Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/cednPNYKxfRsr4W4osQ0UxWr_xg.roa
File: cednPNYKxfRsr4W4osQ0UxWr_xg.roa (raw, json)
Hash identifier: bAnClABodJAGvw6mOL61pHv3A1a0Gmryz3vjrqAKOxo=
Subject key identifier: 71:E7:67:3C:D6:0A:C5:F4:6C:AF:85:B8:A2:C4:34:53:15:AB:FF:18
Certificate issuer: /CN=d0a343a37ecad2bfb2c35bd9b26d7f48bcb57537
Certificate serial: 019427B66AB5309C3658527F94932558A9FE
Authority key identifier: D0:A3:43:A3:7E:CA:D2:BF:B2:C3:5B:D9:B2:6D:7F:48:BC:B5:75:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KNDo37K0r-yw1vZsm1_SLy1dTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/cednPNYKxfRsr4W4osQ0UxWr_xg.roa
Signing time: Thu 02 Jan 2025 15:50:53 +0000
ROA not before: Thu 02 Jan 2025 15:50:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16019
IP address blocks: 193.84.128.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:6a:b5:30:9c:36:58:52:7f:94:93:25:58:a9:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a343a37ecad2bfb2c35bd9b26d7f48bcb57537
Validity
Not Before: Jan 2 15:50:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71e7673cd60ac5f46caf85b8a2c4345315abff18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3a:c6:44:0e:9a:2a:d6:a9:34:e1:75:b5:21:
05:6f:b4:9b:57:e9:f5:91:3f:b6:e8:e3:1d:7a:8b:
c9:3c:6d:d3:95:45:fc:ae:81:ef:68:ae:be:37:69:
45:94:b8:99:2e:a1:f4:84:1f:d2:fe:0b:5a:1a:4e:
23:95:8a:c7:49:b2:eb:17:c5:d3:65:cc:4e:78:77:
5e:0e:14:c8:6a:4c:d5:43:8c:99:24:8d:75:87:a8:
69:ec:36:cc:57:66:10:25:cb:e9:15:ea:e3:df:46:
d3:8e:47:12:b7:ee:40:45:2d:fd:46:7a:0a:30:19:
91:03:2b:95:30:10:09:77:54:83:15:0e:82:11:76:
ab:3f:fd:85:f1:0d:e4:6e:dc:6f:3c:2d:86:e1:07:
82:a1:f7:32:7f:bd:d5:5b:8b:e7:3d:1c:28:df:c1:
00:31:c0:2f:e4:15:36:5d:ab:a4:a0:22:cc:dd:bc:
94:99:f7:90:6e:ed:24:96:36:be:d3:36:18:e0:1a:
c9:97:47:5a:65:e9:14:e6:b7:89:d2:da:ee:6f:60:
b4:64:64:9b:80:71:fb:12:ed:a7:44:19:d3:c8:a2:
bf:bb:26:9e:bd:bc:34:2e:6b:6b:b6:25:94:7d:5a:
f0:4b:48:bf:b2:b2:54:84:f0:f2:6d:28:b7:f5:11:
9f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:E7:67:3C:D6:0A:C5:F4:6C:AF:85:B8:A2:C4:34:53:15:AB:FF:18
X509v3 Authority Key Identifier:
keyid:D0:A3:43:A3:7E:CA:D2:BF:B2:C3:5B:D9:B2:6D:7F:48:BC:B5:75:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KNDo37K0r-yw1vZsm1_SLy1dTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/cednPNYKxfRsr4W4osQ0UxWr_xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/0KNDo37K0r-yw1vZsm1_SLy1dTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.128.0/23
Signature Algorithm: sha256WithRSAEncryption
11:e1:d3:02:9b:98:da:8b:81:26:c7:c4:7a:d4:5a:e0:b2:0f:
df:6e:89:64:6f:27:0c:11:3f:e0:29:09:e1:72:cd:83:33:56:
a6:43:72:e0:83:73:13:f8:e4:02:40:c0:1c:96:81:d5:fd:70:
ee:fe:70:1c:fe:6c:7a:dd:1b:6a:a3:f2:ee:d9:17:39:4e:39:
84:96:52:ed:61:e4:2d:86:0b:e6:23:a0:70:04:bb:fa:87:dd:
7b:85:95:d7:bc:15:7c:8d:fd:92:2e:5b:89:6e:c5:59:08:47:
0a:cc:87:42:74:2d:34:06:f7:14:3e:6f:52:d0:a0:b1:61:d3:
37:7d:87:fb:b4:1b:8e:de:cb:85:ca:12:55:24:a2:ca:8e:79:
ae:b6:96:69:02:86:68:39:8f:a2:fb:ae:3a:d5:89:23:2a:4f:
00:97:dd:f8:e6:71:ed:5d:b1:60:6e:d8:09:71:c0:84:49:db:
a1:f4:f6:92:8d:93:65:a7:e0:01:6f:fd:05:53:5a:6f:e3:3a:
24:d6:87:72:c3:76:cb:df:61:f0:4c:85:01:50:37:07:07:5b:
fb:ec:b5:03:c1:c1:e6:23:79:ee:b5:65:a7:b1:34:f7:14:6d:
a1:3a:20:87:f8:58:72:a4:db:55:83:98:d5:9d:11:b2:a6:3e:
b6:89:33:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntmq1MJw2WFJ/lJMlWKn+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYTM0M2EzN2VjYWQyYmZiMmMzNWJkOWIyNmQ3ZjQ4YmNi
NTc1MzcwHhcNMjUwMTAyMTU1MDUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWU3NjczY2Q2MGFjNWY0NmNhZjg1YjhhMmM0MzQ1MzE1YWJmZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozrGRA6aKtapNOF1tSEFb7SbV+n1
kT+26OMdeovJPG3TlUX8roHvaK6+N2lFlLiZLqH0hB/S/gtaGk4jlYrHSbLrF8XT
ZcxOeHdeDhTIakzVQ4yZJI11h6hp7DbMV2YQJcvpFerj30bTjkcSt+5ARS39RnoK
MBmRAyuVMBAJd1SDFQ6CEXarP/2F8Q3kbtxvPC2G4QeCofcyf73VW4vnPRwo38EA
McAv5BU2XaukoCLM3byUmfeQbu0klja+0zYY4BrJl0daZekU5reJ0trub2C0ZGSb
gHH7Eu2nRBnTyKK/uyaevbw0LmtrtiWUfVrwS0i/srJUhPDybSi39RGfOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHHnZzzWCsX0bK+FuKLENFMVq/8YMB8GA1UdIwQY
MBaAFNCjQ6N+ytK/ssNb2bJtf0i8tXU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEtORG8zN0swci15dzF2WnNtMV9TTHkxZFRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yMDEyNzMtNzA4ZC00YTQ2LTlhYjYt
YzdiMzZiOGEyNjg1LzEvY2VkblBOWUt4ZlJzcjRXNG9zUTBVeFdyX3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8yMDEyNzMtNzA4ZC00YTQ2LTlhYjYtYzdiMzZiOGEyNjg1
LzEvMEtORG8zN0swci15dzF2WnNtMV9TTHkxZFRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwVSAMA0G
CSqGSIb3DQEBCwUAA4IBAQAR4dMCm5jai4Emx8R61Frgsg/fbolkbycMET/gKQnh
cs2DM1amQ3Lgg3MT+OQCQMAcloHV/XDu/nAc/mx63Rtqo/Lu2Rc5TjmEllLtYeQt
hgvmI6BwBLv6h917hZXXvBV8jf2SLluJbsVZCEcKzIdCdC00BvcUPm9S0KCxYdM3
fYf7tBuO3suFyhJVJKLKjnmutpZpAoZoOY+i+6461YkjKk8Al9345nHtXbFgbtgJ
ccCESduh9PaSjZNlp+ABb/0FU1pv4zok1odyw3bL32HwTIUBUDcHB1v77LUDwcHm
I3nutWWnsTT3FG2hOiCH+FhypNtVg5jVnRGypj62iTPp
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:55:48 2025 by rpki-client