Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/b284a3-c2f1-4205-b1d5-47977669958d/1/Bfc7EUchdTgGElUv3uM8P6L_JN4.roa
File: Bfc7EUchdTgGElUv3uM8P6L_JN4.roa (raw, json)
Hash identifier: zmd7LnQJEMvAXNDrVc3GmLiOfsPuEL2IoD+oEByUhjA=
Subject key identifier: 05:F7:3B:11:47:21:75:38:06:12:55:2F:DE:E3:3C:3F:A2:FF:24:DE
Certificate issuer: /CN=44c3b44cbbc4f3da5a4b4285c96ea3cb50d4d073
Certificate serial: 019421B181347C0BBAEFD1BC667151BB2DC4
Authority key identifier: 44:C3:B4:4C:BB:C4:F3:DA:5A:4B:42:85:C9:6E:A3:CB:50:D4:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RMO0TLvE89paS0KFyW6jy1DU0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/b284a3-c2f1-4205-b1d5-47977669958d/1/Bfc7EUchdTgGElUv3uM8P6L_JN4.roa
Signing time: Wed 01 Jan 2025 11:47:48 +0000
ROA not before: Wed 01 Jan 2025 11:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24961
IP address blocks: 185.249.64.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:81:34:7c:0b:ba:ef:d1:bc:66:71:51:bb:2d:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44c3b44cbbc4f3da5a4b4285c96ea3cb50d4d073
Validity
Not Before: Jan 1 11:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05f73b11472175380612552fdee33c3fa2ff24de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:05:66:14:f1:38:18:7e:4d:53:ae:75:79:94:
a5:9d:72:5c:29:1a:8d:ea:0c:3b:b4:52:7d:92:a4:
52:17:3a:88:fa:59:d3:96:4a:3e:c8:21:cb:d4:32:
88:84:11:e9:4a:9c:30:18:f9:0c:26:fb:c6:47:b5:
a3:ac:73:77:96:01:84:c7:3a:be:89:37:dd:d9:68:
93:7e:d4:dc:f5:74:9d:30:68:98:81:0c:33:23:cf:
a7:03:cc:55:22:ef:8d:5a:4c:bc:d9:e4:2f:3a:bd:
73:18:13:17:db:e8:8d:0d:78:4b:35:9f:3b:f8:7b:
c4:42:09:e2:16:5b:75:09:aa:02:6d:d6:4a:26:33:
e7:71:34:7d:7e:49:96:ec:44:ec:2d:4f:26:39:e8:
6c:a2:b3:bc:48:5f:d0:1d:88:05:8c:bd:2d:c5:ca:
16:5a:f9:9e:61:0c:0e:47:22:19:70:08:ff:85:bb:
8a:8e:34:2b:f3:f6:39:de:01:b8:03:7f:ff:23:b7:
0d:3b:e3:a3:20:88:8c:4d:03:85:e6:34:fd:a1:f9:
ac:7e:0e:b7:62:f0:3c:73:30:31:79:fb:2a:f1:6c:
e4:fb:51:7e:c4:49:59:c7:66:01:85:60:c3:cd:e0:
61:d0:45:a9:28:21:c1:7f:a1:c3:2d:7b:6c:0b:d1:
c6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F7:3B:11:47:21:75:38:06:12:55:2F:DE:E3:3C:3F:A2:FF:24:DE
X509v3 Authority Key Identifier:
keyid:44:C3:B4:4C:BB:C4:F3:DA:5A:4B:42:85:C9:6E:A3:CB:50:D4:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RMO0TLvE89paS0KFyW6jy1DU0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/b284a3-c2f1-4205-b1d5-47977669958d/1/Bfc7EUchdTgGElUv3uM8P6L_JN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/b284a3-c2f1-4205-b1d5-47977669958d/1/RMO0TLvE89paS0KFyW6jy1DU0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.64.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:71:de:1e:3f:d0:c9:16:dd:0a:50:ec:e5:f1:64:ba:f9:60:
a2:e7:91:6c:f6:cf:9e:d1:5c:69:d7:21:8c:27:b4:86:e3:b5:
d7:4d:73:12:d0:10:7d:7e:eb:5d:a9:6d:0c:50:bb:48:ed:92:
3e:5a:77:cd:aa:b4:7c:13:4b:03:0f:9c:f5:de:1c:33:45:02:
64:ac:a9:84:c5:31:39:ff:dc:62:fb:6b:0d:20:d4:86:5e:ca:
33:9f:27:87:f0:7d:9d:e5:fc:e9:04:74:41:de:34:c1:d7:d8:
60:e3:96:bf:a4:c9:4a:9f:d7:f0:81:72:eb:dd:07:0b:47:6e:
c8:2a:b7:76:6c:00:50:9d:68:e0:8f:1b:0f:30:3f:07:0c:56:
7c:58:bb:25:75:23:2e:14:d6:54:2e:23:36:05:22:2c:f9:86:
29:c8:3d:e1:a6:c6:ea:29:5c:10:af:6f:a0:ae:1d:32:7d:e2:
c3:98:4f:a2:75:62:a8:39:61:da:7d:f4:ee:e0:70:5d:96:e7:
93:d2:cc:e2:cf:10:69:c3:01:3a:1b:76:31:1b:ec:da:74:ae:
35:df:11:f0:cf:cc:a1:b4:89:51:c1:6b:83:69:a7:14:3e:b2:
b4:6f:e9:1e:07:dc:e0:82:b4:83:78:4b:aa:a5:eb:cf:41:ac:
3b:e9:6a:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsYE0fAu679G8ZnFRuy3EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YzNiNDRjYmJjNGYzZGE1YTRiNDI4NWM5NmVhM2NiNTBk
NGQwNzMwHhcNMjUwMTAxMTE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWY3M2IxMTQ3MjE3NTM4MDYxMjU1MmZkZWUzM2MzZmEyZmYyNGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wVmFPE4GH5NU651eZSlnXJcKRqN
6gw7tFJ9kqRSFzqI+lnTlko+yCHL1DKIhBHpSpwwGPkMJvvGR7WjrHN3lgGExzq+
iTfd2WiTftTc9XSdMGiYgQwzI8+nA8xVIu+NWky82eQvOr1zGBMX2+iNDXhLNZ87
+HvEQgniFlt1CaoCbdZKJjPncTR9fkmW7ETsLU8mOehsorO8SF/QHYgFjL0txcoW
WvmeYQwORyIZcAj/hbuKjjQr8/Y53gG4A3//I7cNO+OjIIiMTQOF5jT9ofmsfg63
YvA8czAxefsq8Wzk+1F+xElZx2YBhWDDzeBh0EWpKCHBf6HDLXtsC9HGrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAX3OxFHIXU4BhJVL97jPD+i/yTeMB8GA1UdIwQY
MBaAFETDtEy7xPPaWktChcluo8tQ1NBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk1PMFRMdkU4OXBhUzBLRnlXNmp5MURVMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9iMjg0YTMtYzJmMS00MjA1LWIxZDUt
NDc5Nzc2Njk5NThkLzEvQmZjN0VVY2hkVGdHRWxVdjN1TThQNkxfSk40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9iMjg0YTMtYzJmMS00MjA1LWIxZDUtNDc5Nzc2Njk5NThk
LzEvUk1PMFRMdkU4OXBhUzBLRnlXNmp5MURVMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuflAMA0G
CSqGSIb3DQEBCwUAA4IBAQCKcd4eP9DJFt0KUOzl8WS6+WCi55Fs9s+e0Vxp1yGM
J7SG47XXTXMS0BB9futdqW0MULtI7ZI+WnfNqrR8E0sDD5z13hwzRQJkrKmExTE5
/9xi+2sNINSGXsoznyeH8H2d5fzpBHRB3jTB19hg45a/pMlKn9fwgXLr3QcLR27I
Krd2bABQnWjgjxsPMD8HDFZ8WLsldSMuFNZULiM2BSIs+YYpyD3hpsbqKVwQr2+g
rh0yfeLDmE+idWKoOWHaffTu4HBdlueT0szizxBpwwE6G3YxG+zadK413xHwz8yh
tIlRwWuDaacUPrK0b+keB9zggrSDeEuqpevPQaw76WoX
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:12 2025 by rpki-client