Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/z5q48ktpf1eARPpbmIGK9GsvsrQ.roa
File: z5q48ktpf1eARPpbmIGK9GsvsrQ.roa (raw, json)
Hash identifier: tmWASzkDn54AHUg2VFq+szTIlcEFXE4zmXDoc40cFbw=
Subject key identifier: CF:9A:B8:F2:4B:69:7F:57:80:44:FA:5B:98:81:8A:F4:6B:2F:B2:B4
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 019425FD60E482E078D8C380336BDCE7CA52
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/z5q48ktpf1eARPpbmIGK9GsvsrQ.roa
Signing time: Thu 02 Jan 2025 07:49:09 +0000
ROA not before: Thu 02 Jan 2025 07:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212981
IP address blocks: 193.200.186.0/24 maxlen: 24
2a0a:d6c0:186::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:60:e4:82:e0:78:d8:c3:80:33:6b:dc:e7:ca:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Jan 2 07:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf9ab8f24b697f578044fa5b98818af46b2fb2b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:70:83:bc:22:49:83:75:99:a3:b1:9b:4a:5b:
3c:0c:ea:af:a5:d8:f0:ee:43:a9:19:8d:62:af:81:
a5:c3:90:02:15:2b:8c:92:2d:6d:19:35:a4:59:1c:
bc:b1:0c:6d:d7:ad:4a:df:9c:89:62:a9:36:f2:45:
bf:ce:a8:b2:4b:51:d8:cf:3f:4a:a8:2b:f1:22:e1:
c3:38:8a:be:a6:c1:1c:83:07:02:8b:da:74:0e:65:
ee:3c:5d:68:44:96:4c:5d:12:a3:3e:d1:71:a0:3d:
20:96:51:e2:19:8d:1e:1d:1f:0b:d5:d5:94:36:e1:
87:b9:6e:0f:31:87:d3:40:b4:54:82:67:46:b9:09:
38:61:f0:f9:6a:71:b2:02:1d:93:ee:25:c0:6f:11:
60:f8:b8:87:c6:22:77:4c:11:dc:05:ef:cb:96:16:
f9:96:3a:d0:be:8e:87:68:e0:02:3d:f7:6b:68:44:
19:e9:a7:cb:54:e4:fb:63:29:25:f6:cf:ec:fc:41:
fc:0b:c5:11:45:64:fa:6e:1d:4b:41:6e:a9:04:ab:
58:12:32:69:32:cf:82:ea:28:23:b0:39:7d:1f:33:
fe:10:49:e6:0f:54:96:c9:87:e2:df:b3:f6:3a:d4:
b0:c8:e8:f9:7d:6e:05:0c:ee:eb:4d:96:07:1d:18:
d5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:9A:B8:F2:4B:69:7F:57:80:44:FA:5B:98:81:8A:F4:6B:2F:B2:B4
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/z5q48ktpf1eARPpbmIGK9GsvsrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.186.0/24
IPv6:
2a0a:d6c0:186::/48
Signature Algorithm: sha256WithRSAEncryption
39:de:de:21:14:cb:32:0a:06:86:8c:e9:56:cf:f6:57:97:39:
70:0f:2f:b9:b4:55:f9:14:15:b3:33:a9:d7:4a:c3:db:f1:97:
e0:ba:c4:8b:40:95:a8:4e:3a:d1:fa:0f:89:aa:11:19:d5:fe:
e6:41:3b:0f:f4:48:7e:02:4b:0c:c3:1a:dc:ca:39:44:ee:f3:
5a:a3:dc:f9:5e:f0:e9:e4:e7:b9:74:23:52:ee:de:71:a8:3a:
54:3f:f8:94:55:c6:c5:33:a4:58:cd:85:8e:37:b7:01:0d:f9:
73:d1:25:1b:a6:1d:fa:1e:4d:b1:26:ba:b1:c8:65:83:88:90:
ea:11:22:bc:11:a5:e3:d5:04:cf:ac:68:87:80:ee:c5:5c:9a:
9b:f0:74:dc:37:8c:a4:3e:0c:65:00:8a:ae:1b:a6:11:65:aa:
bd:41:01:82:ee:b0:0f:8d:08:dd:1e:28:a1:4c:38:53:53:48:
d7:2a:81:ec:83:d2:b3:7c:80:03:92:c8:2b:ee:55:f7:50:e4:
a6:58:4a:10:31:0c:a4:7b:33:7b:03:9e:1d:0d:13:f5:6f:13:
ce:e4:b9:f5:e5:ae:1f:b6:bc:f3:92:cf:c6:49:46:9c:2e:8e:
31:db:73:ce:71:94:11:0c:9f:a2:7c:ba:e1:65:8a:de:14:df:
5b:74:fa:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQl/WDkguB42MOAM2vc58pSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjUwMTAyMDc0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjlhYjhmMjRiNjk3ZjU3ODA0NGZhNWI5ODgxOGFmNDZiMmZiMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3CDvCJJg3WZo7GbSls8DOqvpdjw
7kOpGY1ir4Glw5ACFSuMki1tGTWkWRy8sQxt161K35yJYqk28kW/zqiyS1HYzz9K
qCvxIuHDOIq+psEcgwcCi9p0DmXuPF1oRJZMXRKjPtFxoD0gllHiGY0eHR8L1dWU
NuGHuW4PMYfTQLRUgmdGuQk4YfD5anGyAh2T7iXAbxFg+LiHxiJ3TBHcBe/Llhb5
ljrQvo6HaOACPfdraEQZ6afLVOT7Yykl9s/s/EH8C8URRWT6bh1LQW6pBKtYEjJp
Ms+C6igjsDl9HzP+EEnmD1SWyYfi37P2OtSwyOj5fW4FDO7rTZYHHRjVOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM+auPJLaX9XgET6W5iBivRrL7K0MB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEvejVxNDhrdHBmMWVBUlBwYm1JR0s5R3N2c3JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwci6MA8E
AgACMAkDBwAqCtbAAYYwDQYJKoZIhvcNAQELBQADggEBADne3iEUyzIKBoaM6VbP
9leXOXAPL7m0VfkUFbMzqddKw9vxl+C6xItAlahOOtH6D4mqERnV/uZBOw/0SH4C
SwzDGtzKOUTu81qj3Ple8Onk57l0I1Lu3nGoOlQ/+JRVxsUzpFjNhY43twEN+XPR
JRumHfoeTbEmurHIZYOIkOoRIrwRpePVBM+saIeA7sVcmpvwdNw3jKQ+DGUAiq4b
phFlqr1BAYLusA+NCN0eKKFMOFNTSNcqgeyD0rN8gAOSyCvuVfdQ5KZYShAxDKR7
M3sDnh0NE/VvE87kufXlrh+2vPOSz8ZJRpwujjHbc85xlBEMn6J8uuFlit4U31t0
+sA=
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:04:08 2025 by rpki-client