Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/Bykp6D8a0g7RWzF0-TM8Q9QUeZg.roa
File: Bykp6D8a0g7RWzF0-TM8Q9QUeZg.roa (raw, json)
Hash identifier: XX0zq9iYFmQVsbLlV9Gh1YQJWKy0izeVfRSjEDzptNY=
Subject key identifier: 07:29:29:E8:3F:1A:D2:0E:D1:5B:31:74:F9:33:3C:43:D4:14:79:98
Certificate issuer: /CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Certificate serial: 019427B5B0A4273C786CA810E35DFE9E6C5F
Authority key identifier: BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/Bykp6D8a0g7RWzF0-TM8Q9QUeZg.roa
Signing time: Thu 02 Jan 2025 15:50:06 +0000
ROA not before: Thu 02 Jan 2025 15:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58224
IP address blocks: 185.66.228.0/24 maxlen: 24
185.66.229.0/24 maxlen: 24
185.66.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:b0:a4:27:3c:78:6c:a8:10:e3:5d:fe:9e:6c:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Validity
Not Before: Jan 2 15:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=072929e83f1ad20ed15b3174f9333c43d4147998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cb:e0:a3:08:44:52:8f:74:ce:95:27:bd:c0:
a4:70:51:14:9b:d8:f9:ab:78:ff:08:e4:45:7e:c1:
30:78:a2:cc:15:c6:6f:16:84:84:b5:2f:3a:61:61:
a1:c1:0e:d3:8d:f5:ef:0d:a3:94:ee:97:6f:fd:85:
fd:12:c7:5a:e1:62:f4:36:0c:61:46:5d:dd:9d:f5:
44:b5:78:5e:ca:78:b6:f2:27:25:9a:0d:46:de:e0:
23:f3:f5:86:ce:5f:c7:bf:24:0f:2f:01:fe:b6:bc:
30:4c:5b:8e:2c:89:46:33:89:50:30:88:1a:84:ca:
64:58:07:00:31:06:57:cc:ae:c4:6d:87:7d:37:1d:
bc:df:61:cf:00:50:2a:ae:d8:ba:a8:94:ca:3d:37:
bb:dc:ea:ff:f7:a5:e2:b3:ed:26:a4:d1:fc:db:f9:
a5:19:ee:70:b2:e8:d2:23:5e:7e:c3:84:2f:1a:c4:
cd:3f:c9:37:be:56:e6:be:e6:e3:95:89:43:2c:71:
fc:80:d4:e3:2a:ee:2a:0f:0c:59:3a:74:d3:c2:e4:
85:6c:46:bb:48:f7:34:d6:fd:00:a2:e7:6e:50:8a:
fc:66:76:61:0a:3d:77:b9:7b:bd:e8:04:6e:63:70:
61:e4:c1:5d:2c:be:11:3f:c0:cf:6a:82:a4:69:1e:
54:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:29:29:E8:3F:1A:D2:0E:D1:5B:31:74:F9:33:3C:43:D4:14:79:98
X509v3 Authority Key Identifier:
keyid:BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/Bykp6D8a0g7RWzF0-TM8Q9QUeZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/v124EbXV0FvsN-6dCaTsUu7tGtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.228.0/23
185.66.231.0/24
Signature Algorithm: sha256WithRSAEncryption
76:99:07:bc:73:42:68:d6:e7:67:97:93:fc:ca:3b:4a:1d:55:
58:d1:18:c6:34:45:75:13:4d:30:e1:d9:66:5c:f7:d3:b4:69:
21:f9:12:09:84:fd:d4:fd:c6:c6:ec:13:b0:3f:cc:e6:c0:29:
80:d3:85:4a:4f:76:06:f9:4e:cd:7d:99:13:f2:38:e4:86:09:
8d:a7:76:a7:00:ab:39:56:9e:73:d7:f4:bf:83:93:e1:61:8e:
ea:e0:07:8a:70:70:42:a1:4f:aa:f8:e8:d9:bd:d2:63:0d:8b:
c9:6f:e2:e3:47:82:17:6e:2d:af:a9:c2:fd:5c:f7:80:c5:c0:
71:ef:a5:f7:37:0b:f4:53:99:04:f6:a9:b2:62:74:5b:df:64:
a8:4c:2f:fe:91:2f:8d:ef:a4:9d:03:54:2e:cb:69:5f:6c:42:
42:b1:c6:76:c0:ae:bc:e8:3d:7d:af:64:ff:23:c2:7b:55:c5:
10:27:af:47:6e:58:e0:35:24:f5:9a:f6:ec:46:0d:a4:5b:7d:
e9:2a:bc:1e:00:ca:be:eb:29:b7:a2:8e:ea:33:42:37:8c:5d:
ad:fe:8e:a4:91:4c:6a:93:5c:5a:48:0b:4f:00:4a:6b:73:e9:
a9:bf:28:20:fa:1a:13:92:9b:9f:1f:bf:a6:23:d0:dd:22:4d:
c0:8c:49:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntbCkJzx4bKgQ413+nmxfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNWRiODExYjVkNWQwNWJlYzM3ZWU5ZDA5YTRlYzUyZWVl
ZDFhZDUwHhcNMjUwMTAyMTU1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzI5MjllODNmMWFkMjBlZDE1YjMxNzRmOTMzM2M0M2Q0MTQ3OTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28vgowhEUo90zpUnvcCkcFEUm9j5
q3j/CORFfsEweKLMFcZvFoSEtS86YWGhwQ7TjfXvDaOU7pdv/YX9Esda4WL0Ngxh
Rl3dnfVEtXheyni28iclmg1G3uAj8/WGzl/HvyQPLwH+trwwTFuOLIlGM4lQMIga
hMpkWAcAMQZXzK7EbYd9Nx2832HPAFAqrti6qJTKPTe73Or/96Xis+0mpNH82/ml
Ge5wsujSI15+w4QvGsTNP8k3vlbmvubjlYlDLHH8gNTjKu4qDwxZOnTTwuSFbEa7
SPc01v0AouduUIr8ZnZhCj13uXu96ARuY3Bh5MFdLL4RP8DPaoKkaR5UHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAcpKeg/GtIO0VsxdPkzPEPUFHmYMB8GA1UdIwQY
MBaAFL9duBG11dBb7DfunQmk7FLu7RrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2Mt
NzE1ZjA5ODE3MzQxLzEvQnlrcDZEOGEwZzdSV3pGMC1UTThROVFVZVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2MtNzE1ZjA5ODE3MzQx
LzEvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuULkAwQA
uULnMA0GCSqGSIb3DQEBCwUAA4IBAQB2mQe8c0Jo1udnl5P8yjtKHVVY0RjGNEV1
E00w4dlmXPfTtGkh+RIJhP3U/cbG7BOwP8zmwCmA04VKT3YG+U7NfZkT8jjkhgmN
p3anAKs5Vp5z1/S/g5PhYY7q4AeKcHBCoU+q+OjZvdJjDYvJb+LjR4IXbi2vqcL9
XPeAxcBx76X3Nwv0U5kE9qmyYnRb32SoTC/+kS+N76SdA1Quy2lfbEJCscZ2wK68
6D19r2T/I8J7VcUQJ69HbljgNST1mvbsRg2kW33pKrweAMq+6ym3oo7qM0I3jF2t
/o6kkUxqk1xaSAtPAEprc+mpvygg+hoTkpufH7+mI9DdIk3AjEk5
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:22:45 2025 by rpki-client