Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/4f08a5-432f-48fc-bd8b-fb71bd4545b0/1/f3Dh_2Y-zNZkcN90_TpfLSQTddk.roa
File: f3Dh_2Y-zNZkcN90_TpfLSQTddk.roa (raw, json)
Hash identifier: vypiT7TdTiicDqreOdfVGNkJ1vOMr5vmxtAo64EoIdw=
Subject key identifier: 7F:70:E1:FF:66:3E:CC:D6:64:70:DF:74:FD:3A:5F:2D:24:13:75:D9
Certificate issuer: /CN=c098914cb0a945440f84deaf3f3d97fc77fd26ce
Certificate serial: 0194228E2C86821467C93998D042CC5F5C1A
Authority key identifier: C0:98:91:4C:B0:A9:45:44:0F:84:DE:AF:3F:3D:97:FC:77:FD:26:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wJiRTLCpRUQPhN6vPz2X_Hf9Js4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/4f08a5-432f-48fc-bd8b-fb71bd4545b0/1/f3Dh_2Y-zNZkcN90_TpfLSQTddk.roa
Signing time: Wed 01 Jan 2025 15:48:50 +0000
ROA not before: Wed 01 Jan 2025 15:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 193.25.16.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:2c:86:82:14:67:c9:39:98:d0:42:cc:5f:5c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c098914cb0a945440f84deaf3f3d97fc77fd26ce
Validity
Not Before: Jan 1 15:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f70e1ff663eccd66470df74fd3a5f2d241375d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:34:05:b6:1b:13:f9:7f:5d:28:8f:a0:00:8a:
3e:6e:50:ce:5f:df:c8:38:13:8e:ca:a8:7c:cc:45:
20:57:ea:7e:fd:0a:4d:d4:74:63:6f:b5:ca:1a:20:
04:6e:5f:ba:c1:32:3d:f8:2b:65:f7:b1:54:e9:df:
44:2e:f6:73:24:d0:3c:33:8d:f9:0c:dd:6b:e9:88:
fd:9f:11:6e:90:2e:58:7d:20:58:86:70:74:00:22:
f0:fd:d4:48:fc:6c:6e:cf:1e:b4:84:d7:4b:78:25:
bd:75:96:cb:a0:6c:ea:1b:8f:35:bb:86:ed:7c:43:
5c:30:8c:ad:3b:4a:a4:5e:90:bb:43:c4:01:cc:8b:
d2:12:a5:5b:2c:e0:d2:44:10:a3:7a:52:a8:6b:d8:
94:b4:82:0c:5f:50:63:6e:a1:0b:62:82:6b:b0:eb:
3b:65:32:87:3e:a9:68:81:c6:cb:45:8c:2a:2e:80:
0d:e6:98:eb:5e:2e:65:2a:8d:a9:f5:8f:86:a0:c2:
3c:fe:09:4d:a4:c3:fe:1e:ae:ea:d4:fa:84:58:55:
d3:83:46:81:0a:cc:91:b8:c3:45:ff:10:30:c8:38:
0f:cb:3f:0e:21:47:e2:11:f3:51:3a:e8:37:5d:0b:
0c:cb:c8:78:03:e7:9a:ef:5f:7d:36:11:8e:92:d4:
12:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:70:E1:FF:66:3E:CC:D6:64:70:DF:74:FD:3A:5F:2D:24:13:75:D9
X509v3 Authority Key Identifier:
keyid:C0:98:91:4C:B0:A9:45:44:0F:84:DE:AF:3F:3D:97:FC:77:FD:26:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJiRTLCpRUQPhN6vPz2X_Hf9Js4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/4f08a5-432f-48fc-bd8b-fb71bd4545b0/1/f3Dh_2Y-zNZkcN90_TpfLSQTddk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/4f08a5-432f-48fc-bd8b-fb71bd4545b0/1/wJiRTLCpRUQPhN6vPz2X_Hf9Js4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.25.16.0/20
Signature Algorithm: sha256WithRSAEncryption
22:48:71:27:d8:d2:2d:71:03:47:f5:b8:59:88:4e:db:88:cb:
6d:3e:09:42:41:50:97:0e:35:4f:b4:fb:15:ce:ca:a9:a2:9e:
1d:ee:e1:73:5a:27:67:a0:85:c5:7e:be:2f:ef:57:83:25:a3:
ed:41:d0:af:69:23:ce:ef:7f:a5:24:f2:0d:99:20:b6:3d:88:
f6:7f:1f:57:32:9d:19:b3:e6:79:a8:f7:03:04:92:33:28:d4:
20:8d:0e:cd:7e:78:4c:ee:5b:9a:7a:95:25:39:c1:0a:7f:f7:
71:2a:ea:b1:20:49:bc:0a:06:32:a8:61:9c:36:12:e6:6c:39:
df:ce:67:e8:45:08:9e:68:47:84:b0:74:f0:e9:88:95:2c:b0:
11:23:93:48:c7:0c:a1:a3:91:c9:b7:af:b7:7c:a0:df:c6:fd:
9c:7d:05:3e:d4:51:96:16:22:30:94:85:68:3e:f4:5d:9d:61:
7b:86:ac:bf:1d:40:6d:c3:01:26:1f:71:73:5c:cd:19:ab:04:
b7:c8:a9:fd:57:94:fb:04:41:59:88:7d:ee:63:04:21:f5:29:
fa:63:39:e2:15:33:ef:f9:c0:8e:01:1f:01:2d:c1:51:d7:ec:
14:47:62:4a:0b:97:19:17:2d:a9:39:81:c1:fd:c2:9d:43:6f:
c0:7e:f6:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijiyGghRnyTmY0ELMX1waMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOTg5MTRjYjBhOTQ1NDQwZjg0ZGVhZjNmM2Q5N2ZjNzdm
ZDI2Y2UwHhcNMjUwMTAxMTU0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjcwZTFmZjY2M2VjY2Q2NjQ3MGRmNzRmZDNhNWYyZDI0MTM3NWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzQFthsT+X9dKI+gAIo+blDOX9/I
OBOOyqh8zEUgV+p+/QpN1HRjb7XKGiAEbl+6wTI9+Ctl97FU6d9ELvZzJNA8M435
DN1r6Yj9nxFukC5YfSBYhnB0ACLw/dRI/Gxuzx60hNdLeCW9dZbLoGzqG481u4bt
fENcMIytO0qkXpC7Q8QBzIvSEqVbLODSRBCjelKoa9iUtIIMX1BjbqELYoJrsOs7
ZTKHPqlogcbLRYwqLoAN5pjrXi5lKo2p9Y+GoMI8/glNpMP+Hq7q1PqEWFXTg0aB
CsyRuMNF/xAwyDgPyz8OIUfiEfNROug3XQsMy8h4A+ea7199NhGOktQSVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH9w4f9mPszWZHDfdP06Xy0kE3XZMB8GA1UdIwQY
MBaAFMCYkUywqUVED4Terz89l/x3/SbOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0ppUlRMQ3BSVVFQaE42dlB6MlhfSGY5SnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny80ZjA4YTUtNDMyZi00OGZjLWJkOGIt
ZmI3MWJkNDU0NWIwLzEvZjNEaF8yWS16TlprY045MF9UcGZMU1FUZGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny80ZjA4YTUtNDMyZi00OGZjLWJkOGItZmI3MWJkNDU0NWIw
LzEvd0ppUlRMQ3BSVVFQaE42dlB6MlhfSGY5SnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwRkQMA0G
CSqGSIb3DQEBCwUAA4IBAQAiSHEn2NItcQNH9bhZiE7biMttPglCQVCXDjVPtPsV
zsqpop4d7uFzWidnoIXFfr4v71eDJaPtQdCvaSPO73+lJPINmSC2PYj2fx9XMp0Z
s+Z5qPcDBJIzKNQgjQ7NfnhM7luaepUlOcEKf/dxKuqxIEm8CgYyqGGcNhLmbDnf
zmfoRQieaEeEsHTw6YiVLLARI5NIxwyho5HJt6+3fKDfxv2cfQU+1FGWFiIwlIVo
PvRdnWF7hqy/HUBtwwEmH3FzXM0ZqwS3yKn9V5T7BEFZiH3uYwQh9Sn6YzniFTPv
+cCOAR8BLcFR1+wUR2JKC5cZFy2pOYHB/cKdQ2/Afvao
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:27:14 2025 by rpki-client