Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/gD2PrMpYBnq5bkywvcg86wYgyi0.roa
File: gD2PrMpYBnq5bkywvcg86wYgyi0.roa (raw, json)
Hash identifier: ZloCpzZ4hxZcPRO4MDOIHc0MdVfMRoHKIu3JaQVOrkU=
Subject key identifier: 80:3D:8F:AC:CA:58:06:7A:B9:6E:4C:B0:BD:C8:3C:EB:06:20:CA:2D
Certificate issuer: /CN=30309941a6d84fa4dbddaf0f4ecd99f9f043cfdc
Certificate serial: 019423D6D4E21D60C23B42ADD762DA8F6522
Authority key identifier: 30:30:99:41:A6:D8:4F:A4:DB:DD:AF:0F:4E:CD:99:F9:F0:43:CF:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/gD2PrMpYBnq5bkywvcg86wYgyi0.roa
Signing time: Wed 01 Jan 2025 21:47:49 +0000
ROA not before: Wed 01 Jan 2025 21:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206994
IP address blocks: 193.5.147.0/24 maxlen: 24
2a0c:8180::/29 maxlen: 29
2a0c:8187::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:d4:e2:1d:60:c2:3b:42:ad:d7:62:da:8f:65:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30309941a6d84fa4dbddaf0f4ecd99f9f043cfdc
Validity
Not Before: Jan 1 21:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=803d8facca58067ab96e4cb0bdc83ceb0620ca2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f2:18:e2:0d:a4:2c:05:60:8f:7e:aa:94:d3:
7f:06:c9:4f:f4:34:4d:64:86:4b:5a:c3:24:55:9c:
f6:6f:b2:43:a4:df:e7:30:b3:a6:9a:40:19:e7:df:
7b:6f:b1:8d:34:5c:b5:34:f6:75:f8:c3:cf:96:78:
63:af:61:46:81:4f:e9:16:4c:88:dc:e2:5e:85:98:
43:e5:53:63:dd:03:f9:e9:72:84:10:6b:5c:f2:77:
bf:59:a8:33:ed:07:44:cc:5e:b8:1a:d0:d0:5f:4e:
f6:fa:8e:47:75:c5:e3:df:49:2a:4f:20:f1:63:22:
53:1f:32:97:61:3a:01:47:7c:83:cf:d8:03:5a:8d:
fd:cb:0b:c8:eb:93:e2:fd:1f:7b:39:da:2a:2b:12:
c2:0b:e6:4c:a5:ba:51:a3:c1:e1:2c:0e:1f:1c:29:
9f:e8:18:bf:f4:62:62:1b:67:8c:5c:92:1b:be:33:
3b:06:57:01:8d:ac:5f:49:29:6a:4d:b0:d2:51:b5:
c0:09:3c:3d:d6:5f:b1:53:71:56:f4:8f:a4:3c:5a:
d5:d9:58:d2:df:1f:f8:34:ef:b0:14:3c:c1:42:11:
2b:81:c5:91:c7:c7:97:53:d0:17:e0:7f:84:c5:bc:
9a:c6:ad:94:8c:2c:a1:aa:52:3c:5e:3a:57:69:1d:
b8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:3D:8F:AC:CA:58:06:7A:B9:6E:4C:B0:BD:C8:3C:EB:06:20:CA:2D
X509v3 Authority Key Identifier:
keyid:30:30:99:41:A6:D8:4F:A4:DB:DD:AF:0F:4E:CD:99:F9:F0:43:CF:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/gD2PrMpYBnq5bkywvcg86wYgyi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.147.0/24
IPv6:
2a0c:8180::/29
Signature Algorithm: sha256WithRSAEncryption
31:bc:40:53:99:70:6d:96:94:fb:45:f9:53:ee:e2:a9:97:65:
ea:4f:59:05:ff:6b:70:4a:00:d1:ef:e8:28:05:81:cf:d7:a1:
46:ed:4a:83:0e:87:3f:a1:64:a8:c2:85:d8:c5:5d:b2:cb:98:
2f:e4:db:7d:2e:30:31:1e:f8:2d:5f:8e:9d:ad:57:2d:5e:7f:
7a:1a:c0:4f:16:b8:bd:2d:8f:d1:68:8b:fc:e2:99:90:dc:e5:
fa:02:37:7b:d6:64:8d:ef:02:d6:9d:e8:f0:a5:dd:72:f2:30:
10:87:3a:41:13:b9:34:60:69:c2:78:90:8e:b9:62:f4:c8:62:
e7:c1:2c:e0:4f:bb:4a:cd:9a:be:b9:40:e1:cc:ab:0b:68:b9:
6a:b0:68:bb:05:c7:01:8a:12:83:8d:87:3b:6b:57:d5:89:8d:
c4:d0:54:ed:78:59:ab:51:a3:28:ce:4a:31:4a:d6:f7:cd:71:
4f:a2:c1:87:32:6d:ac:d3:1b:e0:4a:d3:4c:6b:68:43:00:ad:
63:e6:74:87:f8:20:1e:d0:c4:b0:35:98:e0:2f:71:51:07:b1:
78:ef:11:29:05:44:e5:30:6e:f5:87:4f:82:27:8c:5c:ab:6f:
99:fe:31:ee:8b:40:ab:d8:ab:47:5c:fb:ae:44:17:b6:0c:58:
47:2e:ed:26
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1tTiHWDCO0Kt12Laj2UiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMzA5OTQxYTZkODRmYTRkYmRkYWYwZjRlY2Q5OWY5ZjA0
M2NmZGMwHhcNMjUwMTAxMjE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDNkOGZhY2NhNTgwNjdhYjk2ZTRjYjBiZGM4M2NlYjA2MjBjYTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPIY4g2kLAVgj36qlNN/BslP9DRN
ZIZLWsMkVZz2b7JDpN/nMLOmmkAZ5997b7GNNFy1NPZ1+MPPlnhjr2FGgU/pFkyI
3OJehZhD5VNj3QP56XKEEGtc8ne/Wagz7QdEzF64GtDQX072+o5HdcXj30kqTyDx
YyJTHzKXYToBR3yDz9gDWo39ywvI65Pi/R97OdoqKxLCC+ZMpbpRo8HhLA4fHCmf
6Bi/9GJiG2eMXJIbvjM7BlcBjaxfSSlqTbDSUbXACTw91l+xU3FW9I+kPFrV2VjS
3x/4NO+wFDzBQhErgcWRx8eXU9AX4H+Exbyaxq2UjCyhqlI8XjpXaR24JwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIA9j6zKWAZ6uW5MsL3IPOsGIMotMB8GA1UdIwQY
MBaAFDAwmUGm2E+k292vD07NmfnwQ8/cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTURDWlFhYllUNlRiM2E4UFRzMlotZkJEejl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mMWFmOTAtMzU1Yy00ODRiLWI5MjMt
ZDMxZDRjYjFiMTI5LzEvZ0QyUHJNcFlCbnE1Ymt5d3ZjZzg2d1lneWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9mMWFmOTAtMzU1Yy00ODRiLWI5MjMtZDMxZDRjYjFiMTI5
LzEvTURDWlFhYllUNlRiM2E4UFRzMlotZkJEejl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwQWTMA0E
AgACMAcDBQMqDIGAMA0GCSqGSIb3DQEBCwUAA4IBAQAxvEBTmXBtlpT7RflT7uKp
l2XqT1kF/2twSgDR7+goBYHP16FG7UqDDoc/oWSowoXYxV2yy5gv5Nt9LjAxHvgt
X46drVctXn96GsBPFri9LY/RaIv84pmQ3OX6Ajd71mSN7wLWnejwpd1y8jAQhzpB
E7k0YGnCeJCOuWL0yGLnwSzgT7tKzZq+uUDhzKsLaLlqsGi7BccBihKDjYc7a1fV
iY3E0FTteFmrUaMozkoxStb3zXFPosGHMm2s0xvgStNMa2hDAK1j5nSH+CAe0MSw
NZjgL3FRB7F47xEpBUTlMG71h0+CJ4xcq2+Z/jHui0Cr2KtHXPuuRBe2DFhHLu0m
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:02:03 2025 by rpki-client