Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/50f34c-338d-4fce-8193-ec16735a3382/1/BAHKXXDGf4FkpvGLoVJvz4ZQS9g.roa
File: BAHKXXDGf4FkpvGLoVJvz4ZQS9g.roa (raw, json)
Hash identifier: QG7io9HlNrI6xyBwfXvDwRjbZbOdJXrpGi6XSOhyDS8=
Subject key identifier: 04:01:CA:5D:70:C6:7F:81:64:A6:F1:8B:A1:52:6F:CF:86:50:4B:D8
Certificate issuer: /CN=a2d5c7ae7e45c00734efbcc913a1b1ea3e964b40
Certificate serial: 0195D72DFBCF89F134B16B24742F520D787A
Authority key identifier: A2:D5:C7:AE:7E:45:C0:07:34:EF:BC:C9:13:A1:B1:EA:3E:96:4B:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otXHrn5FwAc077zJE6Gx6j6WS0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/50f34c-338d-4fce-8193-ec16735a3382/1/BAHKXXDGf4FkpvGLoVJvz4ZQS9g.roa
Signing time: Thu 27 Mar 2025 10:37:49 +0000
ROA not before: Thu 27 Mar 2025 10:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1136
IP address blocks: 185.117.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d7:2d:fb:cf:89:f1:34:b1:6b:24:74:2f:52:0d:78:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d5c7ae7e45c00734efbcc913a1b1ea3e964b40
Validity
Not Before: Mar 27 10:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0401ca5d70c67f8164a6f18ba1526fcf86504bd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:10:2a:a2:a0:fd:ec:15:32:1c:ca:12:89:39:
70:51:f7:c4:44:68:89:d3:bc:87:8a:5b:25:b1:9b:
db:a1:c8:79:03:e3:4c:16:93:61:ef:9f:e4:55:02:
7b:77:9a:9c:70:11:af:a8:98:e6:7c:c4:40:39:f3:
5c:ac:3e:36:bc:58:9e:00:74:ec:5f:16:22:ce:a1:
36:70:a0:19:27:dc:00:74:2e:66:a8:e5:00:e7:8e:
d5:c5:91:39:6a:94:35:4e:67:74:15:b5:4b:f6:4d:
bd:95:87:31:9a:f5:79:2a:bb:35:a0:b4:a8:25:51:
8c:a2:b3:54:96:bc:f6:94:b0:d2:24:08:92:b3:24:
38:c4:35:bc:b3:a8:c4:f7:15:1b:c0:92:8c:1a:5d:
b7:18:99:d3:02:df:7b:d1:89:3d:b6:3c:f9:81:40:
d3:b4:48:a7:41:45:51:12:cf:8a:06:4e:88:fb:c5:
ed:b4:0d:3a:64:5c:ca:16:4c:45:6e:48:36:63:26:
62:0a:ef:e4:bb:bf:f9:7b:d9:f3:1a:ab:61:b1:3e:
86:bd:09:3d:82:c1:e7:9e:54:28:58:88:8b:3d:10:
2e:5d:c8:1e:f4:e7:c0:46:bd:f1:4a:44:e5:5d:f0:
46:eb:d1:1a:55:c9:61:22:8d:33:8c:8a:5b:3d:f9:
18:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:01:CA:5D:70:C6:7F:81:64:A6:F1:8B:A1:52:6F:CF:86:50:4B:D8
X509v3 Authority Key Identifier:
keyid:A2:D5:C7:AE:7E:45:C0:07:34:EF:BC:C9:13:A1:B1:EA:3E:96:4B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otXHrn5FwAc077zJE6Gx6j6WS0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/50f34c-338d-4fce-8193-ec16735a3382/1/BAHKXXDGf4FkpvGLoVJvz4ZQS9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/50f34c-338d-4fce-8193-ec16735a3382/1/otXHrn5FwAc077zJE6Gx6j6WS0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.209.0/24
Signature Algorithm: sha256WithRSAEncryption
02:3e:38:95:c1:ae:e6:4c:e7:cb:a0:b4:5d:01:b7:60:10:3c:
74:90:27:7c:e9:62:e6:e7:ef:dd:ff:1f:6f:f2:5a:79:ee:c9:
e8:72:cf:ce:0c:3c:9f:87:d6:cf:31:54:c7:aa:11:3f:1a:3b:
70:e2:5e:64:a3:2c:49:99:7d:71:96:0d:c5:27:0a:ba:70:f0:
6f:64:54:1c:d2:f8:49:1c:86:09:de:9b:1b:06:df:c0:9d:b1:
8e:15:53:fa:56:c1:71:ce:bc:eb:b3:c9:e5:18:ee:3a:05:08:
c0:d8:28:31:c6:58:20:72:fd:4f:0d:ae:9d:e1:70:29:b3:13:
bb:49:89:a3:ee:4f:06:43:7b:ae:86:ed:b4:37:9f:f1:dc:ef:
c0:32:78:5a:22:fa:ea:2d:0a:f1:70:98:9e:3c:2f:7a:b0:84:
a4:6e:eb:90:5b:59:8b:f3:6e:f1:80:37:ed:49:69:05:c7:e4:
92:f1:d7:8f:60:55:81:7c:6a:09:52:76:aa:5b:63:10:3e:31:
a0:1d:4d:df:45:4f:3e:70:05:09:c6:ac:35:92:0b:dd:a3:57:
24:dd:5b:3b:37:76:b5:81:16:58:d3:ee:e8:b6:b3:1f:44:c5:
dc:0e:4a:e1:68:0c:03:87:87:24:d7:69:c3:d8:0e:b8:f8:a9:
d2:1b:14:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXXLfvPifE0sWskdC9SDXh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDVjN2FlN2U0NWMwMDczNGVmYmNjOTEzYTFiMWVhM2U5
NjRiNDAwHhcNMjUwMzI3MTAzNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDAxY2E1ZDcwYzY3ZjgxNjRhNmYxOGJhMTUyNmZjZjg2NTA0YmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BAqoqD97BUyHMoSiTlwUffERGiJ
07yHilslsZvboch5A+NMFpNh75/kVQJ7d5qccBGvqJjmfMRAOfNcrD42vFieAHTs
XxYizqE2cKAZJ9wAdC5mqOUA547VxZE5apQ1Tmd0FbVL9k29lYcxmvV5Krs1oLSo
JVGMorNUlrz2lLDSJAiSsyQ4xDW8s6jE9xUbwJKMGl23GJnTAt970Yk9tjz5gUDT
tEinQUVREs+KBk6I+8XttA06ZFzKFkxFbkg2YyZiCu/ku7/5e9nzGqthsT6GvQk9
gsHnnlQoWIiLPRAuXcge9OfARr3xSkTlXfBG69EaVclhIo0zjIpbPfkYbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAQByl1wxn+BZKbxi6FSb8+GUEvYMB8GA1UdIwQY
MBaAFKLVx65+RcAHNO+8yROhseo+lktAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RYSHJuNUZ3QWMwNzd6SkU2R3g2ajZXUzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81MGYzNGMtMzM4ZC00ZmNlLTgxOTMt
ZWMxNjczNWEzMzgyLzEvQkFIS1hYREdmNEZrcHZHTG9WSnZ6NFpRUzlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC81MGYzNGMtMzM4ZC00ZmNlLTgxOTMtZWMxNjczNWEzMzgy
LzEvb3RYSHJuNUZ3QWMwNzd6SkU2R3g2ajZXUzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXXRMA0G
CSqGSIb3DQEBCwUAA4IBAQACPjiVwa7mTOfLoLRdAbdgEDx0kCd86WLm5+/d/x9v
8lp57snocs/ODDyfh9bPMVTHqhE/Gjtw4l5koyxJmX1xlg3FJwq6cPBvZFQc0vhJ
HIYJ3psbBt/AnbGOFVP6VsFxzrzrs8nlGO46BQjA2Cgxxlggcv1PDa6d4XApsxO7
SYmj7k8GQ3uuhu20N5/x3O/AMnhaIvrqLQrxcJiePC96sISkbuuQW1mL827xgDft
SWkFx+SS8dePYFWBfGoJUnaqW2MQPjGgHU3fRU8+cAUJxqw1kgvdo1ck3Vs7N3a1
gRZY0+7otrMfRMXcDkrhaAwDh4ck12nD2A64+KnSGxQ1
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:50:52 2025 by rpki-client