Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/nLYvZ3i4PVlW5YGkUi-Iy6b2M6s.roa
File: nLYvZ3i4PVlW5YGkUi-Iy6b2M6s.roa (raw, json)
Hash identifier: TkxMVf61qoHjvONJOJ/QRb5nyzggmVNtDwtjqOJywb8=
Subject key identifier: 9C:B6:2F:67:78:B8:3D:59:56:E5:81:A4:52:2F:88:CB:A6:F6:33:AB
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 0194228DFD10B139AF39FDDC6B6E48E63163
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/nLYvZ3i4PVlW5YGkUi-Iy6b2M6s.roa
Signing time: Wed 01 Jan 2025 15:48:38 +0000
ROA not before: Wed 01 Jan 2025 15:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60223
IP address blocks: 193.68.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:fd:10:b1:39:af:39:fd:dc:6b:6e:48:e6:31:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jan 1 15:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cb62f6778b83d5956e581a4522f88cba6f633ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:85:f5:e6:c6:04:61:4b:d1:42:0a:a1:7b:5a:
db:2e:ea:6b:2a:26:a3:d7:a2:5b:0b:a3:89:21:db:
a8:74:79:55:3e:f2:fb:bb:5c:72:85:f3:d4:9b:6b:
52:67:ac:20:dc:40:d9:b4:46:70:82:3b:cb:ea:ae:
c9:9f:16:27:e7:24:b6:4e:a8:fb:e8:b2:85:c3:9e:
ae:8d:5b:6e:18:53:fd:9e:ce:f6:ad:18:14:8f:d7:
20:48:a4:c8:b6:3d:05:8c:bf:d7:d5:71:38:73:62:
45:4b:07:43:cf:f5:96:af:51:7f:68:88:32:27:31:
de:41:e0:d6:02:e9:d7:61:da:1a:a2:7f:c1:ec:8a:
d3:22:d4:90:b7:98:20:2d:a7:b8:44:65:bb:45:3f:
ee:6a:b8:c0:94:70:5b:3b:f4:ec:0b:67:96:3b:ad:
33:99:2f:7c:f5:d6:c8:d5:2a:c7:5b:de:30:fb:fa:
f9:8a:29:2c:d9:5d:71:d9:a1:d7:e0:83:a7:5a:35:
ce:98:ec:98:2d:36:1b:33:ff:7f:4b:74:bd:67:28:
7f:34:9f:ef:11:be:d7:d7:ab:77:bb:42:c6:d5:14:
22:77:b0:2f:73:f6:46:28:c4:0d:44:f2:21:74:e5:
80:e4:62:5a:a8:99:d2:89:49:aa:d7:02:a8:ac:e2:
c0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:B6:2F:67:78:B8:3D:59:56:E5:81:A4:52:2F:88:CB:A6:F6:33:AB
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/nLYvZ3i4PVlW5YGkUi-Iy6b2M6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.68.89.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:04:84:77:40:7d:eb:02:87:d1:25:d1:ce:46:27:42:0f:33:
76:6a:c7:db:e1:a3:7c:c8:12:e6:00:54:7b:51:ae:25:7d:7d:
d7:c2:24:d9:7a:d2:29:c4:66:f5:b8:9c:fb:4c:8a:d8:29:ec:
58:1e:82:fe:ce:c0:02:fb:27:bb:bd:28:94:84:ff:e8:29:63:
e1:88:b5:aa:1e:a0:e8:c2:d9:87:e4:60:d9:bb:3d:61:94:30:
54:a3:74:d1:84:d6:f1:d3:dd:05:c8:1f:8a:d6:32:2c:9b:41:
fc:0b:a8:8b:b1:15:09:e9:91:c0:63:d0:ee:02:53:30:41:1a:
f2:0c:fa:a3:c9:94:a0:89:ec:fb:7a:ca:cc:a1:94:e6:53:12:
59:74:6a:47:93:b2:ff:4d:e6:c6:b3:45:39:0e:b4:97:54:52:
e1:f1:3c:85:76:cf:52:87:2a:9a:cb:18:7d:23:ee:34:c9:14:
c1:d3:7a:2d:20:06:e9:71:33:40:3e:b0:bb:13:42:b1:ac:14:
ab:ca:e9:6a:5b:aa:26:4d:76:6e:eb:d9:2d:9f:f2:87:a1:3d:
9a:f4:f2:04:4e:78:00:bb:56:68:cd:95:3b:e5:bf:65:1a:65:
6d:92:c9:e3:be:8f:b6:3c:67:cc:81:43:25:8d:7c:25:de:f2:
f1:af:30:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijf0QsTmvOf3ca25I5jFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjUwMTAxMTU0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2I2MmY2Nzc4YjgzZDU5NTZlNTgxYTQ1MjJmODhjYmE2ZjYzM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYX15sYEYUvRQgqhe1rbLuprKiaj
16JbC6OJIduodHlVPvL7u1xyhfPUm2tSZ6wg3EDZtEZwgjvL6q7JnxYn5yS2Tqj7
6LKFw56ujVtuGFP9ns72rRgUj9cgSKTItj0FjL/X1XE4c2JFSwdDz/WWr1F/aIgy
JzHeQeDWAunXYdoaon/B7IrTItSQt5ggLae4RGW7RT/uarjAlHBbO/TsC2eWO60z
mS989dbI1SrHW94w+/r5iiks2V1x2aHX4IOnWjXOmOyYLTYbM/9/S3S9Zyh/NJ/v
Eb7X16t3u0LG1RQid7Avc/ZGKMQNRPIhdOWA5GJaqJnSiUmq1wKorOLA+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJy2L2d4uD1ZVuWBpFIviMum9jOrMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvbkxZdlozaTRQVmxXNVlHa1VpLUl5NmIyTTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwURZMA0G
CSqGSIb3DQEBCwUAA4IBAQBdBIR3QH3rAofRJdHORidCDzN2asfb4aN8yBLmAFR7
Ua4lfX3XwiTZetIpxGb1uJz7TIrYKexYHoL+zsAC+ye7vSiUhP/oKWPhiLWqHqDo
wtmH5GDZuz1hlDBUo3TRhNbx090FyB+K1jIsm0H8C6iLsRUJ6ZHAY9DuAlMwQRry
DPqjyZSgiez7esrMoZTmUxJZdGpHk7L/TebGs0U5DrSXVFLh8TyFds9Shyqayxh9
I+40yRTB03otIAbpcTNAPrC7E0KxrBSryulqW6omTXZu69ktn/KHoT2a9PIETngA
u1ZozZU75b9lGmVtksnjvo+2PGfMgUMljXwl3vLxrzCt
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:28:05 2025 by rpki-client