Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/jpLz5ks1vCerU-Q3i7ie-7M9h_g.roa
File: jpLz5ks1vCerU-Q3i7ie-7M9h_g.roa (raw, json)
Hash identifier: GwQHfY0QkqK1aM28zzGQA798nvjVrST3aY1o5b6+7UU=
Subject key identifier: 8E:92:F3:E6:4B:35:BC:27:AB:53:E4:37:8B:B8:9E:FB:B3:3D:87:F8
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0194274880599B8F785FCEA71450CCCEED3B
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/jpLz5ks1vCerU-Q3i7ie-7M9h_g.roa
Signing time: Thu 02 Jan 2025 13:50:50 +0000
ROA not before: Thu 02 Jan 2025 13:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34936
IP address blocks: 204.11.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:80:59:9b:8f:78:5f:ce:a7:14:50:cc:ce:ed:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 13:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e92f3e64b35bc27ab53e4378bb89efbb33d87f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:03:34:82:35:da:97:d2:62:15:9f:7e:f7:4e:
6a:b7:46:11:ff:54:ed:88:fa:c5:fb:3f:ea:01:da:
86:ac:81:2e:79:c0:21:75:d5:bc:38:5d:d8:9d:da:
24:86:8a:13:0a:5d:23:71:e5:2d:0b:11:a3:5f:e2:
8e:bd:85:be:97:36:3e:14:e2:a8:c0:8f:f8:5f:d4:
59:f4:4b:5f:df:36:86:b6:85:eb:00:cd:6e:97:0e:
db:29:68:5a:9e:ff:fb:95:ab:a2:f8:10:2f:5b:bc:
bf:7a:04:5f:c3:92:e2:40:70:6f:92:82:64:67:22:
8e:87:28:19:76:9f:b9:31:3f:55:5d:7f:fe:e1:dc:
0a:4e:a5:4f:58:de:5f:6f:89:18:17:22:88:dd:35:
54:6d:e3:86:95:ad:97:c5:8b:a2:fd:e4:64:3f:78:
04:e9:75:56:f7:fe:a5:7d:6e:aa:f2:d7:53:be:c0:
50:c8:2d:46:0c:30:8c:1f:3f:5f:00:bd:a2:e3:d1:
6a:01:1c:e8:6a:f0:be:fb:87:68:da:64:ba:b3:97:
3a:11:0c:7d:d9:4c:3f:40:4d:bd:ec:4a:3c:3b:3d:
a4:12:fe:25:7b:fb:01:d6:61:e1:d0:76:e6:c1:ac:
22:84:b2:55:a8:7b:cf:8d:ce:52:71:36:a8:78:87:
e6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:92:F3:E6:4B:35:BC:27:AB:53:E4:37:8B:B8:9E:FB:B3:3D:87:F8
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/jpLz5ks1vCerU-Q3i7ie-7M9h_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
204.11.3.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:d7:dd:a6:13:d5:17:16:a1:cd:37:50:35:5d:f9:30:ee:e8:
36:ad:0e:1c:0b:ff:9d:58:a8:a6:55:d5:d7:c2:c6:d4:d1:cb:
9f:0d:58:5a:fe:93:0b:6c:9c:92:5a:f7:5d:9e:4c:9a:4f:97:
1f:ec:4e:3c:5b:81:1b:c3:80:25:5d:0c:22:38:9a:be:ca:02:
d1:ae:96:e7:c6:06:0f:03:10:26:bf:ce:a5:ee:2a:81:3f:b3:
6e:5f:14:97:6c:b7:8d:ce:ae:b7:83:18:f2:a2:48:81:60:c7:
36:ce:46:b6:a2:70:b7:93:89:9b:29:d2:57:80:03:6a:3e:99:
34:8b:af:b2:0b:ed:ba:c3:5f:f7:98:0a:e9:ba:7d:86:da:54:
06:d2:40:13:25:95:c0:bf:2d:0a:f9:02:b5:73:f0:c8:14:7a:
bc:56:0d:8d:0a:e1:7d:88:28:84:cd:8b:4d:95:a0:78:ee:c6:
db:00:d5:0e:ad:6a:bf:31:6a:b3:88:88:2a:dc:2f:74:0a:c8:
0c:89:5a:df:1c:a5:fe:1c:2a:3d:8e:83:66:3c:0f:c8:00:43:
2c:35:98:34:fc:d5:04:5e:8e:24:36:18:21:a1:db:97:65:3c:
aa:1f:2b:59:5b:5d:80:9b:78:23:be:c5:45:c6:78:de:34:b4:
81:e0:2d:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSIBZm494X86nFFDMzu07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwMTAyMTM1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTkyZjNlNjRiMzViYzI3YWI1M2U0Mzc4YmI4OWVmYmIzM2Q4N2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAM0gjXal9JiFZ9+905qt0YR/1Tt
iPrF+z/qAdqGrIEuecAhddW8OF3YndokhooTCl0jceUtCxGjX+KOvYW+lzY+FOKo
wI/4X9RZ9Etf3zaGtoXrAM1ulw7bKWhanv/7laui+BAvW7y/egRfw5LiQHBvkoJk
ZyKOhygZdp+5MT9VXX/+4dwKTqVPWN5fb4kYFyKI3TVUbeOGla2XxYui/eRkP3gE
6XVW9/6lfW6q8tdTvsBQyC1GDDCMHz9fAL2i49FqARzoavC++4do2mS6s5c6EQx9
2Uw/QE297Eo8Oz2kEv4le/sB1mHh0HbmwawihLJVqHvPjc5ScTaoeIfmowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI6S8+ZLNbwnq1PkN4u4nvuzPYf4MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvanBMejVrczF2Q2VyVS1RM2k3aWUtN005aF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAzAsDMA0G
CSqGSIb3DQEBCwUAA4IBAQAu192mE9UXFqHNN1A1Xfkw7ug2rQ4cC/+dWKimVdXX
wsbU0cufDVha/pMLbJySWvddnkyaT5cf7E48W4Ebw4AlXQwiOJq+ygLRrpbnxgYP
AxAmv86l7iqBP7NuXxSXbLeNzq63gxjyokiBYMc2zka2onC3k4mbKdJXgANqPpk0
i6+yC+26w1/3mArpun2G2lQG0kATJZXAvy0K+QK1c/DIFHq8Vg2NCuF9iCiEzYtN
laB47sbbANUOrWq/MWqziIgq3C90CsgMiVrfHKX+HCo9joNmPA/IAEMsNZg0/NUE
Xo4kNhghoduXZTyqHytZW12Am3gjvsVFxnjeNLSB4C1w
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:51:05 2025 by rpki-client