185.71.84.0/24 maxlen: 24
185.71.86.0/24 maxlen: 24
185.71.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:6f:7e:c6:a8:8b:60:e0:2f:96:20:f9:0f:69:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fffc13feb9a290a08d200d719f2cb31b0c10583b
Validity
Not Before: Jan 1 15:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=063f4a2a88c6aa73c5fcefe20b6fe5b1d80c6c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e7:74:b0:97:2d:cc:6c:d3:b5:72:35:ed:01:
28:4d:fb:8b:a9:0e:6e:69:90:25:82:97:b5:5d:5b:
4c:43:6e:a7:e4:da:45:32:78:61:5d:8e:3d:f1:bd:
de:6d:ed:1d:fa:7e:ff:13:2f:28:79:41:d1:1f:b2:
5e:b5:c1:66:5e:2e:62:b0:88:8e:ae:40:f8:be:f6:
a7:56:2c:32:5a:c5:8c:f8:aa:4a:b0:33:41:e8:8d:
26:08:4b:ef:9f:87:96:ec:90:df:11:ab:80:17:46:
32:7d:c4:bd:a9:15:24:b2:a3:10:7b:a4:98:6b:11:
32:c6:6a:4e:d3:28:be:d2:75:87:be:cb:cf:24:6d:
a4:5f:ec:4f:0c:45:e6:05:6e:00:94:d1:cd:91:ed:
dc:27:6a:d5:ea:03:57:f1:46:78:9f:34:a0:b7:62:
7e:44:51:03:8e:a5:1b:ac:b8:18:75:b1:0d:98:a3:
ec:e4:93:a3:24:e4:31:89:cc:e0:19:96:14:e9:28:
50:75:12:1c:03:e6:9f:de:c0:c3:d6:1d:cf:e3:35:
36:15:7d:4e:bf:fc:56:70:b9:8c:67:e3:eb:4b:31:
f3:8c:fe:4e:f2:59:20:25:f2:14:d9:26:d2:69:17:
87:a9:8f:c7:7e:fe:e5:01:c7:5c:39:bd:9e:ff:49:
00:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:3F:4A:2A:88:C6:AA:73:C5:FC:EF:E2:0B:6F:E5:B1:D8:0C:6C:0D
X509v3 Authority Key Identifier:
keyid:FF:FC:13:FE:B9:A2:90:A0:8D:20:0D:71:9F:2C:B3:1B:0C:10:58:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/__wT_rmikKCNIA1xnyyzGwwQWDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b5f2ec-b77f-4c8f-9e7d-e183342ea882/1/Bj9KKojGqnPF_O_iC2_lsdgMbA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b5f2ec-b77f-4c8f-9e7d-e183342ea882/1/__wT_rmikKCNIA1xnyyzGwwQWDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.84.0/22
Signature Algorithm: sha256WithRSAEncryption
97:3d:71:66:93:e6:d9:27:9e:63:53:9a:06:43:23:6c:1b:0d:
d4:fd:7e:1f:30:c4:19:31:72:7a:54:22:b0:39:c4:66:db:10:
d7:09:1f:f3:50:2a:e8:78:60:3d:5e:e4:81:27:a5:47:4a:15:
15:12:88:aa:be:e3:c1:4a:14:f1:44:e2:c0:30:57:75:2b:14:
ca:29:dd:27:06:ee:30:f1:63:90:a8:46:5a:7c:30:6c:4c:0a:
4e:16:ed:a4:93:46:44:b1:2e:2d:57:a2:eb:78:0d:69:9b:34:
a0:55:ce:53:59:73:19:76:2b:96:4b:58:ba:18:1f:e2:e3:64:
64:46:6e:39:79:c9:41:cc:c9:33:de:5e:9b:1b:8d:c4:5f:d2:
fc:f8:c0:7e:c0:da:7e:de:9d:c1:53:93:76:c3:c9:f3:02:9b:
d9:09:af:b2:97:9b:a1:b1:29:f2:76:2c:b9:13:30:4e:8a:ee:
1c:e8:1e:af:29:dd:fb:dd:86:79:16:4c:37:b5:28:ed:aa:f2:
fc:a9:3a:89:7b:9f:da:6d:49:24:21:46:19:cd:5d:b2:58:ca:
77:ae:c6:56:30:ec:b7:16:74:e9:1a:9c:5f:6c:38:dc:f6:5d:
51:5b:92:9d:0e:fb:50:52:7b:85:09:0d:37:09:53:4c:2d:05:
7f:6f:e7:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt5m9+xqiLYOAvliD5D2m8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZmMxM2ZlYjlhMjkwYTA4ZDIwMGQ3MTlmMmNiMzFiMGMx
MDU4M2IwHhcNMjMwMTAxMTUxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjNmNGEyYTg4YzZhYTczYzVmY2VmZTIwYjZmZTViMWQ4MGM2YzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhud0sJctzGzTtXI17QEoTfuLqQ5u
aZAlgpe1XVtMQ26n5NpFMnhhXY498b3ebe0d+n7/Ey8oeUHRH7JetcFmXi5isIiO
rkD4vvanViwyWsWM+KpKsDNB6I0mCEvvn4eW7JDfEauAF0YyfcS9qRUksqMQe6SY
axEyxmpO0yi+0nWHvsvPJG2kX+xPDEXmBW4AlNHNke3cJ2rV6gNX8UZ4nzSgt2J+
RFEDjqUbrLgYdbENmKPs5JOjJOQxiczgGZYU6ShQdRIcA+af3sDD1h3P4zU2FX1O
v/xWcLmMZ+PrSzHzjP5O8lkgJfIU2SbSaReHqY/Hfv7lAcdcOb2e/0kAIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAY/SiqIxqpzxfzv4gtv5bHYDGwNMB8GA1UdIwQY
MBaAFP/8E/65opCgjSANcZ8ssxsMEFg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX193VF9ybWlrS0NOSUExeG55eXpHd3dRV0RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iNWYyZWMtYjc3Zi00YzhmLTllN2Qt
ZTE4MzM0MmVhODgyLzEvQmo5S0tvakdxblBGX09faUMyX2xzZGdNYkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iNWYyZWMtYjc3Zi00YzhmLTllN2QtZTE4MzM0MmVhODgy
LzEvX193VF9ybWlrS0NOSUExeG55eXpHd3dRV0RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUdUMA0G
CSqGSIb3DQEBCwUAA4IBAQCXPXFmk+bZJ55jU5oGQyNsGw3U/X4fMMQZMXJ6VCKw
OcRm2xDXCR/zUCroeGA9XuSBJ6VHShUVEoiqvuPBShTxROLAMFd1KxTKKd0nBu4w
8WOQqEZafDBsTApOFu2kk0ZEsS4tV6LreA1pmzSgVc5TWXMZdiuWS1i6GB/i42Rk
Rm45eclBzMkz3l6bG43EX9L8+MB+wNp+3p3BU5N2w8nzApvZCa+yl5uhsSnydiy5
EzBOiu4c6B6vKd373YZ5Fkw3tSjtqvL8qTqJe5/abUkkIUYZzV2yWMp3rsZWMOy3
FnTpGpxfbDjc9l1RW5KdDvtQUnuFCQ03CVNMLQV/b+e4
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:48:31 2025 by rpki-client