Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/Bx5AqFrmCEvvpg5PP6G3iYi6cm8.roa
File: Bx5AqFrmCEvvpg5PP6G3iYi6cm8.roa (raw, json)
Hash identifier: nv+50RjE0P7RZsHAtUfv4vKeiING47CC1niIjtZ9NmE=
Subject key identifier: 07:1E:40:A8:5A:E6:08:4B:EF:A6:0E:4F:3F:A1:B7:89:88:BA:72:6F
Certificate issuer: /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial: 01958F082233DF83153E2D2B35363C6BC55D
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/Bx5AqFrmCEvvpg5PP6G3iYi6cm8.roa
Signing time: Thu 13 Mar 2025 10:23:49 +0000
ROA not before: Thu 13 Mar 2025 10:23:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59675
IP address blocks: 31.220.150.0/24 maxlen: 24
128.0.144.0/23 maxlen: 24
128.0.144.0/24 maxlen: 24
128.0.145.0/24 maxlen: 24
128.0.146.0/23 maxlen: 23
128.0.148.0/23 maxlen: 23
128.0.150.0/24 maxlen: 24
128.0.151.0/24 maxlen: 24
128.0.152.0/24 maxlen: 24
128.0.153.0/24 maxlen: 24
128.0.154.0/24 maxlen: 24
185.5.8.0/23 maxlen: 24
185.5.8.0/24 maxlen: 24
185.5.9.0/24 maxlen: 24
213.185.78.0/23 maxlen: 23
213.185.80.0/22 maxlen: 24
213.185.80.0/24 maxlen: 24
213.185.84.0/23 maxlen: 23
2a02:45c0::/32 maxlen: 48
2a02:45c0::/48 maxlen: 48
2a02:45c0:3::/48 maxlen: 48
2a02:45c0:7::/48 maxlen: 48
2a02:45c0:8::/48 maxlen: 48
2a02:45c0:9::/48 maxlen: 48
2a02:45c0:10::/48 maxlen: 48
2a02:45c0:13::/48 maxlen: 48
2a02:45c0:18::/48 maxlen: 48
2a02:45c0:19::/48 maxlen: 48
2a02:45c0:20::/48 maxlen: 48
2a02:45c0:fffe::/48 maxlen: 48
2a02:45c0:ffff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:08:22:33:df:83:15:3e:2d:2b:35:36:3c:6b:c5:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Validity
Not Before: Mar 13 10:23:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=071e40a85ae6084befa60e4f3fa1b78988ba726f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:8e:ce:25:af:4b:94:cb:1c:fa:20:12:12:ab:
63:7e:ed:97:e7:ba:22:0c:11:7b:b3:75:da:62:d8:
27:25:55:cc:3d:e0:f8:88:77:72:20:6b:e8:c0:6e:
2a:ea:35:79:8f:16:7d:9b:6f:89:e6:40:a6:ee:7e:
66:98:21:ca:6f:75:38:b6:02:bd:7e:42:bc:00:3d:
e6:d3:c4:c9:52:de:6d:d2:db:a8:51:e4:99:9f:c0:
85:0e:67:bc:f8:5f:31:21:65:ce:1f:c7:7f:1e:54:
a1:c6:d3:87:93:d2:e6:36:38:94:1d:ce:00:f0:41:
57:24:cf:36:a2:f0:70:5d:7c:00:15:b0:f7:52:d6:
8a:b6:d5:c4:c4:66:db:07:d8:06:da:12:be:da:4e:
a1:5b:21:21:64:be:46:31:c2:78:66:08:78:b1:9c:
cc:21:81:c3:ed:71:d0:d2:78:5f:29:fb:0a:6e:bb:
62:0c:53:25:5b:9c:0f:30:a0:dc:02:13:71:31:47:
52:90:3b:ad:63:1a:f3:ac:cd:15:e9:3e:72:50:32:
e8:54:8f:f8:94:a0:a6:74:15:82:6f:9f:93:cf:ea:
ff:dc:58:b8:2a:14:27:21:1d:5d:97:5e:12:31:39:
d6:6d:39:d5:33:b1:0f:fa:9b:e7:08:11:94:23:29:
bf:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:1E:40:A8:5A:E6:08:4B:EF:A6:0E:4F:3F:A1:B7:89:88:BA:72:6F
X509v3 Authority Key Identifier:
keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/Bx5AqFrmCEvvpg5PP6G3iYi6cm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.150.0/24
128.0.144.0-128.0.154.255
185.5.8.0/23
213.185.78.0-213.185.85.255
IPv6:
2a02:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
6c:7c:11:79:54:b8:51:60:a9:f9:5c:91:10:1b:22:c2:de:d6:
d8:d8:65:56:a7:6b:bb:24:5a:88:1b:d8:fb:49:e3:cc:22:39:
3e:0b:cd:a9:6a:b2:13:29:1e:56:a0:a1:56:c7:d2:0a:5f:40:
ef:3c:9f:01:16:28:67:65:27:c2:21:b4:ab:fe:dc:63:3f:4e:
c2:bd:20:5b:87:7f:d1:69:b6:2d:4e:04:27:04:29:b6:be:fb:
4c:62:76:97:03:50:4c:06:3f:6f:b5:b3:12:a6:f5:d4:66:f5:
1a:d9:f3:cd:01:54:63:68:43:93:99:2b:68:65:e8:91:a3:a5:
95:06:5f:49:14:c8:0b:12:1c:51:d0:98:ae:8f:91:18:1d:d4:
54:c1:4c:29:b9:b7:74:23:12:92:fa:c7:df:02:5e:d0:f0:6f:
56:3d:8e:86:01:48:a9:48:e2:92:1c:34:e8:6d:ca:cd:1a:60:
32:66:d5:fd:39:8d:d9:86:d8:52:13:0c:17:16:4d:00:d7:33:
a2:8e:46:ae:88:4d:fe:ae:be:b2:cc:44:ef:4c:69:ae:12:0f:
40:b0:7c:64:fe:a0:90:ee:b5:6f:81:ce:41:4c:a0:73:7a:61:
29:0c:6c:e8:27:52:58:8f:07:e5:95:48:8d:b2:69:ce:de:a9:
2c:9f:4b:0f
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZWPCCIz34MVPi0rNTY8a8VdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDRmOGU0NzYyMzc3Zjg2YjA3YTg3NTNmNmU5OGY2ZjRi
NmI3OTIwHhcNMjUwMzEzMTAyMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzFlNDBhODVhZTYwODRiZWZhNjBlNGYzZmExYjc4OTg4YmE3MjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA847OJa9LlMsc+iASEqtjfu2X57oi
DBF7s3XaYtgnJVXMPeD4iHdyIGvowG4q6jV5jxZ9m2+J5kCm7n5mmCHKb3U4tgK9
fkK8AD3m08TJUt5t0tuoUeSZn8CFDme8+F8xIWXOH8d/HlShxtOHk9LmNjiUHc4A
8EFXJM82ovBwXXwAFbD3UtaKttXExGbbB9gG2hK+2k6hWyEhZL5GMcJ4Zgh4sZzM
IYHD7XHQ0nhfKfsKbrtiDFMlW5wPMKDcAhNxMUdSkDutYxrzrM0V6T5yUDLoVI/4
lKCmdBWCb5+Tz+r/3Fi4KhQnIR1dl14SMTnWbTnVM7EP+pvnCBGUIym/gQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFAceQKha5ghL76YOTz+ht4mIunJvMB8GA1UdIwQY
MBaAFNvU+OR2I3f4aweodT9umPb0treSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUt
NjIwYTc5Y2Y3OTJiLzEvQng1QXFGcm1DRXZ2cGc1UFA2RzNpWWk2Y204LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUtNjIwYTc5Y2Y3OTJi
LzEvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQAH9yWMAwD
BASAAJADBACAAJoDBAG5BQgwDAMEAdW5TgMEAdW5VDANBAIAAjAHAwUAKgJFwDAN
BgkqhkiG9w0BAQsFAAOCAQEAbHwReVS4UWCp+VyREBsiwt7W2NhlVqdruyRaiBvY
+0njzCI5PgvNqWqyEykeVqChVsfSCl9A7zyfARYoZ2UnwiG0q/7cYz9Owr0gW4d/
0Wm2LU4EJwQptr77TGJ2lwNQTAY/b7WzEqb11Gb1GtnzzQFUY2hDk5kraGXokaOl
lQZfSRTICxIcUdCYro+RGB3UVMFMKbm3dCMSkvrH3wJe0PBvVj2OhgFIqUjikhw0
6G3KzRpgMmbV/TmN2YbYUhMMFxZNANczoo5GrohN/q6+ssxE70xprhIPQLB8ZP6g
kO61b4HOQUygc3phKQxs6CdSWI8H5ZVIjbJpzt6pLJ9LDw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:14 2025 by rpki-client on console.sobornost.net