Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/609122-7bd3-4623-a96c-cda2a160d455/1/BU-fxlIWIgsveCRE2Y8gGAAhJEE.roa
File: BU-fxlIWIgsveCRE2Y8gGAAhJEE.roa (raw, json)
Hash identifier: dYXwXtU10TFQBmU/cDc+PXdixOL1wqaboqxUMpJdgu4=
Subject key identifier: 05:4F:9F:C6:52:16:22:0B:2F:78:24:44:D9:8F:20:18:00:21:24:41
Certificate issuer: /CN=a11a491d1a37062b46ee8df165e053421477d63f
Certificate serial: 018570CC1164C03E04F7485C45A26FC32D49
Authority key identifier: A1:1A:49:1D:1A:37:06:2B:46:EE:8D:F1:65:E0:53:42:14:77:D6:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oRpJHRo3BitG7o3xZeBTQhR31j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/609122-7bd3-4623-a96c-cda2a160d455/1/BU-fxlIWIgsveCRE2Y8gGAAhJEE.roa
Signing time: Mon 02 Jan 2023 04:44:59 +0000
ROA not before: Mon 02 Jan 2023 04:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29396
IP address blocks: 185.184.188.0/24 maxlen: 24
185.184.188.0/22 maxlen: 22
194.146.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cc:11:64:c0:3e:04:f7:48:5c:45:a2:6f:c3:2d:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a11a491d1a37062b46ee8df165e053421477d63f
Validity
Not Before: Jan 2 04:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=054f9fc65216220b2f782444d98f201800212441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d2:6c:4a:1e:3f:06:17:4e:45:f6:0b:92:cc:
16:8f:5d:70:2d:da:ad:dc:f6:b4:2d:78:bf:7e:17:
c6:45:88:4e:ca:64:fc:8e:1a:78:79:53:81:d0:69:
d3:8c:2f:3a:c2:4a:d4:18:76:4a:2f:14:1e:89:3c:
f5:c6:38:39:b6:4d:5a:e6:82:b3:6c:3c:93:19:f2:
99:10:ff:e9:b9:4a:ff:c0:11:86:50:73:c8:02:46:
b7:fd:a2:0f:d8:8d:81:f3:d8:d3:0c:0f:f4:e8:82:
f1:e1:91:d7:ab:f3:b3:d9:04:71:13:ff:04:a6:60:
52:cc:9a:c7:76:91:1b:72:ea:9f:a8:a6:6b:83:b1:
e1:f0:2a:8c:d5:0c:6a:ec:e1:d3:50:d7:d5:23:45:
20:a0:cf:12:16:0b:76:20:de:18:ef:12:3a:bd:c7:
a8:0f:bf:46:0b:3c:9f:4a:d6:5c:ca:42:67:4f:93:
11:93:90:3b:b8:91:dc:1a:b2:32:9c:6d:dd:5b:cc:
01:c8:b3:38:08:06:22:6d:fc:e3:d5:4e:0a:8a:d0:
a8:22:93:dd:37:ad:3d:f1:84:6b:32:38:b4:c6:04:
c6:06:b9:e9:dd:2b:d8:23:77:b2:fc:3b:2e:55:6c:
1b:79:8e:cb:45:b2:3a:7f:fd:6c:d8:67:d1:5e:99:
7f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:4F:9F:C6:52:16:22:0B:2F:78:24:44:D9:8F:20:18:00:21:24:41
X509v3 Authority Key Identifier:
keyid:A1:1A:49:1D:1A:37:06:2B:46:EE:8D:F1:65:E0:53:42:14:77:D6:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRpJHRo3BitG7o3xZeBTQhR31j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/609122-7bd3-4623-a96c-cda2a160d455/1/BU-fxlIWIgsveCRE2Y8gGAAhJEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/609122-7bd3-4623-a96c-cda2a160d455/1/oRpJHRo3BitG7o3xZeBTQhR31j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.188.0/22
194.146.127.0/24
Signature Algorithm: sha256WithRSAEncryption
20:ac:bb:7a:6f:c1:cb:2e:97:0c:63:37:51:4b:f6:6b:73:31:
a3:a9:5b:d7:4e:3e:29:92:61:fe:e2:ec:f7:fc:c7:8c:f0:ab:
35:41:d6:2b:0b:0e:7c:5f:4c:15:56:a7:f9:2e:5a:0d:11:e7:
e1:e2:5c:4b:b6:fa:7c:b7:37:f4:71:1c:bb:2b:1f:d0:a8:cf:
bf:99:9b:41:e0:a3:6f:11:24:7b:8c:13:8a:d7:f0:15:49:78:
60:16:85:30:43:61:27:df:ed:1d:2d:85:fd:d3:b4:21:6f:7e:
ec:7c:6a:e2:0d:9c:40:15:d3:2d:89:0c:ff:b3:dd:5c:4d:2a:
43:b3:0e:e8:93:b3:ca:97:00:d7:c6:ab:9a:17:bd:25:6c:be:
cb:3d:eb:79:39:87:75:73:f6:0f:e0:45:9c:4a:d2:dc:ac:01:
5f:e7:65:42:a0:a9:83:99:e3:25:37:1d:49:68:61:73:53:3f:
96:33:ca:c4:fa:66:3e:29:55:c1:94:5c:ed:e9:92:cb:32:50:
d3:fa:19:db:ac:a7:b1:db:06:ef:da:8a:33:55:60:47:2b:66:
62:8b:af:f5:26:3e:9f:44:fb:29:cf:02:78:8e:dc:69:22:3a:
ba:ba:03:07:87:43:e1:19:c5:73:37:03:ec:d7:25:c7:84:c2:
cf:a6:f5:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwzBFkwD4E90hcRaJvwy1JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMWE0OTFkMWEzNzA2MmI0NmVlOGRmMTY1ZTA1MzQyMTQ3
N2Q2M2YwHhcNMjMwMTAyMDQ0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTRmOWZjNjUyMTYyMjBiMmY3ODI0NDRkOThmMjAxODAwMjEyNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NJsSh4/BhdORfYLkswWj11wLdqt
3Pa0LXi/fhfGRYhOymT8jhp4eVOB0GnTjC86wkrUGHZKLxQeiTz1xjg5tk1a5oKz
bDyTGfKZEP/puUr/wBGGUHPIAka3/aIP2I2B89jTDA/06ILx4ZHXq/Oz2QRxE/8E
pmBSzJrHdpEbcuqfqKZrg7Hh8CqM1Qxq7OHTUNfVI0UgoM8SFgt2IN4Y7xI6vceo
D79GCzyfStZcykJnT5MRk5A7uJHcGrIynG3dW8wByLM4CAYibfzj1U4KitCoIpPd
N6098YRrMji0xgTGBrnp3SvYI3ey/DsuVWwbeY7LRbI6f/1s2GfRXpl/swIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAVPn8ZSFiILL3gkRNmPIBgAISRBMB8GA1UdIwQY
MBaAFKEaSR0aNwYrRu6N8WXgU0IUd9Y/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1JwSkhSbzNCaXRHN28zeFplQlRRaFIzMWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS82MDkxMjItN2JkMy00NjIzLWE5NmMt
Y2RhMmExNjBkNDU1LzEvQlUtZnhsSVdJZ3N2ZUNSRTJZOGdHQUFoSkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS82MDkxMjItN2JkMy00NjIzLWE5NmMtY2RhMmExNjBkNDU1
LzEvb1JwSkhSbzNCaXRHN28zeFplQlRRaFIzMWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCubi8AwQA
wpJ/MA0GCSqGSIb3DQEBCwUAA4IBAQAgrLt6b8HLLpcMYzdRS/ZrczGjqVvXTj4p
kmH+4uz3/MeM8Ks1QdYrCw58X0wVVqf5LloNEefh4lxLtvp8tzf0cRy7Kx/QqM+/
mZtB4KNvESR7jBOK1/AVSXhgFoUwQ2En3+0dLYX907Qhb37sfGriDZxAFdMtiQz/
s91cTSpDsw7ok7PKlwDXxquaF70lbL7LPet5OYd1c/YP4EWcStLcrAFf52VCoKmD
meMlNx1JaGFzUz+WM8rE+mY+KVXBlFzt6ZLLMlDT+hnbrKex2wbv2oozVWBHK2Zi
i6/1Jj6fRPspzwJ4jtxpIjq6ugMHh0PhGcVzNwPs1yXHhMLPpvXP
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:46:15 2025 by rpki-client