Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/965826-eb93-470e-b67a-64e52b9dd8d1/1/pkoA1nbX0r8lwiVwxbfu80R8kOU.roa
File: pkoA1nbX0r8lwiVwxbfu80R8kOU.roa (raw, json)
Hash identifier: dAPrEkvaKQk5s5Z7WHpV1G3F1Sw4lOg/QTiasC7ZX1U=
Subject key identifier: A6:4A:00:D6:76:D7:D2:BF:25:C2:25:70:C5:B7:EE:F3:44:7C:90:E5
Certificate issuer: /CN=854bb7aa3908c998de3c42f7e1849538b0592617
Certificate serial: 019420D618A3A7DCB39554DB138604CD37A2
Authority key identifier: 85:4B:B7:AA:39:08:C9:98:DE:3C:42:F7:E1:84:95:38:B0:59:26:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUu3qjkIyZjePEL34YSVOLBZJhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/965826-eb93-470e-b67a-64e52b9dd8d1/1/pkoA1nbX0r8lwiVwxbfu80R8kOU.roa
Signing time: Wed 01 Jan 2025 07:48:09 +0000
ROA not before: Wed 01 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39522
IP address blocks: 193.36.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:18:a3:a7:dc:b3:95:54:db:13:86:04:cd:37:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854bb7aa3908c998de3c42f7e1849538b0592617
Validity
Not Before: Jan 1 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a64a00d676d7d2bf25c22570c5b7eef3447c90e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d7:ec:da:0a:b0:58:b1:31:fb:bb:4c:84:a3:
e9:73:db:38:48:75:74:52:9b:c0:9e:5a:d1:33:a1:
54:eb:be:4d:63:f6:04:a5:d4:33:b6:c6:29:4f:68:
4d:4e:92:2e:32:0b:80:7b:5f:5d:83:78:46:17:d9:
3c:54:7b:05:a4:27:11:a5:b2:d9:d7:a9:07:76:03:
9e:c6:62:f1:b4:fe:82:5b:ce:49:e0:e1:b1:cd:ea:
e0:cd:6f:65:7d:f5:c1:7c:25:39:b8:17:e1:b5:13:
87:ed:39:02:6e:3b:40:9a:cc:ce:eb:24:c1:a2:e6:
8c:29:71:c0:4f:13:f9:8d:22:19:ba:96:62:0d:15:
1b:81:06:85:c1:5e:b9:fd:ca:5d:ba:39:f7:8d:db:
39:8b:b6:ca:2c:fc:31:2d:44:ae:59:e6:2b:4e:6a:
df:24:1b:d2:39:3c:eb:3d:9d:6d:03:b9:07:13:12:
13:68:03:12:62:39:09:20:16:78:3b:fe:69:a1:d7:
5b:fd:80:8f:54:f7:28:b2:d5:96:39:3b:21:af:25:
c7:66:d8:f2:73:86:62:82:cb:54:8a:f6:bd:74:27:
a9:21:36:da:ce:ae:45:7e:cb:81:48:89:59:64:c6:
3c:41:46:4a:81:60:a8:44:8c:df:1b:c0:2f:52:be:
fc:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:4A:00:D6:76:D7:D2:BF:25:C2:25:70:C5:B7:EE:F3:44:7C:90:E5
X509v3 Authority Key Identifier:
keyid:85:4B:B7:AA:39:08:C9:98:DE:3C:42:F7:E1:84:95:38:B0:59:26:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUu3qjkIyZjePEL34YSVOLBZJhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/965826-eb93-470e-b67a-64e52b9dd8d1/1/pkoA1nbX0r8lwiVwxbfu80R8kOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/965826-eb93-470e-b67a-64e52b9dd8d1/1/hUu3qjkIyZjePEL34YSVOLBZJhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.33.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:0b:e3:fe:7b:49:6b:9f:c1:f7:0e:db:36:fa:b6:c0:80:67:
95:d3:7d:5a:a7:88:8e:6e:4f:79:b1:5a:71:9a:e5:76:a8:45:
b5:fe:c5:59:80:11:48:d3:7d:c3:75:be:1d:99:71:57:ef:98:
66:12:d5:2c:4c:7e:c6:87:be:ee:dc:dd:40:d7:fa:60:58:ca:
5a:20:d3:e5:46:e1:08:dd:ad:ac:96:90:d3:25:40:95:8e:88:
ba:8c:0b:fa:30:5a:9f:fb:b5:8a:9a:ec:39:a4:91:57:35:aa:
2d:bd:5b:e8:0c:1a:72:4e:1a:0c:7d:b5:72:40:aa:18:8f:a9:
e8:b2:a3:83:47:82:84:8f:60:d1:01:b3:94:90:85:54:ba:d0:
10:21:3b:c2:23:2b:c0:6e:66:b3:3b:3e:3d:42:04:19:72:c8:
6b:58:31:93:09:e6:b2:87:95:54:db:e9:65:e1:e6:f7:c6:b8:
9b:97:19:56:19:52:7d:16:57:55:75:f2:66:f5:a6:4f:a7:83:
13:f1:a3:34:53:63:5b:ac:7f:51:46:67:8f:8e:b4:6e:bc:19:
6e:43:42:a3:36:b8:a5:0f:8b:71:ec:3f:a7:9f:4c:05:1f:6e:
26:a7:64:33:55:18:20:e2:f3:e4:25:6a:cf:b7:20:9c:47:ad:
9f:47:77:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1hijp9yzlVTbE4YEzTeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGJiN2FhMzkwOGM5OThkZTNjNDJmN2UxODQ5NTM4YjA1
OTI2MTcwHhcNMjUwMTAxMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjRhMDBkNjc2ZDdkMmJmMjVjMjI1NzBjNWI3ZWVmMzQ0N2M5MGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptfs2gqwWLEx+7tMhKPpc9s4SHV0
UpvAnlrRM6FU675NY/YEpdQztsYpT2hNTpIuMguAe19dg3hGF9k8VHsFpCcRpbLZ
16kHdgOexmLxtP6CW85J4OGxzergzW9lffXBfCU5uBfhtROH7TkCbjtAmszO6yTB
ouaMKXHATxP5jSIZupZiDRUbgQaFwV65/cpdujn3jds5i7bKLPwxLUSuWeYrTmrf
JBvSOTzrPZ1tA7kHExITaAMSYjkJIBZ4O/5poddb/YCPVPcostWWOTshryXHZtjy
c4ZigstUiva9dCepITbazq5FfsuBSIlZZMY8QUZKgWCoRIzfG8AvUr78iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZKANZ219K/JcIlcMW37vNEfJDlMB8GA1UdIwQY
MBaAFIVLt6o5CMmY3jxC9+GElTiwWSYXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV1M3Fqa0l5WmplUEVMMzRZU1ZPTEJaSmhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NjU4MjYtZWI5My00NzBlLWI2N2Et
NjRlNTJiOWRkOGQxLzEvcGtvQTFuYlgwcjhsd2lWd3hiZnU4MFI4a09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NjU4MjYtZWI5My00NzBlLWI2N2EtNjRlNTJiOWRkOGQx
LzEvaFV1M3Fqa0l5WmplUEVMMzRZU1ZPTEJaSmhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSQhMA0G
CSqGSIb3DQEBCwUAA4IBAQCOC+P+e0lrn8H3Dts2+rbAgGeV031ap4iObk95sVpx
muV2qEW1/sVZgBFI033Ddb4dmXFX75hmEtUsTH7Gh77u3N1A1/pgWMpaINPlRuEI
3a2slpDTJUCVjoi6jAv6MFqf+7WKmuw5pJFXNaotvVvoDBpyThoMfbVyQKoYj6no
sqODR4KEj2DRAbOUkIVUutAQITvCIyvAbmazOz49QgQZcshrWDGTCeayh5VU2+ll
4eb3xriblxlWGVJ9FldVdfJm9aZPp4MT8aM0U2NbrH9RRmePjrRuvBluQ0KjNril
D4tx7D+nn0wFH24mp2QzVRgg4vPkJWrPtyCcR62fR3di
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:14:18 2025 by rpki-client