Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/BdZzfpWUqYfKFqlermnKvlGhVqg.roa
File: BdZzfpWUqYfKFqlermnKvlGhVqg.roa (raw, json)
Hash identifier: cnfauNqEx83yzpIrax/6Sz6YjPOm2320n5WGQAD+OeQ=
Subject key identifier: 05:D6:73:7E:95:94:A9:87:CA:16:A9:5E:AE:69:CA:BE:51:A1:56:A8
Certificate issuer: /CN=7a91b34153da0d5d121cff43259fcd9e3dbfc7d4
Certificate serial: 0194282698498A06AAF1F03666F887700E56
Authority key identifier: 7A:91:B3:41:53:DA:0D:5D:12:1C:FF:43:25:9F:CD:9E:3D:BF:C7:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/BdZzfpWUqYfKFqlermnKvlGhVqg.roa
Signing time: Thu 02 Jan 2025 17:53:25 +0000
ROA not before: Thu 02 Jan 2025 17:53:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 185.154.150.0/23 maxlen: 23
2a14:3b00:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:98:49:8a:06:aa:f1:f0:36:66:f8:87:70:0e:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a91b34153da0d5d121cff43259fcd9e3dbfc7d4
Validity
Not Before: Jan 2 17:53:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05d6737e9594a987ca16a95eae69cabe51a156a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b2:80:d3:6f:b3:58:29:e0:1a:6c:76:b8:25:
4c:cc:7d:79:49:67:8c:1f:bb:4f:1e:4a:6c:87:91:
b5:82:ef:9a:59:52:08:86:59:6b:f9:6b:cc:b0:35:
1a:d0:73:74:ec:14:c9:01:e6:c6:ff:b7:2e:41:6c:
ad:bd:a6:d5:11:48:1a:58:9d:af:1c:52:e8:f8:5d:
61:3d:a4:10:2a:ca:76:a1:5b:bc:23:27:5b:67:00:
65:e0:28:d4:65:e1:09:a9:c7:a6:0c:54:de:df:57:
10:72:42:c1:47:e4:a3:ce:71:45:cb:c2:1a:c6:b9:
33:58:83:4c:6f:45:47:05:cb:3f:ed:45:91:a7:e8:
b8:39:e6:c2:d9:d4:ba:bf:9c:2f:ef:80:a2:1f:a6:
7a:55:75:c2:48:4a:b0:5f:cc:04:e8:fd:c8:1c:99:
71:47:a7:ec:92:07:0f:ea:78:07:ef:82:f8:64:08:
49:34:24:b8:ca:b3:77:5e:41:e3:00:72:2c:f2:08:
b0:ac:98:ab:a4:cc:ef:8e:50:8a:05:55:7d:51:40:
d8:52:f9:42:a2:5c:c1:d9:b0:9f:39:5f:02:3e:95:
6d:6b:59:75:48:8c:ea:92:8d:01:0a:fb:3c:eb:27:
d5:e5:69:e6:58:60:b2:a2:b5:ba:3b:37:32:63:13:
b1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D6:73:7E:95:94:A9:87:CA:16:A9:5E:AE:69:CA:BE:51:A1:56:A8
X509v3 Authority Key Identifier:
keyid:7A:91:B3:41:53:DA:0D:5D:12:1C:FF:43:25:9F:CD:9E:3D:BF:C7:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/BdZzfpWUqYfKFqlermnKvlGhVqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.150.0/23
IPv6:
2a14:3b00:1::/48
Signature Algorithm: sha256WithRSAEncryption
95:80:11:09:f2:2c:2c:ac:0d:a3:8f:38:32:db:b0:29:67:ed:
9d:5a:8d:cf:8a:b7:c9:2a:92:d7:c0:40:7d:a4:2d:ed:0f:9f:
74:2e:2a:40:fa:b2:59:c0:1d:c3:c6:02:f4:d7:f7:ed:19:81:
a9:b2:50:6d:15:4c:70:28:b5:c7:e7:67:86:6b:ba:da:89:98:
2f:6a:30:03:54:58:f8:33:5b:ed:79:88:b1:84:a9:f8:7f:ad:
52:c9:5f:8f:cc:3b:71:cd:00:76:ab:d7:7e:35:a6:62:d0:bc:
cd:e6:da:46:49:ed:33:92:f1:90:6a:d8:cf:fd:4f:2e:fb:d9:
11:23:a4:cd:af:2f:a5:d6:b0:df:5a:24:7d:da:b5:b7:00:40:
b7:55:dd:ca:f6:f6:40:b6:d3:37:54:e3:2d:9f:9f:e6:41:7e:
3d:95:fc:1c:d9:1a:e0:96:88:71:45:e7:2f:56:76:fd:2d:c8:
c4:df:56:c7:d0:f1:b7:39:e8:ff:58:d1:74:02:f8:68:8d:fa:
d4:d6:96:fc:05:61:e0:c0:69:31:bb:c5:f1:f4:fd:22:9e:9d:
79:ab:89:d6:c6:5e:a1:b3:90:a7:97:17:fe:34:43:c9:df:7a:
9a:84:a1:61:ab:5c:d1:d3:0c:5c:d5:6c:06:3d:8c:73:c6:1c:
c8:49:df:4d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQoJphJigaq8fA2ZviHcA5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOTFiMzQxNTNkYTBkNWQxMjFjZmY0MzI1OWZjZDllM2Ri
ZmM3ZDQwHhcNMjUwMTAyMTc1MzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQ2NzM3ZTk1OTRhOTg3Y2ExNmE5NWVhZTY5Y2FiZTUxYTE1NmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3bKA02+zWCngGmx2uCVMzH15SWeM
H7tPHkpsh5G1gu+aWVIIhllr+WvMsDUa0HN07BTJAebG/7cuQWytvabVEUgaWJ2v
HFLo+F1hPaQQKsp2oVu8IydbZwBl4CjUZeEJqcemDFTe31cQckLBR+SjznFFy8Ia
xrkzWINMb0VHBcs/7UWRp+i4OebC2dS6v5wv74CiH6Z6VXXCSEqwX8wE6P3IHJlx
R6fskgcP6ngH74L4ZAhJNCS4yrN3XkHjAHIs8giwrJirpMzvjlCKBVV9UUDYUvlC
olzB2bCfOV8CPpVta1l1SIzqko0BCvs86yfV5WnmWGCyorW6OzcyYxOx1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAXWc36VlKmHyhapXq5pyr5RoVaoMB8GA1UdIwQY
MBaAFHqRs0FT2g1dEhz/QyWfzZ49v8fUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXBHelFWUGFEVjBTSFA5REpaX05uajJfeDlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC81M2Y2NTItMDFiMS00MmYyLTg1ZTkt
NGRjYjIzZmRiMDZhLzEvQmRaemZwV1VxWWZLRnFsZXJtbkt2bEdoVnFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC81M2Y2NTItMDFiMS00MmYyLTg1ZTktNGRjYjIzZmRiMDZh
LzEvZXBHelFWUGFEVjBTSFA5REpaX05uajJfeDlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuZqWMA8E
AgACMAkDBwAqFDsAAAEwDQYJKoZIhvcNAQELBQADggEBAJWAEQnyLCysDaOPODLb
sCln7Z1ajc+Kt8kqktfAQH2kLe0Pn3QuKkD6slnAHcPGAvTX9+0ZgamyUG0VTHAo
tcfnZ4ZrutqJmC9qMANUWPgzW+15iLGEqfh/rVLJX4/MO3HNAHar1341pmLQvM3m
2kZJ7TOS8ZBq2M/9Ty772REjpM2vL6XWsN9aJH3atbcAQLdV3cr29kC20zdU4y2f
n+ZBfj2V/BzZGuCWiHFF5y9Wdv0tyMTfVsfQ8bc56P9Y0XQC+GiN+tTWlvwFYeDA
aTG7xfH0/SKenXmridbGXqGzkKeXF/40Q8nfepqEoWGrXNHTDFzVbAY9jHPGHMhJ
300=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:26:43 2025 by rpki-client