Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/eZeH1iCaJCqVSM-iEx9uMe6pR7s.roa
File: eZeH1iCaJCqVSM-iEx9uMe6pR7s.roa (raw, json)
Hash identifier: rqwN44hH8sdKM+nwnj0SNae9MB6yS4MWbE4dyJjYG2Y=
Subject key identifier: 79:97:87:D6:20:9A:24:2A:95:48:CF:A2:13:1F:6E:31:EE:A9:47:BB
Certificate issuer: /CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Certificate serial: 019425FC0D1E35AB808011671631922C67D4
Authority key identifier: 32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/eZeH1iCaJCqVSM-iEx9uMe6pR7s.roa
Signing time: Thu 02 Jan 2025 07:47:42 +0000
ROA not before: Thu 02 Jan 2025 07:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 147.189.18.0/24 maxlen: 24
147.189.19.0/24 maxlen: 24
147.189.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:0d:1e:35:ab:80:80:11:67:16:31:92:2c:67:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Validity
Not Before: Jan 2 07:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=799787d6209a242a9548cfa2131f6e31eea947bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:06:b0:8b:46:e4:59:18:74:f3:5d:e7:a7:2a:
68:08:f6:ad:cc:ed:af:49:0a:c9:73:c4:8c:78:7c:
6f:e0:0d:57:89:51:70:d6:8c:08:93:f4:2e:8d:a1:
e1:90:54:1a:4c:ff:8b:89:6c:b9:bf:6c:aa:48:91:
66:92:4d:da:93:92:a5:ca:31:67:87:2f:1f:20:9f:
d9:2e:0c:28:e0:f9:4d:80:bb:ec:7a:c4:91:1b:18:
ea:18:95:5c:fa:b7:0c:dc:0a:39:5c:60:cd:52:13:
09:64:2b:5a:1c:9c:53:20:f9:fe:2c:54:c2:fb:35:
e6:cd:a1:96:55:ea:ac:46:14:90:87:0d:d4:5c:97:
73:f0:6b:e9:f7:ae:8b:1e:f3:ae:5f:30:4a:a1:c7:
9e:bb:01:b8:00:1f:6c:c2:1d:c2:f5:0a:f8:9d:b2:
78:21:c6:84:1f:c8:22:77:49:5c:dd:26:ec:47:c3:
4a:04:c6:cf:f4:90:95:b0:dd:67:1b:e5:2c:0b:dc:
2d:92:8f:0e:25:6e:25:75:72:3b:31:06:d9:4b:d9:
6a:a7:38:b7:ba:f6:b8:08:f2:e4:38:d1:a1:fb:6d:
2b:dc:cf:63:72:b4:b1:55:b1:0d:40:7c:7d:0a:3f:
de:f8:d3:cb:54:88:68:bc:b5:1e:66:2a:c3:59:cb:
0f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:97:87:D6:20:9A:24:2A:95:48:CF:A2:13:1F:6E:31:EE:A9:47:BB
X509v3 Authority Key Identifier:
keyid:32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/eZeH1iCaJCqVSM-iEx9uMe6pR7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.18.0-147.189.20.255
Signature Algorithm: sha256WithRSAEncryption
3a:5b:0f:36:b7:d7:3c:b4:1b:5a:52:3f:6f:1d:23:86:c2:c6:
c2:fb:96:2f:da:64:25:f9:59:16:c2:a9:e4:51:c4:90:53:81:
ec:35:fb:67:91:04:db:33:a2:5d:73:a4:f0:fd:15:37:45:e1:
bf:4d:4e:51:c8:0c:74:65:2e:e0:21:0a:b6:35:d7:61:fc:40:
78:0b:a1:00:4a:1f:d5:44:6f:07:50:94:88:34:86:3b:d1:64:
1d:c5:f9:5b:65:8b:cd:9b:5d:ab:1c:18:02:e4:5f:a4:63:6f:
16:9a:84:ed:44:cb:e3:3a:87:90:22:ab:47:95:10:71:60:c7:
a4:a7:8f:44:1f:8a:6c:13:dc:95:52:6a:24:c6:2d:ca:1f:be:
f6:7b:66:ed:e9:f9:17:0a:06:6c:3a:fc:82:4b:83:bc:24:24:
6e:e8:2d:ae:5e:12:c2:43:da:c8:b6:d3:b5:3e:e4:a7:98:ea:
d0:3a:89:8a:0c:c0:08:21:86:d8:64:f3:c7:4f:91:19:c1:d2:
43:9b:5f:99:13:f4:c2:55:13:43:9e:24:12:e6:38:9c:a4:f9:
28:03:78:d0:d5:ad:8c:e8:0d:0f:21:2d:8e:32:63:91:2d:d8:
e1:8c:eb:57:67:d2:3b:7c:6c:88:8d:84:e7:3e:9f:64:41:c2:
7f:c5:0d:67
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQl/A0eNauAgBFnFjGSLGfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYWQ4MGQ0MTFhY2I5MzY4NWY1NThhYTdlMTJmNDZiZDE3
MGE3ZmIwHhcNMjUwMTAyMDc0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTk3ODdkNjIwOWEyNDJhOTU0OGNmYTIxMzFmNmUzMWVlYTk0N2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQawi0bkWRh0813npypoCPatzO2v
SQrJc8SMeHxv4A1XiVFw1owIk/QujaHhkFQaTP+LiWy5v2yqSJFmkk3ak5KlyjFn
hy8fIJ/ZLgwo4PlNgLvsesSRGxjqGJVc+rcM3Ao5XGDNUhMJZCtaHJxTIPn+LFTC
+zXmzaGWVeqsRhSQhw3UXJdz8Gvp966LHvOuXzBKoceeuwG4AB9swh3C9Qr4nbJ4
IcaEH8gid0lc3SbsR8NKBMbP9JCVsN1nG+UsC9wtko8OJW4ldXI7MQbZS9lqpzi3
uva4CPLkONGh+20r3M9jcrSxVbENQHx9Cj/e+NPLVIhovLUeZirDWcsPRwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHmXh9YgmiQqlUjPohMfbjHuqUe7MB8GA1UdIwQY
MBaAFDKtgNQRrLk2hfVYqn4S9GvRcKf7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAt
ZGMwZTgxYTlkN2I0LzEvZVplSDFpQ2FKQ3FWU00taUV4OXVNZTZwUjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAtZGMwZTgxYTlkN2I0
LzEvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGTvRID
BACTvRQwDQYJKoZIhvcNAQELBQADggEBADpbDza31zy0G1pSP28dI4bCxsL7li/a
ZCX5WRbCqeRRxJBTgew1+2eRBNszol1zpPD9FTdF4b9NTlHIDHRlLuAhCrY112H8
QHgLoQBKH9VEbwdQlIg0hjvRZB3F+Vtli82bXascGALkX6RjbxaahO1Ey+M6h5Ai
q0eVEHFgx6Snj0QfimwT3JVSaiTGLcofvvZ7Zu3p+RcKBmw6/IJLg7wkJG7oLa5e
EsJD2si207U+5KeY6tA6iYoMwAghhthk88dPkRnB0kObX5kT9MJVE0OeJBLmOJyk
+SgDeNDVrYzoDQ8hLY4yY5Et2OGM61dn0jt8bIiNhOc+n2RBwn/FDWc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:18:06 2025 by rpki-client