Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/2r58NpxvTCdcnNGrjt0v-zkeUtY.roa
File: 2r58NpxvTCdcnNGrjt0v-zkeUtY.roa (raw, json)
Hash identifier: TkXA680kjgu+5bXWMHrgD9kPPHcPEiisIsJWWTeRFzw=
Subject key identifier: DA:BE:7C:36:9C:6F:4C:27:5C:9C:D1:AB:8E:DD:2F:FB:39:1E:52:D6
Certificate issuer: /CN=a2c891100e500fb5c64f30f1603fe545dab49016
Certificate serial: 01942369FF86AA15DA46F2BC41EF71D14987
Authority key identifier: A2:C8:91:10:0E:50:0F:B5:C6:4F:30:F1:60:3F:E5:45:DA:B4:90:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/osiREA5QD7XGTzDxYD_lRdq0kBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/2r58NpxvTCdcnNGrjt0v-zkeUtY.roa
Signing time: Wed 01 Jan 2025 19:48:56 +0000
ROA not before: Wed 01 Jan 2025 19:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49850
IP address blocks: 193.202.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:ff:86:aa:15:da:46:f2:bc:41:ef:71:d1:49:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2c891100e500fb5c64f30f1603fe545dab49016
Validity
Not Before: Jan 1 19:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dabe7c369c6f4c275c9cd1ab8edd2ffb391e52d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:0c:94:b6:90:53:fb:d1:7b:72:16:d3:2f:83:
12:84:be:b4:3c:e5:52:ef:92:9a:cf:bb:3c:e0:6c:
a3:fa:c7:23:87:b1:72:48:0f:ff:29:b1:5b:35:46:
96:2f:7b:fb:61:1d:f6:ac:57:24:1f:14:1a:b7:95:
c1:85:74:8e:3b:d3:c2:a9:1e:50:7b:70:62:4a:81:
0b:dc:e1:a3:f2:a1:61:00:13:b9:e1:30:22:2b:93:
ba:e1:11:52:61:63:65:23:34:04:fb:df:1d:1b:3e:
4f:66:9d:c6:0a:5d:12:18:c0:e2:a6:93:0f:12:36:
3d:16:cf:c1:e2:ee:c6:9a:c7:f7:76:15:65:1d:ee:
31:1c:40:71:a5:8e:ef:c1:26:ac:a2:09:9c:5d:bb:
82:97:40:84:49:cf:a2:c3:7f:ed:50:1c:19:80:c9:
9b:b7:1f:cc:6c:f0:96:d6:93:a7:40:f6:78:d4:ef:
6c:f1:80:1c:ef:ed:aa:a5:ce:eb:f9:8e:e4:22:cc:
5b:3a:4a:2c:8d:94:8d:49:70:76:07:bf:4c:81:ae:
66:a4:7c:ea:10:09:46:83:d4:16:ba:2b:41:a8:13:
e7:19:11:70:31:30:96:48:bf:5e:72:28:46:ae:87:
d3:be:c2:5a:88:c8:82:c2:17:65:ad:1f:e6:86:1a:
ff:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:BE:7C:36:9C:6F:4C:27:5C:9C:D1:AB:8E:DD:2F:FB:39:1E:52:D6
X509v3 Authority Key Identifier:
keyid:A2:C8:91:10:0E:50:0F:B5:C6:4F:30:F1:60:3F:E5:45:DA:B4:90:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/osiREA5QD7XGTzDxYD_lRdq0kBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/2r58NpxvTCdcnNGrjt0v-zkeUtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/osiREA5QD7XGTzDxYD_lRdq0kBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.108.0/24
Signature Algorithm: sha256WithRSAEncryption
81:c7:ba:24:3a:56:47:3a:f8:b2:0a:e8:53:7a:90:45:b3:7f:
79:91:06:53:c1:cc:21:ec:01:5f:e8:7b:8b:15:19:e3:ba:a0:
71:df:44:6b:b5:b2:c7:f5:3b:e2:68:a4:e6:06:e6:b9:5d:8f:
0d:d9:82:bf:e8:4a:95:db:e8:d3:c8:d0:ff:86:ff:91:b4:3c:
fb:51:ed:34:4d:7e:55:14:d5:00:10:80:eb:45:82:29:45:19:
25:ef:b8:a9:e4:96:c5:03:e2:a5:01:39:7e:ee:b5:8f:49:0a:
3f:35:82:db:d6:c3:fe:fd:fd:fb:0c:12:78:64:3d:d8:d6:05:
f5:f4:23:89:87:93:22:7e:3b:cc:0b:58:3e:86:bd:10:9e:ec:
ac:d6:4d:47:c7:b5:71:73:27:a7:73:d9:0f:aa:53:85:8f:87:
cf:3a:cc:7a:2c:61:60:20:a3:f9:02:59:c3:9c:28:77:50:23:
22:ef:c7:ba:f9:cd:ba:9f:b8:b0:b8:df:20:be:8c:4e:c9:b7:
b7:0d:c5:36:f5:d8:27:82:70:2a:8d:78:a1:70:1c:b5:43:6f:
f4:b0:1b:58:d9:0d:58:4c:5a:04:ab:21:40:25:41:bc:7d:b3:
23:aa:74:e3:3c:22:00:2f:80:53:79:95:04:1e:6b:ab:06:48:
a2:e9:57:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaf+GqhXaRvK8Qe9x0UmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYzg5MTEwMGU1MDBmYjVjNjRmMzBmMTYwM2ZlNTQ1ZGFi
NDkwMTYwHhcNMjUwMTAxMTk0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWJlN2MzNjljNmY0YzI3NWM5Y2QxYWI4ZWRkMmZmYjM5MWU1MmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6wyUtpBT+9F7chbTL4MShL60POVS
75Kaz7s84Gyj+scjh7FySA//KbFbNUaWL3v7YR32rFckHxQat5XBhXSOO9PCqR5Q
e3BiSoEL3OGj8qFhABO54TAiK5O64RFSYWNlIzQE+98dGz5PZp3GCl0SGMDippMP
EjY9Fs/B4u7Gmsf3dhVlHe4xHEBxpY7vwSasogmcXbuCl0CESc+iw3/tUBwZgMmb
tx/MbPCW1pOnQPZ41O9s8YAc7+2qpc7r+Y7kIsxbOkosjZSNSXB2B79Mga5mpHzq
EAlGg9QWuitBqBPnGRFwMTCWSL9ecihGrofTvsJaiMiCwhdlrR/mhhr/7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNq+fDacb0wnXJzRq47dL/s5HlLWMB8GA1UdIwQY
MBaAFKLIkRAOUA+1xk8w8WA/5UXatJAWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3NpUkVBNVFEN1hHVHpEeFlEX2xSZHEwa0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yOGI1NmMtNmFhYy00OGQ3LWFiYTIt
OGNhMGM5MGY1NzdlLzEvMnI1OE5weHZUQ2Rjbk5Hcmp0MHYtemtlVXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8yOGI1NmMtNmFhYy00OGQ3LWFiYTItOGNhMGM5MGY1Nzdl
LzEvb3NpUkVBNVFEN1hHVHpEeFlEX2xSZHEwa0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcpsMA0G
CSqGSIb3DQEBCwUAA4IBAQCBx7okOlZHOviyCuhTepBFs395kQZTwcwh7AFf6HuL
FRnjuqBx30RrtbLH9TviaKTmBua5XY8N2YK/6EqV2+jTyND/hv+RtDz7Ue00TX5V
FNUAEIDrRYIpRRkl77ip5JbFA+KlATl+7rWPSQo/NYLb1sP+/f37DBJ4ZD3Y1gX1
9COJh5MifjvMC1g+hr0Qnuys1k1Hx7Vxcyenc9kPqlOFj4fPOsx6LGFgIKP5AlnD
nCh3UCMi78e6+c26n7iwuN8gvoxOybe3DcU29dgngnAqjXihcBy1Q2/0sBtY2Q1Y
TFoEqyFAJUG8fbMjqnTjPCIAL4BTeZUEHmurBkii6Vdc
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:56:04 2025 by rpki-client