Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/5c3fc3-35e8-4a0c-a30f-fb9217028c5c/1/u07_9pXlmAHNvZNIHp40fo4J9fA.roa
File: u07_9pXlmAHNvZNIHp40fo4J9fA.roa (raw, json)
Hash identifier: 204TNJbYlIMXBCvMgIFRQa54vmawR7NJf6FejBBRQA4=
Subject key identifier: BB:4E:FF:F6:95:E5:98:01:CD:BD:93:48:1E:9E:34:7E:8E:09:F5:F0
Certificate issuer: /CN=07b7a0c1babd621e8220d0d777877a844b413c10
Certificate serial: 019423D740135FE160F4F47ED38C44238A0C
Authority key identifier: 07:B7:A0:C1:BA:BD:62:1E:82:20:D0:D7:77:87:7A:84:4B:41:3C:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B7egwbq9Yh6CINDXd4d6hEtBPBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/5c3fc3-35e8-4a0c-a30f-fb9217028c5c/1/u07_9pXlmAHNvZNIHp40fo4J9fA.roa
Signing time: Wed 01 Jan 2025 21:48:16 +0000
ROA not before: Wed 01 Jan 2025 21:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50629
IP address blocks: 193.203.2.0/23 maxlen: 23
193.203.16.0/23 maxlen: 23
2a0f:e280::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:40:13:5f:e1:60:f4:f4:7e:d3:8c:44:23:8a:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07b7a0c1babd621e8220d0d777877a844b413c10
Validity
Not Before: Jan 1 21:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb4efff695e59801cdbd93481e9e347e8e09f5f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cc:03:12:fa:89:ca:3b:1e:23:cf:3f:34:e0:
74:41:25:7c:9f:d1:72:f3:a7:23:97:1b:1e:07:9a:
4c:98:ef:a5:b2:25:9a:d9:77:fe:f5:d1:fc:4f:e2:
04:78:5b:3d:31:65:70:41:7e:19:cc:67:b9:52:93:
b4:cb:2e:97:35:fb:c0:01:62:53:69:ca:29:35:01:
dd:3d:2e:a1:25:9a:0f:ea:ac:96:0e:57:f7:c6:31:
d7:e3:77:3a:cb:ac:ff:51:e9:ce:07:62:2d:04:fb:
cd:d3:5f:dc:44:a1:26:cd:5b:91:08:00:65:64:89:
8e:67:a9:70:75:d6:c0:65:9a:59:fd:b6:15:5f:2a:
6b:c0:f9:0f:08:af:1f:26:df:3c:8d:ed:ca:50:e1:
a2:54:d7:fe:14:3b:bc:ad:12:90:96:34:fb:f8:7f:
ce:56:e8:0c:e5:9c:d5:8a:0b:c5:ea:ef:85:c5:8e:
59:ee:41:b5:29:0a:2f:f4:5f:98:bc:8c:c1:46:5b:
52:93:80:44:a6:97:be:25:20:82:fb:3e:1c:bf:c0:
c8:db:47:79:f9:d0:c6:42:f3:a1:ef:75:4c:9e:c6:
84:af:d1:4d:0d:18:a3:85:f9:a8:8a:62:81:43:2d:
fb:61:df:52:9c:a0:e6:b1:cb:c4:44:b3:4d:4e:4b:
16:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:4E:FF:F6:95:E5:98:01:CD:BD:93:48:1E:9E:34:7E:8E:09:F5:F0
X509v3 Authority Key Identifier:
keyid:07:B7:A0:C1:BA:BD:62:1E:82:20:D0:D7:77:87:7A:84:4B:41:3C:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B7egwbq9Yh6CINDXd4d6hEtBPBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/5c3fc3-35e8-4a0c-a30f-fb9217028c5c/1/u07_9pXlmAHNvZNIHp40fo4J9fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/5c3fc3-35e8-4a0c-a30f-fb9217028c5c/1/B7egwbq9Yh6CINDXd4d6hEtBPBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.2.0/23
193.203.16.0/23
IPv6:
2a0f:e280::/29
Signature Algorithm: sha256WithRSAEncryption
93:d3:2f:c8:3f:02:77:c4:c9:2f:f2:80:20:12:94:c8:4a:0c:
2b:fc:d9:49:5d:02:e0:c4:d8:fc:f0:9b:25:f1:ff:de:b7:c0:
ed:96:ff:b0:78:d7:e3:c4:5d:98:a9:f3:e3:40:20:db:28:71:
94:2f:c7:1c:4b:e3:2f:6a:99:53:15:e2:e6:d5:ea:1f:4a:3a:
20:5e:da:af:b7:88:e9:9f:4c:47:35:04:31:e0:4a:ce:df:d4:
8e:37:85:ae:b3:75:76:2b:da:db:87:fc:39:e3:e6:d1:17:06:
5d:23:31:24:5b:b5:1c:19:e0:a7:61:99:53:4d:79:ae:3f:a4:
21:d2:84:9d:fe:cf:35:77:b8:c8:10:6d:6a:e2:02:b0:0a:17:
70:7f:d8:16:3b:6f:0a:0b:ae:e8:f4:45:1d:f6:22:02:aa:ab:
14:ff:c6:0f:55:e1:9f:8a:66:0e:cd:31:34:33:5b:8e:0d:c3:
47:93:18:2c:74:12:27:d1:d3:0c:5e:4c:4b:e8:27:fc:ac:f4:
3c:b2:68:15:d3:24:48:2f:0e:cd:9c:27:77:e3:d2:41:65:07:
b2:1a:1d:50:9b:8e:fa:6e:10:5d:58:bf:d7:47:76:b1:8f:f0:
02:a0:74:42:47:05:64:e9:ad:ee:e2:9f:df:3e:4e:3c:bd:5e:
56:cd:45:66
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQj10ATX+Fg9PR+04xEI4oMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YjdhMGMxYmFiZDYyMWU4MjIwZDBkNzc3ODc3YTg0NGI0
MTNjMTAwHhcNMjUwMTAxMjE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjRlZmZmNjk1ZTU5ODAxY2RiZDkzNDgxZTllMzQ3ZThlMDlmNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnswDEvqJyjseI88/NOB0QSV8n9Fy
86cjlxseB5pMmO+lsiWa2Xf+9dH8T+IEeFs9MWVwQX4ZzGe5UpO0yy6XNfvAAWJT
acopNQHdPS6hJZoP6qyWDlf3xjHX43c6y6z/UenOB2ItBPvN01/cRKEmzVuRCABl
ZImOZ6lwddbAZZpZ/bYVXyprwPkPCK8fJt88je3KUOGiVNf+FDu8rRKQljT7+H/O
VugM5ZzVigvF6u+FxY5Z7kG1KQov9F+YvIzBRltSk4BEppe+JSCC+z4cv8DI20d5
+dDGQvOh73VMnsaEr9FNDRijhfmoimKBQy37Yd9SnKDmscvERLNNTksWjwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLtO//aV5ZgBzb2TSB6eNH6OCfXwMB8GA1UdIwQY
MBaAFAe3oMG6vWIegiDQ13eHeoRLQTwQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjdlZ3dicTlZaDZDSU5EWGQ0ZDZoRXRCUEJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS81YzNmYzMtMzVlOC00YTBjLWEzMGYt
ZmI5MjE3MDI4YzVjLzEvdTA3XzlwWGxtQUhOdlpOSUhwNDBmbzRKOWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS81YzNmYzMtMzVlOC00YTBjLWEzMGYtZmI5MjE3MDI4YzVj
LzEvQjdlZ3dicTlZaDZDSU5EWGQ0ZDZoRXRCUEJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwcsCAwQB
wcsQMA0EAgACMAcDBQMqD+KAMA0GCSqGSIb3DQEBCwUAA4IBAQCT0y/IPwJ3xMkv
8oAgEpTISgwr/NlJXQLgxNj88Jsl8f/et8Dtlv+weNfjxF2YqfPjQCDbKHGUL8cc
S+MvaplTFeLm1eofSjogXtqvt4jpn0xHNQQx4ErO39SON4Wus3V2K9rbh/w54+bR
FwZdIzEkW7UcGeCnYZlTTXmuP6Qh0oSd/s81d7jIEG1q4gKwChdwf9gWO28KC67o
9EUd9iICqqsU/8YPVeGfimYOzTE0M1uODcNHkxgsdBIn0dMMXkxL6Cf8rPQ8smgV
0yRILw7NnCd349JBZQeyGh1Qm476bhBdWL/XR3axj/ACoHRCRwVk6a3u4p/fPk48
vV5WzUVm
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:50:56 2025 by rpki-client