Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/db9OeH46tzqgA4Lx9Y7WIwYTuDM.roa
File: db9OeH46tzqgA4Lx9Y7WIwYTuDM.roa (raw, json)
Hash identifier: FuLyiACFaT6BITOZPeoXwp9XiYIYBsR3kP7HfHr2tYI=
Subject key identifier: 75:BF:4E:78:7E:3A:B7:3A:A0:03:82:F1:F5:8E:D6:23:06:13:B8:33
Certificate issuer: /CN=991c934e08f57a03ef4eba36b5a4da798a252207
Certificate serial: 019423D6AD669117CCDDD792138DF0C31376
Authority key identifier: 99:1C:93:4E:08:F5:7A:03:EF:4E:BA:36:B5:A4:DA:79:8A:25:22:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mRyTTgj1egPvTro2taTaeYolIgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/db9OeH46tzqgA4Lx9Y7WIwYTuDM.roa
Signing time: Wed 01 Jan 2025 21:47:39 +0000
ROA not before: Wed 01 Jan 2025 21:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211317
IP address blocks: 193.104.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ad:66:91:17:cc:dd:d7:92:13:8d:f0:c3:13:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=991c934e08f57a03ef4eba36b5a4da798a252207
Validity
Not Before: Jan 1 21:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75bf4e787e3ab73aa00382f1f58ed6230613b833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ca:71:53:9b:21:9c:b8:e5:cc:a0:f5:dc:7f:
1b:43:69:f4:8a:e7:2e:44:b8:bc:89:ee:62:90:82:
23:80:b2:0f:07:56:07:8c:af:87:43:91:2b:6f:fd:
9f:07:f5:0e:13:74:a9:b9:f6:5d:7d:fa:9e:82:4b:
80:e1:04:77:20:55:8a:85:46:b1:b9:8d:71:94:9f:
02:45:70:bc:8e:30:65:27:d2:38:87:02:75:7b:2b:
89:a1:5f:2c:a3:21:49:be:cd:79:ca:94:9d:71:3c:
30:0e:88:6a:95:d3:52:51:67:3e:b3:8c:82:68:3b:
cf:5b:16:ef:3c:96:44:e6:b0:57:66:0a:bc:25:bd:
52:48:f1:19:52:f7:7a:f0:76:db:50:bb:0e:eb:31:
06:28:f9:0b:c6:e0:46:bc:4d:61:4c:95:59:32:c5:
8c:9c:8e:ad:e8:83:70:58:01:fd:1d:50:f0:35:49:
c8:ff:c8:0d:ba:4d:c3:4e:61:52:95:18:3e:3d:48:
f1:72:8f:67:4a:ac:14:bb:54:d6:c4:d7:3e:13:88:
3c:e7:a1:9c:d9:59:72:7b:fa:12:98:8f:05:bc:ce:
77:90:93:06:73:88:ca:5f:54:8c:31:56:92:cc:77:
ee:96:22:4a:88:15:7b:f6:ea:cf:60:4b:13:85:05:
b4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:BF:4E:78:7E:3A:B7:3A:A0:03:82:F1:F5:8E:D6:23:06:13:B8:33
X509v3 Authority Key Identifier:
keyid:99:1C:93:4E:08:F5:7A:03:EF:4E:BA:36:B5:A4:DA:79:8A:25:22:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mRyTTgj1egPvTro2taTaeYolIgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/db9OeH46tzqgA4Lx9Y7WIwYTuDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/mRyTTgj1egPvTro2taTaeYolIgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.158.0/24
Signature Algorithm: sha256WithRSAEncryption
65:48:31:e4:36:e3:ff:38:a7:27:a9:d0:a3:cb:6e:1e:48:4f:
c4:76:5a:47:74:71:d6:6c:12:45:78:fc:f2:95:a3:e3:89:31:
42:79:ca:5c:bc:66:89:e1:2f:be:16:a3:4c:10:5e:0e:60:21:
8f:a3:7d:29:c5:ad:0f:5f:c9:06:c8:ff:ba:aa:ac:21:fa:0c:
c4:13:a4:12:b8:48:0b:45:da:d0:cd:66:5f:e7:2f:09:0e:73:
3f:1f:a6:23:96:16:fc:f3:65:4e:4a:5d:46:75:a6:ac:ba:43:
85:e6:4a:71:f3:ae:82:f1:55:3f:cd:1a:3f:6f:58:ba:e1:69:
a9:3a:05:c4:95:9e:71:1b:06:f8:38:3f:15:07:27:02:b2:8a:
b6:21:35:da:e1:2b:0d:22:fd:ac:9b:43:48:d8:c1:ad:e7:f3:
46:a5:01:4b:71:7d:64:a1:67:ad:4a:01:e9:65:67:13:f0:2d:
0f:86:51:83:5e:c1:ce:d3:4a:f0:a8:25:ab:61:57:45:66:af:
ed:51:e7:1c:9f:5a:1d:70:da:10:6a:1d:d7:03:f7:43:54:b0:
d4:11:d6:b9:de:bc:53:da:7c:cd:46:a0:65:ca:88:42:28:69:
c9:cf:b5:3f:09:cf:d9:ef:8b:a6:50:db:f7:08:6b:9f:03:c9:
c2:44:0f:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1q1mkRfM3deSE43wwxN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MWM5MzRlMDhmNTdhMDNlZjRlYmEzNmI1YTRkYTc5OGEy
NTIyMDcwHhcNMjUwMTAxMjE0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWJmNGU3ODdlM2FiNzNhYTAwMzgyZjFmNThlZDYyMzA2MTNiODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsspxU5shnLjlzKD13H8bQ2n0iucu
RLi8ie5ikIIjgLIPB1YHjK+HQ5Erb/2fB/UOE3SpufZdffqegkuA4QR3IFWKhUax
uY1xlJ8CRXC8jjBlJ9I4hwJ1eyuJoV8soyFJvs15ypSdcTwwDohqldNSUWc+s4yC
aDvPWxbvPJZE5rBXZgq8Jb1SSPEZUvd68HbbULsO6zEGKPkLxuBGvE1hTJVZMsWM
nI6t6INwWAH9HVDwNUnI/8gNuk3DTmFSlRg+PUjxco9nSqwUu1TWxNc+E4g856Gc
2Vlye/oSmI8FvM53kJMGc4jKX1SMMVaSzHfuliJKiBV79urPYEsThQW0dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHW/Tnh+Orc6oAOC8fWO1iMGE7gzMB8GA1UdIwQY
MBaAFJkck04I9XoD7066NrWk2nmKJSIHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVJ5VFRnajFlZ1B2VHJvMnRhVGFlWW9sSWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8wNGMyMzktODg2OS00NmUyLTk1Yjct
OTNiMzkyNTI1MTc1LzEvZGI5T2VINDZ0enFnQTRMeDlZN1dJd1lUdURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8wNGMyMzktODg2OS00NmUyLTk1YjctOTNiMzkyNTI1MTc1
LzEvbVJ5VFRnajFlZ1B2VHJvMnRhVGFlWW9sSWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWieMA0G
CSqGSIb3DQEBCwUAA4IBAQBlSDHkNuP/OKcnqdCjy24eSE/EdlpHdHHWbBJFePzy
laPjiTFCecpcvGaJ4S++FqNMEF4OYCGPo30pxa0PX8kGyP+6qqwh+gzEE6QSuEgL
RdrQzWZf5y8JDnM/H6Yjlhb882VOSl1GdaasukOF5kpx866C8VU/zRo/b1i64Wmp
OgXElZ5xGwb4OD8VBycCsoq2ITXa4SsNIv2sm0NI2MGt5/NGpQFLcX1koWetSgHp
ZWcT8C0PhlGDXsHO00rwqCWrYVdFZq/tUeccn1odcNoQah3XA/dDVLDUEda53rxT
2nzNRqBlyohCKGnJz7U/Cc/Z74umUNv3CGufA8nCRA+A
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:45:40 2025 by rpki-client