Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/sayECznhSIzMnJpVagOHebCR_x0.roa
File: sayECznhSIzMnJpVagOHebCR_x0.roa (raw, json)
Hash identifier: hUIe0JVfYeAbZr+iALwcU4dqSjQhm3L+k0UihQEwCkI=
Subject key identifier: B1:AC:84:0B:39:E1:48:8C:CC:9C:9A:55:6A:03:87:79:B0:91:FF:1D
Certificate issuer: /CN=46a4b35c8e0256eaa2fbf751e6c01e5e909c0a1f
Certificate serial: 0194252167F6C54141563D001CD479206FC6
Authority key identifier: 46:A4:B3:5C:8E:02:56:EA:A2:FB:F7:51:E6:C0:1E:5E:90:9C:0A:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RqSzXI4CVuqi-_dR5sAeXpCcCh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/sayECznhSIzMnJpVagOHebCR_x0.roa
Signing time: Thu 02 Jan 2025 03:48:53 +0000
ROA not before: Thu 02 Jan 2025 03:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209311
IP address blocks: 193.111.211.0/24 maxlen: 24
2a0a:8ac0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:67:f6:c5:41:41:56:3d:00:1c:d4:79:20:6f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46a4b35c8e0256eaa2fbf751e6c01e5e909c0a1f
Validity
Not Before: Jan 2 03:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1ac840b39e1488ccc9c9a556a038779b091ff1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:29:2b:2c:0e:57:94:13:fd:6b:b8:16:5f:c8:
76:03:a3:01:df:8b:3c:39:03:0a:de:b5:93:74:47:
a4:4d:ad:ba:99:b3:6e:2c:8f:5d:d0:17:72:3f:45:
fa:cd:ec:19:8c:51:b9:5a:fd:84:97:7e:e2:d1:7b:
8c:64:55:fe:11:ab:8c:06:3b:00:a6:d2:3e:41:81:
fe:67:ed:55:54:6e:a9:d1:32:6d:3d:5c:99:ed:01:
a9:c5:6b:89:8c:c6:49:52:f3:0d:77:fa:96:4e:ad:
62:5b:2d:a8:97:78:3e:85:4f:c4:7d:49:ab:8a:5b:
fe:b5:9f:35:1b:98:ca:30:45:2e:6e:bf:63:66:92:
cb:3a:bc:f6:7f:92:7f:c7:49:75:08:9c:77:f7:61:
2d:87:08:e6:8c:08:d2:b9:d0:39:67:7c:16:a1:6c:
f4:b6:16:45:fd:cd:51:fb:fe:a9:1a:b1:40:63:8f:
e0:f8:03:88:6a:49:53:6c:c9:0a:52:52:f8:80:38:
de:ef:e9:9b:87:6f:0d:9e:1d:85:7a:4e:3c:2f:ee:
92:72:c2:c7:5e:fb:cd:40:eb:ec:da:93:42:ef:f9:
f4:f0:56:0f:33:7a:a8:3d:c7:50:b3:dc:43:bc:11:
50:2a:a5:36:0f:05:f4:02:c8:ab:12:7f:a3:22:70:
68:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:AC:84:0B:39:E1:48:8C:CC:9C:9A:55:6A:03:87:79:B0:91:FF:1D
X509v3 Authority Key Identifier:
keyid:46:A4:B3:5C:8E:02:56:EA:A2:FB:F7:51:E6:C0:1E:5E:90:9C:0A:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RqSzXI4CVuqi-_dR5sAeXpCcCh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/sayECznhSIzMnJpVagOHebCR_x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/RqSzXI4CVuqi-_dR5sAeXpCcCh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.211.0/24
IPv6:
2a0a:8ac0::/29
Signature Algorithm: sha256WithRSAEncryption
24:71:98:d7:3e:1c:f8:29:37:d8:6b:8a:6f:3d:58:bb:55:9d:
53:d4:ee:80:85:1b:8d:0a:3c:66:d3:2d:88:01:51:44:1f:74:
74:e4:ef:aa:32:c4:cb:37:b2:11:98:8d:14:a8:5e:8d:d4:b5:
d4:a1:27:08:76:67:25:01:1f:e4:a8:d5:2a:43:7c:41:94:3e:
cd:17:68:0c:ab:0c:02:bf:f3:28:8d:bd:fd:1d:e0:3d:7c:b4:
e2:e0:69:ca:46:67:15:c2:81:a1:62:9a:60:fd:75:43:89:02:
a4:24:8f:8c:ad:3f:33:28:f3:81:e3:9c:2e:72:d3:89:ec:f8:
96:05:a6:0b:1d:a9:02:57:86:be:83:45:f8:e7:03:ad:e2:d2:
c1:f2:f1:9e:35:06:8a:ec:e7:43:5f:58:f9:3d:fe:4d:49:35:
b1:29:24:98:69:15:18:eb:b9:d4:56:24:a5:b4:e0:d6:81:e4:
bf:c8:73:a0:e1:77:64:03:e1:b0:93:59:5d:9f:c1:bc:d3:5d:
21:0c:79:ad:8e:63:9d:bf:aa:5e:ea:a6:74:23:86:cc:94:0d:
44:bd:91:e5:df:2d:26:31:d7:20:8a:0a:00:45:b4:27:c4:b7:
8c:c7:62:59:81:9f:c7:80:eb:a8:c7:84:75:ec:4e:ed:9e:ef:
b4:2f:c9:b9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIWf2xUFBVj0AHNR5IG/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YTRiMzVjOGUwMjU2ZWFhMmZiZjc1MWU2YzAxZTVlOTA5
YzBhMWYwHhcNMjUwMTAyMDM0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWFjODQwYjM5ZTE0ODhjY2M5YzlhNTU2YTAzODc3OWIwOTFmZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoikrLA5XlBP9a7gWX8h2A6MB34s8
OQMK3rWTdEekTa26mbNuLI9d0BdyP0X6zewZjFG5Wv2El37i0XuMZFX+EauMBjsA
ptI+QYH+Z+1VVG6p0TJtPVyZ7QGpxWuJjMZJUvMNd/qWTq1iWy2ol3g+hU/EfUmr
ilv+tZ81G5jKMEUubr9jZpLLOrz2f5J/x0l1CJx392EthwjmjAjSudA5Z3wWoWz0
thZF/c1R+/6pGrFAY4/g+AOIaklTbMkKUlL4gDje7+mbh28Nnh2Fek48L+6ScsLH
XvvNQOvs2pNC7/n08FYPM3qoPcdQs9xDvBFQKqU2DwX0AsirEn+jInBo/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLGshAs54UiMzJyaVWoDh3mwkf8dMB8GA1UdIwQY
MBaAFEaks1yOAlbqovv3UebAHl6QnAofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnFTelhJNENWdXFpLV9kUjVzQWVYcENjQ2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xMTkxZDYtNTQyMy00MmNmLThmNmIt
MTE3ODg2ZWI3ZDY3LzEvc2F5RUN6bmhTSXpNbkpwVmFnT0hlYkNSX3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xMTkxZDYtNTQyMy00MmNmLThmNmItMTE3ODg2ZWI3ZDY3
LzEvUnFTelhJNENWdXFpLV9kUjVzQWVYcENjQ2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwW/TMA0E
AgACMAcDBQMqCorAMA0GCSqGSIb3DQEBCwUAA4IBAQAkcZjXPhz4KTfYa4pvPVi7
VZ1T1O6AhRuNCjxm0y2IAVFEH3R05O+qMsTLN7IRmI0UqF6N1LXUoScIdmclAR/k
qNUqQ3xBlD7NF2gMqwwCv/Mojb39HeA9fLTi4GnKRmcVwoGhYppg/XVDiQKkJI+M
rT8zKPOB45wuctOJ7PiWBaYLHakCV4a+g0X45wOt4tLB8vGeNQaK7OdDX1j5Pf5N
STWxKSSYaRUY67nUViSltODWgeS/yHOg4XdkA+Gwk1ldn8G8010hDHmtjmOdv6pe
6qZ0I4bMlA1EvZHl3y0mMdcgigoARbQnxLeMx2JZgZ/HgOuox4R17E7tnu+0L8m5
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:59:16 2025 by rpki-client