Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/VjFaa40k5gg50M8p1inCsC1xwGg.roa
File: VjFaa40k5gg50M8p1inCsC1xwGg.roa (raw, json)
Hash identifier: S2Selx3ZTa4K6ceeiGmmpO3lyW5MBenOR9Q/wyvW2OI=
Subject key identifier: 56:31:5A:6B:8D:24:E6:08:39:D0:CF:29:D6:29:C2:B0:2D:71:C0:68
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019420683743799A9F8AFC919479992D1FB6
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/VjFaa40k5gg50M8p1inCsC1xwGg.roa
Signing time: Wed 01 Jan 2025 05:48:08 +0000
ROA not before: Wed 01 Jan 2025 05:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 193.233.108.0/22 maxlen: 24
193.233.116.0/23 maxlen: 23
193.233.118.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:37:43:79:9a:9f:8a:fc:91:94:79:99:2d:1f:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56315a6b8d24e60839d0cf29d629c2b02d71c068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:58:2b:b1:a8:49:c4:c2:c8:bc:aa:34:ca:f8:
3b:9f:38:7d:53:b9:75:19:06:dc:ee:6b:5e:ef:90:
7e:21:7d:39:27:a8:2b:17:38:24:d9:e7:af:5d:41:
35:e1:27:59:a7:76:8c:d9:dd:4f:ea:27:a3:c1:5f:
2d:b5:9a:74:01:95:60:ce:53:24:85:87:3f:ce:39:
8c:22:34:f7:e3:7e:9f:c5:09:5a:cb:25:c4:18:ac:
72:13:84:19:c4:a4:bc:48:35:b7:05:bc:39:c5:33:
3a:98:c6:91:7f:de:02:3d:1f:8b:97:c1:89:a2:5b:
7f:1c:4e:cf:8e:ab:32:58:c7:88:23:ba:80:79:10:
da:a2:ff:7f:50:3d:fb:57:40:0f:5f:4b:a5:16:43:
03:67:30:21:55:11:88:9a:30:76:8d:1f:a2:99:64:
92:e9:bc:aa:e2:1c:82:1e:ac:aa:5e:9c:e6:62:5a:
43:ae:c1:0f:cf:71:f1:89:46:71:37:f0:c4:e2:50:
3a:df:98:0e:50:9f:13:ad:18:a6:59:ec:00:55:31:
54:fc:cc:f9:e5:59:c6:13:49:df:7c:21:48:00:ce:
55:7d:b9:65:50:11:cf:46:7b:0f:d1:04:c3:1f:9b:
f2:2c:91:cb:1d:22:0e:98:92:66:49:eb:c5:31:eb:
ba:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:31:5A:6B:8D:24:E6:08:39:D0:CF:29:D6:29:C2:B0:2D:71:C0:68
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/VjFaa40k5gg50M8p1inCsC1xwGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.108.0/22
193.233.116.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:6c:e0:6c:ef:b4:f8:6b:47:4f:59:eb:f4:5c:78:3d:cc:57:
e1:e9:61:cd:6d:bd:e7:e6:d1:51:96:00:a7:ab:c6:12:73:e2:
44:8e:5a:c4:85:22:fc:23:33:cc:b8:b2:a9:3f:77:4e:5b:40:
50:91:da:44:4a:9a:a3:65:97:c7:fe:0a:63:f0:3b:55:40:f1:
c0:3c:04:b2:e5:57:34:ad:ab:1d:87:83:27:2a:0a:d8:e7:d5:
fa:75:35:e2:04:07:cb:7d:28:91:33:72:34:e8:57:81:ee:e2:
00:43:aa:b5:53:9a:e4:d6:f3:43:25:51:51:a4:bf:a9:d4:a8:
0b:d0:30:9e:4e:95:90:ff:e5:15:96:92:ed:7b:a0:31:89:fc:
13:93:d3:14:73:f2:51:a6:26:4f:f0:50:ca:39:11:e7:cb:a0:
b3:ce:e8:fd:c7:c0:22:1d:a8:27:7c:0b:dd:0f:4d:84:51:9b:
76:ee:37:f9:6a:50:50:fb:02:1b:55:0e:ec:77:42:86:6a:eb:
9d:e3:22:97:10:8a:d0:05:28:d6:e4:d1:f0:f1:51:1c:d7:70:
78:63:ab:79:92:86:5e:65:5e:47:d2:20:95:e2:04:2a:33:e1:
dc:f9:30:21:8d:97:9c:da:3b:67:41:91:b1:20:08:95:f9:c7:
bd:ff:20:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaDdDeZqfivyRlHmZLR+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjMxNWE2YjhkMjRlNjA4MzlkMGNmMjlkNjI5YzJiMDJkNzFjMDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lgrsahJxMLIvKo0yvg7nzh9U7l1
GQbc7mte75B+IX05J6grFzgk2eevXUE14SdZp3aM2d1P6iejwV8ttZp0AZVgzlMk
hYc/zjmMIjT3436fxQlayyXEGKxyE4QZxKS8SDW3Bbw5xTM6mMaRf94CPR+Ll8GJ
olt/HE7PjqsyWMeII7qAeRDaov9/UD37V0APX0ulFkMDZzAhVRGImjB2jR+imWSS
6byq4hyCHqyqXpzmYlpDrsEPz3HxiUZxN/DE4lA635gOUJ8TrRimWewAVTFU/Mz5
5VnGE0nffCFIAM5VfbllUBHPRnsP0QTDH5vyLJHLHSIOmJJmSevFMeu6VQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFYxWmuNJOYIOdDPKdYpwrAtccBoMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvVmpGYWE0MGs1Z2c1ME04cDFpbkNzQzF4d0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwelsAwQC
wel0MA0GCSqGSIb3DQEBCwUAA4IBAQA7bOBs77T4a0dPWev0XHg9zFfh6WHNbb3n
5tFRlgCnq8YSc+JEjlrEhSL8IzPMuLKpP3dOW0BQkdpESpqjZZfH/gpj8DtVQPHA
PASy5Vc0rasdh4MnKgrY59X6dTXiBAfLfSiRM3I06FeB7uIAQ6q1U5rk1vNDJVFR
pL+p1KgL0DCeTpWQ/+UVlpLte6AxifwTk9MUc/JRpiZP8FDKORHny6Czzuj9x8Ai
HagnfAvdD02EUZt27jf5alBQ+wIbVQ7sd0KGauud4yKXEIrQBSjW5NHw8VEc13B4
Y6t5koZeZV5H0iCV4gQqM+Hc+TAhjZec2jtnQZGxIAiV+ce9/yC2
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:29:42 2025 by rpki-client