Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/aKjmqm2DJ2EfaRG2CAg2q9YTguc.roa
File: aKjmqm2DJ2EfaRG2CAg2q9YTguc.roa (raw, json)
Hash identifier: lmYc7ArFDt/9efw/iJ2GmvrSQ8wNvBHpxPAHRuZKMMA=
Subject key identifier: 68:A8:E6:AA:6D:83:27:61:1F:69:11:B6:08:08:36:AB:D6:13:82:E7
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 019427B53824A428919A0119175E882C6392
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/aKjmqm2DJ2EfaRG2CAg2q9YTguc.roa
Signing time: Thu 02 Jan 2025 15:49:35 +0000
ROA not before: Thu 02 Jan 2025 15:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4601
IP address blocks: 147.189.216.0/21 maxlen: 21
193.5.16.0/22 maxlen: 22
193.5.19.0/24 maxlen: 24
2a0d:3dc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:38:24:a4:28:91:9a:01:19:17:5e:88:2c:63:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Jan 2 15:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68a8e6aa6d8327611f6911b6080836abd61382e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:36:f8:26:da:2e:4f:1e:30:83:cc:52:93:1a:
95:f5:19:6f:37:5f:56:31:93:71:27:67:92:43:d6:
4e:07:41:ae:72:58:d7:90:c3:7c:82:2d:bc:5b:70:
94:d4:eb:bd:b6:52:b7:5a:06:58:d8:fd:fc:f1:0b:
b9:8a:9b:b7:d1:d2:06:a9:ef:6e:35:2c:cb:46:7b:
2c:7e:0e:98:16:ae:3a:73:c6:85:f3:93:b4:52:01:
fa:92:b6:9a:e8:3b:a4:9f:c5:64:73:ec:82:e4:1c:
1c:43:04:d2:68:8f:a5:06:01:c1:48:15:50:4a:ee:
66:39:09:e5:98:b2:00:fb:da:f4:7d:92:b3:e1:00:
fc:a8:24:49:42:ae:46:5e:06:57:5b:dd:a4:17:2a:
57:40:5b:7d:fd:aa:91:92:e8:60:18:4d:87:05:07:
ac:b1:e4:7f:cf:f3:33:b6:48:c1:cd:08:2a:22:0b:
92:3a:dc:42:4e:fd:bb:55:c6:12:b0:a0:b6:af:3f:
ff:de:6b:75:9b:b9:6e:c7:9a:f0:3b:19:91:5f:4c:
62:26:3e:c6:2c:50:ac:f9:40:98:3f:03:b2:53:d3:
f9:19:77:08:76:11:e5:f9:7c:ad:02:f8:9b:c3:f4:
75:3f:79:b8:59:d4:a5:34:38:bd:7b:1b:92:bb:5e:
48:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A8:E6:AA:6D:83:27:61:1F:69:11:B6:08:08:36:AB:D6:13:82:E7
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/aKjmqm2DJ2EfaRG2CAg2q9YTguc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
0c:15:eb:d2:8d:54:69:14:60:c9:ac:59:36:16:ce:cd:91:27:
6a:f4:9c:e5:ed:7e:80:88:ca:81:8f:1b:9e:44:ee:c3:d6:5c:
ff:dc:f3:4b:08:ea:9b:ac:0b:91:0e:57:e5:ab:26:fa:e3:ae:
03:7b:57:99:cc:e7:3c:5f:50:1a:58:39:9e:00:d2:e1:5d:0f:
62:21:be:d9:17:5b:f9:ad:d2:9e:30:d6:d8:59:8d:04:90:28:
35:c0:ee:c4:a5:67:55:3f:cd:4a:1b:2a:00:3c:44:c8:d0:39:
80:ea:e0:ba:ff:25:96:91:42:94:76:c5:13:e5:60:80:4a:5c:
11:7a:a9:69:1d:51:48:5f:59:bb:03:d3:09:ff:7f:4a:b3:63:
73:1a:e4:45:1a:03:c1:2f:c8:86:f3:5b:fe:c2:b7:9d:d0:b8:
a1:de:3e:e0:a6:14:80:21:11:dc:9c:90:7b:bb:81:ee:89:69:
77:1e:3f:ac:3b:cb:92:b0:6c:40:8a:4e:c9:f3:e5:49:b9:07:
58:f9:e7:5b:d8:92:06:10:ce:6c:81:b1:4f:8b:0c:ac:61:13:
92:63:81:a5:0b:64:fc:8f:af:fe:f3:87:f7:35:aa:d3:d6:88:
b0:9e:9f:f9:72:37:c5:a7:1f:b7:fb:31:0f:da:bb:4f:6b:88:
a2:cc:b7:a1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQntTgkpCiRmgEZF16ILGOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjUwMTAyMTU0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGE4ZTZhYTZkODMyNzYxMWY2OTExYjYwODA4MzZhYmQ2MTM4MmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zb4JtouTx4wg8xSkxqV9RlvN19W
MZNxJ2eSQ9ZOB0GucljXkMN8gi28W3CU1Ou9tlK3WgZY2P388Qu5ipu30dIGqe9u
NSzLRnssfg6YFq46c8aF85O0UgH6kraa6Dukn8Vkc+yC5BwcQwTSaI+lBgHBSBVQ
Su5mOQnlmLIA+9r0fZKz4QD8qCRJQq5GXgZXW92kFypXQFt9/aqRkuhgGE2HBQes
seR/z/MztkjBzQgqIguSOtxCTv27VcYSsKC2rz//3mt1m7lux5rwOxmRX0xiJj7G
LFCs+UCYPwOyU9P5GXcIdhHl+XytAvibw/R1P3m4WdSlNDi9exuSu15I/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGio5qptgydhH2kRtggINqvWE4LnMB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvYUtqbXFtMkRKMkVmYVJHMkNBZzJxOVlUZ3VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQAMFevSjVRpFGDJ
rFk2Fs7NkSdq9Jzl7X6AiMqBjxueRO7D1lz/3PNLCOqbrAuRDlflqyb6464De1eZ
zOc8X1AaWDmeANLhXQ9iIb7ZF1v5rdKeMNbYWY0EkCg1wO7EpWdVP81KGyoAPETI
0DmA6uC6/yWWkUKUdsUT5WCASlwReqlpHVFIX1m7A9MJ/39Ks2NzGuRFGgPBL8iG
81v+wred0Lih3j7gphSAIRHcnJB7u4HuiWl3Hj+sO8uSsGxAik7J8+VJuQdY+edb
2JIGEM5sgbFPiwysYROSY4GlC2T8j6/+84f3NarT1oiwnp/5cjfFpx+3+zEP2rtP
a4iizLeh
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:58:11 2025 by rpki-client