Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/76dba0-d86b-4d84-b15a-4d6d1256bf9b/1/bxyMDkypoYoPE36odgLUanwOaLY.roa
File: bxyMDkypoYoPE36odgLUanwOaLY.roa (raw, json)
Hash identifier: /Tdt2l601ImlNiIyf1pfayzYn4s0xCETamIww0AgaGc=
Subject key identifier: 6F:1C:8C:0E:4C:A9:A1:8A:0F:13:7E:A8:76:02:D4:6A:7C:0E:68:B6
Certificate issuer: /CN=be5271f0e1587c14434f2480f91410185507cfa1
Certificate serial: 019426D9812BC2222225894A3725CF1B0B2F
Authority key identifier: BE:52:71:F0:E1:58:7C:14:43:4F:24:80:F9:14:10:18:55:07:CF:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vlJx8OFYfBRDTySA-RQQGFUHz6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/76dba0-d86b-4d84-b15a-4d6d1256bf9b/1/bxyMDkypoYoPE36odgLUanwOaLY.roa
Signing time: Thu 02 Jan 2025 11:49:36 +0000
ROA not before: Thu 02 Jan 2025 11:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202604
IP address blocks: 185.159.96.0/22 maxlen: 23
2a07:b380::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:81:2b:c2:22:22:25:89:4a:37:25:cf:1b:0b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5271f0e1587c14434f2480f91410185507cfa1
Validity
Not Before: Jan 2 11:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f1c8c0e4ca9a18a0f137ea87602d46a7c0e68b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7b:ac:bf:e5:c5:ad:54:56:a8:73:5a:65:28:
d2:08:7d:6e:2d:3a:1a:b3:56:47:5c:2d:3b:a7:98:
74:c4:25:08:30:ee:53:1d:dd:86:f1:d4:0c:11:27:
6c:f7:bf:b8:51:cb:bd:75:ae:17:6b:15:cf:db:16:
03:01:dd:e5:33:0f:2e:bd:25:41:a6:f0:83:63:d6:
8d:b5:1d:c7:4c:b2:f2:c0:27:c3:d0:18:36:53:8e:
88:a0:75:b4:bb:bf:9c:e8:d2:c5:6b:d3:ed:56:57:
4b:e1:fb:f9:f6:0a:97:b0:76:0f:c3:6a:b0:55:ce:
4c:bc:7a:a1:7b:85:5a:10:f1:82:f1:77:2c:f0:5f:
10:cb:bf:f1:22:62:f4:5f:89:9d:c1:25:2c:ad:06:
a7:62:cd:74:74:56:94:1d:cb:96:a0:08:2c:1a:ac:
c0:28:2b:ea:f0:e0:9a:9c:2e:19:d9:f2:4d:06:5f:
c3:9a:71:8b:db:32:17:a5:2e:c9:a7:5a:f8:b5:6c:
fe:04:91:e7:09:20:78:f2:97:7a:2e:a0:f0:5c:fc:
50:e9:9b:ae:57:8e:1e:a1:96:61:69:e3:39:f5:82:
62:91:29:15:84:98:12:a0:d9:65:61:51:72:5a:f3:
33:54:68:ed:2a:bb:a4:2d:2d:14:c3:38:c0:6f:70:
e5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:1C:8C:0E:4C:A9:A1:8A:0F:13:7E:A8:76:02:D4:6A:7C:0E:68:B6
X509v3 Authority Key Identifier:
keyid:BE:52:71:F0:E1:58:7C:14:43:4F:24:80:F9:14:10:18:55:07:CF:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlJx8OFYfBRDTySA-RQQGFUHz6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/76dba0-d86b-4d84-b15a-4d6d1256bf9b/1/bxyMDkypoYoPE36odgLUanwOaLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/76dba0-d86b-4d84-b15a-4d6d1256bf9b/1/vlJx8OFYfBRDTySA-RQQGFUHz6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.96.0/22
IPv6:
2a07:b380::/29
Signature Algorithm: sha256WithRSAEncryption
64:9b:a1:86:28:0a:20:43:b5:17:83:cf:37:b1:ee:25:21:7f:
88:d8:49:16:4d:24:25:55:66:0d:9c:12:e9:92:1c:87:98:22:
f9:bb:68:9b:fa:77:20:2d:1d:c5:0f:fc:64:41:53:e7:c9:9f:
81:eb:03:a1:7d:1c:69:75:b7:87:ee:4b:5f:c3:6c:25:a5:d1:
d1:cb:ad:0a:a4:ac:de:43:07:e9:34:0f:76:ea:b2:f0:e5:26:
00:be:3d:1c:fb:c6:60:03:f6:b8:a5:4e:46:5b:fe:12:b5:5e:
c6:66:cb:ba:21:97:85:8c:b0:db:d8:aa:96:9b:16:26:3e:4c:
f4:98:f1:9f:eb:81:e0:e8:eb:c3:3d:1c:7c:ac:6e:36:b8:b3:
ed:fc:22:37:55:56:a9:3c:8c:d1:d0:21:ce:75:81:97:6b:ec:
b8:6b:ab:be:ed:0c:cc:56:8d:23:3f:25:1f:2d:b8:95:ae:b3:
11:df:28:65:e4:02:bf:da:4e:64:2b:4a:58:80:2f:c2:50:b2:
af:29:46:b8:81:3c:3e:65:13:42:07:74:a2:d5:42:87:3f:85:
02:61:3b:6c:89:7e:eb:15:90:c8:fd:1a:75:3a:a1:b4:b7:3a:
23:94:75:ed:93:33:f1:f5:aa:81:b1:2f:64:d5:9e:22:05:b3:
bb:3b:0d:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2YErwiIiJYlKNyXPGwsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTI3MWYwZTE1ODdjMTQ0MzRmMjQ4MGY5MTQxMDE4NTUw
N2NmYTEwHhcNMjUwMTAyMTE0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjFjOGMwZTRjYTlhMThhMGYxMzdlYTg3NjAyZDQ2YTdjMGU2OGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnusv+XFrVRWqHNaZSjSCH1uLToa
s1ZHXC07p5h0xCUIMO5THd2G8dQMESds97+4Ucu9da4XaxXP2xYDAd3lMw8uvSVB
pvCDY9aNtR3HTLLywCfD0Bg2U46IoHW0u7+c6NLFa9PtVldL4fv59gqXsHYPw2qw
Vc5MvHqhe4VaEPGC8Xcs8F8Qy7/xImL0X4mdwSUsrQanYs10dFaUHcuWoAgsGqzA
KCvq8OCanC4Z2fJNBl/DmnGL2zIXpS7Jp1r4tWz+BJHnCSB48pd6LqDwXPxQ6Zuu
V44eoZZhaeM59YJikSkVhJgSoNllYVFyWvMzVGjtKrukLS0UwzjAb3DlKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG8cjA5MqaGKDxN+qHYC1Gp8Dmi2MB8GA1UdIwQY
MBaAFL5ScfDhWHwUQ08kgPkUEBhVB8+hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxKeDhPRllmQlJEVHlTQS1SUVFHRlVIejZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny83NmRiYTAtZDg2Yi00ZDg0LWIxNWEt
NGQ2ZDEyNTZiZjliLzEvYnh5TURreXBvWW9QRTM2b2RnTFVhbndPYUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny83NmRiYTAtZDg2Yi00ZDg0LWIxNWEtNGQ2ZDEyNTZiZjli
LzEvdmxKeDhPRllmQlJEVHlTQS1SUVFHRlVIejZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZ9gMA0E
AgACMAcDBQMqB7OAMA0GCSqGSIb3DQEBCwUAA4IBAQBkm6GGKAogQ7UXg883se4l
IX+I2EkWTSQlVWYNnBLpkhyHmCL5u2ib+ncgLR3FD/xkQVPnyZ+B6wOhfRxpdbeH
7ktfw2wlpdHRy60KpKzeQwfpNA926rLw5SYAvj0c+8ZgA/a4pU5GW/4StV7GZsu6
IZeFjLDb2KqWmxYmPkz0mPGf64Hg6OvDPRx8rG42uLPt/CI3VVapPIzR0CHOdYGX
a+y4a6u+7QzMVo0jPyUfLbiVrrMR3yhl5AK/2k5kK0pYgC/CULKvKUa4gTw+ZRNC
B3Si1UKHP4UCYTtsiX7rFZDI/Rp1OqG0tzojlHXtkzPx9aqBsS9k1Z4iBbO7Ow13
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:28 2025 by rpki-client on console.sobornost.net