Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/bkFu5lpbMCNQfDrUwHK85noTE8w.roa
File: bkFu5lpbMCNQfDrUwHK85noTE8w.roa (raw, json)
Hash identifier: LF7GIBSOnpzm9vehsDsQICT9UHecDF3rayxCzLBTmJc=
Subject key identifier: 6E:41:6E:E6:5A:5B:30:23:50:7C:3A:D4:C0:72:BC:E6:7A:13:13:CC
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 01961AC26ECB88D980495A4BA3C0455C35B0
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/bkFu5lpbMCNQfDrUwHK85noTE8w.roa
Signing time: Wed 09 Apr 2025 13:34:32 +0000
ROA not before: Wed 09 Apr 2025 13:34:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132399
IP address blocks: 57.191.95.0/24 maxlen: 24
57.191.96.0/19 maxlen: 24
57.191.160.0/19 maxlen: 24
57.250.49.0/24 maxlen: 24
57.250.51.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1a:c2:6e:cb:88:d9:80:49:5a:4b:a3:c0:45:5c:35:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Apr 9 13:34:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e416ee65a5b3023507c3ad4c072bce67a1313cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b7:82:41:90:67:50:68:8f:12:88:f9:d7:e0:
1e:fb:c4:de:d4:57:9f:0a:ed:08:ce:22:97:90:cc:
79:55:3c:fa:7b:0a:1d:59:5c:88:9d:28:44:da:56:
89:86:30:6a:01:bc:3c:e8:58:d8:f7:8d:6e:53:fa:
c4:dc:06:63:b1:c6:8d:ed:8e:09:a6:a4:24:d1:63:
f7:8f:f3:bd:0d:66:d5:39:25:9b:35:dd:93:c7:d0:
60:b1:38:80:26:ff:52:d9:a8:fc:77:9c:02:08:6c:
b1:40:01:5d:91:7e:38:3d:bc:51:cf:f9:f6:cb:cb:
36:a5:a5:e7:f6:e3:12:b9:ab:c1:ac:18:5b:6a:26:
14:52:d8:f6:85:57:66:a8:de:2e:1d:0a:aa:45:77:
64:12:dd:03:d3:48:5b:5e:25:12:c2:e8:99:70:f3:
82:3c:8d:62:19:67:d5:7b:a1:45:62:a7:b6:40:95:
8b:3d:e4:dd:1b:fc:57:fb:e8:9e:b6:51:47:cf:95:
86:cb:ad:35:94:02:db:fb:4f:92:e3:11:4e:8d:b8:
24:3b:0e:93:f2:43:0f:6a:05:43:a4:2a:b3:0a:6a:
7b:cf:a6:ab:dc:da:0a:a3:82:12:a8:45:66:45:41:
2c:c2:9c:43:86:a8:dc:6f:c6:91:69:e0:61:56:d7:
0a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:41:6E:E6:5A:5B:30:23:50:7C:3A:D4:C0:72:BC:E6:7A:13:13:CC
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/bkFu5lpbMCNQfDrUwHK85noTE8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.191.95.0-57.191.127.255
57.191.160.0/19
57.250.49.0/24
57.250.51.0/24
Signature Algorithm: sha256WithRSAEncryption
78:6f:50:e2:0f:e6:ed:36:3a:af:0c:2f:31:b9:2c:b6:d0:b0:
41:e4:9c:f0:51:3e:a9:36:b5:db:a4:15:78:0b:f8:b8:40:78:
1d:cb:9f:59:6a:1e:a4:3e:cf:ee:de:b5:9c:e3:81:91:32:f7:
37:34:03:7d:7f:be:6a:1d:d7:a3:c7:b7:7d:1f:7b:54:2c:90:
fb:ff:ff:81:76:7d:f7:78:6a:2d:f8:b2:48:8f:9b:15:69:99:
65:a0:2f:fa:d4:cb:20:39:0d:90:40:e2:ea:ee:dc:62:78:ce:
a4:36:17:cd:e3:44:89:0a:fd:ac:ee:14:61:f4:fd:9b:d7:05:
f3:af:97:30:d4:fa:86:58:60:2b:2d:ae:82:c4:92:98:2f:8a:
b3:64:21:93:40:86:c8:57:fa:de:c5:7a:bf:a3:7d:e7:10:a4:
de:32:c7:e2:26:b5:ce:e7:37:f1:d1:a5:8b:4b:3a:11:41:43:
e5:8a:94:bc:bc:54:5c:11:1a:87:6f:83:3a:6f:8f:d1:9f:c3:
3c:22:34:2f:20:59:85:b9:ca:33:f4:ed:1a:91:9b:50:68:9b:
5d:06:82:33:14:3e:d3:f4:f2:6a:73:f0:ed:d8:7a:1f:09:4f:
82:5f:60:33:bf:2c:66:04:4e:db:8b:c5:94:b5:af:c4:8b:22:
9c:8d:0c:43
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZYawm7LiNmASVpLo8BFXDWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjUwNDA5MTMzNDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQxNmVlNjVhNWIzMDIzNTA3YzNhZDRjMDcyYmNlNjdhMTMxM2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbeCQZBnUGiPEoj51+Ae+8Te1Fef
Cu0IziKXkMx5VTz6ewodWVyInShE2laJhjBqAbw86FjY941uU/rE3AZjscaN7Y4J
pqQk0WP3j/O9DWbVOSWbNd2Tx9BgsTiAJv9S2aj8d5wCCGyxQAFdkX44PbxRz/n2
y8s2paXn9uMSuavBrBhbaiYUUtj2hVdmqN4uHQqqRXdkEt0D00hbXiUSwuiZcPOC
PI1iGWfVe6FFYqe2QJWLPeTdG/xX++ietlFHz5WGy601lALb+0+S4xFOjbgkOw6T
8kMPagVDpCqzCmp7z6ar3NoKo4ISqEVmRUEswpxDhqjcb8aRaeBhVtcKGQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFG5BbuZaWzAjUHw61MByvOZ6ExPMMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvYmtGdTVscGJNQ05RZkRyVXdISzg1bm9URTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAA5v18D
BAc5vwADBAU5v6ADBAA5+jEDBAA5+jMwDQYJKoZIhvcNAQELBQADggEBAHhvUOIP
5u02Oq8MLzG5LLbQsEHknPBRPqk2tdukFXgL+LhAeB3Ln1lqHqQ+z+7etZzjgZEy
9zc0A31/vmod16PHt30fe1QskPv//4F2ffd4ai34skiPmxVpmWWgL/rUyyA5DZBA
4uru3GJ4zqQ2F83jRIkK/azuFGH0/ZvXBfOvlzDU+oZYYCstroLEkpgvirNkIZNA
hshX+t7Fer+jfecQpN4yx+Imtc7nN/HRpYtLOhFBQ+WKlLy8VFwRGodvgzpvj9Gf
wzwiNC8gWYW5yjP07RqRm1Bom10GgjMUPtP08mpz8O3Yeh8JT4JfYDO/LGYETtuL
xZS1r8SLIpyNDEM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:31 2025 by rpki-client on console.sobornost.net