Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/2a60ac-dc83-4ca3-b788-21ec6565c9be/1/qBn6ockm6JSiEH-8udw_bpsms9g.roa
File: qBn6ockm6JSiEH-8udw_bpsms9g.roa (raw, json)
Hash identifier: nCADL7lFGk+Q6O3ajQCgcYhE2O5JRszPFiBp0Ov4f98=
Subject key identifier: A8:19:FA:A1:C9:26:E8:94:A2:10:7F:BC:B9:DC:3F:6E:9B:26:B3:D8
Certificate issuer: /CN=bf2eefa7c6048e6a0a5a65c07e3e255341e143bb
Certificate serial: 019426D9C446CB5E1A4FEBEE2E3C6CBED43C
Authority key identifier: BF:2E:EF:A7:C6:04:8E:6A:0A:5A:65:C0:7E:3E:25:53:41:E1:43:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vy7vp8YEjmoKWmXAfj4lU0HhQ7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/2a60ac-dc83-4ca3-b788-21ec6565c9be/1/qBn6ockm6JSiEH-8udw_bpsms9g.roa
Signing time: Thu 02 Jan 2025 11:49:53 +0000
ROA not before: Thu 02 Jan 2025 11:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2852
IP address blocks: 194.50.26.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:c4:46:cb:5e:1a:4f:eb:ee:2e:3c:6c:be:d4:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf2eefa7c6048e6a0a5a65c07e3e255341e143bb
Validity
Not Before: Jan 2 11:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a819faa1c926e894a2107fbcb9dc3f6e9b26b3d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6c:43:04:bf:51:e3:8c:f3:9f:d4:7a:e4:97:
93:95:5d:dc:6b:b0:a0:0a:f3:5a:66:4b:7f:da:9d:
92:81:6b:aa:d1:ff:0b:68:14:98:4a:07:5e:ea:33:
24:f2:29:c3:b0:51:04:f4:4b:68:39:a9:e2:c6:c3:
dd:99:b4:06:be:c1:be:6e:d6:af:d2:de:79:0a:23:
b6:03:df:f1:5a:46:01:bd:54:53:ae:2c:50:52:96:
cd:52:a3:16:0d:bf:49:74:fc:86:51:41:3b:d6:7a:
51:4a:10:70:b0:4f:5f:f4:4c:01:bc:da:e2:89:93:
71:e4:1c:fd:57:5d:d0:02:ff:aa:86:a7:c2:72:f1:
59:5a:d5:83:e7:b5:76:4f:c0:6b:f0:ef:26:e2:ba:
ae:6c:c7:7d:c0:9d:9f:01:40:30:cf:3e:38:fe:d5:
8d:a7:00:ad:60:a1:df:04:71:a6:15:1f:4c:45:fa:
94:1e:e8:28:f2:f6:2d:23:bc:92:3f:58:f0:2b:88:
1e:25:15:15:f1:42:72:76:50:a8:21:24:ce:4b:00:
2a:a4:5e:d5:cb:11:29:d6:0d:46:9a:74:5d:b1:82:
bf:2f:92:18:d8:ce:97:97:7f:92:90:c8:20:ce:ea:
08:86:7f:d3:63:2b:46:5e:ab:26:49:83:63:71:8f:
08:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:19:FA:A1:C9:26:E8:94:A2:10:7F:BC:B9:DC:3F:6E:9B:26:B3:D8
X509v3 Authority Key Identifier:
keyid:BF:2E:EF:A7:C6:04:8E:6A:0A:5A:65:C0:7E:3E:25:53:41:E1:43:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vy7vp8YEjmoKWmXAfj4lU0HhQ7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/2a60ac-dc83-4ca3-b788-21ec6565c9be/1/qBn6ockm6JSiEH-8udw_bpsms9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/2a60ac-dc83-4ca3-b788-21ec6565c9be/1/vy7vp8YEjmoKWmXAfj4lU0HhQ7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.26.0/23
Signature Algorithm: sha256WithRSAEncryption
10:d4:a4:cd:2b:5e:ff:ed:98:86:a5:62:a6:83:ca:1f:ee:d5:
22:e1:ff:b8:29:1f:45:0d:b4:a1:78:e3:e1:43:df:d0:f7:2c:
92:ad:c6:2d:d0:1e:71:f8:a2:63:aa:2c:f8:90:58:82:af:5c:
22:fd:b5:41:20:90:6c:33:af:bf:56:43:2f:9f:b4:5f:ee:57:
2a:a0:75:79:d7:27:4e:59:f6:24:b5:7a:0c:44:69:5d:dd:3e:
4a:7c:94:bf:7f:e5:bc:4a:81:9c:de:3b:2f:47:a0:54:d7:f5:
cf:aa:31:3b:3e:74:de:8b:e8:a8:05:b9:09:41:e8:41:c2:29:
86:70:f4:ed:5a:65:d2:10:96:c9:4e:e6:f5:52:ec:bd:b6:34:
65:cf:fe:54:d9:49:e4:58:e2:10:92:a1:b1:e5:97:2e:f6:a4:
06:10:b2:fe:b9:00:a4:fd:c5:49:6e:0a:9f:18:26:83:fc:fd:
85:2d:8f:0a:02:80:9e:e0:6c:ef:4b:ad:14:62:c0:84:af:b8:
3e:e6:51:92:34:b8:41:99:4c:f8:46:1a:0a:59:25:a6:b3:e8:
6a:df:ad:d8:5d:36:a0:df:c0:3b:90:98:38:c6:01:79:d6:33:
4f:b4:11:7b:80:6b:99:26:28:60:51:33:4c:22:2b:87:d9:68:
b9:86:fa:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2cRGy14aT+vuLjxsvtQ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMmVlZmE3YzYwNDhlNmEwYTVhNjVjMDdlM2UyNTUzNDFl
MTQzYmIwHhcNMjUwMTAyMTE0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODE5ZmFhMWM5MjZlODk0YTIxMDdmYmNiOWRjM2Y2ZTliMjZiM2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGxDBL9R44zzn9R65JeTlV3ca7Cg
CvNaZkt/2p2SgWuq0f8LaBSYSgde6jMk8inDsFEE9EtoOanixsPdmbQGvsG+btav
0t55CiO2A9/xWkYBvVRTrixQUpbNUqMWDb9JdPyGUUE71npRShBwsE9f9EwBvNri
iZNx5Bz9V13QAv+qhqfCcvFZWtWD57V2T8Br8O8m4rqubMd9wJ2fAUAwzz44/tWN
pwCtYKHfBHGmFR9MRfqUHugo8vYtI7ySP1jwK4geJRUV8UJydlCoISTOSwAqpF7V
yxEp1g1GmnRdsYK/L5IY2M6Xl3+SkMggzuoIhn/TYytGXqsmSYNjcY8ILQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgZ+qHJJuiUohB/vLncP26bJrPYMB8GA1UdIwQY
MBaAFL8u76fGBI5qClplwH4+JVNB4UO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnk3dnA4WUVqbW9LV21YQWZqNGxVMEhoUTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8yYTYwYWMtZGM4My00Y2EzLWI3ODgt
MjFlYzY1NjVjOWJlLzEvcUJuNm9ja202SlNpRUgtOHVkd19icHNtczlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8yYTYwYWMtZGM4My00Y2EzLWI3ODgtMjFlYzY1NjVjOWJl
LzEvdnk3dnA4WUVqbW9LV21YQWZqNGxVMEhoUTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwjIaMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ1KTNK17/7ZiGpWKmg8of7tUi4f+4KR9FDbSheOPh
Q9/Q9yySrcYt0B5x+KJjqiz4kFiCr1wi/bVBIJBsM6+/VkMvn7Rf7lcqoHV51ydO
WfYktXoMRGld3T5KfJS/f+W8SoGc3jsvR6BU1/XPqjE7PnTei+ioBbkJQehBwimG
cPTtWmXSEJbJTub1Uuy9tjRlz/5U2UnkWOIQkqGx5Zcu9qQGELL+uQCk/cVJbgqf
GCaD/P2FLY8KAoCe4GzvS60UYsCEr7g+5lGSNLhBmUz4RhoKWSWms+hq363YXTag
38A7kJg4xgF51jNPtBF7gGuZJihgUTNMIiuH2Wi5hvpz
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:29 2025 by rpki-client