Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/bpNrJRX8U12-xzkuih8v--I7sFg.roa
File: bpNrJRX8U12-xzkuih8v--I7sFg.roa (raw, json)
Hash identifier: I6PQwwq6IIGM6OetCGvZdOLKAITvd+akgSFOHJf249k=
Subject key identifier: 6E:93:6B:25:15:FC:53:5D:BE:C7:39:2E:8A:1F:2F:FB:E2:3B:B0:58
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 0194221FFEC2F7F9DB40796B39C73EEB2886
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/bpNrJRX8U12-xzkuih8v--I7sFg.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 212.87.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:fe:c2:f7:f9:db:40:79:6b:39:c7:3e:eb:28:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e936b2515fc535dbec7392e8a1f2ffbe23bb058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:81:98:f2:00:be:83:c6:41:4d:d7:e4:b6:18:
32:df:d7:4c:15:fe:26:b9:95:eb:70:6c:d7:7c:3e:
b9:09:23:58:1e:7b:95:76:c8:e0:0c:28:4e:93:84:
2f:69:30:67:80:56:bb:5c:5b:7b:5b:58:b5:04:c5:
8c:ac:53:1c:3b:59:52:3f:6d:32:6c:d7:ed:8d:ed:
67:0d:50:76:18:8f:e1:29:65:ee:a7:2e:20:b4:bb:
cd:48:79:50:32:09:25:89:05:5f:d6:1b:8d:23:08:
e9:77:31:d3:ad:59:f9:9a:94:6c:37:c3:fb:59:53:
7a:6a:15:5f:dc:0f:e9:96:6a:8c:2b:27:e2:4e:89:
2f:d7:a0:1b:7a:c1:60:66:37:f7:69:2c:4d:42:f4:
11:6d:33:aa:f0:b3:81:86:3e:90:6d:62:52:d8:54:
73:57:ba:0b:3d:f5:08:fa:da:3e:e0:7d:86:64:14:
c7:2c:1e:3c:69:f9:0c:43:73:6b:a4:df:37:dc:a5:
71:f5:b5:a2:96:32:3a:d6:6c:9b:a7:d4:04:e8:0b:
c1:35:68:9e:23:0a:5c:91:9e:77:cd:b7:b2:14:6d:
21:29:02:39:da:c9:73:07:e2:11:ba:99:82:26:00:
d9:3c:38:d9:8a:03:fc:6d:9b:4d:ec:52:c4:42:f3:
a3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:93:6B:25:15:FC:53:5D:BE:C7:39:2E:8A:1F:2F:FB:E2:3B:B0:58
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/bpNrJRX8U12-xzkuih8v--I7sFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.200.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:9c:d3:78:92:d9:ad:8f:3f:9b:2a:d5:d4:39:79:88:f3:4b:
9f:ed:5d:95:0c:5f:e3:20:6d:2d:ec:6d:55:37:26:19:ea:e3:
ae:48:75:96:14:fa:b5:be:4a:7e:82:4e:28:5e:e7:f1:f4:93:
09:18:88:69:35:09:3d:8a:5e:63:66:2c:71:73:eb:47:bb:96:
85:5c:c8:54:63:e3:eb:45:79:e8:1b:e1:bc:28:ec:8e:26:9c:
77:3b:50:0a:84:bc:9e:48:16:8d:75:67:ae:93:7a:e6:1b:62:
55:5d:88:15:f4:9c:4a:c4:dd:f3:36:9f:97:29:4d:54:c7:05:
ed:78:75:6d:6d:cf:3c:83:47:c8:f3:b0:c9:ce:90:b5:0b:91:
05:9c:4f:95:23:32:f4:9e:85:60:8b:9c:45:b6:84:0a:0c:05:
9f:a1:ea:93:12:6e:ce:91:6e:75:eb:72:ee:7b:86:87:5a:e9:
3e:eb:78:bf:95:4b:aa:52:e1:de:30:9f:4f:cd:67:c6:9d:71:
51:5a:25:54:e1:79:52:2d:9b:56:f0:b2:b5:dd:8a:f8:2b:f7:
2f:fb:44:63:db:15:67:e5:8e:43:9d:67:af:bb:cf:98:84:79:
0e:a7:5e:01:64:a0:bf:18:8f:15:68:77:18:52:4a:d0:46:c3:
73:b5:3b:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH/7C9/nbQHlrOcc+6yiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTkzNmIyNTE1ZmM1MzVkYmVjNzM5MmU4YTFmMmZmYmUyM2JiMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14GY8gC+g8ZBTdfkthgy39dMFf4m
uZXrcGzXfD65CSNYHnuVdsjgDChOk4QvaTBngFa7XFt7W1i1BMWMrFMcO1lSP20y
bNftje1nDVB2GI/hKWXupy4gtLvNSHlQMgkliQVf1huNIwjpdzHTrVn5mpRsN8P7
WVN6ahVf3A/plmqMKyfiTokv16AbesFgZjf3aSxNQvQRbTOq8LOBhj6QbWJS2FRz
V7oLPfUI+to+4H2GZBTHLB48afkMQ3NrpN833KVx9bWiljI61mybp9QE6AvBNWie
IwpckZ53zbeyFG0hKQI52slzB+IRupmCJgDZPDjZigP8bZtN7FLEQvOjfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG6TayUV/FNdvsc5LoofL/viO7BYMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvYnBOckpSWDhVMTIteHprdWloOHYtLUk3c0ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1FfIMA0G
CSqGSIb3DQEBCwUAA4IBAQCgnNN4ktmtjz+bKtXUOXmI80uf7V2VDF/jIG0t7G1V
NyYZ6uOuSHWWFPq1vkp+gk4oXufx9JMJGIhpNQk9il5jZixxc+tHu5aFXMhUY+Pr
RXnoG+G8KOyOJpx3O1AKhLyeSBaNdWeuk3rmG2JVXYgV9JxKxN3zNp+XKU1UxwXt
eHVtbc88g0fI87DJzpC1C5EFnE+VIzL0noVgi5xFtoQKDAWfoeqTEm7OkW5163Lu
e4aHWuk+63i/lUuqUuHeMJ9PzWfGnXFRWiVU4XlSLZtW8LK13Yr4K/cv+0Rj2xVn
5Y5DnWevu8+YhHkOp14BZKC/GI8VaHcYUkrQRsNztTvi
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:57 2025 by rpki-client