Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/BMmMKJtL3EE0ZD7-W5jW73Z9BbI.roa
File: BMmMKJtL3EE0ZD7-W5jW73Z9BbI.roa (raw, json)
Hash identifier: v7/Na8CkzGsEUpmm1vMCmHP+JlMmzWtRmL5aosLNEOk=
Subject key identifier: 04:C9:8C:28:9B:4B:DC:41:34:64:3E:FE:5B:98:D6:EF:76:7D:05:B2
Certificate issuer: /CN=624039399017fa093dc8d503799f6ca403f0bd05
Certificate serial: 01856D78653BFCD330833FEE82232741929C
Authority key identifier: 62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/BMmMKJtL3EE0ZD7-W5jW73Z9BbI.roa
Signing time: Sun 01 Jan 2023 13:14:44 +0000
ROA not before: Sun 01 Jan 2023 13:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201364
IP address blocks: 5.181.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:65:3b:fc:d3:30:83:3f:ee:82:23:27:41:92:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624039399017fa093dc8d503799f6ca403f0bd05
Validity
Not Before: Jan 1 13:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04c98c289b4bdc4134643efe5b98d6ef767d05b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:30:0b:8d:95:ca:37:b6:da:a6:bc:15:a0:78:
f7:38:5b:73:a0:03:a6:dd:aa:6a:f4:6b:f5:87:3c:
40:3d:19:a0:7f:e8:2f:ad:4e:f5:15:bb:58:d9:6b:
fb:24:d2:26:2e:68:1c:eb:19:af:1a:ac:16:49:96:
0e:58:d4:75:88:7a:e0:ef:e0:20:01:3f:a5:b5:af:
eb:c0:3b:72:f6:d3:20:53:72:e3:f1:90:09:f7:08:
08:b1:6f:fb:f7:07:73:e4:40:45:ec:73:d7:dc:86:
7e:61:d5:4d:af:54:7f:18:e3:05:35:22:41:42:10:
0d:84:b9:a1:f2:da:46:cc:36:e5:f5:98:f7:48:9a:
7f:2b:16:60:0b:d4:6e:61:5a:c0:fa:46:c8:4b:10:
df:86:c4:55:f3:98:d9:f0:19:31:6b:b3:1b:4c:34:
1c:e9:14:5e:b4:fe:d0:7d:ab:96:bb:20:5e:5d:81:
72:43:d5:18:9c:92:55:69:a1:84:87:d0:84:35:7b:
9a:65:8b:43:be:fe:35:29:dd:39:28:88:df:97:68:
51:ad:07:1f:05:d9:83:21:29:94:85:34:0d:1b:6e:
4e:4c:75:a2:79:03:68:8d:91:f5:9f:0e:b5:49:f4:
46:f6:fa:67:20:a4:44:66:b3:9b:50:67:dd:d7:4e:
87:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C9:8C:28:9B:4B:DC:41:34:64:3E:FE:5B:98:D6:EF:76:7D:05:B2
X509v3 Authority Key Identifier:
keyid:62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/BMmMKJtL3EE0ZD7-W5jW73Z9BbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/YkA5OZAX-gk9yNUDeZ9spAPwvQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.186.0/24
Signature Algorithm: sha256WithRSAEncryption
42:94:0f:b6:c3:2d:86:99:05:be:c2:0e:64:b7:54:43:e5:92:
1c:14:92:b7:f4:f4:3d:31:01:2a:c2:77:e6:dd:59:0c:65:59:
91:d1:cf:f4:1e:68:84:06:49:3d:5a:fc:a8:f4:c5:8a:66:10:
5c:25:7e:0d:72:63:34:ac:25:9f:90:cb:b9:6e:13:c6:5b:ad:
30:6b:5e:cd:d2:ce:1a:10:4c:4e:9f:f1:9b:d0:d3:9a:8a:33:
e5:56:d9:da:23:d0:10:6f:2e:1b:ed:fd:50:b5:ce:4b:6f:b3:
5e:b6:05:52:68:43:a5:31:53:7d:58:0d:54:1c:82:c0:e2:ff:
d0:f9:7a:fc:d2:da:c0:09:32:cb:88:4b:59:7b:f5:12:46:b5:
dd:18:82:04:16:a0:ff:f5:35:fa:d6:24:54:fb:2c:a5:de:df:
4f:82:2d:c7:b8:27:e4:ab:bd:62:b3:4a:d0:ec:8b:92:31:45:
78:bd:5b:d1:41:c9:c0:a1:ec:9e:03:87:bd:fb:09:ad:a9:11:
49:7a:65:1f:a6:21:37:a9:56:c4:7d:05:41:99:d2:39:b0:c4:
1a:f0:8b:a0:7e:90:08:e8:b3:f9:81:76:71:bd:c8:84:56:11:
c0:5e:39:88:f9:9b:8c:ed:a8:24:73:3d:61:ca:d4:71:e7:80:
a2:b1:52:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteGU7/NMwgz/ugiMnQZKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNDAzOTM5OTAxN2ZhMDkzZGM4ZDUwMzc5OWY2Y2E0MDNm
MGJkMDUwHhcNMjMwMTAxMTMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGM5OGMyODliNGJkYzQxMzQ2NDNlZmU1Yjk4ZDZlZjc2N2QwNWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijALjZXKN7baprwVoHj3OFtzoAOm
3apq9Gv1hzxAPRmgf+gvrU71FbtY2Wv7JNImLmgc6xmvGqwWSZYOWNR1iHrg7+Ag
AT+lta/rwDty9tMgU3Lj8ZAJ9wgIsW/79wdz5EBF7HPX3IZ+YdVNr1R/GOMFNSJB
QhANhLmh8tpGzDbl9Zj3SJp/KxZgC9RuYVrA+kbISxDfhsRV85jZ8Bkxa7MbTDQc
6RRetP7QfauWuyBeXYFyQ9UYnJJVaaGEh9CENXuaZYtDvv41Kd05KIjfl2hRrQcf
BdmDISmUhTQNG25OTHWieQNojZH1nw61SfRG9vpnIKREZrObUGfd106HvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFATJjCibS9xBNGQ+/luY1u92fQWyMB8GA1UdIwQY
MBaAFGJAOTmQF/oJPcjVA3mfbKQD8L0FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtBNU9aQVgtZ2s5eU5VRGVaOXNwQVB3dlFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lYjIzOWEtMzNjOC00ZGJkLWJjOTYt
MzI1OTQ5NmU3YzVmLzEvQk1tTUtKdEwzRUUwWkQ3LVc1alc3M1o5QmJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lYjIzOWEtMzNjOC00ZGJkLWJjOTYtMzI1OTQ5NmU3YzVm
LzEvWWtBNU9aQVgtZ2s5eU5VRGVaOXNwQVB3dlFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbW6MA0G
CSqGSIb3DQEBCwUAA4IBAQBClA+2wy2GmQW+wg5kt1RD5ZIcFJK39PQ9MQEqwnfm
3VkMZVmR0c/0HmiEBkk9Wvyo9MWKZhBcJX4NcmM0rCWfkMu5bhPGW60wa17N0s4a
EExOn/Gb0NOaijPlVtnaI9AQby4b7f1Qtc5Lb7NetgVSaEOlMVN9WA1UHILA4v/Q
+Xr80trACTLLiEtZe/USRrXdGIIEFqD/9TX61iRU+yyl3t9Pgi3HuCfkq71is0rQ
7IuSMUV4vVvRQcnAoeyeA4e9+wmtqRFJemUfpiE3qVbEfQVBmdI5sMQa8IugfpAI
6LP5gXZxvciEVhHAXjmI+ZuM7agkcz1hytRx54CisVJP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:43 2025 by rpki-client