Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/599740-b96e-49c4-b604-63f197fb1c96/1/qU7NS3z4dR2Yct7lYNkAomkkhy4.roa
File: qU7NS3z4dR2Yct7lYNkAomkkhy4.roa (raw, json)
Hash identifier: A8aF09Arb1zd931tk4sAEkJct2PD6hOi6RvyzXv8HWc=
Subject key identifier: A9:4E:CD:4B:7C:F8:75:1D:98:72:DE:E5:60:D9:00:A2:69:24:87:2E
Certificate issuer: /CN=4a04bcc2fee1c3a2e04388260e10644b65e701f3
Certificate serial: 019425FDE95A3ADA2B30AB126D45D0601792
Authority key identifier: 4A:04:BC:C2:FE:E1:C3:A2:E0:43:88:26:0E:10:64:4B:65:E7:01:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SgS8wv7hw6LgQ4gmDhBkS2XnAfM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/599740-b96e-49c4-b604-63f197fb1c96/1/qU7NS3z4dR2Yct7lYNkAomkkhy4.roa
Signing time: Thu 02 Jan 2025 07:49:44 +0000
ROA not before: Thu 02 Jan 2025 07:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214659
IP address blocks: 193.143.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:e9:5a:3a:da:2b:30:ab:12:6d:45:d0:60:17:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a04bcc2fee1c3a2e04388260e10644b65e701f3
Validity
Not Before: Jan 2 07:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a94ecd4b7cf8751d9872dee560d900a26924872e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:22:a5:31:6a:20:42:fb:b2:61:ae:d2:b0:54:
cf:fe:82:d1:1c:b3:ef:89:c6:28:4d:6c:68:80:b7:
86:77:db:10:20:28:3c:ad:75:1e:9d:14:85:e0:0b:
96:82:80:16:06:f5:08:65:dd:b0:78:ab:49:b4:6f:
21:74:3c:81:ff:73:fd:8d:12:ef:03:7c:7b:e9:45:
ff:91:4b:0a:40:f0:72:6f:3a:6a:fe:2c:f9:bb:4f:
9a:7c:e2:54:23:c1:66:be:09:1d:69:88:a6:a8:ae:
fb:d0:f2:93:c3:48:34:57:4f:aa:ae:44:27:39:39:
0f:c3:1e:b5:4f:51:55:9f:52:23:36:80:87:00:aa:
a7:d3:13:2b:c9:d7:49:ce:bb:fc:7c:79:b6:e2:93:
07:6a:e1:d1:e8:8a:83:b6:e9:d7:d9:d2:0b:a8:68:
b1:97:92:e8:08:9f:37:6d:7f:12:bf:ce:95:07:ff:
c7:6f:b8:42:de:82:54:44:5e:80:13:f2:75:15:dc:
30:cc:b2:b7:be:3a:5d:e7:f5:2d:5b:44:79:3c:c8:
e0:57:79:9b:cd:05:2b:3f:d3:9d:f2:0b:ac:ef:9d:
5a:f9:36:94:05:4d:ba:b2:eb:da:47:db:26:fa:7e:
c8:84:09:fc:eb:30:d1:57:90:7a:41:31:1f:56:7b:
ad:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4E:CD:4B:7C:F8:75:1D:98:72:DE:E5:60:D9:00:A2:69:24:87:2E
X509v3 Authority Key Identifier:
keyid:4A:04:BC:C2:FE:E1:C3:A2:E0:43:88:26:0E:10:64:4B:65:E7:01:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SgS8wv7hw6LgQ4gmDhBkS2XnAfM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/599740-b96e-49c4-b604-63f197fb1c96/1/qU7NS3z4dR2Yct7lYNkAomkkhy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/599740-b96e-49c4-b604-63f197fb1c96/1/SgS8wv7hw6LgQ4gmDhBkS2XnAfM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.123.0/24
Signature Algorithm: sha256WithRSAEncryption
57:e4:64:0e:f8:50:96:96:d2:93:8c:d9:b2:74:9f:ad:27:ac:
b5:f2:f5:5f:15:55:96:44:0e:1a:86:8e:0c:1d:f0:04:7f:35:
4b:0f:b3:09:18:b0:c1:30:2d:9e:4a:64:ba:e0:f6:ce:79:b0:
50:9a:3e:c5:41:3d:3f:ae:c2:62:cc:91:ce:ea:ad:bf:ee:80:
6e:00:d7:0f:f2:c6:6e:22:4f:4e:fa:04:ff:90:f5:bf:3b:a6:
f4:a0:bb:83:5e:18:48:d7:90:28:ea:b6:28:b6:21:56:d3:bc:
e2:77:5b:5b:48:18:16:fc:18:e9:2b:25:56:56:c4:53:71:cf:
07:3e:8c:7e:0b:41:b3:3c:15:8f:47:84:af:55:bc:a6:b2:e9:
d2:0b:06:05:96:b7:de:10:a0:99:fa:3e:65:e7:48:b3:3a:09:
c6:3b:2d:3e:46:90:63:88:cc:68:05:8f:db:a5:08:a4:f8:b9:
b5:98:0b:49:1c:04:04:6b:93:09:d5:ce:80:79:c9:25:3e:fc:
99:d0:2a:f1:b2:58:e2:56:f2:91:d1:ee:2b:54:f6:6f:37:21:
57:5a:33:29:53:97:ce:36:8a:d8:90:d3:23:02:68:3b:ba:53:
f5:1d:90:45:a4:90:30:4e:18:58:7e:55:89:22:cc:33:fe:1e:
81:70:81:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/elaOtorMKsSbUXQYBeSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMDRiY2MyZmVlMWMzYTJlMDQzODgyNjBlMTA2NDRiNjVl
NzAxZjMwHhcNMjUwMTAyMDc0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTRlY2Q0YjdjZjg3NTFkOTg3MmRlZTU2MGQ5MDBhMjY5MjQ4NzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSKlMWogQvuyYa7SsFTP/oLRHLPv
icYoTWxogLeGd9sQICg8rXUenRSF4AuWgoAWBvUIZd2weKtJtG8hdDyB/3P9jRLv
A3x76UX/kUsKQPBybzpq/iz5u0+afOJUI8FmvgkdaYimqK770PKTw0g0V0+qrkQn
OTkPwx61T1FVn1IjNoCHAKqn0xMryddJzrv8fHm24pMHauHR6IqDtunX2dILqGix
l5LoCJ83bX8Sv86VB//Hb7hC3oJURF6AE/J1FdwwzLK3vjpd5/UtW0R5PMjgV3mb
zQUrP9Od8gus751a+TaUBU26suvaR9sm+n7IhAn86zDRV5B6QTEfVnutlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKlOzUt8+HUdmHLe5WDZAKJpJIcuMB8GA1UdIwQY
MBaAFEoEvML+4cOi4EOIJg4QZEtl5wHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2dTOHd2N2h3NkxnUTRnbURoQmtTMlhuQWZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81OTk3NDAtYjk2ZS00OWM0LWI2MDQt
NjNmMTk3ZmIxYzk2LzEvcVU3TlMzejRkUjJZY3Q3bFlOa0FvbWtraHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81OTk3NDAtYjk2ZS00OWM0LWI2MDQtNjNmMTk3ZmIxYzk2
LzEvU2dTOHd2N2h3NkxnUTRnbURoQmtTMlhuQWZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY97MA0G
CSqGSIb3DQEBCwUAA4IBAQBX5GQO+FCWltKTjNmydJ+tJ6y18vVfFVWWRA4aho4M
HfAEfzVLD7MJGLDBMC2eSmS64PbOebBQmj7FQT0/rsJizJHO6q2/7oBuANcP8sZu
Ik9O+gT/kPW/O6b0oLuDXhhI15Ao6rYotiFW07zid1tbSBgW/BjpKyVWVsRTcc8H
Pox+C0GzPBWPR4SvVbymsunSCwYFlrfeEKCZ+j5l50izOgnGOy0+RpBjiMxoBY/b
pQik+Lm1mAtJHAQEa5MJ1c6AecklPvyZ0CrxsljiVvKR0e4rVPZvNyFXWjMpU5fO
NorYkNMjAmg7ulP1HZBFpJAwThhYflWJIswz/h6BcIGD
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:08:12 2025 by rpki-client