Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/bmgQpI-VIkGKEdb2NDjhfJ-ov18.roa
File: bmgQpI-VIkGKEdb2NDjhfJ-ov18.roa (raw, json)
Hash identifier: MOydOwWb+ZNvRmMLEPCFgu1thwKEQGRA70pBvfHH5qM=
Subject key identifier: 6E:68:10:A4:8F:95:22:41:8A:11:D6:F6:34:38:E1:7C:9F:A8:BF:5F
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 0194244491011010789D9AB80D9DBCA6AE74
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/bmgQpI-VIkGKEdb2NDjhfJ-ov18.roa
Signing time: Wed 01 Jan 2025 23:47:40 +0000
ROA not before: Wed 01 Jan 2025 23:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202228
IP address blocks: 91.106.26.0/23 maxlen: 23
91.106.26.0/24 maxlen: 24
91.106.27.0/24 maxlen: 24
94.240.16.0/22 maxlen: 22
94.240.60.0/23 maxlen: 23
94.240.60.0/24 maxlen: 24
94.240.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:91:01:10:10:78:9d:9a:b8:0d:9d:bc:a6:ae:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 1 23:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e6810a48f9522418a11d6f63438e17c9fa8bf5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:28:0b:e6:d5:fd:2d:c8:f0:77:16:73:31:f4:
b9:43:5e:cb:c9:e6:77:79:f8:8b:97:44:ea:a3:ad:
ff:88:49:16:84:d1:e5:2b:39:09:5d:5d:e5:7b:86:
b6:a5:a1:f8:a7:18:55:02:af:a0:0d:c6:d5:8a:21:
b0:fb:3d:79:66:fd:c5:b4:ae:3c:d5:d3:9a:8a:f5:
23:8e:b5:79:c2:24:1c:ea:3d:9c:7f:20:ac:00:f3:
43:89:a8:f3:9b:10:c6:d8:f7:8b:d8:7e:24:e7:12:
7e:1f:fc:aa:51:22:98:92:a9:6c:02:c3:78:89:63:
8e:f8:cd:d2:a4:fb:a0:89:26:10:95:1c:a4:b2:71:
cd:9e:af:28:d9:21:52:2f:66:fb:e7:c0:0a:fd:c8:
5d:ee:25:35:9d:ba:ea:dd:ea:9b:a7:43:c1:b3:ab:
f1:5a:e6:d8:d9:ff:1c:53:fd:cc:a4:c5:b4:b2:68:
83:ab:32:d3:85:91:cd:db:96:9d:06:bf:74:b7:56:
ea:ca:91:6c:df:45:d5:11:bf:b6:be:6e:39:dd:22:
63:02:72:e2:22:7b:17:79:9e:07:9b:31:2b:7c:74:
ee:67:a1:70:81:04:97:52:59:18:6f:51:47:c2:41:
18:80:de:e9:ea:4e:c5:e0:9d:a7:2c:5c:93:c2:05:
a0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:68:10:A4:8F:95:22:41:8A:11:D6:F6:34:38:E1:7C:9F:A8:BF:5F
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/bmgQpI-VIkGKEdb2NDjhfJ-ov18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.26.0/23
94.240.16.0/22
94.240.60.0/23
Signature Algorithm: sha256WithRSAEncryption
88:65:33:7b:a1:28:58:70:8d:0e:5d:4f:86:55:34:40:75:4d:
de:9f:ac:67:6d:1c:55:2e:25:cf:0b:e8:0f:3f:15:cf:49:37:
5b:cb:f8:56:38:b4:15:46:2f:79:45:8e:f6:4f:d7:6b:c8:9a:
74:86:4e:8f:93:f0:15:b5:56:77:c7:f6:69:4e:79:1c:84:e3:
7f:81:e6:8e:91:f7:83:24:8f:6c:5e:df:e3:f5:29:7d:20:e2:
8c:9d:4e:01:3b:4b:30:2e:b0:27:3a:ff:2c:8a:15:96:3e:64:
b2:45:43:9e:d1:82:24:05:9f:8e:0f:34:05:ab:c4:aa:79:4f:
14:5e:df:ec:2e:31:35:34:9a:33:7b:ac:d9:d2:e4:95:c6:aa:
68:aa:19:a4:61:36:8e:39:13:83:cc:78:7e:e3:1c:b2:86:dc:
0c:8a:50:b4:42:38:fb:7a:1f:84:c8:4f:32:7d:00:3a:df:64:
75:f0:69:e6:48:8c:59:3b:e5:e9:4a:8f:0a:82:53:fb:35:e4:
33:2b:9f:20:82:bd:7a:25:07:84:30:89:38:ee:2d:b3:12:fe:
07:45:4e:9e:8c:41:44:b1:32:49:df:ee:ae:4b:51:bd:8a:59:
93:21:e2:e3:1e:12:18:e8:96:21:3f:05:32:20:a7:5c:37:20:
82:08:95:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQkRJEBEBB4nZq4DZ28pq50MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjUwMTAxMjM0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTY4MTBhNDhmOTUyMjQxOGExMWQ2ZjYzNDM4ZTE3YzlmYThiZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCgL5tX9LcjwdxZzMfS5Q17LyeZ3
efiLl0Tqo63/iEkWhNHlKzkJXV3le4a2paH4pxhVAq+gDcbViiGw+z15Zv3FtK48
1dOaivUjjrV5wiQc6j2cfyCsAPNDiajzmxDG2PeL2H4k5xJ+H/yqUSKYkqlsAsN4
iWOO+M3SpPugiSYQlRyksnHNnq8o2SFSL2b758AK/chd7iU1nbrq3eqbp0PBs6vx
WubY2f8cU/3MpMW0smiDqzLThZHN25adBr90t1bqypFs30XVEb+2vm453SJjAnLi
InsXeZ4HmzErfHTuZ6FwgQSXUlkYb1FHwkEYgN7p6k7F4J2nLFyTwgWgGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG5oEKSPlSJBihHW9jQ44XyfqL9fMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvYm1nUXBJLVZJa0dLRWRiMk5EamhmSi1vdjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW2oaAwQC
XvAQAwQBXvA8MA0GCSqGSIb3DQEBCwUAA4IBAQCIZTN7oShYcI0OXU+GVTRAdU3e
n6xnbRxVLiXPC+gPPxXPSTdby/hWOLQVRi95RY72T9dryJp0hk6Pk/AVtVZ3x/Zp
TnkchON/geaOkfeDJI9sXt/j9Sl9IOKMnU4BO0swLrAnOv8sihWWPmSyRUOe0YIk
BZ+ODzQFq8SqeU8UXt/sLjE1NJoze6zZ0uSVxqpoqhmkYTaOORODzHh+4xyyhtwM
ilC0Qjj7eh+EyE8yfQA632R18GnmSIxZO+XpSo8KglP7NeQzK58ggr16JQeEMIk4
7i2zEv4HRU6ejEFEsTJJ3+6uS1G9ilmTIeLjHhIY6JYhPwUyIKdcNyCCCJVu
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:33 2025 by rpki-client