Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d6c15a-3dff-44d7-a538-a951f200f652/1/bZLHtasaTPjY31e6RPfAq2RJKnA.roa
File: bZLHtasaTPjY31e6RPfAq2RJKnA.roa (raw, json)
Hash identifier: ID+iO3817M9kW6iqLKBAKlaZVewlrBg5mSajuX6nX2s=
Subject key identifier: 6D:92:C7:B5:AB:1A:4C:F8:D8:DF:57:BA:44:F7:C0:AB:64:49:2A:70
Certificate issuer: /CN=1a29b2a45de0136feabbfae4baa70172aa86619b
Certificate serial: 0194274780B2828FF672C8172150602AB2DB
Authority key identifier: 1A:29:B2:A4:5D:E0:13:6F:EA:BB:FA:E4:BA:A7:01:72:AA:86:61:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GimypF3gE2_qu_rkuqcBcqqGYZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/d6c15a-3dff-44d7-a538-a951f200f652/1/bZLHtasaTPjY31e6RPfAq2RJKnA.roa
Signing time: Thu 02 Jan 2025 13:49:44 +0000
ROA not before: Thu 02 Jan 2025 13:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61201
IP address blocks: 193.36.189.0/24 maxlen: 24
2001:67c:91c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:80:b2:82:8f:f6:72:c8:17:21:50:60:2a:b2:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a29b2a45de0136feabbfae4baa70172aa86619b
Validity
Not Before: Jan 2 13:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d92c7b5ab1a4cf8d8df57ba44f7c0ab64492a70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3d:66:c2:3e:af:e7:09:6f:70:f5:b2:3d:6e:
f6:77:9d:b5:d2:3d:80:f5:5e:34:9c:c2:3c:be:58:
a3:7a:79:7c:d2:05:23:16:7e:a4:19:ea:b3:bb:60:
8d:4a:df:ef:0b:83:6b:54:90:4a:56:29:29:17:2e:
4a:4b:70:9c:dc:68:8f:79:49:2f:2a:64:bd:e7:e9:
49:cb:ac:53:b6:b8:59:ed:8d:e0:8a:59:a5:f6:84:
53:20:00:3c:83:ea:7a:46:6b:4e:dd:b9:c6:84:25:
9a:da:45:5e:0d:5d:60:f4:14:a5:57:93:fb:b1:f7:
2d:25:28:fa:65:dc:07:a6:0d:3f:80:eb:bf:54:8e:
82:66:eb:76:7f:e3:96:a5:53:20:45:0b:ce:ff:c2:
c8:81:31:5c:c0:44:a8:c3:bb:8d:94:71:47:80:05:
22:d6:cb:da:06:16:04:7e:d2:76:70:1a:a7:b7:32:
2a:e9:fb:55:aa:32:49:39:69:e4:21:77:6c:7e:07:
01:63:86:82:14:51:13:77:2f:e2:88:5d:1c:b7:41:
80:7d:22:7a:b2:77:71:bb:cc:89:5e:d7:1d:2f:59:
eb:bd:5b:1a:fb:97:51:03:81:da:e8:58:51:80:42:
6d:8d:de:ac:b2:41:de:9f:eb:3a:cd:a7:03:e0:ab:
67:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:92:C7:B5:AB:1A:4C:F8:D8:DF:57:BA:44:F7:C0:AB:64:49:2A:70
X509v3 Authority Key Identifier:
keyid:1A:29:B2:A4:5D:E0:13:6F:EA:BB:FA:E4:BA:A7:01:72:AA:86:61:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GimypF3gE2_qu_rkuqcBcqqGYZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d6c15a-3dff-44d7-a538-a951f200f652/1/bZLHtasaTPjY31e6RPfAq2RJKnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d6c15a-3dff-44d7-a538-a951f200f652/1/GimypF3gE2_qu_rkuqcBcqqGYZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.189.0/24
IPv6:
2001:67c:91c::/48
Signature Algorithm: sha256WithRSAEncryption
bb:5f:cc:68:53:57:50:a7:c0:e2:55:19:5a:96:4c:af:fb:06:
6a:98:7d:3d:be:d5:35:a5:72:26:ad:2a:26:85:1f:63:b3:97:
89:da:92:51:96:ab:8d:72:b8:b8:0b:40:e4:a2:84:53:f3:42:
49:96:65:22:05:5c:5e:1a:d5:8a:71:2b:22:a1:6f:42:8b:4b:
3c:4d:cc:9a:bf:db:31:ec:40:4d:8d:d1:98:b6:b1:09:4a:fc:
22:0e:2d:ff:dc:c9:f7:19:54:81:c7:82:c2:e2:7a:2f:9e:98:
c3:d3:b5:15:1d:50:17:19:96:4a:ac:18:f4:3d:fd:58:4c:01:
b5:d9:3e:f8:43:de:83:e9:c0:fe:8a:ab:84:b5:7f:fc:2f:02:
1d:a9:bf:5c:31:5c:6c:e6:59:bf:33:f2:96:e2:3b:e4:36:13:
13:c2:06:af:ef:58:77:3f:b2:bd:94:07:c1:77:09:d8:24:ce:
3e:a8:bb:e0:be:7b:b1:3a:c3:39:5d:12:4d:ae:7d:70:18:47:
30:92:18:ef:28:6b:9e:98:a8:c6:e3:14:9c:02:f7:dd:ad:61:
41:46:41:76:50:12:ae:ba:37:d6:73:fc:81:ae:c4:1a:ab:59:
f5:5b:22:3a:e4:7a:38:2d:7b:4b:8b:8f:9e:a3:09:04:96:7a:
cd:16:cc:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQnR4Cygo/2csgXIVBgKrLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMjliMmE0NWRlMDEzNmZlYWJiZmFlNGJhYTcwMTcyYWE4
NjYxOWIwHhcNMjUwMTAyMTM0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDkyYzdiNWFiMWE0Y2Y4ZDhkZjU3YmE0NGY3YzBhYjY0NDkyYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0z1mwj6v5wlvcPWyPW72d5210j2A
9V40nMI8vlijenl80gUjFn6kGeqzu2CNSt/vC4NrVJBKVikpFy5KS3Cc3GiPeUkv
KmS95+lJy6xTtrhZ7Y3gilml9oRTIAA8g+p6RmtO3bnGhCWa2kVeDV1g9BSlV5P7
sfctJSj6ZdwHpg0/gOu/VI6CZut2f+OWpVMgRQvO/8LIgTFcwESow7uNlHFHgAUi
1svaBhYEftJ2cBqntzIq6ftVqjJJOWnkIXdsfgcBY4aCFFETdy/iiF0ct0GAfSJ6
sndxu8yJXtcdL1nrvVsa+5dRA4Ha6FhRgEJtjd6sskHen+s6zacD4KtnpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG2Sx7WrGkz42N9XukT3wKtkSSpwMB8GA1UdIwQY
MBaAFBopsqRd4BNv6rv65LqnAXKqhmGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2lteXBGM2dFMl9xdV9ya3VxY0JjcXFHWVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNmMxNWEtM2RmZi00NGQ3LWE1Mzgt
YTk1MWYyMDBmNjUyLzEvYlpMSHRhc2FUUGpZMzFlNlJQZkFxMlJKS25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kNmMxNWEtM2RmZi00NGQ3LWE1MzgtYTk1MWYyMDBmNjUy
LzEvR2lteXBGM2dFMl9xdV9ya3VxY0JjcXFHWVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwSS9MA8E
AgACMAkDBwAgAQZ8CRwwDQYJKoZIhvcNAQELBQADggEBALtfzGhTV1CnwOJVGVqW
TK/7BmqYfT2+1TWlciatKiaFH2Ozl4naklGWq41yuLgLQOSihFPzQkmWZSIFXF4a
1YpxKyKhb0KLSzxNzJq/2zHsQE2N0Zi2sQlK/CIOLf/cyfcZVIHHgsLiei+emMPT
tRUdUBcZlkqsGPQ9/VhMAbXZPvhD3oPpwP6Kq4S1f/wvAh2pv1wxXGzmWb8z8pbi
O+Q2ExPCBq/vWHc/sr2UB8F3Cdgkzj6ou+C+e7E6wzldEk2ufXAYRzCSGO8oa56Y
qMbjFJwC992tYUFGQXZQEq66N9Zz/IGuxBqrWfVbIjrkejgte0uLj56jCQSWes0W
zKs=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:40 2025 by rpki-client on console.sobornost.net