Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/2JXcaA80r7d-EIDaMijpbBPasoc.roa
File: 2JXcaA80r7d-EIDaMijpbBPasoc.roa (raw, json)
Hash identifier: gf95/nywAYIZdNJbfxynwrtY4coqSX3R7aiF8YJONgo=
Subject key identifier: D8:95:DC:68:0F:34:AF:B7:7E:10:80:DA:32:28:E9:6C:13:DA:B2:87
Certificate issuer: /CN=9914258fb9d3657b3376142bfc63dace4f8211c4
Certificate serial: 019426D9CAD7A6444AC0F5A7742098D85482
Authority key identifier: 99:14:25:8F:B9:D3:65:7B:33:76:14:2B:FC:63:DA:CE:4F:82:11:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mRQlj7nTZXszdhQr_GPazk-CEcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/2JXcaA80r7d-EIDaMijpbBPasoc.roa
Signing time: Thu 02 Jan 2025 11:49:54 +0000
ROA not before: Thu 02 Jan 2025 11:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1930
IP address blocks: 192.68.224.0/24 maxlen: 24
192.92.147.0/24 maxlen: 24
192.92.148.0/24 maxlen: 24
192.132.53.0/24 maxlen: 24
192.190.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ca:d7:a6:44:4a:c0:f5:a7:74:20:98:d8:54:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9914258fb9d3657b3376142bfc63dace4f8211c4
Validity
Not Before: Jan 2 11:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d895dc680f34afb77e1080da3228e96c13dab287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5c:b6:ad:18:35:d2:c1:07:7a:2f:d7:9e:ce:
e2:8c:ba:12:d5:6b:75:f5:c2:27:dc:8c:d1:8a:2e:
22:9f:09:74:ca:68:98:da:76:cd:2e:19:b2:6a:55:
21:5f:5a:9d:0f:a9:c3:d8:90:3d:76:17:b1:48:7a:
e3:a8:05:fe:53:76:53:03:89:af:6c:37:fa:97:e0:
b8:4a:db:20:7e:6e:ec:3c:ff:3a:cf:ee:cb:a7:af:
3f:e4:da:68:4e:19:93:32:82:4a:45:f4:22:49:24:
0b:12:bc:a5:db:57:53:fb:62:fd:9c:5e:ae:2d:e5:
01:1f:cf:ab:10:3e:93:8f:61:88:73:58:b4:d8:56:
00:77:d2:b4:08:7d:a8:98:f5:59:5b:87:1f:70:a5:
60:1b:92:27:4f:ef:f4:ad:ed:01:38:be:2d:2d:9d:
7c:ff:95:e1:68:33:c0:df:9e:f7:ab:34:4b:ff:8c:
ed:1e:67:ef:30:8f:2f:49:ed:0c:b9:80:c7:6e:81:
ed:ca:c3:09:81:c8:ec:36:f6:73:bf:f9:24:96:e2:
3a:26:30:33:d9:1a:67:1b:73:0e:08:92:cc:79:43:
aa:c7:46:3b:46:64:cb:1c:a2:d7:c1:cf:83:d7:71:
2f:f5:58:66:48:20:ee:17:08:a2:bf:1a:ba:1b:25:
cc:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:95:DC:68:0F:34:AF:B7:7E:10:80:DA:32:28:E9:6C:13:DA:B2:87
X509v3 Authority Key Identifier:
keyid:99:14:25:8F:B9:D3:65:7B:33:76:14:2B:FC:63:DA:CE:4F:82:11:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mRQlj7nTZXszdhQr_GPazk-CEcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/2JXcaA80r7d-EIDaMijpbBPasoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/mRQlj7nTZXszdhQr_GPazk-CEcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.68.224.0/24
192.92.147.0-192.92.148.255
192.132.53.0/24
192.190.174.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:53:9c:0a:b6:07:2a:0f:89:01:8d:26:1e:f3:a9:a2:85:b4:
f9:42:3b:d3:3a:2d:3b:e0:e4:5a:8c:64:9e:14:4e:4c:3a:f7:
3f:44:56:bd:b9:f7:07:ec:b1:1e:9a:ff:14:18:43:69:ad:42:
45:16:8b:16:0f:51:dc:84:77:4e:e4:11:d3:d1:62:44:3d:88:
a3:7d:b9:b3:64:78:54:4a:87:18:32:75:bb:d2:1e:44:9a:03:
d8:cd:db:d0:b7:95:b7:ac:67:e6:b6:d8:22:a3:05:33:06:49:
b2:ba:99:2d:46:62:bc:26:a8:ab:5c:bd:fb:20:b1:6b:60:f5:
e5:30:7e:32:89:38:4c:ce:45:6f:ef:ee:bd:f8:00:9f:e9:dc:
90:49:ae:fe:6e:bb:6c:cd:7c:b3:4c:1d:a0:09:b8:47:c9:c2:
7e:e5:4a:7e:89:ea:86:52:4b:83:f3:29:20:42:3d:eb:20:fc:
a4:8b:4f:d1:1d:10:2c:8c:58:1b:4f:0a:16:61:47:96:a2:24:
39:69:e0:f0:00:39:18:d1:09:f1:e1:61:bf:a3:88:ce:d7:ea:
c0:46:f2:f9:58:01:42:cc:bc:d3:59:11:91:da:3f:7e:21:44:
c0:45:7a:ac:bf:5b:53:42:37:39:8c:f3:23:90:ec:c7:04:2f:
11:19:56:4a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQm2crXpkRKwPWndCCY2FSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MTQyNThmYjlkMzY1N2IzMzc2MTQyYmZjNjNkYWNlNGY4
MjExYzQwHhcNMjUwMTAyMTE0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODk1ZGM2ODBmMzRhZmI3N2UxMDgwZGEzMjI4ZTk2YzEzZGFiMjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1y2rRg10sEHei/Xns7ijLoS1Wt1
9cIn3IzRii4inwl0ymiY2nbNLhmyalUhX1qdD6nD2JA9dhexSHrjqAX+U3ZTA4mv
bDf6l+C4Stsgfm7sPP86z+7Lp68/5NpoThmTMoJKRfQiSSQLEryl21dT+2L9nF6u
LeUBH8+rED6Tj2GIc1i02FYAd9K0CH2omPVZW4cfcKVgG5InT+/0re0BOL4tLZ18
/5XhaDPA3573qzRL/4ztHmfvMI8vSe0MuYDHboHtysMJgcjsNvZzv/kkluI6JjAz
2RpnG3MOCJLMeUOqx0Y7RmTLHKLXwc+D13Ev9VhmSCDuFwiivxq6GyXMqQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNiV3GgPNK+3fhCA2jIo6WwT2rKHMB8GA1UdIwQY
MBaAFJkUJY+502V7M3YUK/xj2s5PghHEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVJRbGo3blRaWHN6ZGhRcl9HUGF6ay1DRWNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS84NjY0MWUtNjY5Yy00YThkLWFlMGIt
ZmUzNDFiMzAwNWUzLzEvMkpYY2FBODByN2QtRUlEYU1panBiQlBhc29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS84NjY0MWUtNjY5Yy00YThkLWFlMGItZmUzNDFiMzAwNWUz
LzEvbVJRbGo3blRaWHN6ZGhRcl9HUGF6ay1DRWNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAwETgMAwD
BADAXJMDBADAXJQDBADAhDUDBADAvq4wDQYJKoZIhvcNAQELBQADggEBAApTnAq2
ByoPiQGNJh7zqaKFtPlCO9M6LTvg5FqMZJ4UTkw69z9EVr259wfssR6a/xQYQ2mt
QkUWixYPUdyEd07kEdPRYkQ9iKN9ubNkeFRKhxgydbvSHkSaA9jN29C3lbesZ+a2
2CKjBTMGSbK6mS1GYrwmqKtcvfsgsWtg9eUwfjKJOEzORW/v7r34AJ/p3JBJrv5u
u2zNfLNMHaAJuEfJwn7lSn6J6oZSS4PzKSBCPesg/KSLT9EdECyMWBtPChZhR5ai
JDlp4PAAORjRCfHhYb+jiM7X6sBG8vlYAULMvNNZEZHaP34hRMBFeqy/W1NCNzmM
8yOQ7McELxEZVko=
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:32:50 2025 by rpki-client