Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/dae8b0-97d0-48d4-9b26-0137b1f75d02/1/p68H3uMjio8Wt8Lw5I34yYxIxUU.roa
File: p68H3uMjio8Wt8Lw5I34yYxIxUU.roa (raw, json)
Hash identifier: Cl/bx139AnmJ9IE64HvUFHSswl0yNbebsilLqxaX8Po=
Subject key identifier: A7:AF:07:DE:E3:23:8A:8F:16:B7:C2:F0:E4:8D:F8:C9:8C:48:C5:45
Certificate issuer: /CN=248f5e26f1c08f4486c9911c8b609eae8b6cb74d
Certificate serial: 01942369ACD2BC7F34BC63888101FCA76383
Authority key identifier: 24:8F:5E:26:F1:C0:8F:44:86:C9:91:1C:8B:60:9E:AE:8B:6C:B7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JI9eJvHAj0SGyZEci2Cerotst00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/dae8b0-97d0-48d4-9b26-0137b1f75d02/1/p68H3uMjio8Wt8Lw5I34yYxIxUU.roa
Signing time: Wed 01 Jan 2025 19:48:35 +0000
ROA not before: Wed 01 Jan 2025 19:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39679
IP address blocks: 193.188.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:ac:d2:bc:7f:34:bc:63:88:81:01:fc:a7:63:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=248f5e26f1c08f4486c9911c8b609eae8b6cb74d
Validity
Not Before: Jan 1 19:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7af07dee3238a8f16b7c2f0e48df8c98c48c545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5e:88:d4:26:d2:26:b9:e8:a8:67:c9:fa:c0:
30:80:75:31:8b:82:f3:2e:99:18:f8:73:8a:90:5b:
c9:4b:4e:88:11:77:6b:96:8c:4c:c5:89:65:88:3e:
e4:6e:81:33:a7:aa:e8:37:3c:dc:0e:48:ff:36:05:
b5:95:3b:99:9d:4f:4f:1c:f3:74:90:cf:25:cb:24:
58:bf:d1:0d:9b:f8:d7:8a:d9:63:1c:b9:d6:30:e4:
47:63:ed:2d:60:52:5a:54:8f:51:bc:f6:a3:0c:08:
2d:72:b0:6f:50:5d:ec:d0:85:d8:8a:bd:ff:37:12:
97:36:df:ec:51:32:ee:7f:50:f7:05:fb:39:d6:35:
7c:87:e0:4b:63:56:e6:57:62:11:bf:67:c9:a1:dd:
f8:17:30:36:f3:a1:60:ab:8d:f8:67:89:9f:90:32:
9a:b9:1e:03:a1:e8:02:94:8c:f3:2a:c1:87:79:1b:
82:5c:8d:8e:e5:ea:4f:26:8e:16:24:5e:30:11:bc:
83:ec:66:90:13:f6:5f:f3:22:d6:7d:31:ab:8a:7c:
1c:38:c4:7e:59:e7:85:8e:23:99:49:a7:0a:8d:5c:
61:5e:46:eb:ef:4f:54:b6:9a:98:4b:a3:70:a1:8f:
db:28:f4:78:74:fb:d6:d0:78:3f:73:eb:f6:c7:d7:
e1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:AF:07:DE:E3:23:8A:8F:16:B7:C2:F0:E4:8D:F8:C9:8C:48:C5:45
X509v3 Authority Key Identifier:
keyid:24:8F:5E:26:F1:C0:8F:44:86:C9:91:1C:8B:60:9E:AE:8B:6C:B7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JI9eJvHAj0SGyZEci2Cerotst00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/dae8b0-97d0-48d4-9b26-0137b1f75d02/1/p68H3uMjio8Wt8Lw5I34yYxIxUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/dae8b0-97d0-48d4-9b26-0137b1f75d02/1/JI9eJvHAj0SGyZEci2Cerotst00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.188.192.0/24
Signature Algorithm: sha256WithRSAEncryption
06:51:03:b9:e9:25:7b:84:52:7f:dc:33:14:68:47:c8:ff:bf:
80:6a:a9:e8:94:19:6f:5a:c8:c8:61:08:f0:5d:77:64:49:92:
f8:60:2a:54:df:83:44:7e:65:c0:16:db:0d:20:c5:34:31:54:
fd:12:cb:c4:6a:55:43:3c:ef:d2:9d:53:d0:76:40:4a:a3:c3:
11:84:79:76:f6:0b:cc:62:41:9b:00:ca:06:31:e3:ea:af:0f:
81:a1:73:f8:6e:29:f9:a5:cd:63:d5:c3:03:6c:06:ae:4e:3c:
6f:5b:5d:82:58:c5:a6:05:cf:0c:1f:e1:79:e2:a3:f8:d8:5a:
40:24:f9:29:69:e2:f4:8a:1b:13:8d:3f:5e:aa:df:a6:01:f0:
39:60:c5:03:ee:a2:61:26:64:4c:fd:f4:5a:4a:87:a4:a7:75:
c0:ac:ce:38:e7:d3:f7:e3:13:65:bd:99:73:31:4c:cb:39:34:
4e:47:ee:37:9e:a8:fa:2d:25:6a:63:1b:0a:d1:b3:64:05:75:
c1:e6:e6:13:ad:61:24:2c:fb:a5:5d:8e:f3:e3:50:94:81:15:
b5:4b:f3:13:3c:9c:26:e5:05:b8:03:07:8d:f8:2c:c1:20:aa:
b9:12:05:4b:19:4c:52:75:9b:54:95:e9:e3:f7:79:4f:52:1b:
ff:78:7c:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaazSvH80vGOIgQH8p2ODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0OGY1ZTI2ZjFjMDhmNDQ4NmM5OTExYzhiNjA5ZWFlOGI2
Y2I3NGQwHhcNMjUwMTAxMTk0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2FmMDdkZWUzMjM4YThmMTZiN2MyZjBlNDhkZjhjOThjNDhjNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1V6I1CbSJrnoqGfJ+sAwgHUxi4Lz
LpkY+HOKkFvJS06IEXdrloxMxYlliD7kboEzp6roNzzcDkj/NgW1lTuZnU9PHPN0
kM8lyyRYv9ENm/jXitljHLnWMORHY+0tYFJaVI9RvPajDAgtcrBvUF3s0IXYir3/
NxKXNt/sUTLuf1D3Bfs51jV8h+BLY1bmV2IRv2fJod34FzA286Fgq434Z4mfkDKa
uR4DoegClIzzKsGHeRuCXI2O5epPJo4WJF4wEbyD7GaQE/Zf8yLWfTGrinwcOMR+
WeeFjiOZSacKjVxhXkbr709UtpqYS6NwoY/bKPR4dPvW0Hg/c+v2x9fhXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKevB97jI4qPFrfC8OSN+MmMSMVFMB8GA1UdIwQY
MBaAFCSPXibxwI9EhsmRHItgnq6LbLdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkk5ZUp2SEFqMFNHeVpFY2kyQ2Vyb3RzdDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9kYWU4YjAtOTdkMC00OGQ0LTliMjYt
MDEzN2IxZjc1ZDAyLzEvcDY4SDN1TWppbzhXdDhMdzVJMzR5WXhJeFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9kYWU4YjAtOTdkMC00OGQ0LTliMjYtMDEzN2IxZjc1ZDAy
LzEvSkk5ZUp2SEFqMFNHeVpFY2kyQ2Vyb3RzdDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbzAMA0G
CSqGSIb3DQEBCwUAA4IBAQAGUQO56SV7hFJ/3DMUaEfI/7+AaqnolBlvWsjIYQjw
XXdkSZL4YCpU34NEfmXAFtsNIMU0MVT9EsvEalVDPO/SnVPQdkBKo8MRhHl29gvM
YkGbAMoGMePqrw+BoXP4bin5pc1j1cMDbAauTjxvW12CWMWmBc8MH+F54qP42FpA
JPkpaeL0ihsTjT9eqt+mAfA5YMUD7qJhJmRM/fRaSoekp3XArM4459P34xNlvZlz
MUzLOTROR+43nqj6LSVqYxsK0bNkBXXB5uYTrWEkLPulXY7z41CUgRW1S/MTPJwm
5QW4AweN+CzBIKq5EgVLGUxSdZtUlenj93lPUhv/eHwl
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:44:00 2025 by rpki-client