Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Bu5OSyuwBUvGyz_EW5xEisOkNPE.roa
File: Bu5OSyuwBUvGyz_EW5xEisOkNPE.roa (raw, json)
Hash identifier: floFuiP5W+ix524d77mDjkmOxeUI0BamBhf6MRMbiKo=
Subject key identifier: 06:EE:4E:4B:2B:B0:05:4B:C6:CB:3F:C4:5B:9C:44:8A:C3:A4:34:F1
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019428240D9C60BE5DFAB58823CC818EA6ED
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Bu5OSyuwBUvGyz_EW5xEisOkNPE.roa
Signing time: Thu 02 Jan 2025 17:50:38 +0000
ROA not before: Thu 02 Jan 2025 17:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 78.143.232.0/21 maxlen: 21
89.46.176.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:0d:9c:60:be:5d:fa:b5:88:23:cc:81:8e:a6:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 17:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06ee4e4b2bb0054bc6cb3fc45b9c448ac3a434f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:84:9d:db:bd:85:09:1f:ad:ff:e8:9b:16:73:
00:ae:74:7b:a8:a4:d7:36:76:39:b7:ab:df:ab:1b:
8e:fa:b7:63:fd:4b:44:90:5d:73:e0:40:5d:c4:0d:
11:56:ec:7e:ab:ed:10:a9:07:42:43:74:38:da:94:
ce:25:91:aa:e9:52:c6:94:c2:aa:0f:07:3d:50:f2:
6c:c7:8e:2c:4a:b8:dc:38:38:37:94:ea:9d:7d:6c:
b2:13:d6:da:6e:2b:c0:71:58:5f:e9:48:c9:71:90:
98:49:30:1f:fd:30:91:32:5b:2e:ae:53:c4:f1:35:
e1:3c:23:11:3c:5b:5c:8e:bf:cd:64:c3:13:4f:6c:
c0:98:f7:54:84:3a:6a:87:86:46:f5:37:8e:c9:b9:
cf:8c:2a:7d:5c:1b:5f:c3:fe:36:84:f7:7b:2d:15:
9c:12:44:54:93:d3:c5:dc:52:a4:f1:51:1b:a8:47:
29:10:16:ba:5b:19:ca:2f:e9:e5:8c:6b:d2:82:19:
68:cd:44:c3:bb:7c:a1:ad:6b:c9:9a:40:99:77:b2:
e6:6e:4d:5f:d2:f0:dc:78:3d:f1:f9:81:a5:2c:2b:
e4:9c:8b:38:c8:28:93:cf:48:fb:e6:22:99:e7:1a:
65:e9:9e:03:2a:1c:61:15:b9:dd:55:55:5a:3f:14:
4f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:EE:4E:4B:2B:B0:05:4B:C6:CB:3F:C4:5B:9C:44:8A:C3:A4:34:F1
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Bu5OSyuwBUvGyz_EW5xEisOkNPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.232.0/21
89.46.176.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:b9:59:a3:3f:50:04:f9:31:44:eb:e1:04:a3:7e:1c:1d:0f:
7d:18:3a:33:59:0c:47:b8:38:31:22:df:73:95:64:0e:62:ce:
5d:1a:d9:a2:fc:46:b5:d4:ad:6a:c5:92:87:e9:01:fd:a8:fc:
86:6c:0a:fb:4e:41:b1:75:bd:78:fc:b7:08:13:ae:16:39:1f:
ac:9f:d6:ee:c2:d3:52:24:4d:46:c7:5b:ad:71:31:24:2b:3d:
fb:61:5c:a1:f0:4e:d2:67:a6:03:dc:6e:96:84:33:cc:e7:2a:
fb:58:75:af:d5:53:f5:8b:81:9e:af:9f:b5:8a:a4:70:b6:9e:
84:59:a4:f6:93:7c:ed:f0:7b:10:5e:9f:06:6a:96:a6:27:a2:
81:83:62:57:82:00:bb:e2:e0:95:1e:f1:e3:1d:8d:73:46:5e:
d7:ac:f0:8d:23:56:09:55:57:41:65:ea:fc:3f:8a:08:1c:c6:
42:1e:b9:5c:4e:03:79:94:31:3d:43:dc:94:c1:1b:ae:32:e9:
36:ca:29:79:46:ef:e9:6e:5c:fd:51:c4:4a:a6:a0:f9:7f:b2:
85:5c:61:eb:b2:6e:19:23:ff:19:0c:90:c7:2d:60:3d:c6:39:
3f:bb:3f:0b:a3:54:93:bd:cc:eb:ac:9f:5e:57:8a:0b:6a:0b:
c1:f1:c3:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJA2cYL5d+rWII8yBjqbtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwMTAyMTc1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmVlNGU0YjJiYjAwNTRiYzZjYjNmYzQ1YjljNDQ4YWMzYTQzNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoSd272FCR+t/+ibFnMArnR7qKTX
NnY5t6vfqxuO+rdj/UtEkF1z4EBdxA0RVux+q+0QqQdCQ3Q42pTOJZGq6VLGlMKq
Dwc9UPJsx44sSrjcODg3lOqdfWyyE9babivAcVhf6UjJcZCYSTAf/TCRMlsurlPE
8TXhPCMRPFtcjr/NZMMTT2zAmPdUhDpqh4ZG9TeOybnPjCp9XBtfw/42hPd7LRWc
EkRUk9PF3FKk8VEbqEcpEBa6WxnKL+nljGvSghlozUTDu3yhrWvJmkCZd7Lmbk1f
0vDceD3x+YGlLCvknIs4yCiTz0j75iKZ5xpl6Z4DKhxhFbndVVVaPxRPVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAbuTksrsAVLxss/xFucRIrDpDTxMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvQnU1T1N5dXdCVXZHeXpfRVc1eEVpc09rTlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTo/oAwQC
WS6wMA0GCSqGSIb3DQEBCwUAA4IBAQAKuVmjP1AE+TFE6+EEo34cHQ99GDozWQxH
uDgxIt9zlWQOYs5dGtmi/Ea11K1qxZKH6QH9qPyGbAr7TkGxdb14/LcIE64WOR+s
n9buwtNSJE1Gx1utcTEkKz37YVyh8E7SZ6YD3G6WhDPM5yr7WHWv1VP1i4Ger5+1
iqRwtp6EWaT2k3zt8HsQXp8GapamJ6KBg2JXggC74uCVHvHjHY1zRl7XrPCNI1YJ
VVdBZer8P4oIHMZCHrlcTgN5lDE9Q9yUwRuuMuk2yil5Ru/pblz9UcRKpqD5f7KF
XGHrsm4ZI/8ZDJDHLWA9xjk/uz8Lo1STvczrrJ9eV4oLagvB8cMm
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:47:41 2025 by rpki-client