Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/BKts92Cgp762t7JNofBM7L5uftM.roa
File: BKts92Cgp762t7JNofBM7L5uftM.roa (raw, json)
Hash identifier: WTNLkBIvgvxJFEXIWZr47BOElViaMRJym9HooD5Dr3Q=
Subject key identifier: 04:AB:6C:F7:60:A0:A7:BE:B6:B7:B2:4D:A1:F0:4C:EC:BE:6E:7E:D3
Certificate issuer: /CN=6ddd8f1e38c91f5b17c3d1a7234e49c9c70dc324
Certificate serial: 01942144330164A169E293DE31C6116B650A
Authority key identifier: 6D:DD:8F:1E:38:C9:1F:5B:17:C3:D1:A7:23:4E:49:C9:C7:0D:C3:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bd2PHjjJH1sXw9GnI05JyccNwyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/BKts92Cgp762t7JNofBM7L5uftM.roa
Signing time: Wed 01 Jan 2025 09:48:25 +0000
ROA not before: Wed 01 Jan 2025 09:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1835
IP address blocks: 130.225.0.0/16 maxlen: 24
130.226.0.0/16 maxlen: 24
192.38.0.0/17 maxlen: 24
192.38.4.0/22 maxlen: 24
192.38.8.0/21 maxlen: 24
192.38.16.0/20 maxlen: 24
192.38.32.0/19 maxlen: 24
192.38.64.0/18 maxlen: 24
2001:7f8:1f::/48 maxlen: 64
2001:878::/29 maxlen: 48
2001:878::/30 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:33:01:64:a1:69:e2:93:de:31:c6:11:6b:65:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddd8f1e38c91f5b17c3d1a7234e49c9c70dc324
Validity
Not Before: Jan 1 09:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04ab6cf760a0a7beb6b7b24da1f04cecbe6e7ed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:cf:ba:f2:02:b6:ac:d9:b4:50:56:a0:2d:b4:
62:47:38:cb:16:95:d4:9e:cd:f3:b0:06:c0:22:28:
0b:ca:c8:31:3a:95:81:e5:d3:75:53:26:7f:71:89:
ee:35:2c:f4:e1:4f:40:d0:c9:81:5b:d5:40:19:81:
2c:2b:9f:6f:69:43:ee:d6:96:31:e4:28:bf:03:a6:
71:85:90:8f:cf:68:37:55:f8:57:8e:b6:82:75:10:
3b:4d:6e:7f:ba:b7:1b:de:ec:89:8f:97:27:20:29:
1f:d9:40:f9:a3:7c:86:86:49:ec:7d:b2:f1:d0:e6:
7e:00:a2:76:27:d7:ec:25:89:2f:11:e4:34:90:cd:
36:ae:a5:d8:39:88:3d:ca:4e:88:3f:59:2b:f7:77:
a9:1a:6d:8e:7d:3f:99:1a:8b:a6:91:5a:7d:38:35:
7c:f3:1a:da:83:d6:f7:69:52:6b:e4:7e:d6:73:32:
f3:c9:9f:d6:cf:d5:f7:9f:62:40:41:4d:62:e3:23:
87:d3:6d:c8:fc:10:ae:17:bf:1c:55:18:3e:1d:43:
50:75:57:86:d7:40:7c:98:43:99:04:57:2b:2e:8f:
c2:4f:10:dd:fb:bc:8e:97:89:99:06:4a:27:98:b4:
16:75:35:f5:6a:9c:5e:a2:fb:b1:95:b2:c3:80:b1:
62:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:AB:6C:F7:60:A0:A7:BE:B6:B7:B2:4D:A1:F0:4C:EC:BE:6E:7E:D3
X509v3 Authority Key Identifier:
keyid:6D:DD:8F:1E:38:C9:1F:5B:17:C3:D1:A7:23:4E:49:C9:C7:0D:C3:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd2PHjjJH1sXw9GnI05JyccNwyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/BKts92Cgp762t7JNofBM7L5uftM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/bd2PHjjJH1sXw9GnI05JyccNwyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.225.0.0-130.226.255.255
192.38.0.0/17
IPv6:
2001:7f8:1f::/48
2001:878::/29
Signature Algorithm: sha256WithRSAEncryption
20:21:e8:e6:2f:46:a3:05:5d:46:01:a4:18:01:2e:f3:e6:96:
4d:72:30:60:4c:ce:83:a3:82:ac:ee:4a:c3:1d:42:8d:19:5c:
c5:d0:1c:27:61:1e:9c:ed:74:11:9f:21:b6:3d:2d:54:8a:6b:
74:37:dc:fd:f7:a9:ec:b5:0c:5c:9e:8a:16:28:e4:86:b8:08:
68:e1:76:91:54:ed:e4:fb:5f:1f:1c:31:39:c3:01:73:b1:9b:
6d:89:2b:c5:23:0e:42:b7:86:76:b5:96:9c:07:d9:5b:90:9a:
e8:3d:11:a3:a8:5a:88:b2:7b:6f:38:0b:4c:89:5c:97:1c:27:
29:86:29:56:61:81:0a:ce:ea:7f:54:7a:45:99:72:10:d1:c4:
dd:28:99:5a:38:9d:bb:9c:de:d1:ea:50:74:a4:45:d8:c4:6e:
2e:8e:c5:ad:40:56:da:a5:56:bc:22:cc:9f:cd:aa:b5:5e:0a:
d8:28:c6:3b:49:dd:dd:50:91:d0:cf:80:ed:1c:80:bf:e1:a0:
b9:bf:30:ac:c3:85:e5:8f:9a:a0:41:43:f5:a2:2d:d6:75:84:
d5:a5:61:18:e5:a1:69:59:de:91:38:7a:22:97:56:54:b2:79:
23:08:ec:76:0c:ef:37:e4:7e:f7:85:a7:fb:b3:2c:ac:2c:1d:
6c:d6:2e:7d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQhRDMBZKFp4pPeMcYRa2UKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGQ4ZjFlMzhjOTFmNWIxN2MzZDFhNzIzNGU0OWM5Yzcw
ZGMzMjQwHhcNMjUwMTAxMDk0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGFiNmNmNzYwYTBhN2JlYjZiN2IyNGRhMWYwNGNlY2JlNmU3ZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48+68gK2rNm0UFagLbRiRzjLFpXU
ns3zsAbAIigLysgxOpWB5dN1UyZ/cYnuNSz04U9A0MmBW9VAGYEsK59vaUPu1pYx
5Ci/A6ZxhZCPz2g3VfhXjraCdRA7TW5/urcb3uyJj5cnICkf2UD5o3yGhknsfbLx
0OZ+AKJ2J9fsJYkvEeQ0kM02rqXYOYg9yk6IP1kr93epGm2OfT+ZGoumkVp9ODV8
8xrag9b3aVJr5H7WczLzyZ/Wz9X3n2JAQU1i4yOH023I/BCuF78cVRg+HUNQdVeG
10B8mEOZBFcrLo/CTxDd+7yOl4mZBkonmLQWdTX1apxeovuxlbLDgLFiOwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFASrbPdgoKe+treyTaHwTOy+bn7TMB8GA1UdIwQY
MBaAFG3djx44yR9bF8PRpyNOScnHDcMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmQyUEhqakpIMXNYdzlHbkkwNUp5Y2NOd3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMTZjOGYtNWUzNi00NzFmLTk1NTUt
ZjYyOTdhNzdhMzdiLzEvQkt0czkyQ2dwNzYydDdKTm9mQk03TDV1ZnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMTZjOGYtNWUzNi00NzFmLTk1NTUtZjYyOTdhNzdhMzdi
LzEvYmQyUEhqakpIMXNYdzlHbkkwNUp5Y2NOd3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASMAoDAwCC4QMD
AILiAwQHwCYAMBYEAgACMBADBwAgAQf4AB8DBQMgAQh4MA0GCSqGSIb3DQEBCwUA
A4IBAQAgIejmL0ajBV1GAaQYAS7z5pZNcjBgTM6Do4Ks7krDHUKNGVzF0BwnYR6c
7XQRnyG2PS1Uimt0N9z996nstQxcnooWKOSGuAho4XaRVO3k+18fHDE5wwFzsZtt
iSvFIw5Ct4Z2tZacB9lbkJroPRGjqFqIsntvOAtMiVyXHCcphilWYYEKzup/VHpF
mXIQ0cTdKJlaOJ27nN7R6lB0pEXYxG4ujsWtQFbapVa8Isyfzaq1XgrYKMY7Sd3d
UJHQz4DtHIC/4aC5vzCsw4Xlj5qgQUP1oi3WdYTVpWEY5aFpWd6ROHoil1ZUsnkj
COx2DO835H73haf7syysLB1s1i59
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:55 2025 by rpki-client