Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/dacfd9-8e16-4cbc-88f8-79e8d60b6158/1/bfQJg1dzhO9nnPMkgAtLTXq7tDY.roa
File: bfQJg1dzhO9nnPMkgAtLTXq7tDY.roa (raw, json)
Hash identifier: kXyU4saEnPNlj01ERgMuEnKBS6YAzeOYEI/FuWXCALc=
Subject key identifier: 6D:F4:09:83:57:73:84:EF:67:9C:F3:24:80:0B:4B:4D:7A:BB:B4:36
Certificate issuer: /CN=c5a931cbc0ce5016aa595cde04060143c0973601
Certificate serial: 032AD6E3
Authority key identifier: C5:A9:31:CB:C0:CE:50:16:AA:59:5C:DE:04:06:01:43:C0:97:36:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xakxy8DOUBaqWVzeBAYBQ8CXNgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/dacfd9-8e16-4cbc-88f8-79e8d60b6158/1/bfQJg1dzhO9nnPMkgAtLTXq7tDY.roa
Signing time: Sat 01 Jan 2022 13:01:34 +0000
ROA not before: Sat 01 Jan 2022 13:01:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59869
IP address blocks: 81.22.176.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53139171 (0x32ad6e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a931cbc0ce5016aa595cde04060143c0973601
Validity
Not Before: Jan 1 13:01:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6df40983577384ef679cf324800b4b4d7abbb436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5a:bc:0e:9b:0f:cc:ab:10:8b:53:77:17:20:
08:6f:fb:6e:83:a6:08:be:53:dd:19:f2:9a:9e:97:
56:32:33:2c:39:e6:5c:47:55:97:a0:7b:e7:db:31:
81:a9:e5:72:5d:71:b3:c0:b0:5b:fd:da:c1:9e:6f:
91:7c:5f:81:6c:33:00:e1:50:af:c4:b0:4f:21:b3:
a3:7a:42:1c:d1:29:07:ff:8f:02:02:34:02:29:eb:
89:22:98:b5:86:45:8c:9f:48:dc:f7:a9:9a:eb:bb:
4a:0e:b2:47:e9:45:22:8b:16:c6:bf:25:b0:b5:e7:
3f:37:de:ea:eb:4c:45:a4:00:1b:77:a2:b9:b2:15:
83:76:fe:92:36:4c:2f:34:2e:e9:fa:e0:18:c4:fc:
8b:46:55:f0:dd:9b:93:eb:ea:c1:65:e2:9e:64:9f:
25:77:a4:c1:8a:d4:01:89:92:ce:a2:a2:6a:ae:50:
8e:17:04:ba:57:65:dd:be:9b:16:13:e1:c9:7f:08:
8c:b3:27:ee:ed:9c:ca:f7:1e:54:f4:24:10:82:98:
9d:ed:3b:82:4e:04:a9:e3:74:e5:b7:f0:73:a5:a8:
86:45:77:fb:ef:fc:1a:5f:b4:dd:73:fc:5f:94:d3:
f9:85:d9:8a:f4:eb:05:38:80:e7:72:e7:5e:10:9b:
a0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F4:09:83:57:73:84:EF:67:9C:F3:24:80:0B:4B:4D:7A:BB:B4:36
X509v3 Authority Key Identifier:
keyid:C5:A9:31:CB:C0:CE:50:16:AA:59:5C:DE:04:06:01:43:C0:97:36:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xakxy8DOUBaqWVzeBAYBQ8CXNgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dacfd9-8e16-4cbc-88f8-79e8d60b6158/1/bfQJg1dzhO9nnPMkgAtLTXq7tDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dacfd9-8e16-4cbc-88f8-79e8d60b6158/1/xakxy8DOUBaqWVzeBAYBQ8CXNgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.176.0/20
Signature Algorithm: sha256WithRSAEncryption
34:b0:46:ef:a6:d0:33:c0:7b:94:bc:9b:be:b4:0e:c6:22:2f:
c8:ac:75:50:6d:d9:1f:cc:64:13:1b:33:d6:f8:b2:ef:13:45:
7b:d1:aa:cf:73:b1:9c:3f:31:d9:66:6c:c7:5f:d4:c5:8a:4e:
a5:08:4f:bb:9b:b1:13:1f:d3:c8:ff:02:52:c6:92:2a:ea:79:
b3:86:b3:d9:d8:20:f7:29:ae:9e:1d:4e:12:56:da:7f:dc:5f:
d0:1a:27:a6:6d:ee:cc:38:31:97:93:2b:e5:cb:d7:2a:98:3c:
20:79:0b:e8:7a:ec:38:01:02:f3:b1:2d:1d:d4:71:c8:a9:a4:
95:f1:f8:37:cd:c3:84:14:74:6f:58:9b:7e:39:90:7d:80:c5:
f5:06:62:47:11:0a:93:c4:16:95:2b:26:0d:bf:d9:86:93:d8:
2d:51:ab:10:f2:68:07:51:ea:9c:9e:82:b3:32:90:18:26:fb:
c5:0a:b3:cc:01:3e:a3:d5:15:eb:85:84:d3:29:25:7c:ed:b3:
f2:ce:10:ad:28:ed:87:99:d5:f8:b5:66:53:7d:62:1e:d5:ba:
c7:cf:5a:3f:5d:92:ff:79:db:d2:99:bc:3c:71:19:b5:5e:c9:
70:27:af:70:df:8c:db:31:50:7e:de:7e:e2:cb:c2:37:d1:63:
81:7b:aa:45
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAyrW4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NWE5MzFjYmMwY2U1MDE2YWE1OTVjZGUwNDA2MDE0M2MwOTczNjAxMB4XDTIyMDEw
MTEzMDEzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRmNDA5ODM1Nzcz
ODRlZjY3OWNmMzI0ODAwYjRiNGQ3YWJiYjQzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN1avA6bD8yrEItTdxcgCG/7boOmCL5T3Rnymp6XVjIzLDnm
XEdVl6B759sxganlcl1xs8CwW/3awZ5vkXxfgWwzAOFQr8SwTyGzo3pCHNEpB/+P
AgI0AinriSKYtYZFjJ9I3Pepmuu7Sg6yR+lFIosWxr8lsLXnPzfe6utMRaQAG3ei
ubIVg3b+kjZMLzQu6frgGMT8i0ZV8N2bk+vqwWXinmSfJXekwYrUAYmSzqKiaq5Q
jhcEuldl3b6bFhPhyX8IjLMn7u2cyvceVPQkEIKYne07gk4EqeN05bfwc6WohkV3
++/8Gl+03XP8X5TT+YXZivTrBTiA53LnXhCboCkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRt9AmDV3OE72ec8ySAC0tNeru0NjAfBgNVHSMEGDAWgBTFqTHLwM5QFqpZ
XN4EBgFDwJc2ATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hha3h5OERPVUJhcVdWemVCQVlCUThDWE5nRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvZGFjZmQ5LThlMTYtNGNiYy04OGY4LTc5ZThkNjBiNjE1OC8x
L2JmUUpnMWR6aE85bm5QTWtnQXRMVFhxN3REWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
ZGFjZmQ5LThlMTYtNGNiYy04OGY4LTc5ZThkNjBiNjE1OC8xL3hha3h5OERPVUJh
cVdWemVCQVlCUThDWE5nRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFEWsDANBgkqhkiG9w0BAQsFAAOC
AQEANLBG76bQM8B7lLybvrQOxiIvyKx1UG3ZH8xkExsz1viy7xNFe9Gqz3OxnD8x
2WZsx1/UxYpOpQhPu5uxEx/TyP8CUsaSKup5s4az2dgg9ymunh1OElbaf9xf0Bon
pm3uzDgxl5Mr5cvXKpg8IHkL6HrsOAEC87EtHdRxyKmklfH4N83DhBR0b1ibfjmQ
fYDF9QZiRxEKk8QWlSsmDb/ZhpPYLVGrEPJoB1HqnJ6CszKQGCb7xQqzzAE+o9UV
64WE0yklfO2z8s4QrSjth5nV+LVmU31iHtW6x89aP12S/3nb0pm8PHEZtV7JcCev
cN+M2zFQft5+4svCN9FjgXuqRQ==
-----END CERTIFICATE-----
Generated at Sat Feb 1 20:50:24 2025 by rpki-client