Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/9afb33-e0aa-493b-a46d-a885fb40d90d/1/BcMlnIoEyaE0mDawsxbecoXniH0.roa
File: BcMlnIoEyaE0mDawsxbecoXniH0.roa (raw, json)
Hash identifier: 727llqznCHeUf4hshe9Jcv8QXN6MKfbHfvyT321YwLU=
Subject key identifier: 05:C3:25:9C:8A:04:C9:A1:34:98:36:B0:B3:16:DE:72:85:E7:88:7D
Certificate issuer: /CN=845de8732b1017138f87032b70fa3b7b8776ef71
Certificate serial: 0193B6456A2989582ACD3A0DC233921D8296
Authority key identifier: 84:5D:E8:73:2B:10:17:13:8F:87:03:2B:70:FA:3B:7B:87:76:EF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hF3ocysQFxOPhwMrcPo7e4d273E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/9afb33-e0aa-493b-a46d-a885fb40d90d/1/BcMlnIoEyaE0mDawsxbecoXniH0.roa
Signing time: Wed 11 Dec 2024 15:10:22 +0000
ROA not before: Wed 11 Dec 2024 15:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 195.200.94.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b6:45:6a:29:89:58:2a:cd:3a:0d:c2:33:92:1d:82:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845de8732b1017138f87032b70fa3b7b8776ef71
Validity
Not Before: Dec 11 15:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05c3259c8a04c9a1349836b0b316de7285e7887d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8d:e7:74:45:c9:8c:de:24:ac:33:0c:17:eb:
3a:9f:be:65:05:10:71:f4:3d:b7:71:05:4f:af:fd:
5c:11:01:c5:a1:a2:38:d8:bb:2c:4e:f2:83:ac:9a:
ee:f6:3e:fd:88:81:4c:8a:73:35:b1:d5:81:be:4a:
c1:06:5e:8b:7e:23:db:49:38:f9:a5:5b:c2:8c:7b:
ad:23:af:28:8f:a3:6d:48:ab:30:bc:43:95:f4:e4:
18:6d:53:54:5a:a7:a4:69:cd:e2:30:46:b1:3d:09:
b5:24:46:b2:50:a0:c0:aa:63:d2:b5:0c:33:ca:4e:
64:7c:39:f0:bf:60:cb:67:8f:42:73:57:c5:8d:e0:
aa:6e:2e:aa:2a:59:7d:19:ee:15:b5:b5:fd:31:bc:
6d:57:bd:10:4c:3b:95:5f:f5:e7:27:4f:0a:30:f7:
70:ae:a7:c4:48:12:3f:88:cd:3a:35:ae:8c:76:50:
f2:82:e5:50:3d:31:8c:a6:95:43:b0:a0:c0:3c:10:
b4:96:ed:2a:48:a6:a5:3f:f7:14:9c:45:34:3c:c2:
ad:5a:4a:61:9c:3a:45:2d:74:9a:d8:9a:16:de:15:
1a:51:ec:05:76:23:2f:76:a7:e5:61:6c:68:be:66:
71:25:da:30:6d:a1:9d:e8:aa:d7:92:b6:a9:0b:7b:
ee:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C3:25:9C:8A:04:C9:A1:34:98:36:B0:B3:16:DE:72:85:E7:88:7D
X509v3 Authority Key Identifier:
keyid:84:5D:E8:73:2B:10:17:13:8F:87:03:2B:70:FA:3B:7B:87:76:EF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hF3ocysQFxOPhwMrcPo7e4d273E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/9afb33-e0aa-493b-a46d-a885fb40d90d/1/BcMlnIoEyaE0mDawsxbecoXniH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/9afb33-e0aa-493b-a46d-a885fb40d90d/1/hF3ocysQFxOPhwMrcPo7e4d273E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.94.0/23
Signature Algorithm: sha256WithRSAEncryption
33:a1:07:57:7e:d3:74:35:8e:47:28:6c:a6:fe:e9:a8:75:26:
4e:c9:eb:60:1a:58:8b:2c:2b:63:bc:7c:1f:23:80:e8:20:1f:
a6:7b:43:dc:7e:a9:ad:c9:76:bf:f5:0c:85:5a:cb:fc:47:fa:
42:d3:0d:b9:08:f7:e8:2f:df:6e:af:be:e5:9c:9c:46:32:0a:
91:65:42:8f:67:ea:45:67:cc:83:2f:be:b7:5c:5c:c7:44:02:
10:3b:1d:29:fc:44:29:2d:0a:29:be:5d:dd:b2:14:2e:d8:cc:
52:5c:e3:d6:fc:b8:82:16:d7:46:71:36:72:35:4b:07:54:c3:
5c:3b:b9:a8:6e:55:b5:70:28:1b:17:4f:55:0d:fb:48:df:d6:
a0:ce:c3:78:d4:f6:4b:e9:10:f9:63:e6:37:71:32:66:f3:a2:
38:8e:b6:cf:93:39:3a:ce:70:09:e1:df:9c:d2:29:fc:78:3b:
70:d5:23:dc:41:3f:77:d0:7e:56:53:bb:9f:7d:99:76:db:08:
30:a2:f0:7b:ed:2f:20:1a:a8:1c:11:f2:33:02:98:1e:b8:28:
bc:40:5f:a7:70:8a:67:27:eb:a3:7d:01:3e:90:2e:7f:9b:3c:
b3:03:68:e2:8f:3d:33:45:3d:de:14:ec:57:d6:eb:73:77:06:
b1:be:0d:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO2RWopiVgqzToNwjOSHYKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWRlODczMmIxMDE3MTM4Zjg3MDMyYjcwZmEzYjdiODc3
NmVmNzEwHhcNMjQxMjExMTUxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWMzMjU5YzhhMDRjOWExMzQ5ODM2YjBiMzE2ZGU3Mjg1ZTc4ODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkY3ndEXJjN4krDMMF+s6n75lBRBx
9D23cQVPr/1cEQHFoaI42LssTvKDrJru9j79iIFMinM1sdWBvkrBBl6LfiPbSTj5
pVvCjHutI68oj6NtSKswvEOV9OQYbVNUWqekac3iMEaxPQm1JEayUKDAqmPStQwz
yk5kfDnwv2DLZ49Cc1fFjeCqbi6qKll9Ge4VtbX9MbxtV70QTDuVX/XnJ08KMPdw
rqfESBI/iM06Na6MdlDyguVQPTGMppVDsKDAPBC0lu0qSKalP/cUnEU0PMKtWkph
nDpFLXSa2JoW3hUaUewFdiMvdqflYWxovmZxJdowbaGd6KrXkrapC3vuGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXDJZyKBMmhNJg2sLMW3nKF54h9MB8GA1UdIwQY
MBaAFIRd6HMrEBcTj4cDK3D6O3uHdu9xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEYzb2N5c1FGeE9QaHdNcmNQbzdlNGQyNzNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85YWZiMzMtZTBhYS00OTNiLWE0NmQt
YTg4NWZiNDBkOTBkLzEvQmNNbG5Jb0V5YUUwbURhd3N4YmVjb1huaUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85YWZiMzMtZTBhYS00OTNiLWE0NmQtYTg4NWZiNDBkOTBk
LzEvaEYzb2N5c1FGeE9QaHdNcmNQbzdlNGQyNzNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw8heMA0G
CSqGSIb3DQEBCwUAA4IBAQAzoQdXftN0NY5HKGym/umodSZOyetgGliLLCtjvHwf
I4DoIB+me0PcfqmtyXa/9QyFWsv8R/pC0w25CPfoL99ur77lnJxGMgqRZUKPZ+pF
Z8yDL763XFzHRAIQOx0p/EQpLQopvl3dshQu2MxSXOPW/LiCFtdGcTZyNUsHVMNc
O7moblW1cCgbF09VDftI39agzsN41PZL6RD5Y+Y3cTJm86I4jrbPkzk6znAJ4d+c
0in8eDtw1SPcQT930H5WU7uffZl22wgwovB77S8gGqgcEfIzApgeuCi8QF+ncIpn
J+ujfQE+kC5/mzyzA2jijz0zRT3eFOxX1utzdwaxvg0k
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:41 2025 by rpki-client