Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/Bo2DCZ3LedKQePVNG41vzSLkoCQ.roa
File: Bo2DCZ3LedKQePVNG41vzSLkoCQ.roa (raw, json)
Hash identifier: pzfDEO9lxaLpVif2KvuaO7tThrDfxFNMGDYq0ReKCRk=
Subject key identifier: 06:8D:83:09:9D:CB:79:D2:90:78:F5:4D:1B:8D:6F:CD:22:E4:A0:24
Certificate issuer: /CN=a10c73530bb684fd569dfc432704675704183429
Certificate serial: 019421B181A197315EA2F208C8F64944F6A3
Authority key identifier: A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/Bo2DCZ3LedKQePVNG41vzSLkoCQ.roa
Signing time: Wed 01 Jan 2025 11:47:48 +0000
ROA not before: Wed 01 Jan 2025 11:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56595
IP address blocks: 185.94.232.0/22 maxlen: 24
185.94.232.0/23 maxlen: 24
185.94.232.0/24 maxlen: 24
185.94.233.0/24 maxlen: 24
185.94.234.0/23 maxlen: 24
185.94.234.0/24 maxlen: 24
185.94.235.0/24 maxlen: 24
2a03:e840::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:81:a1:97:31:5e:a2:f2:08:c8:f6:49:44:f6:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a10c73530bb684fd569dfc432704675704183429
Validity
Not Before: Jan 1 11:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=068d83099dcb79d29078f54d1b8d6fcd22e4a024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9c:4a:ee:74:ab:42:1c:39:11:e9:04:70:81:
6e:ab:69:b6:0d:ce:05:ff:07:aa:12:8d:23:b9:a5:
0f:24:57:d2:95:f2:09:d8:4f:40:da:44:90:40:4e:
eb:12:aa:88:f2:5b:9e:38:51:93:d0:b9:70:e1:c2:
06:96:52:ae:a8:93:28:d5:2f:db:7b:6d:c6:bf:c2:
c7:b4:ea:63:3f:7f:f2:ed:4d:30:b4:dd:71:00:31:
78:3e:40:09:0c:ee:2f:5a:ce:df:50:75:39:86:bd:
6d:77:5d:42:e1:fe:37:74:a9:51:b1:61:7d:bf:31:
df:3a:ba:ba:92:46:16:17:49:c7:8b:46:79:88:a8:
82:61:c1:96:6b:40:04:a6:30:f7:6f:53:3c:7c:db:
13:ae:6d:a3:ef:a8:5f:98:27:63:2d:9f:c1:d2:b2:
13:fb:ca:fd:a1:e2:d4:f9:ba:ed:70:d9:e0:ae:f4:
f0:c7:63:69:80:1e:e6:e1:34:33:f4:51:4b:36:2d:
8e:1a:7d:7f:a7:1d:5d:e2:19:6e:a6:e2:65:84:79:
35:59:7f:97:c2:a4:c0:2d:2b:e4:65:cf:7d:d8:82:
08:bf:1b:05:a7:ee:21:97:31:0c:bc:75:c3:5a:a0:
93:c7:f3:a7:11:32:b4:d9:7f:1a:91:30:89:cc:2f:
d8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:8D:83:09:9D:CB:79:D2:90:78:F5:4D:1B:8D:6F:CD:22:E4:A0:24
X509v3 Authority Key Identifier:
keyid:A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/Bo2DCZ3LedKQePVNG41vzSLkoCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/oQxzUwu2hP1WnfxDJwRnVwQYNCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.232.0/22
IPv6:
2a03:e840::/32
Signature Algorithm: sha256WithRSAEncryption
1c:29:23:54:e8:72:74:af:07:2c:74:c2:ce:c1:4a:87:85:36:
3b:d9:2b:67:81:6b:b9:07:59:e1:d5:eb:1d:aa:a2:d0:d9:c5:
7e:ef:e6:6c:90:e6:45:70:45:a0:49:40:be:32:48:f9:15:3c:
fd:0c:80:04:27:a9:1a:5c:48:fb:88:25:09:6b:cc:70:72:46:
89:63:36:f8:e0:3d:94:f3:2e:6e:ee:d6:e7:f3:9e:42:db:30:
0c:c5:45:d5:ee:da:ed:a4:a1:6e:39:a9:c1:4c:04:85:51:d3:
7e:0e:76:f0:52:cb:dc:8a:d3:af:07:59:39:f8:5a:d7:b2:1c:
fd:5c:33:1c:40:04:7e:c9:21:84:f0:95:91:56:fd:5d:74:72:
aa:ca:14:58:65:4e:35:27:52:e4:11:b2:ae:97:53:49:87:b3:
21:33:48:2b:1d:30:11:85:58:0a:a0:d8:8b:a4:86:a0:97:93:
f5:db:71:b4:b7:d8:d5:d5:96:dd:82:92:e3:ed:76:be:d5:91:
c3:4e:6c:90:8d:06:6b:8b:2d:7b:a0:05:1b:b5:50:da:ae:1d:
b9:b5:3d:cd:ef:d8:83:67:9e:fc:cc:49:42:2d:8a:1d:6b:21:
cb:d8:4d:86:ff:fd:d0:82:00:52:a7:08:d1:41:ad:d4:b9:47:
46:51:3a:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsYGhlzFeovIIyPZJRPajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMGM3MzUzMGJiNjg0ZmQ1NjlkZmM0MzI3MDQ2NzU3MDQx
ODM0MjkwHhcNMjUwMTAxMTE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjhkODMwOTlkY2I3OWQyOTA3OGY1NGQxYjhkNmZjZDIyZTRhMDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJxK7nSrQhw5EekEcIFuq2m2Dc4F
/weqEo0juaUPJFfSlfIJ2E9A2kSQQE7rEqqI8lueOFGT0Llw4cIGllKuqJMo1S/b
e23Gv8LHtOpjP3/y7U0wtN1xADF4PkAJDO4vWs7fUHU5hr1td11C4f43dKlRsWF9
vzHfOrq6kkYWF0nHi0Z5iKiCYcGWa0AEpjD3b1M8fNsTrm2j76hfmCdjLZ/B0rIT
+8r9oeLU+brtcNngrvTwx2NpgB7m4TQz9FFLNi2OGn1/px1d4hlupuJlhHk1WX+X
wqTALSvkZc992IIIvxsFp+4hlzEMvHXDWqCTx/OnETK02X8akTCJzC/YrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAaNgwmdy3nSkHj1TRuNb80i5KAkMB8GA1UdIwQY
MBaAFKEMc1MLtoT9Vp38QycEZ1cEGDQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1F4elV3dTJoUDFXbmZ4REp3Um5Wd1FZTkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9lZDE3YzgtYWJkNC00MTRmLWJjMzAt
N2QwODI5MWE3NjYyLzEvQm8yRENaM0xlZEtRZVBWTkc0MXZ6U0xrb0NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9lZDE3YzgtYWJkNC00MTRmLWJjMzAtN2QwODI5MWE3NjYy
LzEvb1F4elV3dTJoUDFXbmZ4REp3Um5Wd1FZTkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV7oMA0E
AgACMAcDBQAqA+hAMA0GCSqGSIb3DQEBCwUAA4IBAQAcKSNU6HJ0rwcsdMLOwUqH
hTY72StngWu5B1nh1esdqqLQ2cV+7+ZskOZFcEWgSUC+Mkj5FTz9DIAEJ6kaXEj7
iCUJa8xwckaJYzb44D2U8y5u7tbn855C2zAMxUXV7trtpKFuOanBTASFUdN+Dnbw
UsvcitOvB1k5+FrXshz9XDMcQAR+ySGE8JWRVv1ddHKqyhRYZU41J1LkEbKul1NJ
h7MhM0grHTARhVgKoNiLpIagl5P123G0t9jV1ZbdgpLj7Xa+1ZHDTmyQjQZriy17
oAUbtVDarh25tT3N79iDZ578zElCLYodayHL2E2G//3QggBSpwjRQa3UuUdGUTqs
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:18:21 2025 by rpki-client