Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/1c347d-f1c9-4897-bf2c-ca3074cd9968/1/Ne10b5rjlmDzddihe7gb6ocO2b0.roa
File: Ne10b5rjlmDzddihe7gb6ocO2b0.roa (raw, json)
Hash identifier: ylaDgjgfTcWmf+Rg61sIK8UxE7w3h13qSpQ40+L4Ysw=
Subject key identifier: 35:ED:74:6F:9A:E3:96:60:F3:75:D8:A1:7B:B8:1B:EA:87:0E:D9:BD
Certificate issuer: /CN=2e39d330a5f04067eff9173473d67088abe9196f
Certificate serial: 0194252218B52CA724EB16B9CC825E247AF0
Authority key identifier: 2E:39:D3:30:A5:F0:40:67:EF:F9:17:34:73:D6:70:88:AB:E9:19:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjnTMKXwQGfv-Rc0c9ZwiKvpGW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/1c347d-f1c9-4897-bf2c-ca3074cd9968/1/Ne10b5rjlmDzddihe7gb6ocO2b0.roa
Signing time: Thu 02 Jan 2025 03:49:38 +0000
ROA not before: Thu 02 Jan 2025 03:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29205
IP address blocks: 193.135.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:18:b5:2c:a7:24:eb:16:b9:cc:82:5e:24:7a:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e39d330a5f04067eff9173473d67088abe9196f
Validity
Not Before: Jan 2 03:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35ed746f9ae39660f375d8a17bb81bea870ed9bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:64:c9:a5:88:7e:36:14:6f:d5:8f:92:ae:eb:
48:70:17:07:ec:5e:4f:7b:10:0c:91:5f:66:d3:87:
be:f4:29:96:73:30:3f:c3:51:16:b1:26:44:2f:a6:
23:9c:ab:16:8f:9b:6c:13:33:67:e8:d9:6e:96:bb:
dc:58:f5:a0:22:8c:16:f7:b7:4c:9a:5b:2b:94:d3:
fd:12:46:fe:73:7b:2d:0a:e3:18:ea:b9:c9:ba:1b:
c1:08:ba:ed:63:47:90:f3:8a:06:e4:06:32:69:bd:
a8:1d:b8:89:e0:a7:41:a5:d0:4e:76:56:e4:4b:c0:
8b:08:16:04:32:64:3c:08:68:65:0f:be:68:c1:de:
69:c7:60:e5:f2:e5:9b:ac:a3:05:1a:bd:4d:81:bc:
d2:1a:c6:ea:ea:6c:d3:8a:44:0e:f8:31:b0:f2:de:
2f:72:0b:6b:ca:26:88:f0:a9:92:f6:b3:fa:7b:2a:
91:38:0b:9a:c0:61:3b:6b:9f:4d:d9:98:5a:69:df:
9c:02:96:76:80:be:77:d1:95:26:6f:5e:45:77:b1:
0b:43:ff:d4:8d:4a:7a:0c:ed:20:95:c8:01:a6:c4:
af:13:34:66:b9:57:5c:3e:03:7d:bb:26:49:31:3e:
b4:14:3b:81:a5:e2:a5:89:e0:ee:51:bc:99:24:1e:
96:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:ED:74:6F:9A:E3:96:60:F3:75:D8:A1:7B:B8:1B:EA:87:0E:D9:BD
X509v3 Authority Key Identifier:
keyid:2E:39:D3:30:A5:F0:40:67:EF:F9:17:34:73:D6:70:88:AB:E9:19:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjnTMKXwQGfv-Rc0c9ZwiKvpGW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1c347d-f1c9-4897-bf2c-ca3074cd9968/1/Ne10b5rjlmDzddihe7gb6ocO2b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1c347d-f1c9-4897-bf2c-ca3074cd9968/1/LjnTMKXwQGfv-Rc0c9ZwiKvpGW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.21.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:31:db:ae:8f:f3:71:e4:f6:75:2f:0c:34:92:fb:30:ee:14:
d4:39:cd:88:26:47:42:72:05:59:fc:ee:64:3a:ac:01:ee:43:
0a:20:be:fe:80:18:41:e1:8e:c6:a3:ee:8c:f2:ff:96:ce:15:
83:8b:89:51:bf:98:65:aa:47:46:03:48:67:f7:7b:56:c2:c3:
b4:3c:a2:ec:89:a2:48:1a:07:92:fe:e7:77:8d:af:f4:47:94:
bd:50:89:82:34:c7:4b:48:6a:26:64:b7:c9:e8:63:43:11:cb:
73:da:89:b6:16:e8:5c:40:6f:fb:e6:9f:be:c2:98:f3:72:ad:
10:ab:87:cb:7d:a9:15:f3:0b:71:80:d0:29:02:86:10:8f:87:
c4:d1:d4:ec:e3:57:14:4c:6c:19:e9:37:d4:a1:97:20:d3:10:
f3:2e:70:50:c5:f4:e3:38:85:7b:28:9a:1e:8b:8b:66:14:0b:
23:fd:28:d8:64:8d:d8:cc:2a:0d:cc:7e:54:3a:85:21:ba:81:
36:5b:ee:08:7d:7e:35:35:18:52:fa:fc:74:2e:a5:d5:53:71:
e8:b4:ff:59:21:92:d8:c2:17:46:f1:30:01:85:17:f8:04:6e:
9b:a5:88:c5:92:3d:5d:7b:c5:01:b9:c5:5a:5d:af:3b:fa:bf:
67:54:ed:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIhi1LKck6xa5zIJeJHrwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzlkMzMwYTVmMDQwNjdlZmY5MTczNDczZDY3MDg4YWJl
OTE5NmYwHhcNMjUwMTAyMDM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWVkNzQ2ZjlhZTM5NjYwZjM3NWQ4YTE3YmI4MWJlYTg3MGVkOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02TJpYh+NhRv1Y+SrutIcBcH7F5P
exAMkV9m04e+9CmWczA/w1EWsSZEL6YjnKsWj5tsEzNn6NlulrvcWPWgIowW97dM
mlsrlNP9Ekb+c3stCuMY6rnJuhvBCLrtY0eQ84oG5AYyab2oHbiJ4KdBpdBOdlbk
S8CLCBYEMmQ8CGhlD75owd5px2Dl8uWbrKMFGr1NgbzSGsbq6mzTikQO+DGw8t4v
cgtryiaI8KmS9rP6eyqROAuawGE7a59N2Zhaad+cApZ2gL530ZUmb15Fd7ELQ//U
jUp6DO0glcgBpsSvEzRmuVdcPgN9uyZJMT60FDuBpeKlieDuUbyZJB6WgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXtdG+a45Zg83XYoXu4G+qHDtm9MB8GA1UdIwQY
MBaAFC450zCl8EBn7/kXNHPWcIir6RlvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGpuVE1LWHdRR2Z2LVJjMGM5WndpS3ZwR1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8xYzM0N2QtZjFjOS00ODk3LWJmMmMt
Y2EzMDc0Y2Q5OTY4LzEvTmUxMGI1cmpsbUR6ZGRpaGU3Z2I2b2NPMmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8xYzM0N2QtZjFjOS00ODk3LWJmMmMtY2EzMDc0Y2Q5OTY4
LzEvTGpuVE1LWHdRR2Z2LVJjMGM5WndpS3ZwR1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYcVMA0G
CSqGSIb3DQEBCwUAA4IBAQA+Mduuj/Nx5PZ1Lww0kvsw7hTUOc2IJkdCcgVZ/O5k
OqwB7kMKIL7+gBhB4Y7Go+6M8v+WzhWDi4lRv5hlqkdGA0hn93tWwsO0PKLsiaJI
GgeS/ud3ja/0R5S9UImCNMdLSGomZLfJ6GNDEctz2om2FuhcQG/75p++wpjzcq0Q
q4fLfakV8wtxgNApAoYQj4fE0dTs41cUTGwZ6TfUoZcg0xDzLnBQxfTjOIV7KJoe
i4tmFAsj/SjYZI3YzCoNzH5UOoUhuoE2W+4IfX41NRhS+vx0LqXVU3HotP9ZIZLY
whdG8TABhRf4BG6bpYjFkj1de8UBucVaXa87+r9nVO14
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:57:17 2025 by rpki-client