Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/d916da-8d84-4934-95d7-d8506c95fed8/1/EvrHOXABisdzxPR63-7KbbGB5LA.roa
File: EvrHOXABisdzxPR63-7KbbGB5LA.roa (raw, json)
Hash identifier: GvQn3h7lMtpAwRUlfjv3mFbaPpDUmsn0fuhGLOvFT5Q=
Subject key identifier: 12:FA:C7:39:70:01:8A:C7:73:C4:F4:7A:DF:EE:CA:6D:B1:81:E4:B0
Certificate issuer: /CN=b83973bce4a1923a751d36a91d447e0c5c1698fd
Certificate serial: 019489736F17C90AE0104A258D371ACB4508
Authority key identifier: B8:39:73:BC:E4:A1:92:3A:75:1D:36:A9:1D:44:7E:0C:5C:16:98:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uDlzvOShkjp1HTapHUR-DFwWmP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/d916da-8d84-4934-95d7-d8506c95fed8/1/EvrHOXABisdzxPR63-7KbbGB5LA.roa
Signing time: Tue 21 Jan 2025 15:20:31 +0000
ROA not before: Tue 21 Jan 2025 15:20:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40809
IP address blocks: 162.255.144.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:89:73:6f:17:c9:0a:e0:10:4a:25:8d:37:1a:cb:45:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b83973bce4a1923a751d36a91d447e0c5c1698fd
Validity
Not Before: Jan 21 15:20:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12fac73970018ac773c4f47adfeeca6db181e4b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1b:50:80:b3:96:fa:a1:58:ef:fe:9c:3f:56:
4d:c8:49:7c:0f:a0:a3:8d:dd:5d:35:d7:18:94:5b:
30:35:a1:86:a2:46:d2:c1:18:ec:9b:eb:5b:7a:7c:
ec:f9:eb:08:c9:75:b1:83:3b:22:cd:50:0c:34:34:
67:a0:9c:3e:7b:f6:05:4b:2b:bd:55:79:15:69:13:
66:45:e4:a6:41:f1:ed:97:95:c0:0c:d3:71:bf:19:
ba:17:9e:c1:66:e5:1d:74:ec:a8:10:17:e5:f5:5c:
89:7c:59:2d:0c:cd:c0:c6:5f:eb:c2:0f:95:62:4b:
66:17:f9:10:81:08:5e:a2:af:af:d6:b8:cd:9f:83:
38:4a:f5:8a:45:b0:42:78:64:5d:e2:b6:3f:08:1c:
e2:7a:81:de:62:2c:85:05:13:48:4d:2d:18:ab:de:
39:ec:19:03:08:14:87:0b:3d:9f:43:d0:bd:10:53:
74:c1:7c:d2:b5:fb:10:df:39:d0:3c:93:ce:16:91:
34:bd:03:70:a1:28:3b:b7:fc:2e:3d:e9:a7:f3:c9:
50:f8:1d:dd:b2:3e:40:34:db:4d:16:85:27:e4:f8:
36:40:db:03:9b:f1:09:eb:39:9d:f5:cb:60:a4:52:
ab:9e:88:d5:2b:f5:9b:fb:c2:72:6d:d1:0a:f7:dd:
1c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:FA:C7:39:70:01:8A:C7:73:C4:F4:7A:DF:EE:CA:6D:B1:81:E4:B0
X509v3 Authority Key Identifier:
keyid:B8:39:73:BC:E4:A1:92:3A:75:1D:36:A9:1D:44:7E:0C:5C:16:98:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uDlzvOShkjp1HTapHUR-DFwWmP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d916da-8d84-4934-95d7-d8506c95fed8/1/EvrHOXABisdzxPR63-7KbbGB5LA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d916da-8d84-4934-95d7-d8506c95fed8/1/uDlzvOShkjp1HTapHUR-DFwWmP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
162.255.144.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:9e:0b:d8:29:ce:82:41:9d:b3:9d:ad:42:36:df:0b:20:a1:
c0:3b:cf:ac:1f:07:87:6f:2f:e6:d6:ce:7a:9b:57:17:5a:95:
ad:29:9e:b8:bf:58:0b:43:71:9c:34:09:67:eb:db:d5:4e:0c:
02:f6:ff:88:ff:d8:7a:8d:9a:fd:2d:c9:da:97:6a:d1:da:97:
51:18:52:ae:fe:e7:d3:8d:72:fb:76:02:4f:07:c8:b1:e4:71:
38:59:3d:d9:84:9d:0c:2d:26:24:34:6f:9b:5b:93:bd:ff:71:
15:fd:e3:05:84:a8:55:75:b0:26:10:8c:41:9f:8e:7d:28:2b:
f9:5d:61:36:8a:61:ee:09:f0:20:ae:8d:58:0f:a3:87:9c:dc:
81:a9:a2:05:ee:44:5e:47:5b:26:9a:ec:e2:d0:6d:86:30:01:
27:a7:02:58:d9:8f:41:8e:dc:92:f8:18:64:3d:1c:28:d3:c4:
ff:6d:fe:65:2d:25:34:1c:ef:18:dc:1f:0e:04:b7:ab:6f:04:
0b:af:60:40:07:34:02:64:aa:90:76:e6:32:21:c7:13:cc:34:
ef:7c:3c:f4:c1:b3:36:78:83:ee:de:f8:9f:6f:07:78:8e:0f:
7e:40:2b:ac:b4:b8:d6:f3:b8:b2:6c:57:1e:13:5c:76:d0:33:
b4:93:ac:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSJc28XyQrgEEoljTcay0UIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4Mzk3M2JjZTRhMTkyM2E3NTFkMzZhOTFkNDQ3ZTBjNWMx
Njk4ZmQwHhcNMjUwMTIxMTUyMDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmZhYzczOTcwMDE4YWM3NzNjNGY0N2FkZmVlY2E2ZGIxODFlNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxtQgLOW+qFY7/6cP1ZNyEl8D6Cj
jd1dNdcYlFswNaGGokbSwRjsm+tbenzs+esIyXWxgzsizVAMNDRnoJw+e/YFSyu9
VXkVaRNmReSmQfHtl5XADNNxvxm6F57BZuUddOyoEBfl9VyJfFktDM3Axl/rwg+V
YktmF/kQgQheoq+v1rjNn4M4SvWKRbBCeGRd4rY/CBzieoHeYiyFBRNITS0Yq945
7BkDCBSHCz2fQ9C9EFN0wXzStfsQ3znQPJPOFpE0vQNwoSg7t/wuPemn88lQ+B3d
sj5ANNtNFoUn5Pg2QNsDm/EJ6zmd9ctgpFKrnojVK/Wb+8JybdEK990cEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBL6xzlwAYrHc8T0et/uym2xgeSwMB8GA1UdIwQY
MBaAFLg5c7zkoZI6dR02qR1EfgxcFpj9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdURsenZPU2hranAxSFRhcEhVUi1ERndXbVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kOTE2ZGEtOGQ4NC00OTM0LTk1ZDct
ZDg1MDZjOTVmZWQ4LzEvRXZySE9YQUJpc2R6eFBSNjMtN0tiYkdCNUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kOTE2ZGEtOGQ4NC00OTM0LTk1ZDctZDg1MDZjOTVmZWQ4
LzEvdURsenZPU2hranAxSFRhcEhVUi1ERndXbVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCov+QMA0G
CSqGSIb3DQEBCwUAA4IBAQA+ngvYKc6CQZ2zna1CNt8LIKHAO8+sHweHby/m1s56
m1cXWpWtKZ64v1gLQ3GcNAln69vVTgwC9v+I/9h6jZr9Lcnal2rR2pdRGFKu/ufT
jXL7dgJPB8ix5HE4WT3ZhJ0MLSYkNG+bW5O9/3EV/eMFhKhVdbAmEIxBn459KCv5
XWE2imHuCfAgro1YD6OHnNyBqaIF7kReR1smmuzi0G2GMAEnpwJY2Y9BjtyS+Bhk
PRwo08T/bf5lLSU0HO8Y3B8OBLerbwQLr2BABzQCZKqQduYyIccTzDTvfDz0wbM2
eIPu3vifbwd4jg9+QCustLjW87iybFceE1x20DO0k6w3
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:48:49 2025 by rpki-client