Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/6b08c2-5c3a-4288-844b-7fe42ff4dcd8/1/d_f-2basXF4ecUjEUuL7_QGvdV8.roa
File: d_f-2basXF4ecUjEUuL7_QGvdV8.roa (raw, json)
Hash identifier: 3qi4PJf12FWilDaOg+5R4nsdnVGnK/XQkSLQfanFNGo=
Subject key identifier: 77:F7:FE:D9:B6:AC:5C:5E:1E:71:48:C4:52:E2:FB:FD:01:AF:75:5F
Certificate issuer: /CN=93d43d499868091bbdc47d95aee1c9099f005620
Certificate serial: 01942368D0C2A1745755F0D3C5CA738B1D89
Authority key identifier: 93:D4:3D:49:98:68:09:1B:BD:C4:7D:95:AE:E1:C9:09:9F:00:56:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k9Q9SZhoCRu9xH2VruHJCZ8AViA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/6b08c2-5c3a-4288-844b-7fe42ff4dcd8/1/d_f-2basXF4ecUjEUuL7_QGvdV8.roa
Signing time: Wed 01 Jan 2025 19:47:39 +0000
ROA not before: Wed 01 Jan 2025 19:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6707
IP address blocks: 193.28.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:d0:c2:a1:74:57:55:f0:d3:c5:ca:73:8b:1d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93d43d499868091bbdc47d95aee1c9099f005620
Validity
Not Before: Jan 1 19:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77f7fed9b6ac5c5e1e7148c452e2fbfd01af755f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:12:b9:ac:53:88:4c:50:9a:a3:c1:a4:f0:d1:
2b:8d:83:01:9b:0e:8f:98:d3:35:d8:eb:21:43:06:
5d:1e:02:bc:41:ab:79:c7:b7:f0:11:ca:7c:91:77:
1d:1c:e0:bc:40:d6:38:40:c5:e8:0d:e9:be:51:39:
c2:9a:e9:de:a2:cd:97:ef:e7:03:f6:c5:8b:e9:1f:
c3:3f:08:5a:39:8c:94:0f:47:1a:90:52:73:71:8c:
21:4b:75:2d:d6:0d:4f:55:30:51:31:59:02:4e:3b:
f0:5b:3e:4c:48:69:fd:0f:35:a4:88:d8:99:2d:0d:
2e:2d:76:74:c2:de:1a:3c:73:09:31:df:48:01:92:
e4:88:75:f5:e2:03:ea:8e:99:ab:89:17:eb:de:96:
4a:a3:a3:f1:49:7e:23:e8:da:5d:da:42:c0:56:03:
d0:3c:72:6c:25:73:93:17:a0:71:0d:af:ae:34:84:
5f:19:c1:e3:45:12:13:dc:19:c8:6c:3f:43:6a:04:
71:63:45:5a:f2:e6:30:92:e6:8f:07:3e:99:2e:dd:
af:2a:df:ac:ba:1d:2f:a2:f9:16:18:88:a8:8b:05:
22:b0:c7:05:96:3e:0e:65:56:aa:1b:42:8d:09:44:
db:7a:eb:12:f8:1c:34:70:9a:e9:ea:0b:d3:81:5a:
f4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:F7:FE:D9:B6:AC:5C:5E:1E:71:48:C4:52:E2:FB:FD:01:AF:75:5F
X509v3 Authority Key Identifier:
keyid:93:D4:3D:49:98:68:09:1B:BD:C4:7D:95:AE:E1:C9:09:9F:00:56:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k9Q9SZhoCRu9xH2VruHJCZ8AViA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6b08c2-5c3a-4288-844b-7fe42ff4dcd8/1/d_f-2basXF4ecUjEUuL7_QGvdV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6b08c2-5c3a-4288-844b-7fe42ff4dcd8/1/k9Q9SZhoCRu9xH2VruHJCZ8AViA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.225.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:76:b8:da:c2:64:4f:84:e1:bb:b5:01:5f:42:3d:fd:c8:22:
ca:4d:fa:78:a3:03:31:fe:d4:0e:40:ae:27:03:ce:f4:1a:26:
76:bf:87:ff:fb:b4:00:98:bd:f4:0e:7f:01:1b:65:71:27:96:
ec:67:be:e8:6e:ba:a2:b0:72:4b:b1:fb:25:36:67:81:cb:dd:
28:ce:2a:79:fc:32:ab:1b:e2:de:18:22:53:19:44:ad:29:e9:
07:ad:69:91:d0:c4:a8:47:0c:d4:85:fc:42:e6:36:e3:64:0c:
69:7c:b8:dc:14:cb:71:e0:40:16:6e:cd:48:bf:45:e9:52:4b:
fd:71:5c:e4:8a:99:88:b1:93:c6:7a:13:83:21:5f:46:45:b4:
a8:65:d8:36:ac:8b:9a:8a:b1:e3:ee:8f:d1:38:2c:7c:7e:ac:
73:3e:90:ba:78:80:6e:3d:b9:56:69:2a:d0:06:a1:e5:93:6c:
c1:3e:c6:0a:6d:1f:69:73:78:74:d3:04:03:67:68:21:b1:02:
8c:57:c5:77:aa:6f:88:ed:0a:fd:20:8b:31:59:91:65:53:91:
23:49:6a:f0:80:81:fd:45:01:aa:93:7e:56:12:8c:11:2d:fe:
b1:ff:f1:99:1e:4f:40:b4:6d:a0:9e:4f:30:e6:1b:76:dc:3c:
98:be:29:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaNDCoXRXVfDTxcpzix2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZDQzZDQ5OTg2ODA5MWJiZGM0N2Q5NWFlZTFjOTA5OWYw
MDU2MjAwHhcNMjUwMTAxMTk0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2Y3ZmVkOWI2YWM1YzVlMWU3MTQ4YzQ1MmUyZmJmZDAxYWY3NTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohK5rFOITFCao8Gk8NErjYMBmw6P
mNM12OshQwZdHgK8Qat5x7fwEcp8kXcdHOC8QNY4QMXoDem+UTnCmuneos2X7+cD
9sWL6R/DPwhaOYyUD0cakFJzcYwhS3Ut1g1PVTBRMVkCTjvwWz5MSGn9DzWkiNiZ
LQ0uLXZ0wt4aPHMJMd9IAZLkiHX14gPqjpmriRfr3pZKo6PxSX4j6Npd2kLAVgPQ
PHJsJXOTF6BxDa+uNIRfGcHjRRIT3BnIbD9DagRxY0Va8uYwkuaPBz6ZLt2vKt+s
uh0vovkWGIioiwUisMcFlj4OZVaqG0KNCUTbeusS+Bw0cJrp6gvTgVr0/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHf3/tm2rFxeHnFIxFLi+/0Br3VfMB8GA1UdIwQY
MBaAFJPUPUmYaAkbvcR9la7hyQmfAFYgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazlROVNaaG9DUnU5eEgyVnJ1SEpDWjhBVmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82YjA4YzItNWMzYS00Mjg4LTg0NGIt
N2ZlNDJmZjRkY2Q4LzEvZF9mLTJiYXNYRjRlY1VqRVV1TDdfUUd2ZFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82YjA4YzItNWMzYS00Mjg4LTg0NGItN2ZlNDJmZjRkY2Q4
LzEvazlROVNaaG9DUnU5eEgyVnJ1SEpDWjhBVmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRzhMA0G
CSqGSIb3DQEBCwUAA4IBAQCqdrjawmRPhOG7tQFfQj39yCLKTfp4owMx/tQOQK4n
A870GiZ2v4f/+7QAmL30Dn8BG2VxJ5bsZ77obrqisHJLsfslNmeBy90ozip5/DKr
G+LeGCJTGUStKekHrWmR0MSoRwzUhfxC5jbjZAxpfLjcFMtx4EAWbs1Iv0XpUkv9
cVzkipmIsZPGehODIV9GRbSoZdg2rIuairHj7o/ROCx8fqxzPpC6eIBuPblWaSrQ
BqHlk2zBPsYKbR9pc3h00wQDZ2ghsQKMV8V3qm+I7Qr9IIsxWZFlU5EjSWrwgIH9
RQGqk35WEowRLf6x//GZHk9AtG2gnk8w5ht23DyYvilQ
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:46:03 2025 by rpki-client