Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/25df87-15ab-4b90-b760-52279153bbf4/1/aICEd3MWzWJDIaWu83sH2GJVj90.roa
File: aICEd3MWzWJDIaWu83sH2GJVj90.roa (raw, json)
Hash identifier: uHjR7z0ysdWZlr1Q05ISoyusgCOyuohVev1SCZ6MaaE=
Subject key identifier: 68:80:84:77:73:16:CD:62:43:21:A5:AE:F3:7B:07:D8:62:55:8F:DD
Certificate issuer: /CN=05072a23730bbe1a31051f07e3bb2d39d6085527
Certificate serial: 018CC2DAB8CB4CE13DFEBE5A9FAD17059A3D
Authority key identifier: 05:07:2A:23:73:0B:BE:1A:31:05:1F:07:E3:BB:2D:39:D6:08:55:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQcqI3MLvhoxBR8H47stOdYIVSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/25df87-15ab-4b90-b760-52279153bbf4/1/aICEd3MWzWJDIaWu83sH2GJVj90.roa
Signing time: Mon 01 Jan 2024 02:29:23 +0000
ROA not before: Mon 01 Jan 2024 02:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209961
IP address blocks: 130.193.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b8:cb:4c:e1:3d:fe:be:5a:9f:ad:17:05:9a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05072a23730bbe1a31051f07e3bb2d39d6085527
Validity
Not Before: Jan 1 02:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=688084777316cd624321a5aef37b07d862558fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:aa:e1:e4:7b:22:ae:04:ac:fb:24:74:79:a2:
4a:d5:75:74:cb:bd:99:cb:12:05:27:37:22:1a:de:
23:4d:9b:fa:a6:99:b0:b6:09:6f:96:7f:25:1a:e4:
d3:8a:32:d3:aa:62:8e:09:a1:78:ef:de:8a:da:a9:
74:9b:57:c1:6e:b2:13:08:ff:2e:69:e3:51:14:d2:
2a:ee:8b:bd:2e:c8:c6:22:b6:ae:05:11:c4:b9:fd:
30:52:fd:6b:e2:f0:54:b9:b7:e8:5b:bb:13:92:06:
8c:b6:92:ae:89:ba:cc:ce:f9:64:d3:17:39:2f:09:
f3:a3:aa:0c:2f:76:50:20:5b:13:52:dd:ef:be:9e:
a6:59:82:12:25:f5:ed:17:7e:e0:08:80:83:09:63:
81:fc:5c:8b:b9:8f:52:f0:64:84:0a:52:60:85:04:
00:c2:44:b1:bb:11:cb:22:c4:89:3e:26:cf:73:a1:
7f:ec:1a:19:50:99:0d:5b:6f:93:6a:4d:ae:76:06:
61:9b:1a:59:80:0f:2c:b5:b2:5c:ef:e5:8b:c7:27:
7b:aa:28:11:f5:21:79:16:df:28:6a:9c:57:75:69:
49:19:37:c5:da:6e:17:a0:79:47:0f:b4:ba:8f:fe:
26:fe:e1:bd:f9:4b:14:8a:fb:82:14:f8:8b:f0:4b:
9e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:80:84:77:73:16:CD:62:43:21:A5:AE:F3:7B:07:D8:62:55:8F:DD
X509v3 Authority Key Identifier:
keyid:05:07:2A:23:73:0B:BE:1A:31:05:1F:07:E3:BB:2D:39:D6:08:55:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQcqI3MLvhoxBR8H47stOdYIVSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/25df87-15ab-4b90-b760-52279153bbf4/1/aICEd3MWzWJDIaWu83sH2GJVj90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/25df87-15ab-4b90-b760-52279153bbf4/1/BQcqI3MLvhoxBR8H47stOdYIVSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:d7:a8:c2:8f:8b:c6:80:ad:d6:e9:fe:59:9a:49:64:fb:d2:
83:f7:bf:57:83:a9:bc:24:45:cd:0b:1e:b2:7e:b0:4f:c8:8f:
e0:92:5d:0d:82:99:fe:94:b9:16:74:8d:fb:0a:40:46:e6:13:
87:bd:e6:46:03:cc:47:c3:a5:ea:c9:a8:4a:72:f1:50:da:4e:
7d:87:e0:70:f4:d4:0f:61:e9:44:50:d9:49:ee:66:39:6b:58:
5b:c9:fb:01:24:53:32:41:bb:d9:3c:8c:1b:f9:65:11:6b:65:
bf:ec:50:a3:b6:89:79:e0:1f:09:97:24:eb:55:bd:f5:aa:56:
dc:2a:6b:41:2c:e2:51:b8:fe:8c:5a:43:75:39:d2:a1:51:2f:
ed:46:28:0b:c7:90:2a:01:09:25:92:4a:d7:25:63:26:96:66:
47:4e:50:fc:10:f5:86:8f:1c:df:99:7b:54:85:d2:6b:1b:52:
98:4d:eb:4a:e3:ea:0a:b1:92:9b:ae:be:d1:d9:00:70:2a:b9:
64:c7:2f:6f:32:b5:d1:7d:e4:60:a9:cf:6b:fd:65:94:36:55:
19:32:c3:6d:71:56:71:d0:58:3f:62:31:21:f8:3d:06:34:4f:
a9:67:59:1e:a1:c1:cf:25:fc:5f:a5:d7:9a:a0:4a:1e:cd:db:
19:db:5b:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2rjLTOE9/r5an60XBZo9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDcyYTIzNzMwYmJlMWEzMTA1MWYwN2UzYmIyZDM5ZDYw
ODU1MjcwHhcNMjQwMTAxMDIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODgwODQ3NzczMTZjZDYyNDMyMWE1YWVmMzdiMDdkODYyNTU4ZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAparh5HsirgSs+yR0eaJK1XV0y72Z
yxIFJzciGt4jTZv6ppmwtglvln8lGuTTijLTqmKOCaF4796K2ql0m1fBbrITCP8u
aeNRFNIq7ou9LsjGIrauBRHEuf0wUv1r4vBUubfoW7sTkgaMtpKuibrMzvlk0xc5
Lwnzo6oML3ZQIFsTUt3vvp6mWYISJfXtF37gCICDCWOB/FyLuY9S8GSEClJghQQA
wkSxuxHLIsSJPibPc6F/7BoZUJkNW2+Tak2udgZhmxpZgA8stbJc7+WLxyd7qigR
9SF5Ft8oapxXdWlJGTfF2m4XoHlHD7S6j/4m/uG9+UsUivuCFPiL8EuewwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGiAhHdzFs1iQyGlrvN7B9hiVY/dMB8GA1UdIwQY
MBaAFAUHKiNzC74aMQUfB+O7LTnWCFUnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFjcUkzTUx2aG94QlI4SDQ3c3RPZFlJVlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNWRmODctMTVhYi00YjkwLWI3NjAt
NTIyNzkxNTNiYmY0LzEvYUlDRWQzTVd6V0pESWFXdTgzc0gyR0pWajkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNWRmODctMTVhYi00YjkwLWI3NjAtNTIyNzkxNTNiYmY0
LzEvQlFjcUkzTUx2aG94QlI4SDQ3c3RPZFlJVlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgsEDMA0G
CSqGSIb3DQEBCwUAA4IBAQCM16jCj4vGgK3W6f5Zmklk+9KD979Xg6m8JEXNCx6y
frBPyI/gkl0Ngpn+lLkWdI37CkBG5hOHveZGA8xHw6XqyahKcvFQ2k59h+Bw9NQP
YelEUNlJ7mY5a1hbyfsBJFMyQbvZPIwb+WURa2W/7FCjtol54B8JlyTrVb31qlbc
KmtBLOJRuP6MWkN1OdKhUS/tRigLx5AqAQklkkrXJWMmlmZHTlD8EPWGjxzfmXtU
hdJrG1KYTetK4+oKsZKbrr7R2QBwKrlkxy9vMrXRfeRgqc9r/WWUNlUZMsNtcVZx
0Fg/YjEh+D0GNE+pZ1keocHPJfxfpdeaoEoezdsZ21sZ
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:18:22 2025 by rpki-client