Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/c9e115-1236-4fda-a033-99eea1f0a354/1/BXSG7yvBfzfSNaMTJpttdMTmSwI.roa
File: BXSG7yvBfzfSNaMTJpttdMTmSwI.roa (raw, json)
Hash identifier: 1RyXuzT18l9m34jhodBKLjc26bjq4on+qltizIR39go=
Subject key identifier: 05:74:86:EF:2B:C1:7F:37:D2:35:A3:13:26:9B:6D:74:C4:E6:4B:02
Certificate issuer: /CN=1e0e4d2dbde986fdc25bf3bf75637852da87abf1
Certificate serial: 01943B7DAACF5D883EE87EBAE2C6F4166F6D
Authority key identifier: 1E:0E:4D:2D:BD:E9:86:FD:C2:5B:F3:BF:75:63:78:52:DA:87:AB:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hg5NLb3phv3CW_O_dWN4UtqHq_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/c9e115-1236-4fda-a033-99eea1f0a354/1/BXSG7yvBfzfSNaMTJpttdMTmSwI.roa
Signing time: Mon 06 Jan 2025 12:01:19 +0000
ROA not before: Mon 06 Jan 2025 12:01:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202790
IP address blocks: 146.19.201.0/24 maxlen: 24
185.152.124.0/22 maxlen: 24
185.152.124.0/24 maxlen: 24
185.152.125.0/24 maxlen: 24
185.152.126.0/24 maxlen: 24
185.152.127.0/24 maxlen: 24
212.18.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3b:7d:aa:cf:5d:88:3e:e8:7e:ba:e2:c6:f4:16:6f:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e0e4d2dbde986fdc25bf3bf75637852da87abf1
Validity
Not Before: Jan 6 12:01:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=057486ef2bc17f37d235a313269b6d74c4e64b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:be:30:fa:c4:7e:8f:ec:e0:37:27:48:31:da:
9d:db:c4:64:c7:73:73:1f:ae:9a:e2:7a:16:c9:d4:
15:0b:3f:92:ba:9d:b8:fa:7a:7a:aa:7b:60:64:32:
3a:a7:c1:a8:55:8f:72:28:32:62:e3:0d:5f:23:53:
7c:e5:d6:ef:57:1c:c0:69:25:ed:30:33:ad:e6:1d:
91:66:41:41:5a:b8:d2:73:d3:9e:8a:91:47:db:21:
16:37:b9:99:03:e1:5f:85:8e:99:41:76:bf:fb:52:
24:de:71:6b:17:05:ed:64:e6:d7:d4:c5:60:2e:2b:
ce:bf:20:71:c5:23:d9:3f:ca:5c:a1:9d:c5:e0:c8:
33:7c:79:54:05:53:26:c2:09:d0:e2:76:f2:96:e4:
cb:df:ba:7d:25:44:d9:ce:fe:5c:9d:85:8e:82:45:
1a:22:28:35:d2:98:fc:64:81:ee:46:96:aa:59:ba:
e8:4e:d4:f1:ad:99:b1:ce:f5:f5:da:95:00:d5:93:
08:c5:46:2f:15:2e:6e:7f:46:b6:f5:69:46:3c:65:
b4:b4:62:77:99:a7:06:33:91:1e:71:4a:a3:a1:bf:
32:cc:10:a2:c3:cd:c9:64:84:e1:ee:0a:a5:0e:ab:
88:c3:fb:d5:86:ed:73:b6:a0:14:87:52:4a:fe:71:
ac:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:74:86:EF:2B:C1:7F:37:D2:35:A3:13:26:9B:6D:74:C4:E6:4B:02
X509v3 Authority Key Identifier:
keyid:1E:0E:4D:2D:BD:E9:86:FD:C2:5B:F3:BF:75:63:78:52:DA:87:AB:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hg5NLb3phv3CW_O_dWN4UtqHq_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/c9e115-1236-4fda-a033-99eea1f0a354/1/BXSG7yvBfzfSNaMTJpttdMTmSwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/c9e115-1236-4fda-a033-99eea1f0a354/1/Hg5NLb3phv3CW_O_dWN4UtqHq_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.201.0/24
185.152.124.0/22
212.18.121.0/24
Signature Algorithm: sha256WithRSAEncryption
65:83:bb:a9:74:5a:62:58:5c:eb:b7:bd:7a:e3:b9:58:42:f4:
82:15:03:1d:31:39:f3:32:fa:a3:b0:22:2c:76:b6:15:03:73:
2c:75:ad:a4:17:89:1b:6a:1d:78:98:b2:8b:67:06:ec:94:a8:
a1:da:f2:06:80:84:5b:6a:95:5e:e5:a9:bc:7c:50:c4:a9:f0:
82:df:5b:c6:e8:d6:d5:dd:ce:41:05:0e:a9:f4:eb:5a:d7:36:
84:19:0c:2e:3b:6b:2c:0c:fd:01:2a:1e:f3:55:b3:96:f1:b8:
fe:51:c0:9a:68:b4:6d:8c:8b:46:ad:10:13:31:38:fc:33:0d:
9d:09:7d:78:47:f8:1a:69:a4:5c:4a:66:76:17:2c:6b:30:e7:
5d:59:7c:08:bd:78:4a:e5:2a:b8:3b:2f:6f:d2:a3:eb:7e:ba:
37:0a:13:81:15:36:22:d9:2a:80:83:8b:d5:73:be:55:d3:29:
5f:2a:34:40:c0:96:14:3f:16:d6:33:e0:8e:ab:a5:d4:2c:a4:
95:62:73:ef:70:2d:9a:98:8e:e0:4d:91:cf:23:81:33:f5:47:
30:c6:32:f8:f3:4b:59:0d:26:89:e7:f0:b1:28:68:75:eb:12:
0d:a0:44:ab:99:ab:6d:60:94:96:8a:1e:7c:39:b8:59:69:91:
a3:2a:e9:1b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQ7farPXYg+6H664sb0Fm9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMGU0ZDJkYmRlOTg2ZmRjMjViZjNiZjc1NjM3ODUyZGE4
N2FiZjEwHhcNMjUwMTA2MTIwMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTc0ODZlZjJiYzE3ZjM3ZDIzNWEzMTMyNjliNmQ3NGM0ZTY0YjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA474w+sR+j+zgNydIMdqd28Rkx3Nz
H66a4noWydQVCz+Sup24+np6qntgZDI6p8GoVY9yKDJi4w1fI1N85dbvVxzAaSXt
MDOt5h2RZkFBWrjSc9OeipFH2yEWN7mZA+FfhY6ZQXa/+1Ik3nFrFwXtZObX1MVg
LivOvyBxxSPZP8pcoZ3F4MgzfHlUBVMmwgnQ4nbyluTL37p9JUTZzv5cnYWOgkUa
Iig10pj8ZIHuRpaqWbroTtTxrZmxzvX12pUA1ZMIxUYvFS5uf0a29WlGPGW0tGJ3
macGM5EecUqjob8yzBCiw83JZITh7gqlDquIw/vVhu1ztqAUh1JK/nGs9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAV0hu8rwX830jWjEyabbXTE5ksCMB8GA1UdIwQY
MBaAFB4OTS296Yb9wlvzv3VjeFLah6vxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGc1TkxiM3BodjNDV19PX2RXTjRVdHFIcV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jOWUxMTUtMTIzNi00ZmRhLWEwMzMt
OTllZWExZjBhMzU0LzEvQlhTRzd5dkJmemZTTmFNVEpwdHRkTVRtU3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9jOWUxMTUtMTIzNi00ZmRhLWEwMzMtOTllZWExZjBhMzU0
LzEvSGc1TkxiM3BodjNDV19PX2RXTjRVdHFIcV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkhPJAwQC
uZh8AwQA1BJ5MA0GCSqGSIb3DQEBCwUAA4IBAQBlg7updFpiWFzrt71647lYQvSC
FQMdMTnzMvqjsCIsdrYVA3Msda2kF4kbah14mLKLZwbslKih2vIGgIRbapVe5am8
fFDEqfCC31vG6NbV3c5BBQ6p9Ota1zaEGQwuO2ssDP0BKh7zVbOW8bj+UcCaaLRt
jItGrRATMTj8Mw2dCX14R/gaaaRcSmZ2FyxrMOddWXwIvXhK5Sq4Oy9v0qPrfro3
ChOBFTYi2SqAg4vVc75V0ylfKjRAwJYUPxbWM+COq6XULKSVYnPvcC2amI7gTZHP
I4Ez9UcwxjL480tZDSaJ5/CxKGh16xINoESrmattYJSWih58ObhZaZGjKukb
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:31 2025 by rpki-client on console.sobornost.net