Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/A3eZlYEypGjwef6ovVTvAMEG2Sc.roa
File: A3eZlYEypGjwef6ovVTvAMEG2Sc.roa (raw, json)
Hash identifier: itiiU42XBZajUxpH3eQ5BL8/j+cYwxjPvYG7bJxrjyA=
Subject key identifier: 03:77:99:95:81:32:A4:68:F0:79:FE:A8:BD:54:EF:00:C1:06:D9:27
Certificate issuer: /CN=4b68e1fba7b44a7b666236b21253d7d6362d0d83
Certificate serial: 019424B38B79B7B36432F85A97B8E4E02421
Authority key identifier: 4B:68:E1:FB:A7:B4:4A:7B:66:62:36:B2:12:53:D7:D6:36:2D:0D:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2jh-6e0SntmYjayElPX1jYtDYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/A3eZlYEypGjwef6ovVTvAMEG2Sc.roa
Signing time: Thu 02 Jan 2025 01:48:53 +0000
ROA not before: Thu 02 Jan 2025 01:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25220
IP address blocks: 193.17.197.0/24 maxlen: 24
194.145.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:8b:79:b7:b3:64:32:f8:5a:97:b8:e4:e0:24:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b68e1fba7b44a7b666236b21253d7d6362d0d83
Validity
Not Before: Jan 2 01:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=037799958132a468f079fea8bd54ef00c106d927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d8:c8:47:3d:52:5c:fb:f5:71:05:7d:f5:bb:
69:9a:5b:cb:33:e3:93:7e:72:07:fe:ef:f3:fe:68:
28:c2:e1:13:42:d3:de:b2:42:fe:18:82:6f:34:80:
35:53:4e:71:66:90:8a:9d:7a:b2:f0:ca:f0:4f:b6:
12:d1:4c:d0:82:85:58:ea:ed:72:08:bd:48:62:18:
68:68:ba:33:8d:1f:5e:9c:8f:57:eb:ee:53:47:f4:
41:19:20:a7:bd:74:a0:bc:0c:42:c1:f3:7d:c3:7f:
3d:3c:e6:0f:96:d5:f1:4c:e4:e2:f4:10:8b:46:59:
6a:e5:d2:c2:49:cb:f9:12:df:49:fc:9c:2e:64:ce:
cc:fc:46:8f:66:42:af:c5:50:9d:21:07:60:14:be:
db:b8:c8:68:28:39:44:63:ab:6c:97:d9:b7:d6:7e:
37:5e:88:54:ea:ae:8e:0b:bb:4c:ea:43:5b:99:d1:
de:e2:e6:91:37:28:79:d5:53:87:79:9b:b7:79:9e:
24:23:fb:d2:dd:2f:93:86:c4:9f:91:c3:ca:20:0b:
7c:c9:9f:c0:26:09:40:23:ff:3d:4c:40:51:24:ad:
ac:1e:dc:8c:26:f1:b5:08:dc:d6:72:56:13:95:1e:
cc:80:15:9e:69:1c:d0:0b:23:b6:ce:2c:57:3f:60:
46:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:77:99:95:81:32:A4:68:F0:79:FE:A8:BD:54:EF:00:C1:06:D9:27
X509v3 Authority Key Identifier:
keyid:4B:68:E1:FB:A7:B4:4A:7B:66:62:36:B2:12:53:D7:D6:36:2D:0D:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2jh-6e0SntmYjayElPX1jYtDYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/A3eZlYEypGjwef6ovVTvAMEG2Sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.197.0/24
194.145.114.0/24
Signature Algorithm: sha256WithRSAEncryption
11:f2:3c:d9:37:6e:f0:be:70:dc:08:a2:c6:ed:e3:69:f6:92:
ce:85:22:8a:3d:3a:1a:9f:3a:5e:fb:a8:df:1b:63:fe:ce:64:
10:a0:54:85:6d:eb:bb:b5:82:07:90:51:12:31:e9:03:38:dc:
b3:fc:5b:66:49:9a:da:d6:e1:c6:e6:e9:f3:2f:7e:70:db:3e:
34:b6:63:39:97:c9:02:6e:81:6c:7d:16:1c:ba:c3:55:a2:d5:
80:05:c3:c4:99:2a:bd:72:0c:45:b3:53:a1:f9:05:b5:64:5e:
98:9e:6a:2c:f2:88:a7:de:f7:a7:49:57:85:06:39:45:58:01:
81:f0:a0:18:eb:84:72:eb:6d:9b:f7:28:90:1b:53:cf:b0:bb:
85:a0:36:16:64:72:12:55:32:cf:d2:66:47:4e:e4:9a:df:96:
17:32:e8:39:f6:81:7a:9f:17:07:dc:cc:f7:29:57:a3:ec:ae:
10:f3:a1:12:d1:1f:e0:48:fc:ed:4e:93:20:d7:c5:97:8f:6e:
74:da:8a:35:61:c1:56:96:37:00:63:1d:d9:f9:3a:aa:f9:bb:
ec:af:ad:05:d1:ec:47:6a:c7:aa:e7:a1:70:a3:aa:e8:4a:b7:
23:87:fd:2f:ed:a5:dd:2c:88:07:ac:ec:0f:7d:01:6d:c9:c3:
0e:87:fc:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQks4t5t7NkMvhal7jk4CQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjhlMWZiYTdiNDRhN2I2NjYyMzZiMjEyNTNkN2Q2MzYy
ZDBkODMwHhcNMjUwMTAyMDE0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzc3OTk5NTgxMzJhNDY4ZjA3OWZlYThiZDU0ZWYwMGMxMDZkOTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9jIRz1SXPv1cQV99btpmlvLM+OT
fnIH/u/z/mgowuETQtPeskL+GIJvNIA1U05xZpCKnXqy8MrwT7YS0UzQgoVY6u1y
CL1IYhhoaLozjR9enI9X6+5TR/RBGSCnvXSgvAxCwfN9w389POYPltXxTOTi9BCL
Rllq5dLCScv5Et9J/JwuZM7M/EaPZkKvxVCdIQdgFL7buMhoKDlEY6tsl9m31n43
XohU6q6OC7tM6kNbmdHe4uaRNyh51VOHeZu3eZ4kI/vS3S+ThsSfkcPKIAt8yZ/A
JglAI/89TEBRJK2sHtyMJvG1CNzWclYTlR7MgBWeaRzQCyO2zixXP2BGNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAN3mZWBMqRo8Hn+qL1U7wDBBtknMB8GA1UdIwQY
MBaAFEto4funtEp7ZmI2shJT19Y2LQ2DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJqaC02ZTBTbnRtWWpheUVsUFgxall0RFlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mMTQwNzktNDExNC00YmVjLTg3OWMt
OGIwNmVjNTY0YTFiLzEvQTNlWmxZRXlwR2p3ZWY2b3ZWVHZBTUVHMlNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mMTQwNzktNDExNC00YmVjLTg3OWMtOGIwNmVjNTY0YTFi
LzEvUzJqaC02ZTBTbnRtWWpheUVsUFgxall0RFlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRHFAwQA
wpFyMA0GCSqGSIb3DQEBCwUAA4IBAQAR8jzZN27wvnDcCKLG7eNp9pLOhSKKPToa
nzpe+6jfG2P+zmQQoFSFbeu7tYIHkFESMekDONyz/FtmSZra1uHG5unzL35w2z40
tmM5l8kCboFsfRYcusNVotWABcPEmSq9cgxFs1Oh+QW1ZF6Ynmos8oin3venSVeF
BjlFWAGB8KAY64Ry622b9yiQG1PPsLuFoDYWZHISVTLP0mZHTuSa35YXMug59oF6
nxcH3Mz3KVej7K4Q86ES0R/gSPztTpMg18WXj2502oo1YcFWljcAYx3Z+Tqq+bvs
r60F0exHaseq56Fwo6roSrcjh/0v7aXdLIgHrOwPfQFtycMOh/zS
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:55:36 2025 by rpki-client