Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/tRNXUlx68rKP9UOE-hhExB1kws8.roa
File: tRNXUlx68rKP9UOE-hhExB1kws8.roa (raw, json)
Hash identifier: +Hd3tIKng2pbogIxn1dcX/j1LNU33NvuDwSbS4tdpEA=
Subject key identifier: B5:13:57:52:5C:7A:F2:B2:8F:F5:43:84:FA:18:44:C4:1D:64:C2:CF
Certificate issuer: /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial: 01941FFA9A4D59DCEDFD9F6956C1343583E1
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/tRNXUlx68rKP9UOE-hhExB1kws8.roa
Signing time: Wed 01 Jan 2025 03:48:24 +0000
ROA not before: Wed 01 Jan 2025 03:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15440
IP address blocks: 193.187.112.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:9a:4d:59:dc:ed:fd:9f:69:56:c1:34:35:83:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Validity
Not Before: Jan 1 03:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b51357525c7af2b28ff54384fa1844c41d64c2cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:01:c7:64:31:c9:34:34:eb:82:36:03:90:3d:
d8:79:69:69:df:4e:46:2a:9d:f2:f3:c1:18:56:c0:
79:d2:bb:a4:7f:25:74:9a:2c:ed:ff:65:f4:ba:f7:
0e:c0:81:a8:4e:40:43:cc:8a:d2:47:cb:d5:26:60:
c6:44:3e:03:66:e1:2c:9d:ef:8c:d5:b6:9f:dc:a3:
89:86:19:c2:da:78:56:9e:bb:db:ca:7e:20:88:31:
f6:c0:b5:ba:41:2e:d6:21:bc:a4:44:cd:ef:84:5d:
a9:60:31:b8:ed:42:9d:98:b6:57:5b:92:bb:80:06:
bc:03:1e:dd:12:89:88:b8:a1:98:cf:46:cf:1d:2d:
97:e7:f4:9e:48:1f:48:df:4d:4b:12:6d:84:c4:6a:
b2:4e:0f:02:53:e9:59:d6:61:aa:00:c5:54:45:2d:
86:9c:1a:bc:8b:fe:4b:90:71:9a:53:b8:98:d6:84:
d7:7e:0a:72:a4:0b:60:6b:89:4c:9e:32:1d:61:4e:
27:de:ae:6f:b9:ca:63:5b:cc:74:95:0d:a5:7f:12:
11:92:be:38:f2:33:55:72:08:7c:cf:3e:0b:37:70:
6b:8f:2d:9d:8e:f0:62:e3:f3:b2:b6:78:c2:ee:0a:
3f:dc:8d:91:46:af:61:64:9e:48:5c:c2:81:59:aa:
a0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:13:57:52:5C:7A:F2:B2:8F:F5:43:84:FA:18:44:C4:1D:64:C2:CF
X509v3 Authority Key Identifier:
keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/tRNXUlx68rKP9UOE-hhExB1kws8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.187.112.0/22
Signature Algorithm: sha256WithRSAEncryption
34:a5:e4:be:b5:60:a8:3c:ec:ea:6a:0d:cd:fd:e6:c4:3c:8d:
e9:dd:fe:4b:a6:70:df:e7:84:d9:46:60:7d:e0:f0:74:b6:28:
96:dd:12:b6:8a:25:d6:fc:b3:5f:c9:2a:d3:58:20:f9:fc:93:
12:4f:52:c2:99:2b:28:a1:eb:f4:a1:7f:63:7d:2b:b2:c5:9e:
71:fb:c8:16:c8:48:67:18:e0:1f:d8:7c:2e:7f:f8:5b:f3:71:
62:11:dc:5a:13:34:13:f0:7d:b0:9f:9a:db:27:80:22:8a:9f:
74:d2:11:8f:57:3b:1c:ad:c3:0a:bd:c1:5b:4a:48:c3:5b:a8:
59:1c:c7:18:87:65:0c:26:42:33:57:82:7f:6b:7a:86:6d:17:
e5:6b:ce:f2:4f:da:2f:76:2c:d5:a1:21:85:e0:3a:88:dc:cc:
25:2e:30:26:6c:27:da:46:1e:28:56:8d:24:52:50:a7:b4:58:
c7:ff:f9:da:50:db:2a:55:4c:b1:02:3b:22:2f:f2:29:21:d5:
90:b2:aa:1f:d9:70:21:c0:05:ab:f1:35:85:80:36:4c:92:5a:
b9:a8:d0:57:9f:d6:0a:fa:f4:e5:35:bc:0d:f2:d0:d6:47:cd:
a8:dd:27:a3:fb:18:b8:de:df:51:11:51:d4:27:b0:cd:d9:e5:
20:94:d0:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+ppNWdzt/Z9pVsE0NYPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx
OGM5YmMwHhcNMjUwMTAxMDM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTEzNTc1MjVjN2FmMmIyOGZmNTQzODRmYTE4NDRjNDFkNjRjMmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQHHZDHJNDTrgjYDkD3YeWlp305G
Kp3y88EYVsB50rukfyV0mizt/2X0uvcOwIGoTkBDzIrSR8vVJmDGRD4DZuEsne+M
1baf3KOJhhnC2nhWnrvbyn4giDH2wLW6QS7WIbykRM3vhF2pYDG47UKdmLZXW5K7
gAa8Ax7dEomIuKGYz0bPHS2X5/SeSB9I301LEm2ExGqyTg8CU+lZ1mGqAMVURS2G
nBq8i/5LkHGaU7iY1oTXfgpypAtga4lMnjIdYU4n3q5vucpjW8x0lQ2lfxIRkr44
8jNVcgh8zz4LN3Brjy2djvBi4/OytnjC7go/3I2RRq9hZJ5IXMKBWaqgfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUTV1JcevKyj/VDhPoYRMQdZMLPMB8GA1UdIwQY
MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt
YmQzYmZjOTliZGE5LzEvdFJOWFVseDY4cktQOVVPRS1oaEV4QjFrd3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5
LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwbtwMA0G
CSqGSIb3DQEBCwUAA4IBAQA0peS+tWCoPOzqag3N/ebEPI3p3f5LpnDf54TZRmB9
4PB0tiiW3RK2iiXW/LNfySrTWCD5/JMST1LCmSsooev0oX9jfSuyxZ5x+8gWyEhn
GOAf2Hwuf/hb83FiEdxaEzQT8H2wn5rbJ4Aiip900hGPVzscrcMKvcFbSkjDW6hZ
HMcYh2UMJkIzV4J/a3qGbRfla87yT9ovdizVoSGF4DqI3MwlLjAmbCfaRh4oVo0k
UlCntFjH//naUNsqVUyxAjsiL/IpIdWQsqof2XAhwAWr8TWFgDZMklq5qNBXn9YK
+vTlNbwN8tDWR82o3Sej+xi43t9REVHUJ7DN2eUglNBh
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:44:57 2025 by rpki-client