Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f1c8ba-91ae-4eb3-9ee1-e972b71009ec/1/bgjkgCbf5bcwuC-9xef-UJTZIXM.roa
File: bgjkgCbf5bcwuC-9xef-UJTZIXM.roa (raw, json)
Hash identifier: ASNkx7/pO9p/NeNV36dOyJ4nzWp8EsXbTb426q16Xd0=
Subject key identifier: 6E:08:E4:80:26:DF:E5:B7:30:B8:2F:BD:C5:E7:FE:50:94:D9:21:73
Certificate issuer: /CN=c6f46eb1876d61511f375863e4db5367b4da3c15
Certificate serial: 018D546370D0F31FED75A5E3CFB74CA96DBD
Authority key identifier: C6:F4:6E:B1:87:6D:61:51:1F:37:58:63:E4:DB:53:67:B4:DA:3C:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvRusYdtYVEfN1hj5NtTZ7TaPBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f1c8ba-91ae-4eb3-9ee1-e972b71009ec/1/bgjkgCbf5bcwuC-9xef-UJTZIXM.roa
Signing time: Mon 29 Jan 2024 08:43:39 +0000
ROA not before: Mon 29 Jan 2024 08:43:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43289
IP address blocks: 185.31.202.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:54:63:70:d0:f3:1f:ed:75:a5:e3:cf:b7:4c:a9:6d:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f46eb1876d61511f375863e4db5367b4da3c15
Validity
Not Before: Jan 29 08:43:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e08e48026dfe5b730b82fbdc5e7fe5094d92173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:38:72:53:9d:e8:61:f1:af:10:b7:13:7d:de:
3f:4f:1a:72:f1:28:5e:65:d5:42:a6:9e:80:4e:34:
3b:8e:84:26:ef:03:38:be:84:90:ab:67:a7:e6:f6:
fb:de:f4:bf:3c:70:3f:7f:12:17:ec:55:0a:06:7e:
22:21:66:60:b0:a7:00:a0:42:6a:9f:09:d8:cf:4d:
78:79:5a:1d:ce:b9:66:7b:57:db:f5:93:39:f3:2c:
77:23:e8:30:64:2f:97:86:66:38:0c:41:98:d7:9b:
c8:4f:bf:a8:bd:89:5a:61:12:61:9e:f6:12:32:31:
4c:66:bf:41:ca:b3:db:96:77:e2:b4:c2:ce:b2:35:
f0:c1:3d:c9:23:b1:74:80:01:d3:e2:a1:29:3f:ea:
dc:4d:5a:c4:d6:6e:bb:ca:d7:1d:8e:fa:3f:b6:d4:
71:38:33:97:5b:67:c7:0f:fb:bc:20:30:6f:58:12:
36:a6:6b:c3:28:61:f5:48:07:97:b2:45:33:83:e0:
01:ea:0b:8d:66:60:3e:72:44:77:a3:e6:69:ed:ce:
f8:3e:52:3d:6a:e5:d1:c8:e4:e9:4d:9e:67:b0:14:
ba:a2:2c:e7:ba:07:04:c8:e4:47:13:8b:c3:d4:e2:
f6:03:e5:58:b0:2d:d8:8d:53:12:1f:f5:11:59:e8:
c8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:08:E4:80:26:DF:E5:B7:30:B8:2F:BD:C5:E7:FE:50:94:D9:21:73
X509v3 Authority Key Identifier:
keyid:C6:F4:6E:B1:87:6D:61:51:1F:37:58:63:E4:DB:53:67:B4:DA:3C:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvRusYdtYVEfN1hj5NtTZ7TaPBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f1c8ba-91ae-4eb3-9ee1-e972b71009ec/1/bgjkgCbf5bcwuC-9xef-UJTZIXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f1c8ba-91ae-4eb3-9ee1-e972b71009ec/1/xvRusYdtYVEfN1hj5NtTZ7TaPBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.202.0/24
Signature Algorithm: sha256WithRSAEncryption
86:17:f0:a2:7b:04:8a:c6:b3:cb:e5:19:80:37:0d:19:f7:b1:
15:eb:4c:0b:56:38:31:99:c6:75:9f:65:1c:8b:19:a6:c9:cf:
69:9c:5f:c9:87:1e:ba:8b:fa:7d:16:c0:48:2d:5b:8c:3d:86:
32:0c:77:5b:ce:f7:dd:90:8b:14:14:d8:3d:04:c2:64:45:0c:
5e:67:d6:b8:18:f6:b4:57:bb:74:e0:e1:f9:be:cb:75:71:11:
c9:94:5a:a5:1e:fb:e7:46:ce:68:0c:d4:3f:f1:bc:d1:97:03:
91:08:5d:01:2d:4c:2e:db:40:2a:91:8d:b6:98:aa:40:e9:2d:
24:aa:3a:9c:07:e6:b3:4a:75:fa:43:e3:4b:85:c9:fb:25:11:
bf:8f:4d:1e:23:22:49:95:49:c7:7b:02:f6:8c:09:97:18:9e:
1b:d9:1a:12:a1:8c:60:1a:76:e9:5b:c0:bb:0f:37:71:1a:df:
17:a1:11:b6:7b:8e:4e:5d:62:fe:94:92:a5:44:f9:dd:91:2b:
96:94:eb:a9:dd:65:ea:00:1d:6f:3a:ec:20:64:ac:35:61:c2:
a1:8d:5d:de:ee:e4:21:96:b6:2d:da:11:a2:94:ab:22:e0:a1:
8c:be:9b:01:54:f2:c4:91:4a:b4:df:79:08:43:d9:1a:28:ec:
ef:61:df:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1UY3DQ8x/tdaXjz7dMqW29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjQ2ZWIxODc2ZDYxNTExZjM3NTg2M2U0ZGI1MzY3YjRk
YTNjMTUwHhcNMjQwMTI5MDg0MzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTA4ZTQ4MDI2ZGZlNWI3MzBiODJmYmRjNWU3ZmU1MDk0ZDkyMTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzhyU53oYfGvELcTfd4/Txpy8She
ZdVCpp6ATjQ7joQm7wM4voSQq2en5vb73vS/PHA/fxIX7FUKBn4iIWZgsKcAoEJq
nwnYz014eVodzrlme1fb9ZM58yx3I+gwZC+XhmY4DEGY15vIT7+ovYlaYRJhnvYS
MjFMZr9ByrPblnfitMLOsjXwwT3JI7F0gAHT4qEpP+rcTVrE1m67ytcdjvo/ttRx
ODOXW2fHD/u8IDBvWBI2pmvDKGH1SAeXskUzg+AB6guNZmA+ckR3o+Zp7c74PlI9
auXRyOTpTZ5nsBS6oiznugcEyORHE4vD1OL2A+VYsC3YjVMSH/URWejIAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4I5IAm3+W3MLgvvcXn/lCU2SFzMB8GA1UdIwQY
MBaAFMb0brGHbWFRHzdYY+TbU2e02jwVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZSdXNZZHRZVkVmTjFoajVOdFRaN1RhUEJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mMWM4YmEtOTFhZS00ZWIzLTllZTEt
ZTk3MmI3MTAwOWVjLzEvYmdqa2dDYmY1YmN3dUMtOXhlZi1VSlRaSVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mMWM4YmEtOTFhZS00ZWIzLTllZTEtZTk3MmI3MTAwOWVj
LzEveHZSdXNZZHRZVkVmTjFoajVOdFRaN1RhUEJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuR/KMA0G
CSqGSIb3DQEBCwUAA4IBAQCGF/CiewSKxrPL5RmANw0Z97EV60wLVjgxmcZ1n2Uc
ixmmyc9pnF/Jhx66i/p9FsBILVuMPYYyDHdbzvfdkIsUFNg9BMJkRQxeZ9a4GPa0
V7t04OH5vst1cRHJlFqlHvvnRs5oDNQ/8bzRlwORCF0BLUwu20AqkY22mKpA6S0k
qjqcB+azSnX6Q+NLhcn7JRG/j00eIyJJlUnHewL2jAmXGJ4b2RoSoYxgGnbpW8C7
DzdxGt8XoRG2e45OXWL+lJKlRPndkSuWlOup3WXqAB1vOuwgZKw1YcKhjV3e7uQh
lrYt2hGilKsi4KGMvpsBVPLEkUq033kIQ9kaKOzvYd83
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:08:07 2025 by rpki-client