Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/BIaGV9Zs8uGBriNQ8U7uQ0gnNfA.roa
File: BIaGV9Zs8uGBriNQ8U7uQ0gnNfA.roa (raw, json)
Hash identifier: 7T5AV/yHdfgZicPaqkaiWb9Osz7vZVkyB1rTGAClRcg=
Subject key identifier: 04:86:86:57:D6:6C:F2:E1:81:AE:23:50:F1:4E:EE:43:48:27:35:F0
Certificate issuer: /CN=214a0f42190944ac6b45e00a24ae41a345fdcb35
Certificate serial: 019421B1F3234D187EF5F1FB56AAE42EDB51
Authority key identifier: 21:4A:0F:42:19:09:44:AC:6B:45:E0:0A:24:AE:41:A3:45:FD:CB:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/BIaGV9Zs8uGBriNQ8U7uQ0gnNfA.roa
Signing time: Wed 01 Jan 2025 11:48:17 +0000
ROA not before: Wed 01 Jan 2025 11:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137
IP address blocks: 193.43.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f3:23:4d:18:7e:f5:f1:fb:56:aa:e4:2e:db:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=214a0f42190944ac6b45e00a24ae41a345fdcb35
Validity
Not Before: Jan 1 11:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04868657d66cf2e181ae2350f14eee43482735f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8c:e0:b6:0e:37:78:f6:1f:68:51:23:22:44:
90:f6:c2:cc:66:a3:9d:da:71:94:46:d6:6a:fc:16:
5a:bf:38:44:77:a6:32:f1:bb:b9:1e:77:28:1c:d0:
f2:d1:b4:3c:6f:fb:76:1d:5b:c2:05:9d:38:3c:c8:
cb:84:8b:02:7d:78:be:aa:e8:33:de:1d:3c:56:d7:
96:c9:51:32:5c:7c:41:36:52:19:aa:70:79:9c:de:
fb:73:0e:c2:50:24:8e:27:56:ea:2c:28:81:e0:f3:
68:3b:01:0f:ce:be:3b:e4:12:5b:7f:d9:c9:f7:0b:
e0:de:c2:20:bb:f6:db:00:8f:b4:59:f7:53:e7:aa:
54:a8:f8:de:cf:b6:ec:0b:f9:25:51:7e:51:79:0b:
69:b2:7e:2b:44:67:0f:6a:5a:56:c4:c0:e4:92:71:
a2:72:cf:53:bb:94:cc:4d:ec:dd:f1:4e:13:73:49:
2c:c7:49:61:e3:8f:2d:0c:fb:26:09:19:58:e0:71:
f5:fd:01:6a:3b:eb:b5:b0:be:8b:98:11:0c:93:d6:
99:31:2e:89:f9:40:bf:00:99:09:29:81:5d:c0:1e:
57:d3:18:50:5a:c0:92:b4:91:f2:86:f2:19:2c:a3:
97:bf:e2:aa:40:11:99:b7:48:76:f0:3e:6a:82:3c:
5a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:86:86:57:D6:6C:F2:E1:81:AE:23:50:F1:4E:EE:43:48:27:35:F0
X509v3 Authority Key Identifier:
keyid:21:4A:0F:42:19:09:44:AC:6B:45:E0:0A:24:AE:41:A3:45:FD:CB:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/BIaGV9Zs8uGBriNQ8U7uQ0gnNfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.141.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:89:73:15:ba:67:f0:1e:9b:c2:16:ad:49:37:67:e8:78:32:
ce:a9:67:c7:57:f8:6e:6e:f9:e8:25:15:fe:af:07:5b:83:fa:
d0:72:ad:5e:85:37:21:ad:d0:71:ce:92:0d:4c:32:65:8b:8e:
b4:98:ed:e6:ed:63:75:89:e8:68:bc:90:7a:dd:2b:ce:54:49:
c9:6e:3d:77:c2:84:30:70:72:51:a7:c8:d4:bd:1d:be:b3:13:
79:4b:a2:1a:aa:f0:23:c6:e8:f0:5a:9d:9d:46:1b:52:7d:03:
a3:34:39:36:83:f2:a1:3e:15:19:22:14:98:0c:25:52:1b:5c:
9e:1c:1d:6d:61:5d:97:29:d7:74:95:78:8b:2f:82:0f:be:53:
87:3c:99:6c:57:89:24:3a:f8:61:9f:f9:c3:19:1c:ab:eb:27:
ad:69:a3:1c:8b:ec:90:7c:59:56:50:f8:b1:84:f3:d3:e0:c9:
f5:ec:58:15:46:4e:6e:e3:fd:3e:75:20:66:16:eb:f6:1a:82:
2a:eb:33:17:5f:0d:08:42:05:d1:0a:4f:a1:c0:df:a8:45:b0:
60:02:a4:d3:4a:fe:8a:e4:b8:9f:44:bd:ea:03:d5:2c:cd:02:
e5:1b:78:2b:8b:e2:db:ba:b3:57:12:50:0f:ae:ad:1e:78:08:
78:78:6a:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsfMjTRh+9fH7VqrkLttRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNGEwZjQyMTkwOTQ0YWM2YjQ1ZTAwYTI0YWU0MWEzNDVm
ZGNiMzUwHhcNMjUwMTAxMTE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDg2ODY1N2Q2NmNmMmUxODFhZTIzNTBmMTRlZWU0MzQ4MjczNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4zgtg43ePYfaFEjIkSQ9sLMZqOd
2nGURtZq/BZavzhEd6Yy8bu5HncoHNDy0bQ8b/t2HVvCBZ04PMjLhIsCfXi+qugz
3h08VteWyVEyXHxBNlIZqnB5nN77cw7CUCSOJ1bqLCiB4PNoOwEPzr475BJbf9nJ
9wvg3sIgu/bbAI+0WfdT56pUqPjez7bsC/klUX5ReQtpsn4rRGcPalpWxMDkknGi
cs9Tu5TMTezd8U4Tc0ksx0lh448tDPsmCRlY4HH1/QFqO+u1sL6LmBEMk9aZMS6J
+UC/AJkJKYFdwB5X0xhQWsCStJHyhvIZLKOXv+KqQBGZt0h28D5qgjxa6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFASGhlfWbPLhga4jUPFO7kNIJzXwMB8GA1UdIwQY
MBaAFCFKD0IZCUSsa0XgCiSuQaNF/cs1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wZDU3ZmYtNTUzMC00NjBkLThiNTMt
YjY2NTZjYzFiZDU5LzEvQklhR1Y5WnM4dUdCcmlOUThVN3VRMGduTmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8wZDU3ZmYtNTUzMC00NjBkLThiNTMtYjY2NTZjYzFiZDU5
LzEvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSuNMA0G
CSqGSIb3DQEBCwUAA4IBAQAqiXMVumfwHpvCFq1JN2foeDLOqWfHV/hubvnoJRX+
rwdbg/rQcq1ehTchrdBxzpINTDJli460mO3m7WN1iehovJB63SvOVEnJbj13woQw
cHJRp8jUvR2+sxN5S6IaqvAjxujwWp2dRhtSfQOjNDk2g/KhPhUZIhSYDCVSG1ye
HB1tYV2XKdd0lXiLL4IPvlOHPJlsV4kkOvhhn/nDGRyr6yetaaMci+yQfFlWUPix
hPPT4Mn17FgVRk5u4/0+dSBmFuv2GoIq6zMXXw0IQgXRCk+hwN+oRbBgAqTTSv6K
5LifRL3qA9UszQLlG3gri+LburNXElAPrq0eeAh4eGoz
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:43:53 2025 by rpki-client