Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/BRkboOx_3fEjuYhSpVsqCaav6Nw.roa
File: BRkboOx_3fEjuYhSpVsqCaav6Nw.roa (raw, json)
Hash identifier: mmNeus1/l5cYym/HIYOW1rRfvqENuE8CN24AevBAmxw=
Subject key identifier: 05:19:1B:A0:EC:7F:DD:F1:23:B9:88:52:A5:5B:2A:09:A6:AF:E8:DC
Certificate issuer: /CN=cb6bf2b89584ec96080048dc3fdc2e3983c277f3
Certificate serial: 019427B666D5E641FAAD73542A18D8DEE08E
Authority key identifier: CB:6B:F2:B8:95:84:EC:96:08:00:48:DC:3F:DC:2E:39:83:C2:77:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2vyuJWE7JYIAEjcP9wuOYPCd_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/BRkboOx_3fEjuYhSpVsqCaav6Nw.roa
Signing time: Thu 02 Jan 2025 15:50:52 +0000
ROA not before: Thu 02 Jan 2025 15:50:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203152
IP address blocks: 185.127.136.0/22 maxlen: 24
2a13:4547::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:66:d5:e6:41:fa:ad:73:54:2a:18:d8:de:e0:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb6bf2b89584ec96080048dc3fdc2e3983c277f3
Validity
Not Before: Jan 2 15:50:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05191ba0ec7fddf123b98852a55b2a09a6afe8dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:54:22:1b:5e:f1:d4:e6:63:10:ea:69:65:e5:
f3:68:c9:42:6d:64:f0:be:05:76:65:3e:bf:8f:30:
dc:1b:8c:53:5a:1e:fd:a3:ab:86:02:85:ae:a0:82:
d9:78:1d:91:43:52:68:08:ec:16:da:c6:3f:63:83:
f8:a3:75:e2:aa:c0:91:3f:9b:f0:b3:aa:a2:4e:ed:
62:94:f9:9d:11:cc:4b:1b:9e:45:4d:99:ff:bf:c0:
00:d8:3a:8d:ab:5b:8b:55:1b:f4:62:78:1e:41:fb:
d1:5a:c6:27:cd:26:e2:67:3c:d2:11:59:77:8e:f2:
56:24:6d:e4:96:63:c9:93:00:7c:44:22:47:82:b3:
1f:29:28:f6:f1:3e:dd:f8:ef:67:62:98:df:e5:cf:
26:34:07:78:42:74:db:5f:bc:85:09:e9:84:f4:9d:
8c:61:f0:a3:38:9d:a9:26:b4:7f:f9:2e:db:6c:1a:
46:05:9a:6c:97:fc:e7:88:96:ab:0a:ca:d1:57:da:
7a:23:66:82:dc:cf:06:4b:9c:9e:4f:2b:b9:f8:d9:
84:70:24:4f:10:e3:84:ab:fd:78:d0:53:00:86:37:
50:91:ee:d5:8d:e0:01:44:23:f3:e0:fd:75:86:02:
8b:3a:8e:70:68:cf:79:35:f9:60:59:0c:cf:80:c9:
e8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:19:1B:A0:EC:7F:DD:F1:23:B9:88:52:A5:5B:2A:09:A6:AF:E8:DC
X509v3 Authority Key Identifier:
keyid:CB:6B:F2:B8:95:84:EC:96:08:00:48:DC:3F:DC:2E:39:83:C2:77:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2vyuJWE7JYIAEjcP9wuOYPCd_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/BRkboOx_3fEjuYhSpVsqCaav6Nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/y2vyuJWE7JYIAEjcP9wuOYPCd_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.136.0/22
IPv6:
2a13:4547::/32
Signature Algorithm: sha256WithRSAEncryption
4d:f5:03:73:56:b2:c1:e2:37:86:91:96:69:85:82:6b:5e:c2:
11:20:20:a9:51:f3:f8:61:58:78:c3:ee:2f:fa:c5:0f:49:98:
00:ca:f2:39:08:10:5f:5e:c3:af:dc:b5:ae:c6:a8:51:e0:0b:
1e:00:15:92:b3:a2:46:97:a1:04:f1:2b:6e:07:32:53:9a:3d:
aa:ea:d0:48:3b:e6:11:9b:6c:87:c0:58:74:8c:85:d2:01:22:
c1:b7:bb:5c:53:7e:97:6b:20:d3:b6:71:0c:38:13:c3:a0:84:
3c:0b:b5:92:af:ce:64:b7:9c:40:44:7a:33:4a:c6:76:1b:ec:
f0:44:a4:55:0e:a4:ad:a2:07:fd:11:32:3b:17:d5:4e:96:1a:
94:97:34:3f:af:9c:32:03:5a:50:30:de:b6:36:97:a7:0e:85:
df:c4:72:12:fa:2a:e3:2b:05:11:04:93:c6:7c:7e:bd:f3:9d:
37:c3:20:80:c6:c0:76:24:9d:44:1e:21:31:5e:97:45:99:8c:
9f:70:9d:a8:5d:0f:8c:86:c3:41:aa:08:3d:5a:f2:0f:d1:d5:
84:35:16:40:b5:a2:80:cb:da:03:a4:5c:74:b0:44:03:4c:ad:
3d:62:41:29:53:d2:0a:cd:a2:54:96:4a:75:cf:19:99:d9:e1:
25:00:cd:a2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntmbV5kH6rXNUKhjY3uCOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNmJmMmI4OTU4NGVjOTYwODAwNDhkYzNmZGMyZTM5ODNj
Mjc3ZjMwHhcNMjUwMTAyMTU1MDUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTE5MWJhMGVjN2ZkZGYxMjNiOTg4NTJhNTViMmEwOWE2YWZlOGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVQiG17x1OZjEOppZeXzaMlCbWTw
vgV2ZT6/jzDcG4xTWh79o6uGAoWuoILZeB2RQ1JoCOwW2sY/Y4P4o3XiqsCRP5vw
s6qiTu1ilPmdEcxLG55FTZn/v8AA2DqNq1uLVRv0YngeQfvRWsYnzSbiZzzSEVl3
jvJWJG3klmPJkwB8RCJHgrMfKSj28T7d+O9nYpjf5c8mNAd4QnTbX7yFCemE9J2M
YfCjOJ2pJrR/+S7bbBpGBZpsl/zniJarCsrRV9p6I2aC3M8GS5yeTyu5+NmEcCRP
EOOEq/140FMAhjdQke7VjeABRCPz4P11hgKLOo5waM95NflgWQzPgMnomwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAUZG6Dsf93xI7mIUqVbKgmmr+jcMB8GA1UdIwQY
MBaAFMtr8riVhOyWCABI3D/cLjmDwnfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJ2eXVKV0U3SllJQUVqY1A5d3VPWVBDZF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82YTg3ZjEtZTE5Ny00YTIzLTk1M2Qt
MTBmZGZjZTk0NTEzLzEvQlJrYm9PeF8zZkVqdVloU3BWc3FDYWF2Nk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82YTg3ZjEtZTE5Ny00YTIzLTk1M2QtMTBmZGZjZTk0NTEz
LzEveTJ2eXVKV0U3SllJQUVqY1A5d3VPWVBDZF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuX+IMA0E
AgACMAcDBQAqE0VHMA0GCSqGSIb3DQEBCwUAA4IBAQBN9QNzVrLB4jeGkZZphYJr
XsIRICCpUfP4YVh4w+4v+sUPSZgAyvI5CBBfXsOv3LWuxqhR4AseABWSs6JGl6EE
8StuBzJTmj2q6tBIO+YRm2yHwFh0jIXSASLBt7tcU36XayDTtnEMOBPDoIQ8C7WS
r85kt5xARHozSsZ2G+zwRKRVDqStogf9ETI7F9VOlhqUlzQ/r5wyA1pQMN62Npen
DoXfxHIS+irjKwURBJPGfH698503wyCAxsB2JJ1EHiExXpdFmYyfcJ2oXQ+MhsNB
qgg9WvIP0dWENRZAtaKAy9oDpFx0sEQDTK09YkEpU9IKzaJUlkp1zxmZ2eElAM2i
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:28 2025 by rpki-client