Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BOJlFcCNxlleMHUbR9TjmHCDeZc.roa
File: BOJlFcCNxlleMHUbR9TjmHCDeZc.roa (raw, json)
Hash identifier: ujITDNQNM0fpryFmlYjLZ0Q/wbil/+me/IAh88EFBg8=
Subject key identifier: 04:E2:65:15:C0:8D:C6:59:5E:30:75:1B:47:D4:E3:98:70:83:79:97
Certificate issuer: /CN=06656c5ad9738372d54c037e397f35be9aa924db
Certificate serial: 0194F9D159FDA15D1E0DD2EB18D91C317CC9
Authority key identifier: 06:65:6C:5A:D9:73:83:72:D5:4C:03:7E:39:7F:35:BE:9A:A9:24:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BmVsWtlzg3LVTAN-OX81vpqpJNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BOJlFcCNxlleMHUbR9TjmHCDeZc.roa
Signing time: Wed 12 Feb 2025 11:00:34 +0000
ROA not before: Wed 12 Feb 2025 11:00:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59787
IP address blocks: 185.42.162.0/24 maxlen: 24
2a10:b280::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:d1:59:fd:a1:5d:1e:0d:d2:eb:18:d9:1c:31:7c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06656c5ad9738372d54c037e397f35be9aa924db
Validity
Not Before: Feb 12 11:00:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04e26515c08dc6595e30751b47d4e39870837997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0b:b3:7c:e2:27:9e:c4:1a:7d:00:08:3e:df:
02:61:ab:28:9f:21:ce:79:7b:cf:3f:65:1f:dc:66:
7d:38:80:2e:e2:94:bb:f8:a5:96:19:5a:22:2b:4f:
ec:fb:46:49:23:45:d9:31:26:f2:00:2f:d7:62:cf:
d5:c5:3d:0c:56:bf:c6:c4:b6:00:bb:00:a2:cb:eb:
ef:eb:64:03:27:20:3a:6e:d6:d6:82:9b:fa:24:42:
50:b2:46:3b:07:83:e7:b8:27:8a:e1:1a:ec:83:64:
ac:30:83:68:40:87:57:23:18:d5:5e:67:b6:19:3b:
d9:e1:09:7a:35:b0:6b:54:da:cd:30:1b:e1:ef:f0:
b9:ec:cc:66:74:f4:70:48:39:15:10:3a:c8:7a:03:
d5:f2:b2:f5:33:7b:d4:1c:db:50:af:c0:76:38:9a:
ff:44:d1:db:dc:8a:d8:7a:de:dd:ba:e4:e8:0c:f7:
25:db:5a:65:0d:0d:cc:01:00:8e:32:2a:b7:70:ee:
4b:47:a7:d5:b4:2a:13:2e:ff:7a:e0:61:b6:2e:f9:
c5:f8:66:c3:0c:78:29:2f:1c:de:07:1b:13:de:b8:
6f:0f:03:85:57:a8:99:90:93:f6:27:d0:19:25:ff:
9b:fb:30:19:cc:28:7f:f2:4f:d9:83:94:5d:96:e0:
77:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E2:65:15:C0:8D:C6:59:5E:30:75:1B:47:D4:E3:98:70:83:79:97
X509v3 Authority Key Identifier:
keyid:06:65:6C:5A:D9:73:83:72:D5:4C:03:7E:39:7F:35:BE:9A:A9:24:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BmVsWtlzg3LVTAN-OX81vpqpJNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BOJlFcCNxlleMHUbR9TjmHCDeZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.162.0/24
IPv6:
2a10:b280::/29
Signature Algorithm: sha256WithRSAEncryption
5c:0e:ed:bf:c9:a2:a8:89:b3:d7:44:94:08:98:3b:35:3e:69:
2a:bc:c5:0a:40:66:48:a3:3f:e1:4e:38:d8:f7:70:f4:4d:a4:
0a:f3:fc:e9:b9:d4:61:a0:0e:f6:f0:f8:5b:d9:bf:6b:b0:1f:
52:4f:0b:c7:55:d7:5a:23:78:ec:c6:ac:1d:31:d9:4b:05:91:
b6:2b:4c:0d:e0:b0:23:9c:39:d1:6e:e8:e2:24:db:e9:6d:c2:
3d:35:14:5e:03:18:b2:75:26:47:0d:d1:05:50:e4:f5:07:8d:
e4:92:3a:bd:cf:f7:33:61:7a:34:2c:ed:f3:7d:1e:d4:6c:77:
4d:13:67:e3:05:78:d0:58:3b:86:3e:31:cd:74:f9:9a:69:59:
7a:cd:c3:88:f4:e8:49:14:44:4d:39:e3:6c:1f:d8:05:f2:ac:
bc:26:82:42:26:41:a1:0f:50:d2:b4:5c:20:9d:8a:29:d2:25:
e5:05:d3:de:35:8d:44:0d:42:a5:b3:5d:31:d7:f5:4a:87:b7:
87:25:86:a3:2f:eb:6c:99:cb:60:24:7c:f8:16:66:34:17:90:
f1:f1:2d:ae:23:83:f7:35:dd:65:8b:02:32:f6:96:2c:79:b9:
af:0d:b8:5b:52:f5:f2:04:88:0f:39:de:e5:7f:12:6e:08:ac:
66:63:d5:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZT50Vn9oV0eDdLrGNkcMXzJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NjU2YzVhZDk3MzgzNzJkNTRjMDM3ZTM5N2YzNWJlOWFh
OTI0ZGIwHhcNMjUwMjEyMTEwMDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGUyNjUxNWMwOGRjNjU5NWUzMDc1MWI0N2Q0ZTM5ODcwODM3OTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAuzfOInnsQafQAIPt8CYasonyHO
eXvPP2Uf3GZ9OIAu4pS7+KWWGVoiK0/s+0ZJI0XZMSbyAC/XYs/VxT0MVr/GxLYA
uwCiy+vv62QDJyA6btbWgpv6JEJQskY7B4PnuCeK4Rrsg2SsMINoQIdXIxjVXme2
GTvZ4Ql6NbBrVNrNMBvh7/C57MxmdPRwSDkVEDrIegPV8rL1M3vUHNtQr8B2OJr/
RNHb3IrYet7duuToDPcl21plDQ3MAQCOMiq3cO5LR6fVtCoTLv964GG2LvnF+GbD
DHgpLxzeBxsT3rhvDwOFV6iZkJP2J9AZJf+b+zAZzCh/8k/Zg5RdluB3eQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFATiZRXAjcZZXjB1G0fU45hwg3mXMB8GA1UdIwQY
MBaAFAZlbFrZc4Ny1UwDfjl/Nb6aqSTbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm1Wc1d0bHpnM0xWVEFOLU9YODF2cHFwSk5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zYjlkMjctN2JhNC00MDllLTg4OGMt
OGIwNzYyNTZmMzlkLzEvQk9KbEZjQ054bGxlTUhVYlI5VGptSENEZVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zYjlkMjctN2JhNC00MDllLTg4OGMtOGIwNzYyNTZmMzlk
LzEvQm1Wc1d0bHpnM0xWVEFOLU9YODF2cHFwSk5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSqiMA0E
AgACMAcDBQMqELKAMA0GCSqGSIb3DQEBCwUAA4IBAQBcDu2/yaKoibPXRJQImDs1
PmkqvMUKQGZIoz/hTjjY93D0TaQK8/zpudRhoA728Phb2b9rsB9STwvHVddaI3js
xqwdMdlLBZG2K0wN4LAjnDnRbujiJNvpbcI9NRReAxiydSZHDdEFUOT1B43kkjq9
z/czYXo0LO3zfR7UbHdNE2fjBXjQWDuGPjHNdPmaaVl6zcOI9OhJFERNOeNsH9gF
8qy8JoJCJkGhD1DStFwgnYop0iXlBdPeNY1EDUKls10x1/VKh7eHJYajL+tsmctg
JHz4FmY0F5Dx8S2uI4P3Nd1liwIy9pYsebmvDbhbUvXyBIgPOd7lfxJuCKxmY9UZ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:29 2025 by rpki-client on console.sobornost.net