Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/8bcaba-38ad-4051-b414-94d37e9595c1/1/jrw3uqdkA6aKRrYyLdhJsdQJmwE.roa
File: jrw3uqdkA6aKRrYyLdhJsdQJmwE.roa (raw, json)
Hash identifier: E/ICIdLuVq2VYN9ruBUIoxT9BQwq5xAlmJn8kVZHVXc=
Subject key identifier: 8E:BC:37:BA:A7:64:03:A6:8A:46:B6:32:2D:D8:49:B1:D4:09:9B:01
Certificate issuer: /CN=3d8afec17a41b39dbf69013eca167bdf63aa865d
Certificate serial: 0194258F1E7101699BD32B7F2C88382D23D7
Authority key identifier: 3D:8A:FE:C1:7A:41:B3:9D:BF:69:01:3E:CA:16:7B:DF:63:AA:86:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYr-wXpBs52_aQE-yhZ732Oqhl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/8bcaba-38ad-4051-b414-94d37e9595c1/1/jrw3uqdkA6aKRrYyLdhJsdQJmwE.roa
Signing time: Thu 02 Jan 2025 05:48:43 +0000
ROA not before: Thu 02 Jan 2025 05:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41337
IP address blocks: 194.9.2.0/23 maxlen: 23
2a07:2fc0::/29 maxlen: 29
2a07:2fc0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:1e:71:01:69:9b:d3:2b:7f:2c:88:38:2d:23:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8afec17a41b39dbf69013eca167bdf63aa865d
Validity
Not Before: Jan 2 05:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ebc37baa76403a68a46b6322dd849b1d4099b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:60:ba:ac:d4:8b:aa:2e:9d:16:50:22:7b:e0:
88:cb:89:55:3f:5d:ae:84:53:f7:6b:80:0d:be:c2:
e5:ab:23:42:c7:a7:70:0c:db:6e:f9:1f:66:88:30:
d6:38:a6:eb:23:e9:9f:2c:45:b7:6c:8a:50:2a:6c:
38:5c:ae:08:69:43:fd:76:dc:a8:bd:b3:64:e8:4c:
c3:5b:7d:4c:59:f9:57:06:60:01:0d:12:4f:cc:fd:
e0:68:6e:94:23:1c:be:44:f9:bf:91:05:90:c9:4b:
93:65:07:f2:08:b7:b4:7d:b1:26:7d:96:83:ce:7a:
a7:16:be:e3:c2:0c:85:a7:29:0e:3e:da:57:08:be:
15:22:a8:88:e3:d9:0a:50:3d:68:1d:e8:af:20:d5:
95:ae:23:a9:e8:f7:32:4c:38:0f:03:9f:9d:ba:76:
c3:ae:d9:e2:b5:70:f8:4a:38:ae:1c:1c:d7:ed:c4:
06:ae:56:f4:f0:f3:b2:6b:bc:8b:2c:66:4c:6a:cf:
3b:e6:53:88:c2:35:d0:c1:cb:6a:0a:a1:55:22:d0:
81:7b:58:f1:0e:33:2a:08:d8:f9:bb:39:29:36:a2:
d6:26:f1:01:bc:6b:0c:44:73:6c:49:73:3e:93:11:
4b:de:00:1d:6d:99:b1:3b:8e:c8:01:33:03:c1:97:
b0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:BC:37:BA:A7:64:03:A6:8A:46:B6:32:2D:D8:49:B1:D4:09:9B:01
X509v3 Authority Key Identifier:
keyid:3D:8A:FE:C1:7A:41:B3:9D:BF:69:01:3E:CA:16:7B:DF:63:AA:86:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYr-wXpBs52_aQE-yhZ732Oqhl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/8bcaba-38ad-4051-b414-94d37e9595c1/1/jrw3uqdkA6aKRrYyLdhJsdQJmwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/8bcaba-38ad-4051-b414-94d37e9595c1/1/PYr-wXpBs52_aQE-yhZ732Oqhl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.2.0/23
IPv6:
2a07:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
29:e5:7b:a7:fb:58:de:07:98:ac:eb:3c:ac:3d:f7:a5:88:c7:
4e:c8:63:8d:54:46:33:9d:dc:46:9f:fa:ad:64:af:90:4d:28:
89:7d:61:59:09:9e:4f:d9:ed:0f:1b:ef:6f:da:7a:2c:6d:fe:
ea:2f:63:10:ab:9e:ac:a9:70:3e:5e:95:71:c7:e5:94:02:66:
99:29:55:5c:34:05:1b:81:01:15:7c:06:86:e3:95:a1:fe:6e:
72:c5:d6:a4:5b:62:5f:86:f5:87:08:c8:a8:f2:4b:ea:a1:d9:
7c:fb:78:96:df:a6:3c:be:57:b7:86:d1:25:8d:f0:e4:05:6f:
de:07:8a:ed:69:59:44:0e:d2:c9:63:99:aa:91:cb:88:69:af:
6b:94:7a:2a:dd:fd:96:f7:6d:cb:ae:6d:02:0e:22:80:ba:28:
1c:e8:77:76:68:84:cf:70:cd:5b:ff:f8:a9:4b:74:de:c0:96:
8b:1c:75:02:9c:01:e7:14:b4:4a:f1:2d:c4:f3:95:b5:ce:00:
f4:c6:f8:a2:61:42:48:05:8b:6f:53:c4:78:7a:bc:a9:4a:b5:
3c:a0:e4:ad:22:c4:79:4d:21:3f:c0:7b:52:ea:ee:39:1b:94:
8e:f9:df:f3:15:a9:a9:d1:11:e7:b6:ec:55:90:76:c5:de:ee:
cd:d9:09:3f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQljx5xAWmb0yt/LIg4LSPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGFmZWMxN2E0MWIzOWRiZjY5MDEzZWNhMTY3YmRmNjNh
YTg2NWQwHhcNMjUwMTAyMDU0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWJjMzdiYWE3NjQwM2E2OGE0NmI2MzIyZGQ4NDliMWQ0MDk5YjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2C6rNSLqi6dFlAie+CIy4lVP12u
hFP3a4ANvsLlqyNCx6dwDNtu+R9miDDWOKbrI+mfLEW3bIpQKmw4XK4IaUP9dtyo
vbNk6EzDW31MWflXBmABDRJPzP3gaG6UIxy+RPm/kQWQyUuTZQfyCLe0fbEmfZaD
znqnFr7jwgyFpykOPtpXCL4VIqiI49kKUD1oHeivINWVriOp6PcyTDgPA5+dunbD
rtnitXD4SjiuHBzX7cQGrlb08POya7yLLGZMas875lOIwjXQwctqCqFVItCBe1jx
DjMqCNj5uzkpNqLWJvEBvGsMRHNsSXM+kxFL3gAdbZmxO47IATMDwZewpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI68N7qnZAOmika2Mi3YSbHUCZsBMB8GA1UdIwQY
MBaAFD2K/sF6QbOdv2kBPsoWe99jqoZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlyLXdYcEJzNTJfYVFFLXloWjczMk9xaGwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy84YmNhYmEtMzhhZC00MDUxLWI0MTQt
OTRkMzdlOTU5NWMxLzEvanJ3M3VxZGtBNmFLUnJZeUxkaEpzZFFKbXdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy84YmNhYmEtMzhhZC00MDUxLWI0MTQtOTRkMzdlOTU5NWMx
LzEvUFlyLXdYcEJzNTJfYVFFLXloWjczMk9xaGwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwgkCMA0E
AgACMAcDBQMqBy/AMA0GCSqGSIb3DQEBCwUAA4IBAQAp5Xun+1jeB5is6zysPfel
iMdOyGONVEYzndxGn/qtZK+QTSiJfWFZCZ5P2e0PG+9v2nosbf7qL2MQq56sqXA+
XpVxx+WUAmaZKVVcNAUbgQEVfAaG45Wh/m5yxdakW2JfhvWHCMio8kvqodl8+3iW
36Y8vle3htEljfDkBW/eB4rtaVlEDtLJY5mqkcuIaa9rlHoq3f2W923Lrm0CDiKA
uigc6Hd2aITPcM1b//ipS3TewJaLHHUCnAHnFLRK8S3E85W1zgD0xviiYUJIBYtv
U8R4erypSrU8oOStIsR5TSE/wHtS6u45G5SO+d/zFamp0RHntuxVkHbF3u7N2Qk/
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:26:00 2025 by rpki-client