Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/BzOLHT626_dZxku7qRyu6nnSVD4.roa
File: BzOLHT626_dZxku7qRyu6nnSVD4.roa (raw, json)
Hash identifier: k3gly0jN8TSoV79MGWrtQXXLPEEXN2NmBquAWSAxPOE=
Subject key identifier: 07:33:8B:1D:3E:B6:EB:F7:59:C6:4B:BB:A9:1C:AE:EA:79:D2:54:3E
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 01950000BB4DB34563CBDED39F1EB680DC6F
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/BzOLHT626_dZxku7qRyu6nnSVD4.roa
Signing time: Thu 13 Feb 2025 15:50:02 +0000
ROA not before: Thu 13 Feb 2025 15:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8399
IP address blocks: 37.97.64.0/19 maxlen: 19
37.97.96.0/20 maxlen: 20
37.139.120.0/21 maxlen: 21
65.39.64.0/19 maxlen: 19
80.251.96.0/20 maxlen: 20
81.93.0.0/19 maxlen: 19
88.213.224.0/19 maxlen: 19
157.143.128.0/17 maxlen: 17
178.157.32.0/20 maxlen: 20
178.174.96.0/20 maxlen: 23
178.255.160.0/21 maxlen: 21
185.6.92.0/22 maxlen: 22
185.8.252.0/22 maxlen: 22
185.24.140.0/22 maxlen: 22
185.32.208.0/22 maxlen: 22
185.42.176.0/22 maxlen: 22
185.65.248.0/22 maxlen: 22
185.76.216.0/22 maxlen: 22
185.218.208.0/22 maxlen: 22
185.249.20.0/22 maxlen: 22
195.135.0.0/17 maxlen: 17
195.135.0.0/18 maxlen: 18
195.135.12.0/23 maxlen: 23
195.135.48.0/20 maxlen: 20
195.135.48.0/24 maxlen: 24
217.74.96.0/20 maxlen: 20
217.181.128.0/17 maxlen: 17
2a02:6e8::/32 maxlen: 32
2a02:c440::/29 maxlen: 29
2a05:5cc0::/29 maxlen: 29
2a0b:e3c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:00:00:bb:4d:b3:45:63:cb:de:d3:9f:1e:b6:80:dc:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Feb 13 15:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07338b1d3eb6ebf759c64bbba91caeea79d2543e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d3:33:79:2b:c1:b4:f3:ae:87:aa:b8:6d:bf:
70:dd:2b:f9:83:57:5b:c8:88:74:d6:e5:e6:17:ac:
04:44:95:18:88:c2:58:48:4a:7b:e8:17:24:97:04:
bd:da:57:29:d2:b4:02:71:fb:a8:08:b7:d0:8b:8e:
30:7e:fc:28:e7:96:04:01:d0:9c:de:ee:8c:51:a8:
a8:f6:c2:45:68:d5:0c:13:3e:7a:15:10:f3:54:a4:
65:5a:af:82:dd:78:d6:91:2d:42:1c:c9:d5:fd:15:
ee:56:08:f2:a0:ee:a8:ce:f8:f7:35:0f:67:04:50:
b3:88:6e:e5:11:7d:ef:35:36:9d:d4:36:ce:26:bb:
fd:b8:28:7d:7b:6a:b2:2a:70:7b:f0:3d:67:40:b2:
f6:b3:29:ed:1e:14:06:7d:ef:27:c0:e1:13:eb:e2:
48:2e:cf:eb:25:c1:9b:62:e9:3a:dd:11:0f:f5:42:
0d:7e:b2:6e:24:4b:9f:e7:35:63:38:c3:62:f2:9b:
a7:b2:7b:b4:e4:3c:f6:1d:78:98:0d:3c:9b:a7:ef:
78:e0:ab:34:1e:9c:17:72:85:df:1b:70:8d:ac:d1:
ba:07:55:7b:68:61:52:58:26:a9:ee:39:d8:af:39:
77:7a:29:da:27:1e:46:f5:b2:99:3a:79:c6:d3:8d:
24:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:33:8B:1D:3E:B6:EB:F7:59:C6:4B:BB:A9:1C:AE:EA:79:D2:54:3E
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/BzOLHT626_dZxku7qRyu6nnSVD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.64.0-37.97.111.255
37.139.120.0/21
65.39.64.0/19
80.251.96.0/20
81.93.0.0/19
88.213.224.0/19
157.143.128.0/17
178.157.32.0/20
178.174.96.0/20
178.255.160.0/21
185.6.92.0/22
185.8.252.0/22
185.24.140.0/22
185.32.208.0/22
185.42.176.0/22
185.65.248.0/22
185.76.216.0/22
185.218.208.0/22
185.249.20.0/22
195.135.0.0/17
217.74.96.0/20
217.181.128.0/17
IPv6:
2a02:6e8::/32
2a02:c440::/29
2a05:5cc0::/29
2a0b:e3c0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:de:1d:01:65:05:b4:0a:7f:1d:19:46:16:7c:57:e0:38:1a:
86:d0:66:52:c1:ce:a8:16:bf:2e:9b:b6:ae:a1:c1:f3:91:38:
ff:56:db:b2:78:b3:c2:57:6d:ad:15:1e:72:96:19:84:e2:d0:
a9:e6:a1:82:83:6e:9e:0a:67:2b:5c:ff:b9:10:27:25:d0:79:
84:c5:4e:7b:57:f5:5c:a9:e7:85:81:9a:95:57:0f:5b:7f:af:
a7:40:e4:e4:24:50:e3:fb:b6:a9:8d:cc:5c:6e:69:ce:b7:83:
0e:a8:5d:db:da:a4:0c:36:79:94:b8:f7:97:d5:89:7f:c7:40:
eb:16:0c:d9:e6:cb:ee:d3:ca:80:51:59:6a:f0:9c:61:48:25:
80:d3:0c:24:c5:7e:13:5e:5d:c1:d7:75:ce:80:da:ed:f7:75:
48:47:dc:81:c0:f8:52:ca:91:ec:fe:5c:d6:0c:b1:75:4b:02:
d9:c8:7a:6e:71:9e:29:41:97:e7:74:3a:6a:a8:ed:af:a8:be:
e0:53:40:1d:fc:d8:9f:40:7a:8f:94:7d:cf:6e:ba:33:a9:21:
90:8b:b3:0a:a8:e6:bc:b0:41:aa:09:12:f9:67:00:c1:12:b8:
9c:f0:63:80:27:a3:25:56:0c:f6:7e:7c:54:b7:ea:04:2c:57:
3b:fc:5b:6c
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZUAALtNs0Vjy97Tnx62gNxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjUwMjEzMTU1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzMzOGIxZDNlYjZlYmY3NTljNjRiYmJhOTFjYWVlYTc5ZDI1NDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydMzeSvBtPOuh6q4bb9w3Sv5g1db
yIh01uXmF6wERJUYiMJYSEp76BcklwS92lcp0rQCcfuoCLfQi44wfvwo55YEAdCc
3u6MUaio9sJFaNUMEz56FRDzVKRlWq+C3XjWkS1CHMnV/RXuVgjyoO6ozvj3NQ9n
BFCziG7lEX3vNTad1DbOJrv9uCh9e2qyKnB78D1nQLL2syntHhQGfe8nwOET6+JI
Ls/rJcGbYuk63REP9UINfrJuJEuf5zVjOMNi8punsnu05Dz2HXiYDTybp+944Ks0
HpwXcoXfG3CNrNG6B1V7aGFSWCap7jnYrzl3einaJx5G9bKZOnnG040kvwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFAczix0+tuv3WcZLu6kcrup50lQ+MB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvQnpPTEhUNjI2X2RaeGt1N3FSeXU2bm5TVkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBkwQCAAEwgYwwDAME
BiVhQAMEBCVhYAMEAyWLeAMEBUEnQAMEBFD7YAMEBVFdAAMEBVjV4AMEB52PgAME
BLKdIAMEBLKuYAMEA7L/oAMEArkGXAMEArkI/AMEArkYjAMEArkg0AMEArkqsAME
ArlB+AMEArlM2AMEArna0AMEArn5FAMEB8OHAAMEBNlKYAMEB9m1gDAiBAIAAjAc
AwUAKgIG6AMFAyoCxEADBQMqBVzAAwUDKgvjwDANBgkqhkiG9w0BAQsFAAOCAQEA
b94dAWUFtAp/HRlGFnxX4DgahtBmUsHOqBa/Lpu2rqHB85E4/1bbsnizwldtrRUe
cpYZhOLQqeahgoNungpnK1z/uRAnJdB5hMVOe1f1XKnnhYGalVcPW3+vp0Dk5CRQ
4/u2qY3MXG5pzreDDqhd29qkDDZ5lLj3l9WJf8dA6xYM2ebL7tPKgFFZavCcYUgl
gNMMJMV+E15dwdd1zoDa7fd1SEfcgcD4UsqR7P5c1gyxdUsC2ch6bnGeKUGX53Q6
aqjtr6i+4FNAHfzYn0B6j5R9z266M6khkIuzCqjmvLBBqgkS+WcAwRK4nPBjgCej
JVYM9n58VLfqBCxXO/xbbA==
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:48:05 2025 by rpki-client on console.sobornost.net