Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/9d7cd7-ee63-4886-8fe1-b5ce6b6fd4d1/1/yF44GfEIvZjG1b-fqxz7IcsVaik.roa
File: yF44GfEIvZjG1b-fqxz7IcsVaik.roa (raw, json)
Hash identifier: Nr6aX1S4xhUfVJHe+PzjETZYUXFy6RKCIH4m44as1jw=
Subject key identifier: C8:5E:38:19:F1:08:BD:98:C6:D5:BF:9F:AB:1C:FB:21:CB:15:6A:29
Certificate issuer: /CN=e1977859d071f7150837b2acb4353ff33efd831c
Certificate serial: 019422FC1F7E93F07B48C176B2CB7D8B20D9
Authority key identifier: E1:97:78:59:D0:71:F7:15:08:37:B2:AC:B4:35:3F:F3:3E:FD:83:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Zd4WdBx9xUIN7KstDU_8z79gxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/9d7cd7-ee63-4886-8fe1-b5ce6b6fd4d1/1/yF44GfEIvZjG1b-fqxz7IcsVaik.roa
Signing time: Wed 01 Jan 2025 17:48:55 +0000
ROA not before: Wed 01 Jan 2025 17:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215219
IP address blocks: 193.221.125.0/24 maxlen: 24
2a10:bd40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:1f:7e:93:f0:7b:48:c1:76:b2:cb:7d:8b:20:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1977859d071f7150837b2acb4353ff33efd831c
Validity
Not Before: Jan 1 17:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c85e3819f108bd98c6d5bf9fab1cfb21cb156a29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ba:2e:84:76:8b:85:6f:20:58:41:80:fb:1f:
ef:d3:68:6d:06:22:da:49:31:d3:97:49:37:09:2f:
8b:ec:87:e2:85:3e:73:a5:a9:1e:39:05:d4:3b:cb:
01:59:c5:8b:29:b6:24:9b:72:8f:a7:32:7f:85:c9:
11:79:81:00:80:1d:94:b0:69:c7:a1:61:e7:dd:ef:
31:ca:5a:40:9c:94:cf:bf:6a:b6:14:67:90:ba:35:
15:09:65:3c:63:ee:43:d2:97:65:d1:5c:b5:f3:cb:
87:45:a0:c9:f1:ba:d7:94:f6:27:3e:6b:19:77:cc:
da:f6:57:4b:4f:6c:f9:db:88:a3:1b:03:10:4d:23:
7e:0a:95:d8:1a:ea:f4:da:40:db:ab:5e:6b:77:d8:
9d:7f:63:ef:49:4a:79:44:66:2e:8a:c9:89:16:ad:
a4:c4:be:3c:25:73:f5:4c:a2:11:45:8f:00:48:4a:
30:27:cb:6d:31:9f:d6:01:1e:45:3e:c3:d3:b9:a3:
87:cb:18:3f:8e:5b:5a:62:bb:90:e5:d1:9d:4a:53:
f1:4a:43:56:eb:4e:16:92:7b:ec:45:96:f8:a6:4e:
d5:fc:fb:24:e4:02:23:b3:b9:eb:e3:f9:72:c7:59:
53:47:c7:7d:c8:30:43:ad:8d:28:cc:44:08:2e:d7:
92:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:5E:38:19:F1:08:BD:98:C6:D5:BF:9F:AB:1C:FB:21:CB:15:6A:29
X509v3 Authority Key Identifier:
keyid:E1:97:78:59:D0:71:F7:15:08:37:B2:AC:B4:35:3F:F3:3E:FD:83:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Zd4WdBx9xUIN7KstDU_8z79gxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/9d7cd7-ee63-4886-8fe1-b5ce6b6fd4d1/1/yF44GfEIvZjG1b-fqxz7IcsVaik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/9d7cd7-ee63-4886-8fe1-b5ce6b6fd4d1/1/4Zd4WdBx9xUIN7KstDU_8z79gxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.221.125.0/24
IPv6:
2a10:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
54:83:ac:31:f4:e7:c4:e8:96:ef:0d:70:44:62:99:12:c2:f1:
fb:2d:a8:17:74:ae:70:96:4e:e7:fa:5a:92:63:2f:9b:0e:fb:
0a:a1:0f:f4:ed:75:9f:9c:b1:18:c0:eb:ab:61:43:11:03:df:
21:43:6f:b7:28:b3:57:06:d1:67:fa:9d:db:8c:12:6a:88:1e:
b1:84:95:a3:2d:d3:e4:34:e7:18:9f:2a:20:87:d5:19:29:0b:
7a:a0:f4:eb:40:9b:87:46:63:5c:8d:a5:3f:9e:ce:52:65:a2:
cc:cb:c2:3e:c1:c0:fd:e2:9e:bd:f3:42:45:a9:dd:85:07:0b:
16:d0:a8:3f:f0:06:c6:f3:82:8f:20:3e:89:ed:80:87:30:2f:
80:66:a9:c6:1f:8b:b8:42:bd:ac:6d:f3:8d:54:60:12:52:3a:
78:2e:86:37:69:42:0b:0c:2c:c3:da:4e:3f:70:34:80:5b:81:
eb:cc:7e:ee:6a:ad:cc:46:91:46:c1:84:09:c7:c6:fb:24:94:
5c:15:ed:79:75:54:ec:54:90:f1:5c:8d:d0:88:95:50:c5:46:
34:1b:7d:c9:76:f5:69:be:9e:b8:51:62:74:12:12:d8:d9:d5:
98:73:9f:55:ce:f1:72:e1:8e:04:05:4c:a3:f7:60:a0:70:c7:
bc:68:9c:9a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi/B9+k/B7SMF2sst9iyDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxOTc3ODU5ZDA3MWY3MTUwODM3YjJhY2I0MzUzZmYzM2Vm
ZDgzMWMwHhcNMjUwMTAxMTc0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODVlMzgxOWYxMDhiZDk4YzZkNWJmOWZhYjFjZmIyMWNiMTU2YTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrouhHaLhW8gWEGA+x/v02htBiLa
STHTl0k3CS+L7IfihT5zpakeOQXUO8sBWcWLKbYkm3KPpzJ/hckReYEAgB2UsGnH
oWHn3e8xylpAnJTPv2q2FGeQujUVCWU8Y+5D0pdl0Vy188uHRaDJ8brXlPYnPmsZ
d8za9ldLT2z524ijGwMQTSN+CpXYGur02kDbq15rd9idf2PvSUp5RGYuismJFq2k
xL48JXP1TKIRRY8ASEowJ8ttMZ/WAR5FPsPTuaOHyxg/jltaYruQ5dGdSlPxSkNW
604WknvsRZb4pk7V/Psk5AIjs7nr4/lyx1lTR8d9yDBDrY0ozEQILteSYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMheOBnxCL2YxtW/n6sc+yHLFWopMB8GA1UdIwQY
MBaAFOGXeFnQcfcVCDeyrLQ1P/M+/YMcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFpkNFdkQng5eFVJTjdLc3REVV84ejc5Z3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85ZDdjZDctZWU2My00ODg2LThmZTEt
YjVjZTZiNmZkNGQxLzEveUY0NEdmRUl2WmpHMWItZnF4ejdJY3NWYWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85ZDdjZDctZWU2My00ODg2LThmZTEtYjVjZTZiNmZkNGQx
LzEvNFpkNFdkQng5eFVJTjdLc3REVV84ejc5Z3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwd19MA0E
AgACMAcDBQMqEL1AMA0GCSqGSIb3DQEBCwUAA4IBAQBUg6wx9OfE6JbvDXBEYpkS
wvH7LagXdK5wlk7n+lqSYy+bDvsKoQ/07XWfnLEYwOurYUMRA98hQ2+3KLNXBtFn
+p3bjBJqiB6xhJWjLdPkNOcYnyogh9UZKQt6oPTrQJuHRmNcjaU/ns5SZaLMy8I+
wcD94p6980JFqd2FBwsW0Kg/8AbG84KPID6J7YCHMC+AZqnGH4u4Qr2sbfONVGAS
Ujp4LoY3aUILDCzD2k4/cDSAW4HrzH7uaq3MRpFGwYQJx8b7JJRcFe15dVTsVJDx
XI3QiJVQxUY0G33JdvVpvp64UWJ0EhLY2dWYc59VzvFy4Y4EBUyj92CgcMe8aJya
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:54:06 2025 by rpki-client