Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/BKzk8PEv4C-K-dAjelZ2PQmBLbk.roa
File: BKzk8PEv4C-K-dAjelZ2PQmBLbk.roa (raw, json)
Hash identifier: 0eLcFnn58Q6bI77SyMiyrXborE81MoDtpAJ0qlI9pZA=
Subject key identifier: 04:AC:E4:F0:F1:2F:E0:2F:8A:F9:D0:23:7A:56:76:3D:09:81:2D:B9
Certificate issuer: /CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
Certificate serial: 01942143945A93447E6124CFCD6DCF88193E
Authority key identifier: CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/BKzk8PEv4C-K-dAjelZ2PQmBLbk.roa
Signing time: Wed 01 Jan 2025 09:47:44 +0000
ROA not before: Wed 01 Jan 2025 09:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210083
IP address blocks: 121.127.33.0/24 maxlen: 24
185.130.44.0/24 maxlen: 24
185.130.45.0/24 maxlen: 24
185.130.46.0/24 maxlen: 24
185.130.47.0/24 maxlen: 24
199.231.235.0/24 maxlen: 24
202.181.177.0/24 maxlen: 24
2a07:e00::/48 maxlen: 48
2a07:e00:a::/48 maxlen: 48
2a07:e00:b::/48 maxlen: 48
2a07:e00:c::/48 maxlen: 48
2a07:e00:ac::/48 maxlen: 48
2a07:e00:bb::/48 maxlen: 48
2a07:e00:bc::/48 maxlen: 48
2a07:e00:ff::/48 maxlen: 48
2a07:e00:19f::/48 maxlen: 48
2a07:e01::/32 maxlen: 32
2a07:e02:41::/48 maxlen: 48
2a07:e02:a00::/40 maxlen: 40
2a07:e02:b00::/40 maxlen: 56
2a07:e02:1000::/36 maxlen: 40
2a07:e03::/32 maxlen: 48
2a07:e04::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:94:5a:93:44:7e:61:24:cf:cd:6d:cf:88:19:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
Validity
Not Before: Jan 1 09:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04ace4f0f12fe02f8af9d0237a56763d09812db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:84:9c:ce:7d:ee:7d:d4:53:84:50:92:fe:52:
dc:cf:25:fb:54:2f:09:45:b8:e8:0f:fe:f9:dc:58:
ce:7e:b9:c8:cb:30:06:66:5e:f8:c2:20:7b:bb:29:
1a:b5:0f:fb:04:12:31:16:64:8f:8b:bd:66:4e:0e:
66:21:b3:ab:cd:3d:0a:f8:81:42:7c:8b:06:46:50:
90:09:5c:17:b8:f2:5d:fd:28:3c:74:3b:9d:b8:be:
de:a7:fb:a7:ba:cd:32:ce:27:08:2f:60:e8:0a:36:
d6:04:c2:f3:2f:eb:95:ec:91:89:98:17:bf:02:09:
23:ed:83:eb:44:2a:04:37:7e:f3:42:19:73:f8:c6:
a9:a2:68:df:af:4e:f5:d6:92:bf:17:58:bc:bd:44:
2c:d5:f2:54:e8:a1:7e:55:6d:91:bb:d2:4d:20:7d:
b2:e8:8a:36:f2:11:d8:be:f8:83:4d:4b:31:2d:47:
f0:fd:8a:28:9f:bc:6f:77:cf:e4:47:47:fc:bd:3c:
fd:63:bc:92:29:b8:f6:b6:6b:5c:cb:06:e0:41:5f:
01:61:0f:20:26:93:b3:7f:74:3e:ca:68:93:58:17:
19:87:2e:84:a6:83:78:30:aa:57:6e:21:aa:df:1e:
1b:aa:7f:ff:5d:55:73:12:6d:0e:df:60:0c:f9:44:
70:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:AC:E4:F0:F1:2F:E0:2F:8A:F9:D0:23:7A:56:76:3D:09:81:2D:B9
X509v3 Authority Key Identifier:
keyid:CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/BKzk8PEv4C-K-dAjelZ2PQmBLbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/zC61s4u2Lt5cmMv7z_lTKFIYBRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.127.33.0/24
185.130.44.0/22
199.231.235.0/24
202.181.177.0/24
IPv6:
2a07:e00::/48
2a07:e00:a::-2a07:e00:c:ffff:ffff:ffff:ffff:ffff
2a07:e00:ac::/48
2a07:e00:bb::-2a07:e00:bc:ffff:ffff:ffff:ffff:ffff
2a07:e00:ff::/48
2a07:e00:19f::/48
2a07:e01::/32
2a07:e02:41::/48
2a07:e02:a00::/39
2a07:e02:1000::/36
2a07:e03::-2a07:e04:fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a8:e4:eb:55:b6:15:2c:52:e9:4b:cd:74:ad:94:bc:ab:81:66:
98:c2:fe:8b:8c:75:d7:a9:36:82:14:78:10:17:e2:10:0b:77:
71:7f:97:f9:c4:b9:12:b1:06:13:02:11:ae:d8:de:37:fe:48:
12:12:19:a4:fa:76:1f:5d:97:c2:13:2d:c2:c9:c7:d0:62:90:
27:dd:f5:c1:cf:f6:7f:93:e6:6a:d4:b0:58:3f:b4:55:0d:0d:
7f:60:ab:a1:5a:4f:26:a0:3d:b7:fd:79:f4:a2:6f:b7:4c:51:
5a:06:14:df:fd:e9:47:18:9b:27:52:98:0a:53:0f:cb:6b:01:
1b:45:3a:d4:6d:e4:e0:64:c4:1d:0b:f2:33:f2:20:9f:23:b7:
76:71:bb:46:cd:8b:c0:f0:c2:09:99:ae:66:6c:b3:60:54:69:
64:89:91:30:e4:9a:90:30:56:17:3e:8b:7b:97:59:79:2d:b9:
ae:49:d7:c6:ad:2e:aa:0a:8a:76:63:2f:86:d9:ca:7e:94:a2:
9e:99:89:89:8e:37:ed:a9:ee:b6:eb:72:d3:a6:ba:c6:81:0f:
ae:1a:6b:54:d1:4b:ae:f0:4a:a9:90:7d:62:11:dc:ad:1e:9c:
53:53:19:ca:2e:3b:f0:d6:51:19:e1:5b:3b:aa:f0:d2:c5:e0:
0d:db:df:64
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZQhQ5Rak0R+YSTPzW3PiBk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMmViNWIzOGJiNjJlZGU1Yzk4Y2JmYmNmZjk1MzI4NTIx
ODA1MTYwHhcNMjUwMTAxMDk0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGFjZTRmMGYxMmZlMDJmOGFmOWQwMjM3YTU2NzYzZDA5ODEyZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4Sczn3ufdRThFCS/lLczyX7VC8J
RbjoD/753FjOfrnIyzAGZl74wiB7uykatQ/7BBIxFmSPi71mTg5mIbOrzT0K+IFC
fIsGRlCQCVwXuPJd/Sg8dDuduL7ep/unus0yzicIL2DoCjbWBMLzL+uV7JGJmBe/
Agkj7YPrRCoEN37zQhlz+Mapomjfr0711pK/F1i8vUQs1fJU6KF+VW2Ru9JNIH2y
6Io28hHYvviDTUsxLUfw/Yoon7xvd8/kR0f8vTz9Y7ySKbj2tmtcywbgQV8BYQ8g
JpOzf3Q+ymiTWBcZhy6EpoN4MKpXbiGq3x4bqn//XVVzEm0O32AM+URwJQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFASs5PDxL+AvivnQI3pWdj0JgS25MB8GA1UdIwQY
MBaAFMwutbOLti7eXJjL+8/5UyhSGAUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEt
ZjFmODAyZTY2MTNiLzEvQkt6azhQRXY0Qy1LLWRBamVsWjJQUW1CTGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEtZjFmODAyZTY2MTNi
LzEvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjAeBAIAATAYAwQAeX8h
AwQCuYIsAwQAx+frAwQAyrWxMIGDBAIAAjB9AwcAKgcOAAAAMBIDBwEqBw4AAAoD
BwAqBw4AAAwDBwAqBw4AAKwwEgMHACoHDgAAuwMHACoHDgAAvAMHACoHDgAA/wMH
ACoHDgABnwMFACoHDgEDBwAqBw4CAEEDBgEqBw4CCgMGBCoHDgIQMA8DBQAqBw4D
AwYEKgcOBAAwDQYJKoZIhvcNAQELBQADggEBAKjk61W2FSxS6UvNdK2UvKuBZpjC
/ouMddepNoIUeBAX4hALd3F/l/nEuRKxBhMCEa7Y3jf+SBISGaT6dh9dl8ITLcLJ
x9BikCfd9cHP9n+T5mrUsFg/tFUNDX9gq6FaTyagPbf9efSib7dMUVoGFN/96UcY
mydSmApTD8trARtFOtRt5OBkxB0L8jPyIJ8jt3Zxu0bNi8DwwgmZrmZss2BUaWSJ
kTDkmpAwVhc+i3uXWXktua5J18atLqoKinZjL4bZyn6Uop6ZiYmON+2p7rbrctOm
usaBD64aa1TRS67wSqmQfWIR3K0enFNTGcouO/DWURnhWzuq8NLF4A3b32Q=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:23:38 2025 by rpki-client