Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/eQWgmPYrRyxmbW7jic8MtUc1Zpo.roa
File: eQWgmPYrRyxmbW7jic8MtUc1Zpo.roa (raw, json)
Hash identifier: QgtMWXIUrz6jvt1nPBxlt0MfdGFiSY2UtDQz0hujdYk=
Subject key identifier: 79:05:A0:98:F6:2B:47:2C:66:6D:6E:E3:89:CF:0C:B5:47:35:66:9A
Certificate issuer: /CN=e4a714ffc598b15647bbafe2c6460a87eafbcf97
Certificate serial: 019424B3D1D22C06E49CBB098C5509616E6C
Authority key identifier: E4:A7:14:FF:C5:98:B1:56:47:BB:AF:E2:C6:46:0A:87:EA:FB:CF:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KcU_8WYsVZHu6_ixkYKh-r7z5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/eQWgmPYrRyxmbW7jic8MtUc1Zpo.roa
Signing time: Thu 02 Jan 2025 01:49:11 +0000
ROA not before: Thu 02 Jan 2025 01:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8100
IP address blocks: 193.17.68.0/24 maxlen: 24
193.30.161.0/24 maxlen: 24
193.200.30.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d1:d2:2c:06:e4:9c:bb:09:8c:55:09:61:6e:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a714ffc598b15647bbafe2c6460a87eafbcf97
Validity
Not Before: Jan 2 01:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7905a098f62b472c666d6ee389cf0cb54735669a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6a:6e:a4:5a:71:d6:ba:25:c0:43:d5:e6:3e:
de:a5:eb:b2:0d:19:f3:26:e4:bd:5f:a6:19:1f:6f:
2e:0b:4c:e7:6a:31:44:48:0f:62:9e:32:9a:b4:9b:
47:07:3c:85:02:69:24:85:ba:c3:4e:28:f1:9a:ef:
b4:8b:08:ce:a5:0b:60:9d:4c:21:9f:ea:b7:c5:a4:
f0:9a:91:b2:b7:43:31:7d:ff:94:d4:06:d0:7a:11:
d3:af:36:53:7c:64:c9:64:91:cc:ab:1f:f8:43:4d:
88:ab:51:7e:ea:ee:29:55:dd:84:c2:05:4d:3b:e7:
3e:f8:5c:fa:b3:6c:e6:f1:e9:d4:6f:11:ef:0c:67:
32:c8:3a:a4:c0:f8:81:bd:3c:42:d6:d5:13:ef:5a:
87:dd:1a:3f:17:b4:68:5d:36:4f:97:93:17:af:1b:
8f:8e:dd:01:d3:04:80:fd:84:30:11:df:4e:91:98:
91:6c:21:75:26:2b:ca:da:68:45:8b:01:1d:c5:fc:
ef:13:9a:c9:ed:d5:00:de:b2:b2:13:13:96:52:47:
fd:4f:e8:ae:8d:1b:9c:73:52:07:ad:80:f8:ed:39:
bf:e8:24:eb:ea:04:67:2a:96:7f:24:d4:04:67:ce:
b7:c9:32:32:30:84:27:8b:75:70:42:6f:22:57:f5:
01:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:05:A0:98:F6:2B:47:2C:66:6D:6E:E3:89:CF:0C:B5:47:35:66:9A
X509v3 Authority Key Identifier:
keyid:E4:A7:14:FF:C5:98:B1:56:47:BB:AF:E2:C6:46:0A:87:EA:FB:CF:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KcU_8WYsVZHu6_ixkYKh-r7z5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/eQWgmPYrRyxmbW7jic8MtUc1Zpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/5KcU_8WYsVZHu6_ixkYKh-r7z5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.68.0/24
193.30.161.0/24
193.200.30.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:a9:5b:be:16:de:1e:33:bd:24:2c:23:42:bd:f4:85:ac:ef:
82:02:8d:97:fb:24:0b:8a:97:3d:ae:98:fe:cc:25:49:3b:ee:
30:2f:d3:00:18:24:ea:65:1e:90:53:88:47:60:95:db:57:45:
5a:1c:d9:17:75:67:be:0f:23:1f:ea:05:78:52:c3:98:f0:32:
5d:d8:44:e9:8a:92:24:8b:11:10:84:1e:fe:c9:60:a0:f1:59:
45:40:05:25:28:fb:b6:3a:eb:1c:e2:2d:94:ba:a1:2a:ea:71:
25:54:66:06:b3:e3:8d:f2:c4:1c:a2:f7:7a:c9:83:70:56:22:
a0:0f:a7:18:12:49:75:cd:3f:81:b6:30:75:f0:84:cc:c2:8c:
2f:2a:d4:e1:87:3a:e3:eb:8e:4a:d2:3a:37:7b:52:7f:12:80:
f5:ec:a3:85:cb:4e:90:19:cb:cc:87:e9:d1:9e:cb:b4:53:f7:
e5:8f:01:34:36:02:70:59:f8:01:75:3a:f5:e0:c7:a7:cb:4c:
3a:1c:51:38:f7:40:e8:36:be:a0:f9:f7:fa:9a:58:82:a8:cb:
93:8c:74:b5:4a:23:ab:c4:11:2b:42:58:37:e1:10:c5:6b:52:
42:9d:4d:62:c1:99:53:20:4f:8d:c5:23:32:4f:a3:4d:2b:8c:
59:d1:b6:51
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQks9HSLAbknLsJjFUJYW5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTcxNGZmYzU5OGIxNTY0N2JiYWZlMmM2NDYwYTg3ZWFm
YmNmOTcwHhcNMjUwMTAyMDE0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTA1YTA5OGY2MmI0NzJjNjY2ZDZlZTM4OWNmMGNiNTQ3MzU2NjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGpupFpx1rolwEPV5j7epeuyDRnz
JuS9X6YZH28uC0znajFESA9injKatJtHBzyFAmkkhbrDTijxmu+0iwjOpQtgnUwh
n+q3xaTwmpGyt0Mxff+U1AbQehHTrzZTfGTJZJHMqx/4Q02Iq1F+6u4pVd2EwgVN
O+c++Fz6s2zm8enUbxHvDGcyyDqkwPiBvTxC1tUT71qH3Ro/F7RoXTZPl5MXrxuP
jt0B0wSA/YQwEd9OkZiRbCF1JivK2mhFiwEdxfzvE5rJ7dUA3rKyExOWUkf9T+iu
jRucc1IHrYD47Tm/6CTr6gRnKpZ/JNQEZ863yTIyMIQni3VwQm8iV/UB6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHkFoJj2K0csZm1u44nPDLVHNWaaMB8GA1UdIwQY
MBaAFOSnFP/FmLFWR7uv4sZGCofq+8+XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtjVV84V1lzVlpIdTZfaXhrWUtoLXI3ejVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kOTZkYTYtMTJiMi00NDZlLThkOTkt
N2NiMzQ1ZTg1NDFhLzEvZVFXZ21QWXJSeXhtYlc3amljOE10VWMxWnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kOTZkYTYtMTJiMi00NDZlLThkOTktN2NiMzQ1ZTg1NDFh
LzEvNUtjVV84V1lzVlpIdTZfaXhrWUtoLXI3ejVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwRFEAwQA
wR6hAwQAwcgeMA0GCSqGSIb3DQEBCwUAA4IBAQDOqVu+Ft4eM70kLCNCvfSFrO+C
Ao2X+yQLipc9rpj+zCVJO+4wL9MAGCTqZR6QU4hHYJXbV0VaHNkXdWe+DyMf6gV4
UsOY8DJd2ETpipIkixEQhB7+yWCg8VlFQAUlKPu2Ousc4i2UuqEq6nElVGYGs+ON
8sQcovd6yYNwViKgD6cYEkl1zT+BtjB18ITMwowvKtThhzrj645K0jo3e1J/EoD1
7KOFy06QGcvMh+nRnsu0U/fljwE0NgJwWfgBdTr14Meny0w6HFE490DoNr6g+ff6
mliCqMuTjHS1SiOrxBErQlg34RDFa1JCnU1iwZlTIE+NxSMyT6NNK4xZ0bZR
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:07:41 2025 by rpki-client