Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/e6b617-76e2-426a-8071-34c76d9756dd/1/stNJNaGeal-FHwEwjC3WB-1Iv34.roa
File: stNJNaGeal-FHwEwjC3WB-1Iv34.roa (raw, json)
Hash identifier: qGHFbDJPeE85BxBcD0txqzFvtVR+ui4dTz0qswD2vsw=
Subject key identifier: B2:D3:49:35:A1:9E:6A:5F:85:1F:01:30:8C:2D:D6:07:ED:48:BF:7E
Certificate issuer: /CN=7b2bdfebe459221dda35f52c5a3995020e4fbb7a
Certificate serial: 019425FDDD49C74D609DB1483DB32A5E1D91
Authority key identifier: 7B:2B:DF:EB:E4:59:22:1D:DA:35:F5:2C:5A:39:95:02:0E:4F:BB:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eyvf6-RZIh3aNfUsWjmVAg5Pu3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/e6b617-76e2-426a-8071-34c76d9756dd/1/stNJNaGeal-FHwEwjC3WB-1Iv34.roa
Signing time: Thu 02 Jan 2025 07:49:41 +0000
ROA not before: Thu 02 Jan 2025 07:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31531
IP address blocks: 193.16.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:dd:49:c7:4d:60:9d:b1:48:3d:b3:2a:5e:1d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b2bdfebe459221dda35f52c5a3995020e4fbb7a
Validity
Not Before: Jan 2 07:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2d34935a19e6a5f851f01308c2dd607ed48bf7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6e:37:27:42:6d:6f:c2:03:ee:81:0b:d0:e6:
46:ed:86:39:dc:38:7e:a7:4f:92:3a:15:af:b5:00:
76:14:8a:b1:f4:0d:35:8a:01:27:e3:8a:30:8d:38:
83:b7:51:24:42:43:18:05:d0:47:d0:40:92:9f:c8:
7a:df:73:b7:f7:1e:b9:6e:06:ff:bf:b5:d6:bd:4c:
3b:ce:a3:e5:42:04:73:d5:57:8d:f0:5e:09:d2:b7:
43:bb:db:a3:fc:49:65:6a:0f:34:f5:ab:bd:74:0c:
fa:e1:6d:11:9b:73:e1:2b:cb:e5:54:d5:8f:fa:a5:
ee:ea:87:65:51:70:6a:01:94:cc:b9:b8:39:2d:fc:
b2:db:8d:39:1c:65:36:89:0e:91:7b:55:22:45:63:
50:19:5b:35:28:18:c3:7c:42:e3:d2:13:ec:84:f2:
6a:34:55:20:5f:c1:80:5e:28:cd:4c:e6:6a:e0:6e:
d1:da:c0:85:d6:af:93:57:e7:57:ac:de:a8:9e:4e:
90:57:ab:63:fd:43:83:5a:b1:a0:b9:54:cf:bf:a6:
c6:83:5b:f1:16:8f:b7:c8:34:51:bc:4b:f1:6d:ee:
b8:0b:00:2c:c5:b7:17:91:15:38:ad:f6:d2:78:45:
fd:c1:a3:ab:3f:b6:d5:0d:6f:24:4c:66:55:f5:37:
a2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D3:49:35:A1:9E:6A:5F:85:1F:01:30:8C:2D:D6:07:ED:48:BF:7E
X509v3 Authority Key Identifier:
keyid:7B:2B:DF:EB:E4:59:22:1D:DA:35:F5:2C:5A:39:95:02:0E:4F:BB:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eyvf6-RZIh3aNfUsWjmVAg5Pu3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e6b617-76e2-426a-8071-34c76d9756dd/1/stNJNaGeal-FHwEwjC3WB-1Iv34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e6b617-76e2-426a-8071-34c76d9756dd/1/eyvf6-RZIh3aNfUsWjmVAg5Pu3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.101.0/24
Signature Algorithm: sha256WithRSAEncryption
86:29:11:19:3a:9e:69:b2:e3:a4:05:47:66:e9:59:7a:78:26:
21:10:99:e1:b3:9a:b1:cc:d2:12:22:75:d3:78:d6:4f:68:de:
ee:ce:a1:b3:b4:16:a0:95:8a:4b:bd:a0:40:04:1a:5e:9d:67:
45:3b:56:08:0c:7a:2b:ec:20:0b:fa:cc:ab:81:1a:4a:16:2f:
b7:e9:e1:a6:d3:75:11:65:0e:f4:71:45:25:f8:83:22:8b:75:
48:bf:9f:20:3c:87:13:08:00:2b:39:53:86:f7:6a:18:c1:d0:
a2:5e:9f:05:b2:c2:40:98:30:62:ac:5e:21:8e:7e:17:ae:b1:
4d:92:86:86:14:ad:74:c7:c2:cb:13:45:9d:41:ae:00:6f:4a:
f8:8c:52:93:85:f5:c2:6f:54:ed:8c:8e:a7:74:e1:73:ac:e4:
30:4a:26:47:65:82:a7:d6:3f:a0:f4:a3:86:cc:ce:2a:66:dc:
ac:49:ea:70:40:01:70:b7:f2:d5:62:73:ff:87:3a:9a:72:6f:
09:7d:17:21:44:17:be:f3:90:26:b4:6b:be:19:ad:fa:1e:5c:
a4:fb:58:23:3c:5e:ae:9f:d0:8e:98:d4:14:fc:85:7f:1f:f9:
ed:68:22:46:c4:fc:24:2a:af:d7:f6:9c:e4:a4:f5:75:9f:4f:
36:aa:d4:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/d1Jx01gnbFIPbMqXh2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMmJkZmViZTQ1OTIyMWRkYTM1ZjUyYzVhMzk5NTAyMGU0
ZmJiN2EwHhcNMjUwMTAyMDc0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmQzNDkzNWExOWU2YTVmODUxZjAxMzA4YzJkZDYwN2VkNDhiZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnm43J0Jtb8ID7oEL0OZG7YY53Dh+
p0+SOhWvtQB2FIqx9A01igEn44owjTiDt1EkQkMYBdBH0ECSn8h633O39x65bgb/
v7XWvUw7zqPlQgRz1VeN8F4J0rdDu9uj/Ellag809au9dAz64W0Rm3PhK8vlVNWP
+qXu6odlUXBqAZTMubg5Lfyy2405HGU2iQ6Re1UiRWNQGVs1KBjDfELj0hPshPJq
NFUgX8GAXijNTOZq4G7R2sCF1q+TV+dXrN6onk6QV6tj/UODWrGguVTPv6bGg1vx
Fo+3yDRRvEvxbe64CwAsxbcXkRU4rfbSeEX9waOrP7bVDW8kTGZV9TeiXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLLTSTWhnmpfhR8BMIwt1gftSL9+MB8GA1UdIwQY
MBaAFHsr3+vkWSId2jX1LFo5lQIOT7t6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXl2ZjYtUlpJaDNhTmZVc1dqbVZBZzVQdTNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lNmI2MTctNzZlMi00MjZhLTgwNzEt
MzRjNzZkOTc1NmRkLzEvc3ROSk5hR2VhbC1GSHdFd2pDM1dCLTFJdjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9lNmI2MTctNzZlMi00MjZhLTgwNzEtMzRjNzZkOTc1NmRk
LzEvZXl2ZjYtUlpJaDNhTmZVc1dqbVZBZzVQdTNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRBlMA0G
CSqGSIb3DQEBCwUAA4IBAQCGKREZOp5psuOkBUdm6Vl6eCYhEJnhs5qxzNISInXT
eNZPaN7uzqGztBaglYpLvaBABBpenWdFO1YIDHor7CAL+syrgRpKFi+36eGm03UR
ZQ70cUUl+IMii3VIv58gPIcTCAArOVOG92oYwdCiXp8FssJAmDBirF4hjn4XrrFN
koaGFK10x8LLE0WdQa4Ab0r4jFKThfXCb1TtjI6ndOFzrOQwSiZHZYKn1j+g9KOG
zM4qZtysSepwQAFwt/LVYnP/hzqacm8JfRchRBe+85AmtGu+Ga36Hlyk+1gjPF6u
n9COmNQU/IV/H/ntaCJGxPwkKq/X9pzkpPV1n082qtR6
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:20:40 2025 by rpki-client