Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/bbe9ff-2365-49c8-98d6-e71c317a3fa8/1/t403LtXkOSW8w7w_vK-2ppXvWVA.roa
File: t403LtXkOSW8w7w_vK-2ppXvWVA.roa (raw, json)
Hash identifier: kUS7ckaNEkh4qS4uYt0WI3yhqZiJYbt1KK2dO98adJY=
Subject key identifier: B7:8D:37:2E:D5:E4:39:25:BC:C3:BC:3F:BC:AF:B6:A6:95:EF:59:50
Certificate issuer: /CN=a63075cbb7eb1693ee71bc90e5f73dadc225d91a
Certificate serial: 019427483C1CEC289212A18A9F3019286BDE
Authority key identifier: A6:30:75:CB:B7:EB:16:93:EE:71:BC:90:E5:F7:3D:AD:C2:25:D9:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjB1y7frFpPucbyQ5fc9rcIl2Ro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/bbe9ff-2365-49c8-98d6-e71c317a3fa8/1/t403LtXkOSW8w7w_vK-2ppXvWVA.roa
Signing time: Thu 02 Jan 2025 13:50:32 +0000
ROA not before: Thu 02 Jan 2025 13:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137
IP address blocks: 192.41.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:3c:1c:ec:28:92:12:a1:8a:9f:30:19:28:6b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63075cbb7eb1693ee71bc90e5f73dadc225d91a
Validity
Not Before: Jan 2 13:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b78d372ed5e43925bcc3bc3fbcafb6a695ef5950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ab:5d:c7:17:6f:35:c8:0c:cd:46:c6:0b:17:
90:ab:3e:b5:bb:f1:17:9d:23:8e:03:89:42:4e:5e:
c6:4e:eb:a7:b7:df:db:7d:62:70:43:b1:03:4f:33:
20:88:ee:7f:44:a7:8a:23:30:05:0f:41:dc:2a:f2:
42:56:2e:31:8c:79:a9:ff:44:0c:7b:5b:7e:a6:bb:
74:b6:a7:57:0e:78:08:c7:e7:89:52:39:26:8a:08:
1a:40:9a:7c:00:ab:1c:80:60:63:be:dd:88:60:4a:
99:fa:83:e3:1d:05:49:79:75:fb:93:5f:8c:67:22:
a9:b2:0d:9a:48:45:44:27:44:d8:f1:60:10:d2:6c:
21:82:ba:5e:4b:eb:07:84:40:a7:8c:44:99:8f:db:
c3:39:21:8e:1c:73:13:b8:6d:d2:5a:91:3a:35:f8:
ea:fa:d5:76:a3:65:5e:07:c5:c1:46:c2:97:ae:11:
94:95:94:4c:f8:92:39:1c:3a:d4:e5:f4:61:2a:8a:
e3:8f:4a:08:fa:c6:46:63:29:c8:fa:5f:af:2a:7c:
41:9f:96:e7:16:3c:99:d2:b0:9a:81:8b:63:96:39:
19:36:11:a4:9a:42:ce:ae:9f:02:82:4a:72:8e:e1:
da:a6:e9:aa:d9:50:f8:c8:ea:ed:eb:ea:6b:29:85:
a3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:8D:37:2E:D5:E4:39:25:BC:C3:BC:3F:BC:AF:B6:A6:95:EF:59:50
X509v3 Authority Key Identifier:
keyid:A6:30:75:CB:B7:EB:16:93:EE:71:BC:90:E5:F7:3D:AD:C2:25:D9:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjB1y7frFpPucbyQ5fc9rcIl2Ro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/bbe9ff-2365-49c8-98d6-e71c317a3fa8/1/t403LtXkOSW8w7w_vK-2ppXvWVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/bbe9ff-2365-49c8-98d6-e71c317a3fa8/1/pjB1y7frFpPucbyQ5fc9rcIl2Ro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.41.218.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:8c:6b:d1:c1:73:79:86:f9:28:a4:01:fb:25:9a:4c:3e:13:
c1:d0:6c:f5:80:00:40:97:a7:82:67:92:24:65:24:eb:9e:42:
46:b7:b6:03:69:82:d5:d4:91:47:44:09:01:64:a3:aa:5d:46:
63:55:a5:f5:12:e8:ad:5a:42:b3:42:4c:d0:5a:c9:84:45:69:
87:46:74:1e:3e:7d:56:24:bb:fd:7f:37:09:7f:cd:a7:b5:46:
cd:dc:34:be:55:4e:e3:91:ab:32:c0:d7:93:fe:03:cb:ca:4c:
f1:16:89:30:4a:f2:6e:87:78:94:88:2e:a5:23:78:d3:e2:d9:
95:97:96:c7:d7:dd:22:07:c8:8f:7c:c0:6a:31:c4:db:5d:8f:
c4:a4:8f:25:9b:40:94:42:85:b0:a4:22:c0:15:5f:32:55:a2:
db:ed:f4:55:b2:7c:c2:1c:6c:5e:69:c6:e3:e0:96:c5:78:ab:
22:e1:2d:13:8b:d6:eb:c5:e4:55:bd:93:9d:cc:33:6f:0a:bb:
90:5d:b2:a3:17:26:5d:2a:f7:07:1b:cd:46:8e:17:19:02:40:
19:97:6c:ba:9d:be:e2:34:79:c8:9e:bf:51:c6:10:c7:08:d8:
f4:c0:87:45:8e:21:7a:1e:cd:a7:d2:36:2e:36:43:f7:5b:48:
a8:64:fb:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSDwc7CiSEqGKnzAZKGveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MzA3NWNiYjdlYjE2OTNlZTcxYmM5MGU1ZjczZGFkYzIy
NWQ5MWEwHhcNMjUwMTAyMTM1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzhkMzcyZWQ1ZTQzOTI1YmNjM2JjM2ZiY2FmYjZhNjk1ZWY1OTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqtdxxdvNcgMzUbGCxeQqz61u/EX
nSOOA4lCTl7GTuunt9/bfWJwQ7EDTzMgiO5/RKeKIzAFD0HcKvJCVi4xjHmp/0QM
e1t+prt0tqdXDngIx+eJUjkmiggaQJp8AKscgGBjvt2IYEqZ+oPjHQVJeXX7k1+M
ZyKpsg2aSEVEJ0TY8WAQ0mwhgrpeS+sHhECnjESZj9vDOSGOHHMTuG3SWpE6Nfjq
+tV2o2VeB8XBRsKXrhGUlZRM+JI5HDrU5fRhKorjj0oI+sZGYynI+l+vKnxBn5bn
FjyZ0rCagYtjljkZNhGkmkLOrp8CgkpyjuHapumq2VD4yOrt6+prKYWjPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLeNNy7V5DklvMO8P7yvtqaV71lQMB8GA1UdIwQY
MBaAFKYwdcu36xaT7nG8kOX3Pa3CJdkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGpCMXk3ZnJGcFB1Y2J5UTVmYzlyY0lsMlJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iYmU5ZmYtMjM2NS00OWM4LTk4ZDYt
ZTcxYzMxN2EzZmE4LzEvdDQwM0x0WGtPU1c4dzd3X3ZLLTJwcFh2V1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iYmU5ZmYtMjM2NS00OWM4LTk4ZDYtZTcxYzMxN2EzZmE4
LzEvcGpCMXk3ZnJGcFB1Y2J5UTVmYzlyY0lsMlJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwCnaMA0G
CSqGSIb3DQEBCwUAA4IBAQAPjGvRwXN5hvkopAH7JZpMPhPB0Gz1gABAl6eCZ5Ik
ZSTrnkJGt7YDaYLV1JFHRAkBZKOqXUZjVaX1EuitWkKzQkzQWsmERWmHRnQePn1W
JLv9fzcJf82ntUbN3DS+VU7jkasywNeT/gPLykzxFokwSvJuh3iUiC6lI3jT4tmV
l5bH190iB8iPfMBqMcTbXY/EpI8lm0CUQoWwpCLAFV8yVaLb7fRVsnzCHGxeacbj
4JbFeKsi4S0Ti9brxeRVvZOdzDNvCruQXbKjFyZdKvcHG81GjhcZAkAZl2y6nb7i
NHnInr9RxhDHCNj0wIdFjiF6Hs2n0jYuNkP3W0ioZPsn
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:28:54 2025 by rpki-client