Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/jlKsVMX7wEteoIWfSN3Uc9eAuVQ.roa
File: jlKsVMX7wEteoIWfSN3Uc9eAuVQ.roa (raw, json)
Hash identifier: 5HOZUuYu7Rw+ksliSgplThO4PdfYnW2rqUfOLfK21mA=
Subject key identifier: 8E:52:AC:54:C5:FB:C0:4B:5E:A0:85:9F:48:DD:D4:73:D7:80:B9:54
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 019427B60BD86D0475F290698E7C6261160B
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/jlKsVMX7wEteoIWfSN3Uc9eAuVQ.roa
Signing time: Thu 02 Jan 2025 15:50:29 +0000
ROA not before: Thu 02 Jan 2025 15:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8595
IP address blocks: 82.194.242.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:0b:d8:6d:04:75:f2:90:69:8e:7c:62:61:16:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 2 15:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e52ac54c5fbc04b5ea0859f48ddd473d780b954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a0:08:f8:a1:18:cc:67:0a:5b:88:f4:36:b4:
04:57:3d:41:88:0e:7d:5c:e6:56:07:95:00:72:71:
cb:cf:9f:d8:92:ff:86:25:f9:a3:77:0f:ca:e8:6a:
a0:a7:3d:56:71:fa:4d:43:f0:10:2b:ed:51:d3:5a:
04:9b:f2:94:cd:21:0f:d4:71:2c:03:87:72:22:cf:
4f:8f:96:96:cf:cb:8a:9d:22:c6:52:9f:48:49:a4:
1c:5d:84:99:c9:8e:9d:51:fa:a2:32:b8:62:cb:6d:
29:a5:4c:c0:75:6f:76:17:0c:47:97:5f:3a:2e:80:
73:33:ea:2a:0f:36:3e:21:c8:e1:38:e9:bb:a5:79:
98:9e:63:66:23:92:8d:28:37:26:c9:d9:5d:2b:4c:
ee:d7:c7:0d:0b:48:5f:87:14:e6:ee:fc:4a:7c:1b:
97:45:74:8f:cf:b2:7f:11:26:f8:40:0a:e3:59:8d:
a5:c4:78:0e:02:f5:ce:8d:90:af:af:29:b5:1b:35:
e6:80:63:01:7f:bc:ff:1a:a9:e9:83:9b:3d:c1:a9:
da:ea:35:8c:71:9c:90:35:06:5d:11:90:fb:96:b5:
4f:2a:a6:83:24:83:4e:9b:87:fa:70:4c:de:7b:86:
b1:9f:e7:a2:fc:f3:e9:af:cf:1c:59:5f:1c:7b:37:
3a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:52:AC:54:C5:FB:C0:4B:5E:A0:85:9F:48:DD:D4:73:D7:80:B9:54
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/jlKsVMX7wEteoIWfSN3Uc9eAuVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.194.242.0/23
Signature Algorithm: sha256WithRSAEncryption
82:cf:32:39:70:a9:dc:eb:a3:05:cb:c7:4b:4b:0a:ac:57:18:
ca:e2:21:49:99:fb:8d:e9:7a:03:eb:86:d2:fa:63:2c:19:d0:
0a:80:a3:bc:9e:cb:12:54:f7:84:7b:1f:2a:a2:f6:67:79:35:
00:e8:ef:8d:ac:f9:8a:30:e9:b4:59:b4:c6:68:b5:2a:85:28:
97:d4:c1:37:48:05:88:0d:08:91:93:af:ba:ef:5e:ea:58:0b:
9e:2b:1f:89:64:cf:b2:d9:e5:38:c1:e0:cd:0d:c4:68:33:c7:
a3:12:b1:e9:d4:0b:cb:2f:dc:9f:49:37:68:47:a9:9c:06:ce:
f4:b0:37:f7:d3:b0:dc:7b:2b:da:72:8f:d0:62:cf:69:6f:ac:
22:a4:a6:e4:c1:54:fb:5a:b9:03:f7:f3:af:14:79:3c:21:42:
ac:f3:46:25:2e:32:03:39:22:91:64:69:3e:66:c2:26:f6:bb:
84:4d:cc:2a:3e:24:6e:45:08:d1:3b:83:4f:5b:ee:63:d0:1a:
0d:d1:a4:e4:15:26:49:c9:c4:ea:ac:c7:3e:40:dc:6d:70:11:
e0:9e:4e:85:29:b5:9c:36:6e:97:da:b6:6a:06:24:7d:f9:02:
02:20:77:de:04:5c:11:83:b7:ba:6c:6d:ad:bb:cb:09:df:67:
9a:92:c7:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntgvYbQR18pBpjnxiYRYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjUwMTAyMTU1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTUyYWM1NGM1ZmJjMDRiNWVhMDg1OWY0OGRkZDQ3M2Q3ODBiOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaAI+KEYzGcKW4j0NrQEVz1BiA59
XOZWB5UAcnHLz5/Ykv+GJfmjdw/K6Gqgpz1WcfpNQ/AQK+1R01oEm/KUzSEP1HEs
A4dyIs9Pj5aWz8uKnSLGUp9ISaQcXYSZyY6dUfqiMrhiy20ppUzAdW92FwxHl186
LoBzM+oqDzY+IcjhOOm7pXmYnmNmI5KNKDcmydldK0zu18cNC0hfhxTm7vxKfBuX
RXSPz7J/ESb4QArjWY2lxHgOAvXOjZCvrym1GzXmgGMBf7z/Gqnpg5s9wana6jWM
cZyQNQZdEZD7lrVPKqaDJINOm4f6cEzee4axn+ei/PPpr88cWV8cezc6cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI5SrFTF+8BLXqCFn0jd1HPXgLlUMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvamxLc1ZNWDd3RXRlb0lXZlNOM1VjOWVBdVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUsLyMA0G
CSqGSIb3DQEBCwUAA4IBAQCCzzI5cKnc66MFy8dLSwqsVxjK4iFJmfuN6XoD64bS
+mMsGdAKgKO8nssSVPeEex8qovZneTUA6O+NrPmKMOm0WbTGaLUqhSiX1ME3SAWI
DQiRk6+6717qWAueKx+JZM+y2eU4weDNDcRoM8ejErHp1AvLL9yfSTdoR6mcBs70
sDf307Dceyvaco/QYs9pb6wipKbkwVT7WrkD9/OvFHk8IUKs80YlLjIDOSKRZGk+
ZsIm9ruETcwqPiRuRQjRO4NPW+5j0BoN0aTkFSZJycTqrMc+QNxtcBHgnk6FKbWc
Nm6X2rZqBiR9+QICIHfeBFwRg7e6bG2tu8sJ32eaksdV
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:54:23 2025 by rpki-client