Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/f5c6ba-170d-47c5-9c7c-1766a277d85b/1/bJM_lGyoCdHM4Ew-bll92CWr05o.roa
File: bJM_lGyoCdHM4Ew-bll92CWr05o.roa (raw, json)
Hash identifier: /LNeEVaQM+dKQQyk+FaHOgVJEKHJjoz/8u1g5mTs7vw=
Subject key identifier: 6C:93:3F:94:6C:A8:09:D1:CC:E0:4C:3E:6E:59:7D:D8:25:AB:D3:9A
Certificate issuer: /CN=4dd23422264a79c0315482ed4f27c751353f26bb
Certificate serial: 01942368D621794FCD0D8AC2B095D8816251
Authority key identifier: 4D:D2:34:22:26:4A:79:C0:31:54:82:ED:4F:27:C7:51:35:3F:26:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdI0IiZKecAxVILtTyfHUTU_Jrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/f5c6ba-170d-47c5-9c7c-1766a277d85b/1/bJM_lGyoCdHM4Ew-bll92CWr05o.roa
Signing time: Wed 01 Jan 2025 19:47:40 +0000
ROA not before: Wed 01 Jan 2025 19:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43625
IP address blocks: 91.198.84.0/24 maxlen: 24
109.232.48.0/21 maxlen: 21
185.160.132.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:d6:21:79:4f:cd:0d:8a:c2:b0:95:d8:81:62:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd23422264a79c0315482ed4f27c751353f26bb
Validity
Not Before: Jan 1 19:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c933f946ca809d1cce04c3e6e597dd825abd39a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3b:50:b0:0b:ae:b1:bf:59:2b:07:92:27:be:
4e:fc:72:0e:d5:21:b3:d1:0b:ae:ed:12:27:24:61:
07:37:02:cb:ad:3b:e8:4a:2b:31:1b:7b:5a:eb:7e:
21:33:8e:b8:a5:cc:34:41:e6:4a:b9:ac:87:84:48:
37:77:f3:f7:70:d4:8b:7c:2f:7a:1e:f8:e2:c3:b9:
5b:18:db:36:53:e2:24:6f:45:4e:44:2d:a5:6f:c2:
50:0f:a1:7c:b1:8c:3a:5a:86:93:2c:49:4d:12:cb:
92:02:b5:3d:00:f4:22:89:fb:dd:47:55:5b:0f:e7:
80:84:f1:a4:1a:62:c4:4a:27:d7:bf:b9:9b:5f:a5:
8d:55:26:e1:41:32:7d:eb:96:69:d3:c4:dc:5a:0a:
e2:14:38:81:64:79:62:17:fe:e3:b9:c1:ba:0a:05:
dc:0a:60:d9:30:3d:d0:02:b4:c5:39:5d:d5:d1:50:
96:89:44:f4:8d:1b:38:19:a8:c7:2d:54:3c:45:d2:
7a:39:3f:52:fe:be:5a:9b:a8:ff:d0:ce:a3:4e:7f:
d6:f1:a1:e6:9d:5f:e5:44:ce:76:7f:46:b6:20:63:
bf:a6:53:a7:f4:cd:dd:b8:23:e1:e6:49:9b:ab:1b:
a9:b8:2e:c1:b4:ca:41:98:74:e3:fc:74:af:01:79:
db:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:93:3F:94:6C:A8:09:D1:CC:E0:4C:3E:6E:59:7D:D8:25:AB:D3:9A
X509v3 Authority Key Identifier:
keyid:4D:D2:34:22:26:4A:79:C0:31:54:82:ED:4F:27:C7:51:35:3F:26:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdI0IiZKecAxVILtTyfHUTU_Jrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/f5c6ba-170d-47c5-9c7c-1766a277d85b/1/bJM_lGyoCdHM4Ew-bll92CWr05o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/f5c6ba-170d-47c5-9c7c-1766a277d85b/1/TdI0IiZKecAxVILtTyfHUTU_Jrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.84.0/24
109.232.48.0/21
185.160.132.0/22
Signature Algorithm: sha256WithRSAEncryption
50:a5:84:c4:ac:f4:04:d4:c1:00:c9:2c:ef:b9:36:91:dc:18:
02:8c:da:a9:7e:15:1f:59:5a:69:d4:2e:53:d8:fc:ad:4c:f4:
73:44:d6:1d:f1:3a:88:a2:5b:3f:6f:1d:a9:2e:45:07:ae:ff:
ac:69:03:ac:27:2a:03:6d:0d:13:6a:94:28:4d:eb:bc:7b:16:
d0:96:7c:d0:29:23:91:41:8f:04:3f:56:93:b1:20:6e:17:48:
c1:f0:96:3c:6c:3a:22:74:02:39:c5:df:fe:18:b8:14:af:68:
fc:3b:df:6b:91:c4:d7:c2:c5:a0:da:c8:97:4d:37:4f:ac:02:
fb:aa:aa:44:3b:38:53:8b:f8:7d:59:01:83:8e:2c:14:15:9f:
19:ce:ed:d6:ef:21:69:42:e3:0d:4d:17:a0:fa:8a:b4:e7:c8:
78:db:b2:80:8e:8e:6b:74:d6:d0:b1:87:b9:a5:42:52:01:dc:
f3:06:a2:32:a8:f8:d9:7f:ba:a8:2b:d8:43:8c:4f:a9:b3:ea:
4f:a4:39:7d:3e:08:06:a2:6a:84:d7:96:03:17:32:71:bb:07:
3e:f8:db:2e:85:5c:1e:d4:3d:01:b9:3b:0a:47:e0:b0:50:ad:
a4:a4:42:eb:9d:77:89:93:d3:23:ab:0c:cf:16:b6:05:88:a7:
33:53:39:95
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjaNYheU/NDYrCsJXYgWJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDIzNDIyMjY0YTc5YzAzMTU0ODJlZDRmMjdjNzUxMzUz
ZjI2YmIwHhcNMjUwMTAxMTk0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzkzM2Y5NDZjYTgwOWQxY2NlMDRjM2U2ZTU5N2RkODI1YWJkMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5TtQsAuusb9ZKweSJ75O/HIO1SGz
0Quu7RInJGEHNwLLrTvoSisxG3ta634hM464pcw0QeZKuayHhEg3d/P3cNSLfC96
Hvjiw7lbGNs2U+Ikb0VORC2lb8JQD6F8sYw6WoaTLElNEsuSArU9APQiifvdR1Vb
D+eAhPGkGmLESifXv7mbX6WNVSbhQTJ965Zp08TcWgriFDiBZHliF/7jucG6CgXc
CmDZMD3QArTFOV3V0VCWiUT0jRs4GajHLVQ8RdJ6OT9S/r5am6j/0M6jTn/W8aHm
nV/lRM52f0a2IGO/plOn9M3duCPh5kmbqxupuC7BtMpBmHTj/HSvAXnbvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGyTP5RsqAnRzOBMPm5Zfdglq9OaMB8GA1UdIwQY
MBaAFE3SNCImSnnAMVSC7U8nx1E1Pya7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRJMElpWktlY0F4VklMdFR5ZkhVVFVfSnJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9mNWM2YmEtMTcwZC00N2M1LTljN2Mt
MTc2NmEyNzdkODViLzEvYkpNX2xHeW9DZEhNNEV3LWJsbDkyQ1dyMDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9mNWM2YmEtMTcwZC00N2M1LTljN2MtMTc2NmEyNzdkODVi
LzEvVGRJMElpWktlY0F4VklMdFR5ZkhVVFVfSnJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8ZUAwQD
begwAwQCuaCEMA0GCSqGSIb3DQEBCwUAA4IBAQBQpYTErPQE1MEAySzvuTaR3BgC
jNqpfhUfWVpp1C5T2PytTPRzRNYd8TqIols/bx2pLkUHrv+saQOsJyoDbQ0TapQo
Teu8exbQlnzQKSORQY8EP1aTsSBuF0jB8JY8bDoidAI5xd/+GLgUr2j8O99rkcTX
wsWg2siXTTdPrAL7qqpEOzhTi/h9WQGDjiwUFZ8Zzu3W7yFpQuMNTReg+oq058h4
27KAjo5rdNbQsYe5pUJSAdzzBqIyqPjZf7qoK9hDjE+ps+pPpDl9PggGomqE15YD
FzJxuwc++NsuhVwe1D0BuTsKR+CwUK2kpELrnXeJk9MjqwzPFrYFiKczUzmV
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:20 2025 by rpki-client