Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/ExjSEeEAZl6w67KQQzB9tboEijs.roa
File: ExjSEeEAZl6w67KQQzB9tboEijs.roa (raw, json)
Hash identifier: kHRGvr6/I9lpmyPu60rCwXrYtjs7atLNb5bTbjbxNMY=
Subject key identifier: 13:18:D2:11:E1:00:66:5E:B0:EB:B2:90:43:30:7D:B5:BA:04:8A:3B
Certificate issuer: /CN=85b919a3feb0ec966299ff0fae8defcb415e22fe
Certificate serial: 019422FB3E0F948970DE7D24F65A42A096B1
Authority key identifier: 85:B9:19:A3:FE:B0:EC:96:62:99:FF:0F:AE:8D:EF:CB:41:5E:22:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hbkZo_6w7JZimf8Pro3vy0FeIv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/ExjSEeEAZl6w67KQQzB9tboEijs.roa
Signing time: Wed 01 Jan 2025 17:47:58 +0000
ROA not before: Wed 01 Jan 2025 17:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215054
IP address blocks: 194.164.233.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:3e:0f:94:89:70:de:7d:24:f6:5a:42:a0:96:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85b919a3feb0ec966299ff0fae8defcb415e22fe
Validity
Not Before: Jan 1 17:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1318d211e100665eb0ebb29043307db5ba048a3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ac:e3:7e:83:60:8a:14:99:6c:9c:47:8c:29:
59:2c:92:0b:dd:7b:00:4c:b5:9c:c1:e3:d4:96:a3:
4c:fc:9f:b2:4c:99:24:5f:93:4e:fb:a9:69:fe:06:
06:91:e3:a0:5f:01:bb:d4:2c:47:e7:02:bf:a5:a4:
07:06:67:c8:4d:b9:ca:3b:b5:55:ab:a7:3f:6a:ea:
34:b9:ab:e4:d4:e7:dd:ae:45:6d:25:7b:03:93:56:
13:52:c0:3c:4b:d9:3a:cf:6b:f2:d0:fe:f1:b8:2e:
60:d6:ad:e3:bf:5c:32:14:ec:df:45:0d:f3:2d:e8:
c4:d4:dc:b3:83:8f:a8:18:ec:81:06:28:fe:c5:29:
d8:14:ae:45:4a:98:4d:e9:c6:29:12:eb:d1:09:09:
9e:e9:f3:78:03:bb:a6:bc:c3:88:43:cf:6e:27:a9:
25:aa:11:6e:7d:cf:2b:1b:f9:98:4b:da:d2:15:b0:
2a:78:f9:d5:df:e6:ee:cd:16:e2:57:ac:13:e2:83:
10:fb:98:5a:8a:e2:35:d0:0e:17:80:62:1f:95:76:
12:5d:0e:3f:8a:d6:d7:f7:c7:98:30:07:7c:96:ab:
9b:75:7a:3d:fb:57:d1:a1:50:aa:11:47:fe:2e:94:
c3:81:18:11:11:88:6a:62:af:55:79:17:8f:87:4e:
a0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:18:D2:11:E1:00:66:5E:B0:EB:B2:90:43:30:7D:B5:BA:04:8A:3B
X509v3 Authority Key Identifier:
keyid:85:B9:19:A3:FE:B0:EC:96:62:99:FF:0F:AE:8D:EF:CB:41:5E:22:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbkZo_6w7JZimf8Pro3vy0FeIv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/ExjSEeEAZl6w67KQQzB9tboEijs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/hbkZo_6w7JZimf8Pro3vy0FeIv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.164.233.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:7c:cf:e6:66:ae:50:60:e0:45:e8:81:0a:61:a3:98:e5:87:
d6:fd:32:cb:9b:60:d0:b3:f1:a2:4e:97:5f:5e:e2:a7:81:9a:
bc:1a:c5:90:3e:77:59:18:86:01:f9:03:52:8f:ab:12:88:0f:
e2:0d:a4:b2:00:ce:00:8d:f6:bb:61:12:2c:bb:53:dc:9a:c3:
3e:b2:66:66:ab:22:c6:8d:cd:f5:25:ed:9e:12:b8:81:5a:67:
bf:1f:48:33:1a:f1:bc:6b:65:a9:65:c7:f1:c3:16:56:ed:e3:
a3:c5:57:22:c6:9d:d3:d9:b1:68:0a:2b:8b:63:fa:3f:99:9f:
6d:3f:88:ed:d8:b1:47:37:9e:83:e7:45:1e:65:e6:95:33:88:
c6:a6:19:3f:99:0b:07:e3:e2:e5:12:8e:9d:c0:1f:85:0b:b6:
c4:4f:c7:5f:ba:6e:07:4e:8b:4b:36:de:39:41:4d:25:cb:f1:
2c:7a:de:d2:5c:c6:f4:d8:e2:cc:cd:c8:82:f5:0e:0b:0d:8a:
a4:17:02:04:e1:5b:5d:df:5a:b1:ba:a7:7f:4a:22:e6:bf:2d:
46:be:46:48:70:9d:45:8b:9f:7f:a0:ba:be:90:78:d1:d0:84:
22:29:b1:57:d9:f2:b1:7b:07:36:ea:e3:f3:0d:f5:ab:21:e3:
e3:f6:5c:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+z4PlIlw3n0k9lpCoJaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YjkxOWEzZmViMGVjOTY2Mjk5ZmYwZmFlOGRlZmNiNDE1
ZTIyZmUwHhcNMjUwMTAxMTc0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzE4ZDIxMWUxMDA2NjVlYjBlYmIyOTA0MzMwN2RiNWJhMDQ4YTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKzjfoNgihSZbJxHjClZLJIL3XsA
TLWcwePUlqNM/J+yTJkkX5NO+6lp/gYGkeOgXwG71CxH5wK/paQHBmfITbnKO7VV
q6c/auo0uavk1OfdrkVtJXsDk1YTUsA8S9k6z2vy0P7xuC5g1q3jv1wyFOzfRQ3z
LejE1Nyzg4+oGOyBBij+xSnYFK5FSphN6cYpEuvRCQme6fN4A7umvMOIQ89uJ6kl
qhFufc8rG/mYS9rSFbAqePnV3+buzRbiV6wT4oMQ+5haiuI10A4XgGIflXYSXQ4/
itbX98eYMAd8lqubdXo9+1fRoVCqEUf+LpTDgRgREYhqYq9VeRePh06gjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBMY0hHhAGZesOuykEMwfbW6BIo7MB8GA1UdIwQY
MBaAFIW5GaP+sOyWYpn/D66N78tBXiL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJrWm9fNnc3SlppbWY4UHJvM3Z5MEZlSXY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81ZTBmNWEtYzZlNy00M2U4LWJiMjEt
NDdkYzA4ZDdlM2JhLzEvRXhqU0VlRUFabDZ3NjdLUVF6Qjl0Ym9FaWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy81ZTBmNWEtYzZlNy00M2U4LWJiMjEtNDdkYzA4ZDdlM2Jh
LzEvaGJrWm9fNnc3SlppbWY4UHJvM3Z5MEZlSXY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqTpMA0G
CSqGSIb3DQEBCwUAA4IBAQDVfM/mZq5QYOBF6IEKYaOY5YfW/TLLm2DQs/GiTpdf
XuKngZq8GsWQPndZGIYB+QNSj6sSiA/iDaSyAM4Ajfa7YRIsu1PcmsM+smZmqyLG
jc31Je2eEriBWme/H0gzGvG8a2WpZcfxwxZW7eOjxVcixp3T2bFoCiuLY/o/mZ9t
P4jt2LFHN56D50UeZeaVM4jGphk/mQsH4+LlEo6dwB+FC7bET8dfum4HTotLNt45
QU0ly/Eset7SXMb02OLMzciC9Q4LDYqkFwIE4Vtd31qxuqd/SiLmvy1GvkZIcJ1F
i59/oLq+kHjR0IQiKbFX2fKxewc26uPzDfWrIePj9lyc
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:55:18 2025 by rpki-client