Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/119d34-407a-429e-9056-7628cbaf0ec8/1/4fHNG3uqnKYRdS0KPogfVSeJ6Y4.roa
File: 4fHNG3uqnKYRdS0KPogfVSeJ6Y4.roa (raw, json)
Hash identifier: EoqRZ5+OD3esILCMjil4nQygTYY9bzIijeRvhLDs9S8=
Subject key identifier: E1:F1:CD:1B:7B:AA:9C:A6:11:75:2D:0A:3E:88:1F:55:27:89:E9:8E
Certificate issuer: /CN=ab98a8263e063b8a7bd3d7180e7a4aa64953441c
Certificate serial: 0194221FCE3510B48FC487426F11030D64CD
Authority key identifier: AB:98:A8:26:3E:06:3B:8A:7B:D3:D7:18:0E:7A:4A:A6:49:53:44:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5ioJj4GO4p709cYDnpKpklTRBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/119d34-407a-429e-9056-7628cbaf0ec8/1/4fHNG3uqnKYRdS0KPogfVSeJ6Y4.roa
Signing time: Wed 01 Jan 2025 13:48:17 +0000
ROA not before: Wed 01 Jan 2025 13:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6730
IP address blocks: 193.135.25.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ce:35:10:b4:8f:c4:87:42:6f:11:03:0d:64:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab98a8263e063b8a7bd3d7180e7a4aa64953441c
Validity
Not Before: Jan 1 13:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1f1cd1b7baa9ca611752d0a3e881f552789e98e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ce:e9:94:0e:3a:7e:68:a7:d4:43:8d:a7:8e:
12:e8:5f:c1:51:4e:c4:05:85:c0:66:f5:2b:27:ce:
1d:af:2b:67:34:29:2a:a2:11:42:ed:c3:60:7b:19:
c5:40:8b:f0:ab:16:0a:1c:dd:f8:9a:79:c0:02:fb:
6d:33:3e:ce:d4:a1:06:16:af:2b:ac:a4:96:28:77:
ff:ce:73:f8:d2:48:c8:4f:4a:1d:ee:7e:1d:14:2c:
1e:f9:16:2a:a3:e2:f9:9b:be:60:4f:0c:7f:dd:eb:
dc:fe:f4:ec:06:12:c0:0d:dc:09:bd:98:5b:e2:b6:
a8:ce:87:f1:c9:fa:1b:d2:f6:29:9a:4f:17:1d:73:
19:2f:ac:0c:6d:9e:b8:85:71:fe:22:c9:da:06:14:
df:76:2b:82:88:0f:21:19:7a:9a:d6:29:3b:7a:ea:
47:82:76:56:63:b2:36:14:23:13:8f:8a:fe:a3:62:
b8:1f:9a:00:84:56:21:7c:76:92:11:e0:dd:57:3c:
08:9e:05:51:8b:00:19:f3:f6:d4:b0:01:ac:d8:44:
76:a5:85:f5:e7:3b:5b:4b:ed:bf:2a:3c:21:8a:12:
b3:e9:89:ca:17:c5:4b:c4:6b:9e:65:80:a3:ac:93:
94:20:b5:6e:30:ce:cc:a1:29:bb:36:ad:61:9c:c3:
a9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F1:CD:1B:7B:AA:9C:A6:11:75:2D:0A:3E:88:1F:55:27:89:E9:8E
X509v3 Authority Key Identifier:
keyid:AB:98:A8:26:3E:06:3B:8A:7B:D3:D7:18:0E:7A:4A:A6:49:53:44:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5ioJj4GO4p709cYDnpKpklTRBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/119d34-407a-429e-9056-7628cbaf0ec8/1/4fHNG3uqnKYRdS0KPogfVSeJ6Y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/119d34-407a-429e-9056-7628cbaf0ec8/1/q5ioJj4GO4p709cYDnpKpklTRBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.25.0/24
Signature Algorithm: sha256WithRSAEncryption
51:83:d8:d8:cb:ef:d2:8f:cb:ea:75:4b:60:cf:24:4b:9f:88:
55:dd:92:b2:b8:09:4f:f3:5f:73:32:dc:c1:fa:4a:56:a2:aa:
2f:13:90:39:4b:3c:ce:df:6f:a0:52:74:34:a7:a7:c1:8c:39:
e6:4a:4b:15:c0:1e:11:29:a7:48:3e:1b:b8:76:f9:3a:7e:cd:
63:80:b0:03:be:1a:fa:57:ce:8c:88:e4:49:82:17:8e:db:9e:
e9:f4:4b:94:a8:0f:00:20:f3:a8:15:9c:f2:92:a1:c9:64:15:
69:92:c7:e0:7f:ce:b9:e0:81:7e:d2:40:9d:40:e0:b7:16:58:
95:e1:37:ce:91:98:b8:73:e3:74:25:86:a9:b4:bc:53:27:e1:
f5:1f:6d:68:03:57:cc:4f:49:c6:c3:d6:88:cf:bf:bb:63:07:
9d:4b:1c:80:8d:78:4a:91:fa:b4:37:fc:e5:ff:08:d5:52:f3:
81:9c:9b:dd:eb:72:3b:bd:15:a5:da:8c:01:67:d4:ed:83:7b:
f3:7d:6b:32:12:9c:f7:ca:93:d5:9e:36:01:9d:41:d2:bc:b3:
41:26:1b:0a:40:ea:ad:a0:eb:d7:30:ef:e9:5a:03:ca:d9:75:
58:30:79:a7:e1:60:82:08:c3:fd:a9:7f:46:de:47:b5:33:a8:
49:eb:f2:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH841ELSPxIdCbxEDDWTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOThhODI2M2UwNjNiOGE3YmQzZDcxODBlN2E0YWE2NDk1
MzQ0MWMwHhcNMjUwMTAxMTM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWYxY2QxYjdiYWE5Y2E2MTE3NTJkMGEzZTg4MWY1NTI3ODllOThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqs7plA46fmin1EONp44S6F/BUU7E
BYXAZvUrJ84drytnNCkqohFC7cNgexnFQIvwqxYKHN34mnnAAvttMz7O1KEGFq8r
rKSWKHf/znP40kjIT0od7n4dFCwe+RYqo+L5m75gTwx/3evc/vTsBhLADdwJvZhb
4raozofxyfob0vYpmk8XHXMZL6wMbZ64hXH+IsnaBhTfdiuCiA8hGXqa1ik7eupH
gnZWY7I2FCMTj4r+o2K4H5oAhFYhfHaSEeDdVzwIngVRiwAZ8/bUsAGs2ER2pYX1
5ztbS+2/KjwhihKz6YnKF8VLxGueZYCjrJOUILVuMM7MoSm7Nq1hnMOpEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOHxzRt7qpymEXUtCj6IH1UniemOMB8GA1UdIwQY
MBaAFKuYqCY+BjuKe9PXGA56SqZJU0QcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVpb0pqNEdPNHA3MDljWURucEtwa2xUUkJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xMTlkMzQtNDA3YS00MjllLTkwNTYt
NzYyOGNiYWYwZWM4LzEvNGZITkczdXFuS1lSZFMwS1BvZ2ZWU2VKNlk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xMTlkMzQtNDA3YS00MjllLTkwNTYtNzYyOGNiYWYwZWM4
LzEvcTVpb0pqNEdPNHA3MDljWURucEtwa2xUUkJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYcZMA0G
CSqGSIb3DQEBCwUAA4IBAQBRg9jYy+/Sj8vqdUtgzyRLn4hV3ZKyuAlP819zMtzB
+kpWoqovE5A5SzzO32+gUnQ0p6fBjDnmSksVwB4RKadIPhu4dvk6fs1jgLADvhr6
V86MiORJgheO257p9EuUqA8AIPOoFZzykqHJZBVpksfgf8654IF+0kCdQOC3FliV
4TfOkZi4c+N0JYaptLxTJ+H1H21oA1fMT0nGw9aIz7+7YwedSxyAjXhKkfq0N/zl
/wjVUvOBnJvd63I7vRWl2owBZ9Ttg3vzfWsyEpz3ypPVnjYBnUHSvLNBJhsKQOqt
oOvXMO/pWgPK2XVYMHmn4WCCCMP9qX9G3ke1M6hJ6/IL
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:29:30 2025 by rpki-client