Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/BMptnJRSGTkWJOjblq5mgfRcfLY.roa
File: BMptnJRSGTkWJOjblq5mgfRcfLY.roa (raw, json)
Hash identifier: RnRzk0Om7At3HifECB1Tr2cQUVVRKsvYyif2pRwCQTg=
Subject key identifier: 04:CA:6D:9C:94:52:19:39:16:24:E8:DB:96:AE:66:81:F4:5C:7C:B6
Certificate issuer: /CN=97ac47b51244ef49c52378aecd29c58cfb72089b
Certificate serial: 018CC4244F7854B04D2FD760626884207884
Authority key identifier: 97:AC:47:B5:12:44:EF:49:C5:23:78:AE:CD:29:C5:8C:FB:72:08:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l6xHtRJE70nFI3iuzSnFjPtyCJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/BMptnJRSGTkWJOjblq5mgfRcfLY.roa
Signing time: Mon 01 Jan 2024 08:29:23 +0000
ROA not before: Mon 01 Jan 2024 08:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34534
IP address blocks: 37.44.238.0/24 maxlen: 24
37.44.236.0/24 maxlen: 24
185.157.246.0/23 maxlen: 24
2a09:ca00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:4f:78:54:b0:4d:2f:d7:60:62:68:84:20:78:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97ac47b51244ef49c52378aecd29c58cfb72089b
Validity
Not Before: Jan 1 08:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04ca6d9c945219391624e8db96ae6681f45c7cb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3a:0c:95:8c:64:2e:3b:3d:81:81:af:5c:2e:
65:a8:d0:07:df:fa:c8:82:f7:32:06:5e:ac:7c:1c:
93:d1:e7:99:17:f5:eb:e2:41:ac:c4:7a:ae:1e:01:
e0:95:21:63:de:9f:ff:f7:ae:83:d3:b8:c2:a6:46:
47:68:0b:d5:09:57:b1:25:76:58:9b:aa:96:ae:bb:
93:7b:83:86:3a:b7:94:92:74:b7:63:2f:d0:dd:60:
b7:04:7e:c9:01:ef:4d:8f:4c:c3:0a:88:35:5c:d1:
35:cd:bb:64:c5:a9:6b:96:85:70:3c:93:64:ed:ef:
81:47:2a:6e:8e:7b:53:cb:5f:4d:a0:30:b4:43:44:
36:36:1e:14:36:42:35:b3:da:d6:9f:4e:4f:0d:dc:
de:5b:b9:e9:f2:24:c6:ec:47:11:bd:3b:2c:f8:21:
30:8b:d1:d8:1f:7e:fb:1a:a5:c9:11:6a:98:d6:e8:
33:d8:36:7e:6e:63:a1:b8:6e:de:60:bb:64:32:aa:
d2:04:8b:0f:9e:12:02:4c:ef:d0:3a:7d:94:26:20:
aa:92:a9:d7:59:36:28:65:00:1a:f3:0f:74:1f:91:
1d:96:7e:9d:a6:b7:97:3a:bf:b1:fa:4d:36:7d:ab:
e9:4c:75:47:d9:3b:3a:34:9f:c6:05:bc:8b:c0:4f:
d6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:CA:6D:9C:94:52:19:39:16:24:E8:DB:96:AE:66:81:F4:5C:7C:B6
X509v3 Authority Key Identifier:
keyid:97:AC:47:B5:12:44:EF:49:C5:23:78:AE:CD:29:C5:8C:FB:72:08:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l6xHtRJE70nFI3iuzSnFjPtyCJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/BMptnJRSGTkWJOjblq5mgfRcfLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/l6xHtRJE70nFI3iuzSnFjPtyCJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.236.0/24
37.44.238.0/24
185.157.246.0/23
IPv6:
2a09:ca00::/48
Signature Algorithm: sha256WithRSAEncryption
73:48:57:cf:59:2c:e1:96:71:e7:10:32:21:c5:66:59:8a:b2:
1d:00:6b:a3:45:fa:b7:d3:b0:0b:7a:b1:9d:48:a5:c4:05:c1:
11:3c:79:8f:47:70:88:e7:bc:d7:61:6f:1e:93:2c:42:34:07:
df:b3:d7:67:b0:96:60:16:27:1b:c1:41:b9:a2:74:39:a2:06:
9e:c8:d8:7e:2c:47:4c:1b:b0:0a:13:c8:93:64:82:93:85:a5:
00:79:a4:91:aa:ec:62:d6:cb:25:86:eb:3c:db:1b:f2:f2:63:
7f:14:47:88:3c:97:8a:8c:38:e9:b8:6b:78:57:6a:e6:da:16:
44:75:87:6a:ec:50:b7:8d:1e:5c:1d:12:7d:94:ff:ad:58:58:
13:ec:09:e9:0a:37:db:1c:a9:4f:cc:08:3e:c1:84:6a:26:55:
3d:75:ef:5e:41:8b:13:f1:f3:32:5f:59:0d:a9:4b:9d:8a:c4:
e5:23:56:a3:4f:85:54:1a:c8:02:ab:94:ef:f9:68:ad:2b:9b:
d9:3c:b7:1c:ab:fc:d7:15:45:49:2a:bb:2f:e9:a8:e8:6b:37:
21:eb:08:61:89:83:91:4f:34:4c:4f:0a:84:6c:d2:90:c2:50:
75:3d:8e:f4:b9:4c:3c:d6:84:5a:37:2a:40:96:e5:ff:74:0c:
ac:68:00:38
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzEJE94VLBNL9dgYmiEIHiEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YWM0N2I1MTI0NGVmNDljNTIzNzhhZWNkMjljNThjZmI3
MjA4OWIwHhcNMjQwMTAxMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGNhNmQ5Yzk0NTIxOTM5MTYyNGU4ZGI5NmFlNjY4MWY0NWM3Y2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzoMlYxkLjs9gYGvXC5lqNAH3/rI
gvcyBl6sfByT0eeZF/Xr4kGsxHquHgHglSFj3p//966D07jCpkZHaAvVCVexJXZY
m6qWrruTe4OGOreUknS3Yy/Q3WC3BH7JAe9Nj0zDCog1XNE1zbtkxalrloVwPJNk
7e+BRypujntTy19NoDC0Q0Q2Nh4UNkI1s9rWn05PDdzeW7np8iTG7EcRvTss+CEw
i9HYH377GqXJEWqY1ugz2DZ+bmOhuG7eYLtkMqrSBIsPnhICTO/QOn2UJiCqkqnX
WTYoZQAa8w90H5Edln6dpreXOr+x+k02favpTHVH2Ts6NJ/GBbyLwE/W8wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFATKbZyUUhk5FiTo25auZoH0XHy2MB8GA1UdIwQY
MBaAFJesR7USRO9JxSN4rs0pxYz7cgibMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDZ4SHRSSkU3MG5GSTNpdXpTbkZqUHR5Q0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81ZjA2M2YtMTAwZC00MzEwLWEwNDYt
M2Y2NTY4YjU5NTg5LzEvQk1wdG5KUlNHVGtXSk9qYmxxNW1nZlJjZkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81ZjA2M2YtMTAwZC00MzEwLWEwNDYtM2Y2NTY4YjU5NTg5
LzEvbDZ4SHRSSkU3MG5GSTNpdXpTbkZqUHR5Q0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAJSzsAwQA
JSzuAwQBuZ32MA8EAgACMAkDBwAqCcoAAAAwDQYJKoZIhvcNAQELBQADggEBAHNI
V89ZLOGWcecQMiHFZlmKsh0Aa6NF+rfTsAt6sZ1IpcQFwRE8eY9HcIjnvNdhbx6T
LEI0B9+z12ewlmAWJxvBQbmidDmiBp7I2H4sR0wbsAoTyJNkgpOFpQB5pJGq7GLW
yyWG6zzbG/LyY38UR4g8l4qMOOm4a3hXaubaFkR1h2rsULeNHlwdEn2U/61YWBPs
CekKN9scqU/MCD7BhGomVT11715BixPx8zJfWQ2pS52KxOUjVqNPhVQayAKrlO/5
aK0rm9k8txyr/NcVRUkquy/pqOhrNyHrCGGJg5FPNExPCoRs0pDCUHU9jvS5TDzW
hFo3KkCW5f90DKxoADg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:37 2024 by rpki-client on console-ams.rpki-client.org