Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ac9add-7487-46e4-87d7-66f15f9cd211/1/DdLoSh759OS3AYeL8gkdkt-eJF8.roa
File: DdLoSh759OS3AYeL8gkdkt-eJF8.roa (raw, json)
Hash identifier: +l+t/XcLn+FUwMEmZ7K6g0D2Jce4Jv6Z3TSEnZBYtr8=
Subject key identifier: 0D:D2:E8:4A:1E:F9:F4:E4:B7:01:87:8B:F2:09:1D:92:DF:9E:24:5F
Certificate issuer: /CN=ce789bb014cd3c8bd5f119fc04654b01c0b25217
Certificate serial: 039CB700
Authority key identifier: CE:78:9B:B0:14:CD:3C:8B:D5:F1:19:FC:04:65:4B:01:C0:B2:52:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/znibsBTNPIvV8Rn8BGVLAcCyUhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ac9add-7487-46e4-87d7-66f15f9cd211/1/DdLoSh759OS3AYeL8gkdkt-eJF8.roa
Signing time: Sat 01 Jan 2022 15:06:23 +0000
ROA not before: Sat 01 Jan 2022 15:06:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34927
IP address blocks: 193.37.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60602112 (0x39cb700)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce789bb014cd3c8bd5f119fc04654b01c0b25217
Validity
Not Before: Jan 1 15:06:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0dd2e84a1ef9f4e4b701878bf2091d92df9e245f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:17:86:9c:a8:7e:89:c8:19:5c:eb:f7:f1:f9:
e7:ab:4d:24:21:b3:cd:30:72:c0:28:f7:3f:44:28:
99:2f:7c:b0:9e:a7:92:7b:6c:ec:72:da:db:e3:95:
e4:a7:57:3e:d2:79:76:6c:93:19:9e:c1:99:78:c6:
a8:b6:93:df:98:0d:6e:24:9f:a0:e5:d4:66:78:07:
72:ec:9a:ab:8a:cc:bf:46:1e:0a:0d:97:12:52:3f:
c6:c2:bf:f7:3c:50:be:ee:21:cc:09:ef:7b:18:fc:
27:58:c2:00:4f:d9:97:90:59:6d:80:9e:7f:88:88:
2c:ed:5b:26:d5:cf:f9:51:a1:df:0b:26:c1:57:ff:
2f:7e:b9:bd:49:67:d4:7c:2c:a6:9c:28:42:a2:cb:
33:40:2a:bf:1f:42:73:b9:96:e0:1d:b2:0e:17:7c:
bf:ad:6f:71:70:b4:df:eb:ce:d1:2e:e1:5f:c1:b4:
02:e4:38:76:dd:ab:8f:e4:10:5b:d4:00:b5:33:2c:
30:8d:8d:cd:5b:4b:36:de:3c:f0:60:4a:39:9d:c2:
cf:fd:2f:9d:10:55:93:a6:2d:31:fa:2c:a5:d7:6c:
38:75:24:70:54:89:49:bd:c2:07:1b:f1:1f:8f:ff:
79:73:5a:90:23:bd:f7:89:93:2b:b7:08:b4:89:b7:
16:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D2:E8:4A:1E:F9:F4:E4:B7:01:87:8B:F2:09:1D:92:DF:9E:24:5F
X509v3 Authority Key Identifier:
keyid:CE:78:9B:B0:14:CD:3C:8B:D5:F1:19:FC:04:65:4B:01:C0:B2:52:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/znibsBTNPIvV8Rn8BGVLAcCyUhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ac9add-7487-46e4-87d7-66f15f9cd211/1/DdLoSh759OS3AYeL8gkdkt-eJF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ac9add-7487-46e4-87d7-66f15f9cd211/1/znibsBTNPIvV8Rn8BGVLAcCyUhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.139.0/24
Signature Algorithm: sha256WithRSAEncryption
08:3f:ed:28:c9:32:9d:0c:29:7b:82:e0:2d:0e:48:6a:56:12:
81:ff:4a:27:8b:78:1e:9d:21:ef:38:f7:7d:f7:06:b5:df:8e:
31:92:bf:f7:de:86:ba:51:66:3c:5b:1b:2e:a2:b5:18:5f:fe:
59:00:61:a2:75:3a:59:dc:5c:78:2a:69:40:d1:ea:2d:2c:23:
fc:a1:2b:75:f3:0e:de:26:be:27:c1:e8:f9:36:05:2e:ba:9c:
8f:00:d8:eb:a7:5b:4b:c6:86:07:3d:6a:bb:19:6f:c7:66:81:
9e:39:c5:0d:3a:05:3c:b4:22:65:a9:36:2c:75:cb:89:52:fb:
95:43:c2:e6:76:cb:00:d8:0f:53:9f:50:18:c2:aa:2f:06:d0:
5c:18:e1:32:3e:8c:a0:32:92:12:3e:00:a3:92:ae:4c:ea:0b:
27:84:fa:bc:3b:f6:45:d7:98:8e:c4:66:64:e1:e1:8c:0a:91:
b1:49:b8:9b:44:11:1e:f7:1c:5e:f2:95:8c:d0:e1:f1:47:c8:
34:4f:b8:b8:10:53:3e:10:7a:d6:2f:e2:c4:b4:e6:e8:58:66:
69:8b:e5:af:5e:7b:f7:41:e0:0a:05:d2:12:0f:f8:14:30:c9:
36:52:5a:86:37:b2:a4:4c:ce:65:26:23:c4:88:16:55:7f:33:
f5:d8:03:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA5y3ADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZTc4OWJiMDE0Y2QzYzhiZDVmMTE5ZmMwNDY1NGIwMWMwYjI1MjE3MB4XDTIyMDEw
MTE1MDYyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRkMmU4NGExZWY5
ZjRlNGI3MDE4NzhiZjIwOTFkOTJkZjllMjQ1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwXhpyofonIGVzr9/H556tNJCGzzTBywCj3P0QomS98sJ6n
knts7HLa2+OV5KdXPtJ5dmyTGZ7BmXjGqLaT35gNbiSfoOXUZngHcuyaq4rMv0Ye
Cg2XElI/xsK/9zxQvu4hzAnvexj8J1jCAE/Zl5BZbYCef4iILO1bJtXP+VGh3wsm
wVf/L365vUln1HwsppwoQqLLM0Aqvx9Cc7mW4B2yDhd8v61vcXC03+vO0S7hX8G0
AuQ4dt2rj+QQW9QAtTMsMI2NzVtLNt488GBKOZ3Cz/0vnRBVk6YtMfospddsOHUk
cFSJSb3CBxvxH4//eXNakCO994mTK7cItIm3FiUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQN0uhKHvn05LcBh4vyCR2S354kXzAfBgNVHSMEGDAWgBTOeJuwFM08i9Xx
GfwEZUsBwLJSFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3puaWJzQlROUEl2VjhSbjhCR1ZMQWNDeVVoYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvYWM5YWRkLTc0ODctNDZlNC04N2Q3LTY2ZjE1ZjljZDIxMS8x
L0RkTG9TaDc1OU9TM0FZZUw4Z2tka3QtZUpGOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
YWM5YWRkLTc0ODctNDZlNC04N2Q3LTY2ZjE1ZjljZDIxMS8xL3puaWJzQlROUEl2
VjhSbjhCR1ZMQWNDeVVoYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMElizANBgkqhkiG9w0BAQsFAAOC
AQEACD/tKMkynQwpe4LgLQ5IalYSgf9KJ4t4Hp0h7zj3ffcGtd+OMZK/996GulFm
PFsbLqK1GF/+WQBhonU6WdxceCppQNHqLSwj/KErdfMO3ia+J8Ho+TYFLrqcjwDY
66dbS8aGBz1quxlvx2aBnjnFDToFPLQiZak2LHXLiVL7lUPC5nbLANgPU59QGMKq
LwbQXBjhMj6MoDKSEj4Ao5KuTOoLJ4T6vDv2RdeYjsRmZOHhjAqRsUm4m0QRHvcc
XvKVjNDh8UfINE+4uBBTPhB61i/ixLTm6FhmaYvlr15790HgCgXSEg/4FDDJNlJa
hjeypEzOZSYjxIgWVX8z9dgDRA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:36 2025 by rpki-client