Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/bu7Dk6egyLy5jOJ3VUlEIWjY06s.roa
File: bu7Dk6egyLy5jOJ3VUlEIWjY06s.roa (raw, json)
Hash identifier: /SeM8H3c+iSNMvtmRoTJZA9vycOVwLHhxulL1p4lhm4=
Subject key identifier: 6E:EE:C3:93:A7:A0:C8:BC:B9:8C:E2:77:55:49:44:21:68:D8:D3:AB
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0194ED644AC38B0A16B6F858E757F75C32D0
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/bu7Dk6egyLy5jOJ3VUlEIWjY06s.roa
Signing time: Mon 10 Feb 2025 01:06:00 +0000
ROA not before: Mon 10 Feb 2025 01:06:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 931
IP address blocks: 5.226.52.0/22 maxlen: 24
45.139.6.0/23 maxlen: 24
178.173.236.0/22 maxlen: 24
178.173.242.0/23 maxlen: 24
178.173.244.0/22 maxlen: 24
188.253.28.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ed:64:4a:c3:8b:0a:16:b6:f8:58:e7:57:f7:5c:32:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 10 01:06:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6eeec393a7a0c8bcb98ce2775549442168d8d3ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c3:f0:5b:6c:d5:c1:d7:e2:ad:d9:f5:e0:4e:
6d:7f:ff:f8:a0:4b:14:42:2d:97:86:59:4b:93:2d:
32:a8:d6:9c:f7:bd:2a:8d:ea:8a:9e:46:b4:f7:21:
44:17:93:ae:cf:56:5b:60:4b:63:03:8e:44:0a:f2:
3b:d0:d8:92:41:53:b1:4a:e1:02:0d:fc:91:3a:9d:
5b:b3:48:1d:0c:4b:b8:fd:4f:9b:36:44:e8:30:59:
ec:1f:d6:a8:cc:02:41:0a:78:4b:21:17:df:43:a9:
5e:3b:c0:c2:8c:dd:a2:e1:55:40:a3:81:2e:42:ec:
da:e9:1f:b7:a0:bb:1f:32:8d:b7:8f:0e:96:52:90:
18:c6:d9:b2:26:7a:0a:e6:61:16:49:d7:87:15:61:
36:7c:fc:2c:a9:51:77:85:93:f9:04:82:1e:56:77:
b1:52:61:ff:95:fe:d4:7f:5d:e7:ac:bd:37:87:2d:
ba:69:3e:61:8e:fb:53:03:e8:b3:f5:3c:d2:54:42:
9e:8e:52:35:18:70:a3:a7:5a:c2:2a:f0:31:2f:00:
71:e9:ad:5e:6a:35:02:d4:31:ce:84:c5:50:5f:e1:
31:d2:f3:35:52:01:56:3d:aa:74:7f:28:d5:05:9a:
72:12:5a:97:39:59:24:09:c8:86:98:1f:7e:62:a2:
13:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:EE:C3:93:A7:A0:C8:BC:B9:8C:E2:77:55:49:44:21:68:D8:D3:AB
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/bu7Dk6egyLy5jOJ3VUlEIWjY06s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.52.0/22
45.139.6.0/23
178.173.236.0/22
178.173.242.0-178.173.247.255
188.253.28.0/22
Signature Algorithm: sha256WithRSAEncryption
47:1d:95:21:6b:08:b8:be:ad:ac:ac:f0:eb:24:5b:a5:03:18:
96:39:0c:49:d9:e4:f9:80:bc:a6:d4:0f:ff:01:e4:39:04:54:
51:ad:1b:f3:80:1a:c9:c9:78:d5:94:58:c4:b4:4f:90:d8:7f:
ab:d1:a9:aa:9e:de:f2:de:10:3c:e3:c8:81:96:d5:e9:64:be:
2e:39:e5:b2:aa:ac:66:da:cb:c1:e0:db:01:52:ee:5b:73:d8:
43:17:60:4f:39:99:1d:eb:11:ee:3b:bb:08:9e:3f:58:1e:a7:
d6:a2:d6:c3:bc:0d:f0:1d:2a:c8:d6:f3:d1:c5:bb:13:48:d3:
2d:88:e3:6a:88:87:2e:83:ca:fd:9f:91:08:8d:5f:30:f5:22:
b6:29:0b:55:40:d7:97:47:be:0c:88:02:7b:58:ed:de:f6:bf:
9b:a4:c2:6c:34:cc:c1:21:e4:7b:f0:0e:a4:14:b5:8f:63:e2:
7b:ce:40:ae:d2:f4:34:60:d6:f8:b3:be:66:98:7e:22:5b:e9:
52:7b:59:04:5b:a0:7e:e0:2e:be:41:14:48:dd:e7:e6:6a:fb:
28:14:3e:22:16:43:97:1c:a9:ed:f7:f9:95:6c:40:15:b1:e3:
02:8f:b9:73:e7:a3:dc:3e:55:4b:e5:13:53:7f:db:c0:5d:50:
de:69:3d:1a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZTtZErDiwoWtvhY51f3XDLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMjEwMDEwNjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWVlYzM5M2E3YTBjOGJjYjk4Y2UyNzc1NTQ5NDQyMTY4ZDhkM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMPwW2zVwdfirdn14E5tf//4oEsU
Qi2XhllLky0yqNac970qjeqKnka09yFEF5Ouz1ZbYEtjA45ECvI70NiSQVOxSuEC
DfyROp1bs0gdDEu4/U+bNkToMFnsH9aozAJBCnhLIRffQ6leO8DCjN2i4VVAo4Eu
Quza6R+3oLsfMo23jw6WUpAYxtmyJnoK5mEWSdeHFWE2fPwsqVF3hZP5BIIeVnex
UmH/lf7Uf13nrL03hy26aT5hjvtTA+iz9TzSVEKejlI1GHCjp1rCKvAxLwBx6a1e
ajUC1DHOhMVQX+Ex0vM1UgFWPap0fyjVBZpyElqXOVkkCciGmB9+YqIT5wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFG7uw5OnoMi8uYzid1VJRCFo2NOrMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvYnU3RGs2ZWd5THk1ak9KM1ZVbEVJV2pZMDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCBeI0AwQB
LYsGAwQCsq3sMAwDBAGyrfIDBAOyrfADBAK8/RwwDQYJKoZIhvcNAQELBQADggEB
AEcdlSFrCLi+rays8OskW6UDGJY5DEnZ5PmAvKbUD/8B5DkEVFGtG/OAGsnJeNWU
WMS0T5DYf6vRqaqe3vLeEDzjyIGW1elkvi455bKqrGbay8Hg2wFS7ltz2EMXYE85
mR3rEe47uwieP1gep9ai1sO8DfAdKsjW89HFuxNI0y2I42qIhy6Dyv2fkQiNXzD1
IrYpC1VA15dHvgyIAntY7d72v5ukwmw0zMEh5HvwDqQUtY9j4nvOQK7S9DRg1viz
vmaYfiJb6VJ7WQRboH7gLr5BFEjd5+Zq+ygUPiIWQ5ccqe33+ZVsQBWx4wKPuXPn
o9w+VUvlE1N/28BdUN5pPRo=
-----END CERTIFICATE-----
Generated at Tue Apr 8 16:26:44 2025 by rpki-client