Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/qETAb5lD2BrwBYgFKn4sRpjJsG8.roa
File: qETAb5lD2BrwBYgFKn4sRpjJsG8.roa (raw, json)
Hash identifier: Em0GPd0fn0KOq831hF45Qbt3KIaRXBZcA1yb4F500Ec=
Subject key identifier: A8:44:C0:6F:99:43:D8:1A:F0:05:88:05:2A:7E:2C:46:98:C9:B0:6F
Certificate issuer: /CN=d83713fd7b4cdfa6cba016a87eaf8b31c891beb0
Certificate serial: 019457AF92814AE0DF74EE5B1C22311EA752
Authority key identifier: D8:37:13:FD:7B:4C:DF:A6:CB:A0:16:A8:7E:AF:8B:31:C8:91:BE:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DcT_XtM36bLoBaofq-LMciRvrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/qETAb5lD2BrwBYgFKn4sRpjJsG8.roa
Signing time: Sat 11 Jan 2025 23:25:11 +0000
ROA not before: Sat 11 Jan 2025 23:25:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211444
IP address blocks: 193.58.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:57:af:92:81:4a:e0:df:74:ee:5b:1c:22:31:1e:a7:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d83713fd7b4cdfa6cba016a87eaf8b31c891beb0
Validity
Not Before: Jan 11 23:25:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a844c06f9943d81af00588052a7e2c4698c9b06f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:aa:b7:5a:4c:83:89:a7:fb:c9:c1:a5:ef:b8:
4b:a6:81:67:80:5c:5a:ed:08:45:b9:61:07:a7:19:
aa:3b:22:1a:fa:a4:33:c6:97:38:a5:fb:75:26:e4:
45:cf:97:54:7c:08:a7:e4:3c:24:e7:9f:b1:9e:f2:
4f:16:eb:46:dd:b0:a8:06:7b:88:fe:00:f1:4f:13:
b2:c3:1f:33:3a:63:0f:74:67:06:bb:43:91:6d:26:
1c:44:c5:62:c3:85:0f:27:17:42:71:97:a3:66:80:
e8:09:3d:d7:e9:94:e9:6f:d7:05:ce:68:6e:23:a5:
17:32:f3:9a:6e:de:f2:ac:1e:41:fb:41:f7:76:b8:
7d:c4:33:06:7f:55:f7:dc:92:b1:ed:9e:79:47:6f:
6d:61:d5:16:aa:0e:20:e1:76:66:73:95:46:98:9d:
1e:a9:b6:5c:cd:5f:c3:fc:54:5d:ac:95:b9:0d:6d:
1a:1d:d1:d4:52:3b:e7:51:88:73:5e:43:fa:e3:a2:
23:6c:50:95:cb:46:8e:fb:96:07:e0:7b:cb:ec:ae:
d3:c0:b9:17:ec:36:9d:33:ae:f7:7e:23:53:df:8b:
e3:e5:fc:a9:f2:29:90:b2:97:ee:ce:15:22:d6:5b:
18:32:99:c9:30:d1:e2:15:9f:90:69:b4:89:d0:1a:
d7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:44:C0:6F:99:43:D8:1A:F0:05:88:05:2A:7E:2C:46:98:C9:B0:6F
X509v3 Authority Key Identifier:
keyid:D8:37:13:FD:7B:4C:DF:A6:CB:A0:16:A8:7E:AF:8B:31:C8:91:BE:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DcT_XtM36bLoBaofq-LMciRvrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/qETAb5lD2BrwBYgFKn4sRpjJsG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/2DcT_XtM36bLoBaofq-LMciRvrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.118.0/24
Signature Algorithm: sha256WithRSAEncryption
41:69:2e:f0:07:95:60:53:62:f0:fc:c6:08:79:c1:fd:61:6a:
74:c3:b4:c6:a8:aa:c6:d7:3f:2a:41:aa:9f:cb:15:d9:41:b4:
a3:00:44:25:10:ad:11:9f:26:fd:11:ea:30:e0:83:63:c7:a5:
73:cb:13:d4:74:7c:74:2c:93:7e:43:f6:6a:9b:11:db:bf:0a:
3a:f8:de:a3:27:1f:d6:3b:83:67:91:75:2a:36:2a:44:50:e5:
57:3c:ab:8c:b5:96:0b:df:68:3d:d7:8f:40:9d:ba:11:72:2e:
fa:55:ce:79:3c:53:f5:e2:05:5a:ad:a2:6a:e4:8e:80:25:6b:
6b:3c:70:21:68:c8:68:82:17:f9:c3:4f:7e:8c:41:bf:27:66:
96:72:2c:5c:d6:c5:f2:b1:78:9d:50:1c:2c:44:b2:27:b6:ab:
2e:e3:80:92:f1:b8:2a:69:d2:23:48:5f:4c:e0:22:26:b9:94:
74:05:34:f0:70:ef:af:66:89:c2:b6:64:43:5b:52:83:e7:7c:
66:e9:f1:56:28:cc:1b:26:18:fe:e6:9e:03:81:c0:6b:76:ef:
65:8e:81:1d:ed:0c:d9:e3:a4:75:6e:06:e8:ed:af:6a:b1:2c:
35:5d:8c:1e:b1:93:8a:8a:4d:2c:82:4d:1b:9c:bc:90:39:cf:
ad:b9:54:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRXr5KBSuDfdO5bHCIxHqdSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzcxM2ZkN2I0Y2RmYTZjYmEwMTZhODdlYWY4YjMxYzg5
MWJlYjAwHhcNMjUwMTExMjMyNTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODQ0YzA2Zjk5NDNkODFhZjAwNTg4MDUyYTdlMmM0Njk4YzliMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26q3WkyDiaf7ycGl77hLpoFngFxa
7QhFuWEHpxmqOyIa+qQzxpc4pft1JuRFz5dUfAin5Dwk55+xnvJPFutG3bCoBnuI
/gDxTxOywx8zOmMPdGcGu0ORbSYcRMViw4UPJxdCcZejZoDoCT3X6ZTpb9cFzmhu
I6UXMvOabt7yrB5B+0H3drh9xDMGf1X33JKx7Z55R29tYdUWqg4g4XZmc5VGmJ0e
qbZczV/D/FRdrJW5DW0aHdHUUjvnUYhzXkP646IjbFCVy0aO+5YH4HvL7K7TwLkX
7DadM673fiNT34vj5fyp8imQspfuzhUi1lsYMpnJMNHiFZ+QabSJ0BrX/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKhEwG+ZQ9ga8AWIBSp+LEaYybBvMB8GA1UdIwQY
MBaAFNg3E/17TN+my6AWqH6vizHIkb6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRjVF9YdE0zNmJMb0Jhb2ZxLUxNY2lSdnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8yZDIxMDktY2ZiOC00MzI1LWEwZTMt
MDU4Nzg1YjRhOTZlLzEvcUVUQWI1bEQyQnJ3QllnRktuNHNScGpKc0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8yZDIxMDktY2ZiOC00MzI1LWEwZTMtMDU4Nzg1YjRhOTZl
LzEvMkRjVF9YdE0zNmJMb0Jhb2ZxLUxNY2lSdnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTp2MA0G
CSqGSIb3DQEBCwUAA4IBAQBBaS7wB5VgU2Lw/MYIecH9YWp0w7TGqKrG1z8qQaqf
yxXZQbSjAEQlEK0Rnyb9Eeow4INjx6VzyxPUdHx0LJN+Q/ZqmxHbvwo6+N6jJx/W
O4NnkXUqNipEUOVXPKuMtZYL32g9149AnboRci76Vc55PFP14gVaraJq5I6AJWtr
PHAhaMhoghf5w09+jEG/J2aWcixc1sXysXidUBwsRLIntqsu44CS8bgqadIjSF9M
4CImuZR0BTTwcO+vZonCtmRDW1KD53xm6fFWKMwbJhj+5p4DgcBrdu9ljoEd7QzZ
46R1bgbo7a9qsSw1XYwesZOKik0sgk0bnLyQOc+tuVSk
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:31:35 2025 by rpki-client