Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/pubBNtMB3i07GYMPpVIhhyFOTo8.roa
File: pubBNtMB3i07GYMPpVIhhyFOTo8.roa (raw, json)
Hash identifier: Mn01o/7jdUgPgTc66DieNIOLFHGdyMS6RTRjsWHR/O4=
Subject key identifier: A6:E6:C1:36:D3:01:DE:2D:3B:19:83:0F:A5:52:21:87:21:4E:4E:8F
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 0194228DFFF2C353A9C5FCC31C931A0EF62D
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/pubBNtMB3i07GYMPpVIhhyFOTo8.roa
Signing time: Wed 01 Jan 2025 15:48:38 +0000
ROA not before: Wed 01 Jan 2025 15:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214515
IP address blocks: 213.21.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ff:f2:c3:53:a9:c5:fc:c3:1c:93:1a:0e:f6:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jan 1 15:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6e6c136d301de2d3b19830fa5522187214e4e8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:64:ab:ce:46:61:d1:bd:b7:fb:a7:50:66:af:
4c:a6:3e:ac:d0:1c:39:d2:e4:90:ea:05:3a:e5:92:
20:ee:23:15:6e:94:51:73:f7:3a:ca:40:35:b8:8f:
a6:30:4d:90:c1:42:78:c6:c1:96:51:48:b1:dc:26:
84:ba:ab:86:ee:be:1a:a5:20:85:b5:d7:a0:3c:8b:
92:cd:58:5a:88:0c:a3:2a:2f:25:d6:3c:cb:94:24:
ec:46:08:0a:33:37:69:9b:50:dc:a2:fc:12:e0:8b:
c9:57:a7:b8:de:ef:99:86:8b:80:0b:84:9f:63:40:
ec:ab:a8:63:6f:ca:fc:b0:28:c8:bf:ef:36:44:20:
94:70:66:f6:ec:c7:73:79:e2:82:88:0d:0c:26:dc:
6f:7d:d7:e4:79:81:12:98:1f:f7:58:71:90:4d:dd:
df:b5:f2:e1:31:ff:7a:78:90:65:4a:3a:44:88:ee:
e6:aa:b0:4c:6c:e5:cc:ce:fb:4e:3a:5f:c4:8f:7a:
87:a3:5e:f0:53:49:61:17:5d:3a:07:9d:0c:d9:f3:
22:df:33:b5:5e:c6:2a:fd:00:21:e7:7a:2f:94:3b:
df:6b:34:46:09:83:aa:b8:a6:21:1a:10:a1:a0:0d:
8a:8d:2a:d7:a1:1d:eb:8f:a0:d2:68:a7:33:b2:cb:
4d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E6:C1:36:D3:01:DE:2D:3B:19:83:0F:A5:52:21:87:21:4E:4E:8F
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/pubBNtMB3i07GYMPpVIhhyFOTo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.245.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:43:01:0c:ec:36:a5:9d:bc:71:7a:71:1e:f8:5b:54:69:0b:
3f:0a:83:7a:f2:d6:58:2c:9d:62:f8:34:5b:59:bd:b6:6e:74:
b6:d3:78:3c:8c:d5:07:9e:5e:3d:32:37:a4:2d:4c:8e:06:71:
d9:72:41:39:46:d8:7b:56:46:60:01:78:26:1f:9b:dd:8f:bc:
18:93:42:be:2a:4f:9f:bf:da:c5:47:41:ed:90:53:51:0d:ee:
6b:9a:f1:bc:d9:3c:a5:35:4e:8a:ea:7a:e7:0d:ff:8c:9a:81:
13:4c:c4:28:ba:84:20:9d:2f:3d:42:1c:a4:63:a1:3d:ea:8c:
57:48:12:9c:04:cd:62:ca:7f:8f:25:d1:4f:10:dc:03:31:29:
92:75:47:76:0e:d6:d6:04:a4:b4:77:e0:63:e0:32:9b:40:cc:
ee:18:6f:b7:ba:3e:20:41:15:de:a5:27:29:83:fa:13:2d:ee:
7d:39:c7:cd:1a:e8:28:af:c2:cc:33:1e:54:9e:f5:14:bb:24:
32:86:9b:65:1d:27:35:23:2d:35:32:c6:e6:d4:87:9a:d4:7d:
b3:86:44:12:bc:3b:25:3b:59:37:6b:51:11:34:32:5b:84:01:
9f:6d:cf:b7:2b:04:73:64:71:70:83:04:56:a5:d2:58:e6:6f:
1e:10:67:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijf/yw1OpxfzDHJMaDvYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjUwMTAxMTU0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmU2YzEzNmQzMDFkZTJkM2IxOTgzMGZhNTUyMjE4NzIxNGU0ZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWSrzkZh0b23+6dQZq9Mpj6s0Bw5
0uSQ6gU65ZIg7iMVbpRRc/c6ykA1uI+mME2QwUJ4xsGWUUix3CaEuquG7r4apSCF
tdegPIuSzVhaiAyjKi8l1jzLlCTsRggKMzdpm1DcovwS4IvJV6e43u+ZhouAC4Sf
Y0Dsq6hjb8r8sCjIv+82RCCUcGb27MdzeeKCiA0MJtxvfdfkeYESmB/3WHGQTd3f
tfLhMf96eJBlSjpEiO7mqrBMbOXMzvtOOl/Ej3qHo17wU0lhF106B50M2fMi3zO1
XsYq/QAh53ovlDvfazRGCYOquKYhGhChoA2KjSrXoR3rj6DSaKczsstNrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKbmwTbTAd4tOxmDD6VSIYchTk6PMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvcHViQk50TUIzaTA3R1lNUHBWSWhoeUZPVG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RX1MA0G
CSqGSIb3DQEBCwUAA4IBAQB6QwEM7DalnbxxenEe+FtUaQs/CoN68tZYLJ1i+DRb
Wb22bnS203g8jNUHnl49MjekLUyOBnHZckE5Rth7VkZgAXgmH5vdj7wYk0K+Kk+f
v9rFR0HtkFNRDe5rmvG82TylNU6K6nrnDf+MmoETTMQouoQgnS89QhykY6E96oxX
SBKcBM1iyn+PJdFPENwDMSmSdUd2DtbWBKS0d+Bj4DKbQMzuGG+3uj4gQRXepScp
g/oTLe59OcfNGugor8LMMx5UnvUUuyQyhptlHSc1Iy01Msbm1Iea1H2zhkQSvDsl
O1k3a1ERNDJbhAGfbc+3KwRzZHFwgwRWpdJY5m8eEGcJ
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:20:03 2025 by rpki-client