Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/a5f2ba-326d-4845-b7a3-02fd8e99bfe1/1/8Zt8UHUusx_XQrfwEnBO0zgttVQ.roa
File: 8Zt8UHUusx_XQrfwEnBO0zgttVQ.roa (raw, json)
Hash identifier: 99GtToN6lghv1t5UehgYXJgLt9TbyulNLZ07g/FzqO4=
Subject key identifier: F1:9B:7C:50:75:2E:B3:1F:D7:42:B7:F0:12:70:4E:D3:38:2D:B5:54
Certificate issuer: /CN=2bbeb1f85cdad145bd2f97addd0941d32d758de7
Certificate serial: 019421B1AC4F19E274C2D6AFEF786100C0AA
Authority key identifier: 2B:BE:B1:F8:5C:DA:D1:45:BD:2F:97:AD:DD:09:41:D3:2D:75:8D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K76x-Fza0UW9L5et3QlB0y11jec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/a5f2ba-326d-4845-b7a3-02fd8e99bfe1/1/8Zt8UHUusx_XQrfwEnBO0zgttVQ.roa
Signing time: Wed 01 Jan 2025 11:47:59 +0000
ROA not before: Wed 01 Jan 2025 11:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42605
IP address blocks: 193.33.158.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ac:4f:19:e2:74:c2:d6:af:ef:78:61:00:c0:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bbeb1f85cdad145bd2f97addd0941d32d758de7
Validity
Not Before: Jan 1 11:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f19b7c50752eb31fd742b7f012704ed3382db554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:50:7b:7c:60:65:c1:c3:d7:52:8b:10:c5:0c:
56:12:70:12:71:e9:39:1c:51:2c:8b:2b:c6:7f:e7:
46:27:03:a0:72:69:74:a9:ac:93:e4:8c:b5:88:04:
fd:e8:c7:c6:07:e9:fe:7d:81:34:03:05:b5:e1:aa:
17:ab:e0:cd:dd:f2:9f:01:ec:4b:fe:94:24:3e:11:
e8:25:47:22:a4:d9:a0:2c:c0:4b:d4:2c:0b:ba:76:
12:22:b2:f4:ef:59:1e:7d:33:2b:f4:fe:b8:1f:4c:
84:ca:ef:86:2e:30:06:d1:de:bf:bc:a5:eb:1f:4d:
56:75:3d:b5:0c:de:91:65:d8:95:71:f3:17:49:a2:
e0:ed:45:ff:81:9b:a2:cb:a0:d0:a8:ee:02:9e:84:
52:e0:c8:4f:56:bc:8a:a4:b7:f5:2d:29:01:2e:1e:
c9:32:63:cf:6e:47:14:33:37:26:ff:25:e1:a9:4c:
14:41:00:c8:df:76:53:4c:e3:48:01:da:a7:8c:e2:
fc:7d:3d:8e:47:ce:e5:dd:47:1b:14:6c:3f:54:8a:
da:30:80:f3:de:d4:55:5b:11:bf:64:fb:f3:b4:31:
dd:9c:36:91:7d:87:36:c3:0e:e3:ce:94:e1:d4:cc:
38:a6:20:bd:71:2d:ba:b1:e7:0b:f6:06:a2:b8:0d:
dc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:9B:7C:50:75:2E:B3:1F:D7:42:B7:F0:12:70:4E:D3:38:2D:B5:54
X509v3 Authority Key Identifier:
keyid:2B:BE:B1:F8:5C:DA:D1:45:BD:2F:97:AD:DD:09:41:D3:2D:75:8D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K76x-Fza0UW9L5et3QlB0y11jec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/a5f2ba-326d-4845-b7a3-02fd8e99bfe1/1/8Zt8UHUusx_XQrfwEnBO0zgttVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/a5f2ba-326d-4845-b7a3-02fd8e99bfe1/1/K76x-Fza0UW9L5et3QlB0y11jec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.158.0/23
Signature Algorithm: sha256WithRSAEncryption
c2:8b:9c:49:d7:ae:53:4f:17:f8:de:9a:0e:d1:d7:3d:e4:bd:
74:69:6c:6f:75:34:81:03:f5:50:a3:78:92:f6:53:0e:56:75:
d4:3e:20:d5:de:02:e6:83:8b:85:c2:f2:f3:71:5e:68:7d:a9:
8f:f9:87:19:48:9f:a2:78:96:78:1c:cb:52:25:a6:15:c0:56:
75:09:1b:35:71:6d:fc:61:c2:28:f5:4d:5d:3c:9e:0e:f7:80:
29:d1:e2:dc:e1:98:b3:05:4e:a4:97:d3:67:09:9f:34:66:2b:
07:78:2b:01:5f:72:ed:de:fd:77:a2:f8:95:a6:3d:74:90:2d:
42:59:e9:5b:19:6c:ab:ae:23:bc:13:0d:2f:46:a3:f7:5c:8a:
81:82:e8:ad:5b:a9:f5:b3:bb:93:71:0e:d2:d1:6d:52:6a:b9:
af:05:db:9d:fd:13:7c:1b:3d:b7:e4:b0:f7:ae:65:0d:cf:b6:
27:22:bc:fc:56:36:3f:39:9a:e5:04:65:ee:89:53:b7:12:f9:
b0:5b:86:b9:70:d1:d8:be:b5:1d:3c:e2:06:ab:20:e0:13:49:
91:b4:ac:e6:9b:6c:43:6d:56:d5:aa:c3:60:24:00:93:8f:c1:
8b:b9:80:0e:bb:6f:f6:60:15:cf:54:d0:ce:1e:4f:f3:2d:f8:
9a:a1:c5:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsaxPGeJ0wtav73hhAMCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYmViMWY4NWNkYWQxNDViZDJmOTdhZGRkMDk0MWQzMmQ3
NThkZTcwHhcNMjUwMTAxMTE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTliN2M1MDc1MmViMzFmZDc0MmI3ZjAxMjcwNGVkMzM4MmRiNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlB7fGBlwcPXUosQxQxWEnAScek5
HFEsiyvGf+dGJwOgcml0qayT5Iy1iAT96MfGB+n+fYE0AwW14aoXq+DN3fKfAexL
/pQkPhHoJUcipNmgLMBL1CwLunYSIrL071kefTMr9P64H0yEyu+GLjAG0d6/vKXr
H01WdT21DN6RZdiVcfMXSaLg7UX/gZuiy6DQqO4CnoRS4MhPVryKpLf1LSkBLh7J
MmPPbkcUMzcm/yXhqUwUQQDI33ZTTONIAdqnjOL8fT2OR87l3UcbFGw/VIraMIDz
3tRVWxG/ZPvztDHdnDaRfYc2ww7jzpTh1Mw4piC9cS26secL9gaiuA3cvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPGbfFB1LrMf10K38BJwTtM4LbVUMB8GA1UdIwQY
MBaAFCu+sfhc2tFFvS+Xrd0JQdMtdY3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzc2eC1GemEwVVc5TDVldDNRbEIweTExamVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9hNWYyYmEtMzI2ZC00ODQ1LWI3YTMt
MDJmZDhlOTliZmUxLzEvOFp0OFVIVXVzeF9YUXJmd0VuQk8wemd0dFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9hNWYyYmEtMzI2ZC00ODQ1LWI3YTMtMDJmZDhlOTliZmUx
LzEvSzc2eC1GemEwVVc5TDVldDNRbEIweTExamVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwSGeMA0G
CSqGSIb3DQEBCwUAA4IBAQDCi5xJ165TTxf43poO0dc95L10aWxvdTSBA/VQo3iS
9lMOVnXUPiDV3gLmg4uFwvLzcV5ofamP+YcZSJ+ieJZ4HMtSJaYVwFZ1CRs1cW38
YcIo9U1dPJ4O94Ap0eLc4ZizBU6kl9NnCZ80ZisHeCsBX3Lt3v13oviVpj10kC1C
WelbGWyrriO8Ew0vRqP3XIqBguitW6n1s7uTcQ7S0W1SarmvBdud/RN8Gz235LD3
rmUNz7YnIrz8VjY/OZrlBGXuiVO3EvmwW4a5cNHYvrUdPOIGqyDgE0mRtKzmm2xD
bVbVqsNgJACTj8GLuYAOu2/2YBXPVNDOHk/zLfiaocWD
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:00:33 2025 by rpki-client