Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/BvYg1Rw1naLj7xCawEsunrYJ9Yo.roa
File: BvYg1Rw1naLj7xCawEsunrYJ9Yo.roa (raw, json)
Hash identifier: mlbIFt2LR7qiGiojOe33Tf8XXrK/e/dy/cSfgHpJWdc=
Subject key identifier: 06:F6:20:D5:1C:35:9D:A2:E3:EF:10:9A:C0:4B:2E:9E:B6:09:F5:8A
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0194206811D217DC070CDBA995D991C64999
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/BvYg1Rw1naLj7xCawEsunrYJ9Yo.roa
Signing time: Wed 01 Jan 2025 05:47:58 +0000
ROA not before: Wed 01 Jan 2025 05:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43444
IP address blocks: 85.239.42.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:11:d2:17:dc:07:0c:db:a9:95:d9:91:c6:49:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 1 05:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06f620d51c359da2e3ef109ac04b2e9eb609f58a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a0:b2:2f:1d:e0:db:04:6f:fe:9a:0c:fa:ee:
99:22:35:21:e8:07:47:bd:56:61:49:ba:0e:b5:ef:
ce:6a:29:99:de:65:b7:0f:c9:e3:1e:46:bb:6a:f8:
34:7a:46:63:50:94:a4:38:b4:20:60:13:29:ac:82:
37:bb:05:87:a6:f3:07:cc:b8:99:9f:fc:26:58:d9:
82:b0:0c:03:ec:1b:ee:60:18:18:ed:3b:e5:2c:ce:
41:60:d7:aa:57:99:b6:34:0a:7d:31:fc:94:a0:ff:
49:8c:05:24:7c:4e:73:1e:ad:79:5b:1c:f0:87:66:
00:e2:06:16:bb:60:26:86:ef:ae:99:cd:e7:b3:b6:
84:ac:1f:ac:a7:d4:ae:57:cd:0e:75:61:53:e9:00:
66:ae:11:da:52:2a:13:39:5c:d2:64:0f:9a:97:f1:
e8:61:6f:73:81:a5:ca:af:d0:9d:f9:6e:27:70:db:
27:d7:e0:b6:e7:84:05:b4:fa:ce:6a:e0:3d:0a:22:
df:ec:6a:ef:6e:52:50:78:14:4f:1b:b0:7c:8f:5d:
a9:67:82:2a:0d:ba:3b:94:b4:57:84:ea:e9:f8:b8:
44:47:a5:f7:e1:29:54:5f:39:b2:9f:08:48:f1:67:
1a:b2:b8:9f:cf:8c:b2:4f:08:de:db:94:3e:50:51:
40:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:F6:20:D5:1C:35:9D:A2:E3:EF:10:9A:C0:4B:2E:9E:B6:09:F5:8A
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/BvYg1Rw1naLj7xCawEsunrYJ9Yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.42.0/23
Signature Algorithm: sha256WithRSAEncryption
52:c7:f5:5b:85:f4:bf:04:2f:24:f2:61:05:96:b9:2a:d1:d2:
23:6a:36:ee:e3:06:15:4e:60:d0:57:9b:ca:56:c1:c7:51:04:
21:0a:87:dd:43:e1:fd:03:25:34:dd:96:ad:a6:e9:58:7e:8d:
61:ac:3e:e5:57:68:ba:57:cd:8b:6f:2c:f8:61:f7:e9:2a:57:
cc:a4:c0:a1:c4:e5:ed:cf:4f:3b:f5:1c:0d:6b:66:e9:63:23:
5d:59:85:70:0e:1d:35:17:ab:e8:08:07:e9:5e:e9:d6:ca:79:
25:74:bb:2b:88:39:3c:e9:62:16:25:4c:e8:83:30:f5:be:2e:
e7:d0:6b:b1:d5:d2:fc:17:00:ae:59:92:df:b7:31:62:09:17:
c5:f3:e6:d1:94:96:62:18:d7:60:d0:ea:44:07:3b:54:f0:14:
b9:9a:ea:6a:d0:a0:79:0c:3c:46:b7:86:ed:7f:16:77:da:79:
29:2b:68:6d:b5:8a:95:9d:10:0f:a4:bc:07:3a:65:a5:d9:4a:
c5:83:37:3a:95:b3:ca:94:5d:3e:9c:c1:e0:cc:9a:51:30:6f:
2a:b9:7d:9d:2e:8b:07:87:93:00:1c:59:39:a4:c4:99:c8:4d:
5d:5f:5e:38:39:bd:20:ad:cc:59:68:63:fe:76:40:86:3d:7a:
b2:4b:9f:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaBHSF9wHDNupldmRxkmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjUwMTAxMDU0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmY2MjBkNTFjMzU5ZGEyZTNlZjEwOWFjMDRiMmU5ZWI2MDlmNThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaCyLx3g2wRv/poM+u6ZIjUh6AdH
vVZhSboOte/OaimZ3mW3D8njHka7avg0ekZjUJSkOLQgYBMprII3uwWHpvMHzLiZ
n/wmWNmCsAwD7BvuYBgY7TvlLM5BYNeqV5m2NAp9MfyUoP9JjAUkfE5zHq15Wxzw
h2YA4gYWu2Amhu+umc3ns7aErB+sp9SuV80OdWFT6QBmrhHaUioTOVzSZA+al/Ho
YW9zgaXKr9Cd+W4ncNsn1+C254QFtPrOauA9CiLf7GrvblJQeBRPG7B8j12pZ4Iq
Dbo7lLRXhOrp+LhER6X34SlUXzmynwhI8Wcasrifz4yyTwje25Q+UFFAAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAb2INUcNZ2i4+8QmsBLLp62CfWKMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvQnZZZzFSdzFuYUxqN3hDYXdFc3VucllKOVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVe8qMA0G
CSqGSIb3DQEBCwUAA4IBAQBSx/VbhfS/BC8k8mEFlrkq0dIjajbu4wYVTmDQV5vK
VsHHUQQhCofdQ+H9AyU03ZatpulYfo1hrD7lV2i6V82Lbyz4YffpKlfMpMChxOXt
z0879RwNa2bpYyNdWYVwDh01F6voCAfpXunWynkldLsriDk86WIWJUzogzD1vi7n
0Gux1dL8FwCuWZLftzFiCRfF8+bRlJZiGNdg0OpEBztU8BS5mupq0KB5DDxGt4bt
fxZ32nkpK2httYqVnRAPpLwHOmWl2UrFgzc6lbPKlF0+nMHgzJpRMG8quX2dLosH
h5MAHFk5pMSZyE1dX144Ob0grcxZaGP+dkCGPXqyS58M
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:49:08 2025 by rpki-client