Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/9KXOST55YY0lXeY2at-B9rj0niU.roa
File: 9KXOST55YY0lXeY2at-B9rj0niU.roa (raw, json)
Hash identifier: 8hqjbiVJ749aijR64lRVsNAgsndZmE0NhGeWAqBjPME=
Subject key identifier: F4:A5:CE:49:3E:79:61:8D:25:5D:E6:36:6A:DF:81:F6:B8:F4:9E:25
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019421440FDF5FCE5FD7AF61698D5CA0C9A0
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/9KXOST55YY0lXeY2at-B9rj0niU.roa
Signing time: Wed 01 Jan 2025 09:48:15 +0000
ROA not before: Wed 01 Jan 2025 09:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63023
IP address blocks: 213.232.116.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:0f:df:5f:ce:5f:d7:af:61:69:8d:5c:a0:c9:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4a5ce493e79618d255de6366adf81f6b8f49e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a0:ec:76:ac:23:73:7a:ac:f2:37:a5:d3:97:
ec:04:43:d6:dd:d6:b8:56:c7:17:3a:70:13:42:02:
d6:48:69:68:64:50:2a:f0:b3:0b:0b:a6:21:66:e2:
a4:d8:d7:19:40:8f:5e:ca:ba:fe:82:9e:bf:a0:1d:
05:c7:b8:82:12:f7:1a:53:37:77:49:8d:67:fd:9e:
af:6a:34:93:3f:bd:69:9e:3d:b7:71:09:be:37:de:
ad:73:bf:73:e1:7b:2d:b1:f9:00:1a:3a:a1:aa:a0:
74:76:b5:9e:4f:ff:d3:11:82:e7:cf:7f:5e:32:c2:
eb:07:7d:12:44:83:91:c7:50:89:97:6d:a5:fc:2c:
db:0c:48:45:87:48:0a:02:b7:a9:f2:5d:ae:94:a7:
a0:7e:a8:ce:d0:f8:e0:39:c4:38:c8:8c:5e:72:2e:
2b:68:f6:76:1e:b5:22:9b:a8:ec:8e:8a:b9:06:e6:
54:37:81:f1:ce:fd:21:57:fe:77:9d:93:0a:84:8c:
25:cc:7e:73:24:ee:06:26:29:81:3a:97:9b:54:e7:
99:c5:3a:5e:24:27:3c:6a:4e:3e:7d:50:41:c3:b5:
eb:d9:86:18:25:cc:7e:d1:7f:40:9b:c0:0f:91:e7:
12:6f:c9:83:4a:0c:19:27:cb:dc:7d:58:9b:e9:ea:
be:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A5:CE:49:3E:79:61:8D:25:5D:E6:36:6A:DF:81:F6:B8:F4:9E:25
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/9KXOST55YY0lXeY2at-B9rj0niU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.116.0/22
Signature Algorithm: sha256WithRSAEncryption
58:c5:41:d0:f1:2b:75:d6:97:91:a7:ab:d1:68:38:2a:3f:a0:
3b:4a:79:af:73:8b:4a:12:62:34:9a:d0:61:af:60:81:7d:32:
7e:4d:26:29:05:cc:a4:a1:f5:99:0c:ba:f9:04:1a:f4:20:c8:
1c:8c:79:db:2b:00:84:cc:49:c8:fb:3b:62:55:44:30:cb:83:
75:fc:5d:b8:0b:d7:52:bf:83:94:28:01:63:a2:b8:15:74:77:
0b:93:59:f7:20:9b:cb:4e:86:94:4b:ae:0f:e0:85:be:7f:80:
33:30:ad:8a:42:e0:a0:52:05:2b:f8:4b:1e:43:a3:af:ba:db:
30:fe:0d:35:dc:3f:53:2e:93:88:d6:2d:87:0a:3a:e9:c4:ff:
17:de:d9:7c:6b:c6:35:eb:4d:43:3b:b0:14:6f:c3:f6:4b:b5:
df:96:e0:f8:90:d7:82:2d:6e:87:9e:49:1d:32:31:72:09:f3:
88:fa:aa:ec:f8:97:d2:1b:83:e2:1e:dd:36:cf:b3:b1:e9:1f:
ef:7b:d1:5e:40:5c:3e:a1:5a:4d:8f:ec:4d:a8:88:f2:4c:52:
05:99:45:03:c2:6f:ac:cc:9f:ed:7d:f6:f8:1c:16:70:31:76:
a5:18:19:aa:63:46:50:06:ce:54:67:3d:6c:cd:5f:8a:61:2d:
c4:df:8c:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRA/fX85f169haY1coMmgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGE1Y2U0OTNlNzk2MThkMjU1ZGU2MzY2YWRmODFmNmI4ZjQ5ZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaDsdqwjc3qs8jel05fsBEPW3da4
VscXOnATQgLWSGloZFAq8LMLC6YhZuKk2NcZQI9eyrr+gp6/oB0Fx7iCEvcaUzd3
SY1n/Z6vajSTP71pnj23cQm+N96tc79z4XstsfkAGjqhqqB0drWeT//TEYLnz39e
MsLrB30SRIORx1CJl22l/CzbDEhFh0gKArep8l2ulKegfqjO0PjgOcQ4yIxeci4r
aPZ2HrUim6jsjoq5BuZUN4Hxzv0hV/53nZMKhIwlzH5zJO4GJimBOpebVOeZxTpe
JCc8ak4+fVBBw7Xr2YYYJcx+0X9Am8APkecSb8mDSgwZJ8vcfVib6eq+gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSlzkk+eWGNJV3mNmrfgfa49J4lMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvOUtYT1NUNTVZWTBsWGVZMmF0LUI5cmowbmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1eh0MA0G
CSqGSIb3DQEBCwUAA4IBAQBYxUHQ8St11peRp6vRaDgqP6A7Snmvc4tKEmI0mtBh
r2CBfTJ+TSYpBcykofWZDLr5BBr0IMgcjHnbKwCEzEnI+ztiVUQwy4N1/F24C9dS
v4OUKAFjorgVdHcLk1n3IJvLToaUS64P4IW+f4AzMK2KQuCgUgUr+EseQ6Ovutsw
/g013D9TLpOI1i2HCjrpxP8X3tl8a8Y1601DO7AUb8P2S7XfluD4kNeCLW6Hnkkd
MjFyCfOI+qrs+JfSG4PiHt02z7Ox6R/ve9FeQFw+oVpNj+xNqIjyTFIFmUUDwm+s
zJ/tffb4HBZwMXalGBmqY0ZQBs5UZz1szV+KYS3E34yK
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:41:52 2025 by rpki-client