Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/a5baa2-2a35-4c76-a940-5990cd4de88b/1/94BJXR3Uo1I8suMedxF8KSUQqKc.roa
File: 94BJXR3Uo1I8suMedxF8KSUQqKc.roa (raw, json)
Hash identifier: vsbbxp7WNMO8VB3ChL2ZEv1wwVeFWV4G1csg/XaauZ0=
Subject key identifier: F7:80:49:5D:1D:D4:A3:52:3C:B2:E3:1E:77:11:7C:29:25:10:A8:A7
Certificate issuer: /CN=d79d856aaa9ead12f75cb68cdae96a0d2c8dde1e
Certificate serial: 01942445802683EF419C071E7333C814C6AD
Authority key identifier: D7:9D:85:6A:AA:9E:AD:12:F7:5C:B6:8C:DA:E9:6A:0D:2C:8D:DE:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/152FaqqerRL3XLaM2ulqDSyN3h4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/a5baa2-2a35-4c76-a940-5990cd4de88b/1/94BJXR3Uo1I8suMedxF8KSUQqKc.roa
Signing time: Wed 01 Jan 2025 23:48:42 +0000
ROA not before: Wed 01 Jan 2025 23:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 193.188.12.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:80:26:83:ef:41:9c:07:1e:73:33:c8:14:c6:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79d856aaa9ead12f75cb68cdae96a0d2c8dde1e
Validity
Not Before: Jan 1 23:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f780495d1dd4a3523cb2e31e77117c292510a8a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:40:eb:eb:86:0a:89:82:0a:fa:b0:b1:50:5a:
19:1b:57:59:54:02:9c:19:96:25:9c:f5:e6:b6:60:
dc:da:3a:62:53:0a:fc:1e:59:31:ac:57:aa:97:74:
ae:29:ed:87:6a:23:ea:b8:53:51:aa:28:26:66:37:
dc:68:16:92:30:b8:a1:98:73:c6:66:fb:21:a3:a7:
23:36:61:0e:62:7b:55:fe:f8:53:09:87:66:99:e6:
5b:a0:ac:2a:df:5d:dc:73:5f:7f:36:7f:48:a7:82:
43:85:f3:82:6b:74:71:28:39:3b:08:8b:28:fd:7d:
43:46:a9:4e:81:64:26:9c:a4:6b:01:da:6c:6d:5f:
06:e9:14:ca:8d:33:41:e9:cf:8b:32:ed:f3:ad:aa:
c7:8b:22:94:58:0a:4e:aa:d6:ae:07:9c:3b:cb:0d:
fe:ff:86:dd:ac:a2:a5:9c:1b:4a:6c:da:43:90:4d:
83:b4:6a:02:ad:e1:c1:fd:b2:84:6f:b3:8e:5e:1c:
0c:03:e9:e8:97:26:44:15:fd:7a:2c:7b:d9:d9:41:
ec:f0:2e:22:d9:4b:83:14:b1:50:7b:78:77:77:97:
88:63:81:34:2d:23:d6:37:32:89:6d:cd:1b:4d:7e:
ba:0c:c7:c7:ff:22:aa:fd:e9:56:ae:0d:03:ca:21:
1e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:80:49:5D:1D:D4:A3:52:3C:B2:E3:1E:77:11:7C:29:25:10:A8:A7
X509v3 Authority Key Identifier:
keyid:D7:9D:85:6A:AA:9E:AD:12:F7:5C:B6:8C:DA:E9:6A:0D:2C:8D:DE:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/152FaqqerRL3XLaM2ulqDSyN3h4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/a5baa2-2a35-4c76-a940-5990cd4de88b/1/94BJXR3Uo1I8suMedxF8KSUQqKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/a5baa2-2a35-4c76-a940-5990cd4de88b/1/152FaqqerRL3XLaM2ulqDSyN3h4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.188.12.0/23
Signature Algorithm: sha256WithRSAEncryption
27:a7:f1:4a:10:f8:0b:f0:8c:fe:a9:a4:5d:ae:d3:ed:1e:c2:
37:3d:b6:d4:83:46:8a:43:36:4c:36:50:f2:13:b1:13:22:fb:
0b:60:00:ee:03:e9:b4:5b:61:b6:09:9f:b5:64:f8:6f:e3:95:
04:d7:1a:2b:7a:1a:9d:0f:cb:33:fd:46:af:a6:a2:92:de:86:
8d:4a:59:65:25:0e:b4:e7:4d:00:f3:83:78:dd:85:d1:bd:b3:
98:aa:08:56:53:ab:df:ea:44:8b:90:74:60:60:e8:25:eb:d5:
21:16:4a:54:c8:43:9f:59:67:ca:0d:0e:9b:52:5f:92:7b:fe:
56:1a:1a:c3:b0:f2:31:23:1c:64:95:02:71:ca:50:1c:57:31:
d0:06:a4:92:70:c6:93:a2:0b:58:fc:83:71:dd:66:5a:c7:03:
79:7e:1f:cd:2a:af:db:7b:ef:20:e3:01:18:08:af:dc:47:8a:
6b:48:cc:41:16:3d:10:64:64:35:9a:66:0d:2f:ea:fe:41:09:
57:c9:45:9b:3a:15:2f:5a:b3:24:ef:9f:fc:a8:17:18:69:ec:
1f:e8:e1:2a:bb:e9:b8:07:3d:02:9d:5d:5f:71:d7:11:13:fa:
06:ca:79:b1:1f:31:0c:14:be:fe:4d:64:8f:96:72:b0:e9:15:
eb:11:90:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRYAmg+9BnAceczPIFMatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OWQ4NTZhYWE5ZWFkMTJmNzVjYjY4Y2RhZTk2YTBkMmM4
ZGRlMWUwHhcNMjUwMTAxMjM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzgwNDk1ZDFkZDRhMzUyM2NiMmUzMWU3NzExN2MyOTI1MTBhOGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEDr64YKiYIK+rCxUFoZG1dZVAKc
GZYlnPXmtmDc2jpiUwr8HlkxrFeql3SuKe2HaiPquFNRqigmZjfcaBaSMLihmHPG
Zvsho6cjNmEOYntV/vhTCYdmmeZboKwq313cc19/Nn9Ip4JDhfOCa3RxKDk7CIso
/X1DRqlOgWQmnKRrAdpsbV8G6RTKjTNB6c+LMu3zrarHiyKUWApOqtauB5w7yw3+
/4bdrKKlnBtKbNpDkE2DtGoCreHB/bKEb7OOXhwMA+nolyZEFf16LHvZ2UHs8C4i
2UuDFLFQe3h3d5eIY4E0LSPWNzKJbc0bTX66DMfH/yKq/elWrg0DyiEeOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPeASV0d1KNSPLLjHncRfCklEKinMB8GA1UdIwQY
MBaAFNedhWqqnq0S91y2jNrpag0sjd4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTUyRmFxcWVyUkwzWExhTTJ1bHFEU3lOM2g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9hNWJhYTItMmEzNS00Yzc2LWE5NDAt
NTk5MGNkNGRlODhiLzEvOTRCSlhSM1VvMUk4c3VNZWR4RjhLU1VRcUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9hNWJhYTItMmEzNS00Yzc2LWE5NDAtNTk5MGNkNGRlODhi
LzEvMTUyRmFxcWVyUkwzWExhTTJ1bHFEU3lOM2g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwbwMMA0G
CSqGSIb3DQEBCwUAA4IBAQAnp/FKEPgL8Iz+qaRdrtPtHsI3PbbUg0aKQzZMNlDy
E7ETIvsLYADuA+m0W2G2CZ+1ZPhv45UE1xorehqdD8sz/UavpqKS3oaNSlllJQ60
500A84N43YXRvbOYqghWU6vf6kSLkHRgYOgl69UhFkpUyEOfWWfKDQ6bUl+Se/5W
GhrDsPIxIxxklQJxylAcVzHQBqSScMaTogtY/INx3WZaxwN5fh/NKq/be+8g4wEY
CK/cR4prSMxBFj0QZGQ1mmYNL+r+QQlXyUWbOhUvWrMk75/8qBcYaewf6OEqu+m4
Bz0CnV1fcdcRE/oGynmxHzEMFL7+TWSPlnKw6RXrEZAd
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:32:16 2025 by rpki-client