Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/48c28a-0848-4b0b-914a-0ea1e123417a/1/bh_jxWLWM4ERu-tO2W_vtiAaR34.roa
File: bh_jxWLWM4ERu-tO2W_vtiAaR34.roa (raw, json)
Hash identifier: q67OJI4bSTnxGyWpXxOC2jeYAfoLHFvQvpzctzRe0VE=
Subject key identifier: 6E:1F:E3:C5:62:D6:33:81:11:BB:EB:4E:D9:6F:EF:B6:20:1A:47:7E
Certificate issuer: /CN=c8f2345a3fea4b3dbf25cb120f1b7842536268cd
Certificate serial: 019523544F5BC91BC859E026C024350F1C96
Authority key identifier: C8:F2:34:5A:3F:EA:4B:3D:BF:25:CB:12:0F:1B:78:42:53:62:68:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPI0Wj_qSz2_JcsSDxt4QlNiaM0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/48c28a-0848-4b0b-914a-0ea1e123417a/1/bh_jxWLWM4ERu-tO2W_vtiAaR34.roa
Signing time: Thu 20 Feb 2025 12:28:02 +0000
ROA not before: Thu 20 Feb 2025 12:28:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59478
IP address blocks: 91.241.192.0/20 maxlen: 20
91.241.196.0/23 maxlen: 23
91.241.198.0/24 maxlen: 24
91.241.208.0/20 maxlen: 20
91.241.224.0/20 maxlen: 20
91.241.240.0/20 maxlen: 20
91.241.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:23:54:4f:5b:c9:1b:c8:59:e0:26:c0:24:35:0f:1c:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f2345a3fea4b3dbf25cb120f1b7842536268cd
Validity
Not Before: Feb 20 12:28:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e1fe3c562d6338111bbeb4ed96fefb6201a477e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d2:37:0d:b5:92:21:cc:bb:db:7e:7d:6e:48:
47:87:19:58:02:90:6e:76:8a:54:18:16:3d:3d:23:
88:bd:83:51:4b:8f:0a:31:d5:d5:3f:f6:61:89:4f:
8f:c0:7a:6f:e8:f3:2c:17:c9:81:68:6d:ee:b4:7f:
a2:0a:7b:ac:7d:89:68:7a:44:66:a0:25:fb:1d:9a:
b8:7a:08:7e:ce:82:8e:e2:85:2b:c1:58:f3:d1:a8:
39:88:93:6e:cf:fc:78:71:7a:8b:58:ef:84:20:a9:
d0:37:8c:d9:8d:46:94:77:ca:b5:1d:dc:a4:55:00:
6f:2f:63:ab:6b:8e:60:8c:18:ed:76:0f:fc:f4:e2:
82:06:93:3e:95:0e:0e:51:f7:91:c2:b7:e2:0b:3d:
c3:e7:35:3b:b0:d9:6d:a7:6b:a5:35:12:dd:87:61:
37:6c:cc:03:b1:f2:ff:03:b5:76:06:58:1f:f4:34:
3d:73:ea:bb:77:12:49:0c:60:a9:79:40:f8:9c:dd:
2d:27:da:51:04:3d:16:b7:a3:8d:75:e2:a3:0a:91:
a0:36:1b:0f:db:59:e1:b7:f1:ef:e4:67:c1:10:8a:
88:32:6b:63:2a:cf:fb:9a:b0:fa:41:c3:c6:8a:84:
c9:3a:4b:51:3c:ff:fa:c9:26:5c:9e:3a:22:b8:ef:
04:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:1F:E3:C5:62:D6:33:81:11:BB:EB:4E:D9:6F:EF:B6:20:1A:47:7E
X509v3 Authority Key Identifier:
keyid:C8:F2:34:5A:3F:EA:4B:3D:BF:25:CB:12:0F:1B:78:42:53:62:68:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPI0Wj_qSz2_JcsSDxt4QlNiaM0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/48c28a-0848-4b0b-914a-0ea1e123417a/1/bh_jxWLWM4ERu-tO2W_vtiAaR34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/48c28a-0848-4b0b-914a-0ea1e123417a/1/yPI0Wj_qSz2_JcsSDxt4QlNiaM0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.192.0/18
Signature Algorithm: sha256WithRSAEncryption
aa:a4:45:d8:de:54:ba:fa:b6:b8:24:7f:df:16:dd:c1:56:60:
16:04:5f:e8:84:c2:59:65:0a:60:81:96:b0:aa:bf:14:a7:35:
f9:37:c6:1b:ff:29:1a:be:92:65:27:9b:59:78:dd:f5:aa:42:
ad:89:6a:36:03:cf:f7:8f:8b:c4:67:e8:e1:77:99:c0:74:a8:
49:8a:dc:a5:7d:a8:dd:c7:20:a7:dd:a3:4e:7d:b3:e8:ef:4c:
e1:3a:1f:a8:02:2f:54:3f:ae:71:e7:e6:2b:80:d7:df:78:70:
93:d9:86:7d:25:eb:d1:a7:b0:c2:f1:f7:07:7e:d9:0d:98:21:
51:af:dd:2a:b0:db:81:57:c9:30:6e:4e:75:f0:99:07:01:ff:
7f:57:d7:8f:04:4e:3d:c9:68:b4:f1:8e:7d:e3:5d:ca:61:64:
30:22:02:e5:ae:7e:0b:da:58:94:0a:61:c4:42:36:76:07:a8:
ac:b7:92:11:e9:5e:65:ee:b9:eb:16:e5:43:3f:90:3a:b4:41:
60:cf:40:09:ed:e2:92:b2:73:fb:2d:32:c6:81:00:4d:c4:b6:
50:90:b8:39:57:80:e8:68:2c:8a:9d:a4:3c:b5:d8:8d:64:29:
a7:4a:41:7b:58:80:85:4d:53:ee:72:cc:4d:d5:05:57:53:1d:
ab:4a:1b:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUjVE9byRvIWeAmwCQ1DxyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjIzNDVhM2ZlYTRiM2RiZjI1Y2IxMjBmMWI3ODQyNTM2
MjY4Y2QwHhcNMjUwMjIwMTIyODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTFmZTNjNTYyZDYzMzgxMTFiYmViNGVkOTZmZWZiNjIwMWE0NzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dI3DbWSIcy72359bkhHhxlYApBu
dopUGBY9PSOIvYNRS48KMdXVP/ZhiU+PwHpv6PMsF8mBaG3utH+iCnusfYloekRm
oCX7HZq4egh+zoKO4oUrwVjz0ag5iJNuz/x4cXqLWO+EIKnQN4zZjUaUd8q1Hdyk
VQBvL2Ora45gjBjtdg/89OKCBpM+lQ4OUfeRwrfiCz3D5zU7sNltp2ulNRLdh2E3
bMwDsfL/A7V2Blgf9DQ9c+q7dxJJDGCpeUD4nN0tJ9pRBD0Wt6ONdeKjCpGgNhsP
21nht/Hv5GfBEIqIMmtjKs/7mrD6QcPGioTJOktRPP/6ySZcnjoiuO8E8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4f48Vi1jOBEbvrTtlv77YgGkd+MB8GA1UdIwQY
MBaAFMjyNFo/6ks9vyXLEg8beEJTYmjNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBJMFdqX3FTejJfSmNzU0R4dDRRbE5pYU0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC80OGMyOGEtMDg0OC00YjBiLTkxNGEt
MGVhMWUxMjM0MTdhLzEvYmhfanhXTFdNNEVSdS10TzJXX3Z0aUFhUjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC80OGMyOGEtMDg0OC00YjBiLTkxNGEtMGVhMWUxMjM0MTdh
LzEveVBJMFdqX3FTejJfSmNzU0R4dDRRbE5pYU0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGW/HAMA0G
CSqGSIb3DQEBCwUAA4IBAQCqpEXY3lS6+ra4JH/fFt3BVmAWBF/ohMJZZQpggZaw
qr8UpzX5N8Yb/ykavpJlJ5tZeN31qkKtiWo2A8/3j4vEZ+jhd5nAdKhJitylfajd
xyCn3aNOfbPo70zhOh+oAi9UP65x5+YrgNffeHCT2YZ9JevRp7DC8fcHftkNmCFR
r90qsNuBV8kwbk518JkHAf9/V9ePBE49yWi08Y59413KYWQwIgLlrn4L2liUCmHE
QjZ2B6ist5IR6V5l7rnrFuVDP5A6tEFgz0AJ7eKSsnP7LTLGgQBNxLZQkLg5V4Do
aCyKnaQ8tdiNZCmnSkF7WICFTVPucsxN1QVXUx2rShtn
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:18 2025 by rpki-client on console.sobornost.net