Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/etKj8JxSADxAtwhWdtAcvp8APJo.roa
File: etKj8JxSADxAtwhWdtAcvp8APJo.roa (raw, json)
Hash identifier: hbDx1XXs3wCIknS0MzRqrwmZihS636bz/OW9FAqx/a8=
Subject key identifier: 7A:D2:A3:F0:9C:52:00:3C:40:B7:08:56:76:D0:1C:BE:9F:00:3C:9A
Certificate issuer: /CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc
Certificate serial: 01942144271B6C34E248AE389DAC9861CD1A
Authority key identifier: 8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/etKj8JxSADxAtwhWdtAcvp8APJo.roa
Signing time: Wed 01 Jan 2025 09:48:22 +0000
ROA not before: Wed 01 Jan 2025 09:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6730
IP address blocks: 193.8.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:27:1b:6c:34:e2:48:ae:38:9d:ac:98:61:cd:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc
Validity
Not Before: Jan 1 09:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ad2a3f09c52003c40b7085676d01cbe9f003c9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fc:c0:46:8a:27:fe:b9:ab:97:70:d9:80:34:
77:63:9d:e4:19:d1:97:39:fa:f6:90:b1:fa:64:a7:
ed:f1:2e:55:aa:20:70:7f:08:b9:12:e5:f8:d6:88:
94:d0:09:23:08:8a:7d:02:1f:81:1d:8d:7e:88:5c:
23:32:20:87:f0:21:ee:bb:0a:82:0a:c4:83:5f:c7:
94:90:6e:e0:c3:e7:1b:fd:88:e5:aa:b2:fd:c2:1b:
5c:1d:fb:53:4f:17:84:87:fb:8d:d2:35:96:92:14:
97:f9:e6:eb:3e:49:fc:57:53:68:91:97:c4:64:2f:
40:6f:c1:e2:e7:e8:7e:0c:30:10:bf:8e:77:93:b5:
71:22:91:28:dc:37:0c:35:5c:c4:5b:40:65:51:1f:
b6:bb:1f:a2:41:2f:c0:56:91:1d:4b:e8:7a:86:d4:
bb:93:a9:6a:15:db:2f:92:db:b6:96:14:5c:98:fa:
68:28:f9:b5:3d:97:18:b5:8d:7a:ac:0c:7c:6d:58:
29:a1:69:56:55:83:8c:53:ab:96:c3:c0:72:66:dc:
b3:cc:41:ea:ac:e6:c3:61:e7:f4:39:0d:bc:4c:c2:
be:8d:7d:66:c3:15:d0:76:dd:8a:73:98:ca:e1:cc:
0c:94:67:87:3a:e7:5c:fc:b7:15:99:1f:4a:10:97:
18:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:D2:A3:F0:9C:52:00:3C:40:B7:08:56:76:D0:1C:BE:9F:00:3C:9A
X509v3 Authority Key Identifier:
keyid:8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/etKj8JxSADxAtwhWdtAcvp8APJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.230.0/24
Signature Algorithm: sha256WithRSAEncryption
60:b4:ca:41:01:85:63:c7:d6:1b:9f:63:97:7d:f7:5e:3b:a7:
ab:a3:95:3f:4e:e5:be:46:f2:9b:f2:b8:74:04:2b:19:a8:31:
bf:d4:3b:a4:d1:f1:f7:fe:ef:45:6e:2c:0c:b6:d3:17:40:39:
8d:f8:44:50:c9:56:1f:4d:68:2e:8c:5b:55:c6:6b:80:c4:b2:
9b:28:ef:38:ea:a7:96:2c:ff:1c:e1:67:f0:06:e6:3c:96:12:
39:dd:36:62:4c:b5:2b:13:51:4c:90:b2:04:94:0c:d7:12:15:
88:91:79:e3:2a:84:96:81:9a:c3:36:1c:e4:0b:34:5e:14:0a:
29:9c:d6:a9:44:56:cf:66:82:3d:30:8c:a0:ab:59:25:6a:85:
46:b4:ff:1c:17:04:54:da:c0:ef:16:4e:4a:77:be:a9:82:38:
86:19:85:d9:50:b1:5c:fd:b4:34:22:ba:9f:a2:75:7a:d0:83:
b4:81:76:49:49:a7:6e:b6:a1:0b:55:2f:d7:6f:bd:34:13:33:
70:36:09:80:bc:3a:80:8f:04:09:c7:f5:3d:4a:2f:80:39:09:
4f:b4:bb:b5:ab:15:86:a3:3b:95:30:34:12:25:49:79:1f:73:
6f:74:96:ca:59:99:8b:09:73:2f:0c:f8:7e:78:78:33:2d:6c:
cc:26:03:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRCcbbDTiSK44nayYYc0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYTQ3ZDA4ZmM4NTIxM2RmNGZkYTJjZjk1NjFiOGU2OGJj
MjczZGMwHhcNMjUwMTAxMDk0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWQyYTNmMDljNTIwMDNjNDBiNzA4NTY3NmQwMWNiZTlmMDAzYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/zARoon/rmrl3DZgDR3Y53kGdGX
Ofr2kLH6ZKft8S5VqiBwfwi5EuX41oiU0AkjCIp9Ah+BHY1+iFwjMiCH8CHuuwqC
CsSDX8eUkG7gw+cb/YjlqrL9whtcHftTTxeEh/uN0jWWkhSX+ebrPkn8V1NokZfE
ZC9Ab8Hi5+h+DDAQv453k7VxIpEo3DcMNVzEW0BlUR+2ux+iQS/AVpEdS+h6htS7
k6lqFdsvktu2lhRcmPpoKPm1PZcYtY16rAx8bVgpoWlWVYOMU6uWw8ByZtyzzEHq
rObDYef0OQ28TMK+jX1mwxXQdt2Kc5jK4cwMlGeHOudc/LcVmR9KEJcYOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHrSo/CcUgA8QLcIVnbQHL6fADyaMB8GA1UdIwQY
MBaAFIqkfQj8hSE99P2iz5VhuOaLwnPcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGIt
ZTZiMWU5ODZmOTVmLzEvZXRLajhKeFNBRHhBdHdoV2R0QWN2cDhBUEpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGItZTZiMWU5ODZmOTVm
LzEvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQjmMA0G
CSqGSIb3DQEBCwUAA4IBAQBgtMpBAYVjx9Ybn2OXffdeO6ero5U/TuW+RvKb8rh0
BCsZqDG/1Duk0fH3/u9FbiwMttMXQDmN+ERQyVYfTWgujFtVxmuAxLKbKO846qeW
LP8c4WfwBuY8lhI53TZiTLUrE1FMkLIElAzXEhWIkXnjKoSWgZrDNhzkCzReFAop
nNapRFbPZoI9MIygq1klaoVGtP8cFwRU2sDvFk5Kd76pgjiGGYXZULFc/bQ0Irqf
onV60IO0gXZJSadutqELVS/Xb700EzNwNgmAvDqAjwQJx/U9Si+AOQlPtLu1qxWG
ozuVMDQSJUl5H3NvdJbKWZmLCXMvDPh+eHgzLWzMJgO7
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:29:28 2025 by rpki-client