Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/5FA6usbApR1_cX5AgsEzHiEcMB4.roa
File: 5FA6usbApR1_cX5AgsEzHiEcMB4.roa (raw, json)
Hash identifier: 7OuczURaJl5BP/q53z8kXUiqcwX3Z4OY7NVnaBx1Pg0=
Subject key identifier: E4:50:3A:BA:C6:C0:A5:1D:7F:71:7E:40:82:C1:33:1E:21:1C:30:1E
Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial: 019423D7D757989AC7A996C91A6058645BB0
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/5FA6usbApR1_cX5AgsEzHiEcMB4.roa
Signing time: Wed 01 Jan 2025 21:48:55 +0000
ROA not before: Wed 01 Jan 2025 21:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 193.247.128.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:d7:57:98:9a:c7:a9:96:c9:1a:60:58:64:5b:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Validity
Not Before: Jan 1 21:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4503abac6c0a51d7f717e4082c1331e211c301e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fa:98:c3:79:14:a2:2e:84:4f:bd:55:63:ec:
8e:b2:2b:52:ef:25:7c:20:10:cd:13:cc:c0:2a:0e:
7f:d2:fa:c7:30:38:d2:32:79:93:83:54:10:5f:8a:
35:f9:8e:0b:4a:85:56:08:66:7c:9a:34:a6:cc:bb:
73:6d:91:ef:d8:e6:d7:c0:91:53:e3:bc:c1:b4:62:
ff:fa:0b:ce:d0:d4:96:ac:e7:a5:50:bc:fa:54:e0:
62:8d:3c:46:34:08:4b:b6:c1:93:7f:a2:5f:2e:e0:
e0:a9:e1:8e:5f:45:fd:52:62:e9:be:b2:33:77:e9:
13:d3:fd:46:e7:83:42:67:c8:06:93:17:92:e2:33:
2c:e0:c4:16:38:bb:24:95:4a:15:d1:08:8f:1c:33:
07:1f:1f:21:c7:66:27:2e:79:59:c0:64:8d:3e:bf:
dc:89:95:1f:79:56:7f:99:a1:ff:4a:32:4a:1e:94:
8d:53:ea:41:1a:7f:53:d3:87:21:0e:4e:64:2b:8f:
16:9e:94:3e:0f:75:90:b8:12:80:f8:bb:96:47:a1:
88:33:80:20:c8:0b:38:79:c6:e1:28:17:99:28:2e:
9f:69:41:62:2f:5f:f4:cb:57:0a:13:65:09:3a:25:
69:92:0c:c9:8d:36:f3:d8:9e:65:fc:3f:88:d4:d3:
05:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:50:3A:BA:C6:C0:A5:1D:7F:71:7E:40:82:C1:33:1E:21:1C:30:1E
X509v3 Authority Key Identifier:
keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/5FA6usbApR1_cX5AgsEzHiEcMB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.247.128.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:5e:84:96:b3:6e:8b:a3:df:dc:a3:cb:7a:48:ac:9d:e9:d4:
55:f7:89:e6:d3:61:70:22:02:62:e5:8f:d0:2d:76:57:3e:e5:
f3:05:39:c7:f4:e7:e4:4c:89:e4:ae:17:35:40:db:68:9d:d7:
39:b5:6a:14:45:c6:c6:2e:c7:d0:20:53:44:09:45:30:99:eb:
b3:a7:b4:9c:11:a4:6c:4d:2b:77:25:0e:20:79:61:b1:53:9c:
46:23:db:c8:0b:fc:02:49:2e:92:fd:0a:0c:fd:87:12:8f:6a:
cf:a4:41:cc:ec:c0:03:e1:40:81:b5:9a:e2:99:9a:87:99:ed:
6b:1e:9a:9d:af:eb:2e:05:14:40:83:1c:c9:4f:a8:e4:fc:8e:
c1:80:2c:01:c3:20:9b:95:6d:2b:29:e6:3e:21:b6:53:f6:12:
b5:dd:92:3f:8f:fb:d8:e7:de:f7:30:79:da:03:c1:ff:9d:59:
64:5c:5e:0b:f9:42:84:da:0e:91:c8:3f:0f:91:b6:c2:78:a1:
cb:7b:21:d2:02:53:94:54:f2:97:02:8e:a4:09:91:41:ce:96:
5d:8f:05:2f:61:06:2c:be:ff:1b:27:1f:d3:67:68:a3:0c:4b:
c0:25:65:00:c8:6a:f0:c4:35:d2:78:0a:52:e8:7f:d5:06:9d:
3c:cc:cf:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj19dXmJrHqZbJGmBYZFuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3
MDU0NzEwHhcNMjUwMTAxMjE0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDUwM2FiYWM2YzBhNTFkN2Y3MTdlNDA4MmMxMzMxZTIxMWMzMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfqYw3kUoi6ET71VY+yOsitS7yV8
IBDNE8zAKg5/0vrHMDjSMnmTg1QQX4o1+Y4LSoVWCGZ8mjSmzLtzbZHv2ObXwJFT
47zBtGL/+gvO0NSWrOelULz6VOBijTxGNAhLtsGTf6JfLuDgqeGOX0X9UmLpvrIz
d+kT0/1G54NCZ8gGkxeS4jMs4MQWOLsklUoV0QiPHDMHHx8hx2YnLnlZwGSNPr/c
iZUfeVZ/maH/SjJKHpSNU+pBGn9T04chDk5kK48WnpQ+D3WQuBKA+LuWR6GIM4Ag
yAs4ecbhKBeZKC6faUFiL1/0y1cKE2UJOiVpkgzJjTbz2J5l/D+I1NMFwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFORQOrrGwKUdf3F+QILBMx4hHDAeMB8GA1UdIwQY
MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt
M2NjNTkyODk4Nzg5LzEvNUZBNnVzYkFwUjFfY1g1QWdzRXpIaUVjTUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5
LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwfeAMA0G
CSqGSIb3DQEBCwUAA4IBAQB7XoSWs26Lo9/co8t6SKyd6dRV94nm02FwIgJi5Y/Q
LXZXPuXzBTnH9OfkTInkrhc1QNtondc5tWoURcbGLsfQIFNECUUwmeuzp7ScEaRs
TSt3JQ4geWGxU5xGI9vIC/wCSS6S/QoM/YcSj2rPpEHM7MAD4UCBtZrimZqHme1r
Hpqdr+suBRRAgxzJT6jk/I7BgCwBwyCblW0rKeY+IbZT9hK13ZI/j/vY5973MHna
A8H/nVlkXF4L+UKE2g6RyD8PkbbCeKHLeyHSAlOUVPKXAo6kCZFBzpZdjwUvYQYs
vv8bJx/TZ2ijDEvAJWUAyGrwxDXSeApS6H/VBp08zM+X
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:54 2025 by rpki-client