Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/daf25c-1b49-4719-9203-3254e4d7122e/1/Es7ywFH6OUUimgB7Im0w6rmJTp0.roa
File: Es7ywFH6OUUimgB7Im0w6rmJTp0.roa (raw, json)
Hash identifier: abO8fwUesogsz9Zacb24U8oebFrl5K77Kq2B6Kf6nfc=
Subject key identifier: 12:CE:F2:C0:51:FA:39:45:22:9A:00:7B:22:6D:30:EA:B9:89:4E:9D
Certificate issuer: /CN=bf174a5833bde6aa7824c34099762d00978857ff
Certificate serial: 01856E4AFB84178BE57D91C8CC236EC88FA3
Authority key identifier: BF:17:4A:58:33:BD:E6:AA:78:24:C3:40:99:76:2D:00:97:88:57:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxdKWDO95qp4JMNAmXYtAJeIV_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/daf25c-1b49-4719-9203-3254e4d7122e/1/Es7ywFH6OUUimgB7Im0w6rmJTp0.roa
Signing time: Sun 01 Jan 2023 17:04:45 +0000
ROA not before: Sun 01 Jan 2023 17:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29139
IP address blocks: 193.163.254.0/24 maxlen: 24
193.163.255.0/24 maxlen: 24
193.163.243.0/24 maxlen: 24
193.163.244.0/24 maxlen: 24
193.163.245.0/24 maxlen: 24
193.163.246.0/24 maxlen: 24
193.163.241.0/24 maxlen: 24
193.163.242.0/24 maxlen: 24
193.163.250.0/24 maxlen: 24
193.163.251.0/24 maxlen: 24
193.163.252.0/24 maxlen: 24
193.163.253.0/24 maxlen: 24
193.163.247.0/24 maxlen: 24
193.163.248.0/24 maxlen: 24
193.163.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:4a:fb:84:17:8b:e5:7d:91:c8:cc:23:6e:c8:8f:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf174a5833bde6aa7824c34099762d00978857ff
Validity
Not Before: Jan 1 17:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12cef2c051fa3945229a007b226d30eab9894e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e7:ed:a7:fe:a8:3c:05:2b:19:bb:31:34:43:
de:59:dc:30:a8:72:5a:40:f2:1b:ee:a1:9a:5e:68:
bd:5a:3d:df:3e:a3:9a:e1:76:14:12:46:b6:28:8d:
92:eb:69:27:a6:15:20:14:75:f1:f2:43:6c:57:f1:
8c:80:08:df:d1:80:47:ff:b0:07:bb:a2:93:c8:99:
b9:6e:ee:da:c2:bd:1e:16:c7:26:54:dd:83:ca:08:
7b:05:78:8a:a4:56:ab:34:17:42:59:2b:6e:62:17:
6e:9f:61:e2:6c:9b:62:c6:65:db:23:cd:78:76:64:
01:bd:cf:21:b3:d8:67:88:90:23:ed:af:23:3a:d0:
d6:b5:8a:ff:52:1e:c2:9c:1c:5f:da:72:b4:b5:57:
85:29:79:7d:e9:3c:32:fd:c4:23:33:e7:56:6f:5c:
eb:dd:8a:c6:0a:b7:83:45:d7:d0:91:4f:c1:d8:86:
75:35:6b:1c:c9:0a:93:0b:86:68:3c:88:c4:8a:7d:
d8:38:31:f6:67:1a:f9:7b:16:f0:97:a1:45:81:87:
a6:1b:ff:47:92:1f:7b:21:3e:62:dd:9e:2b:be:46:
e6:67:b9:ec:f2:14:2f:4e:3b:20:c5:66:a3:2f:0b:
6d:79:74:66:01:92:0d:ee:34:f3:58:10:d1:c0:7a:
75:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:CE:F2:C0:51:FA:39:45:22:9A:00:7B:22:6D:30:EA:B9:89:4E:9D
X509v3 Authority Key Identifier:
keyid:BF:17:4A:58:33:BD:E6:AA:78:24:C3:40:99:76:2D:00:97:88:57:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxdKWDO95qp4JMNAmXYtAJeIV_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/daf25c-1b49-4719-9203-3254e4d7122e/1/Es7ywFH6OUUimgB7Im0w6rmJTp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/daf25c-1b49-4719-9203-3254e4d7122e/1/vxdKWDO95qp4JMNAmXYtAJeIV_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.241.0-193.163.255.255
Signature Algorithm: sha256WithRSAEncryption
7b:e0:77:2d:48:ae:2a:86:04:80:84:93:05:1b:31:ac:80:77:
a4:b2:56:ba:51:a0:c7:9e:ca:4b:90:32:8e:c6:df:fe:70:bd:
73:f4:b5:57:e7:6c:25:bf:91:22:f2:72:cb:a6:d8:90:bf:50:
ca:f2:14:01:62:be:a1:40:c1:08:1c:ea:98:65:cc:8f:1b:47:
52:08:77:65:83:b9:fb:32:74:e8:c0:57:ee:3f:08:95:24:0f:
1b:bb:34:b8:40:df:08:8a:4c:82:1b:fc:96:e4:8e:ef:2e:d8:
0b:f8:70:08:5d:a0:80:a5:5b:77:dd:4c:6b:78:95:51:53:46:
4d:95:7a:93:d9:d8:f3:d9:da:01:b5:01:47:72:92:18:a6:53:
12:d8:99:fd:58:40:bb:4e:4d:1a:bf:98:e3:e1:65:58:55:d9:
82:88:36:a5:e0:e5:ff:b0:8d:69:f0:ce:39:d3:84:6e:2e:cf:
b0:6d:a5:f2:6f:8b:e0:ee:cb:ce:70:5c:7e:5f:23:cd:da:d3:
91:84:8a:7c:93:19:0c:00:7d:13:5c:9d:dd:14:a5:a1:2f:8a:
f4:97:76:8d:db:79:28:e5:e7:c1:0e:74:4d:31:0f:9e:0c:00:
7d:89:04:3a:28:26:89:97:12:3d:c4:cf:66:3f:23:92:00:a3:
e4:d9:53:93
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVuSvuEF4vlfZHIzCNuyI+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMTc0YTU4MzNiZGU2YWE3ODI0YzM0MDk5NzYyZDAwOTc4
ODU3ZmYwHhcNMjMwMTAxMTcwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmNlZjJjMDUxZmEzOTQ1MjI5YTAwN2IyMjZkMzBlYWI5ODk0ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuftp/6oPAUrGbsxNEPeWdwwqHJa
QPIb7qGaXmi9Wj3fPqOa4XYUEka2KI2S62knphUgFHXx8kNsV/GMgAjf0YBH/7AH
u6KTyJm5bu7awr0eFscmVN2Dygh7BXiKpFarNBdCWStuYhdun2HibJtixmXbI814
dmQBvc8hs9hniJAj7a8jOtDWtYr/Uh7CnBxf2nK0tVeFKXl96Twy/cQjM+dWb1zr
3YrGCreDRdfQkU/B2IZ1NWscyQqTC4ZoPIjEin3YODH2Zxr5exbwl6FFgYemG/9H
kh97IT5i3Z4rvkbmZ7ns8hQvTjsgxWajLwtteXRmAZIN7jTzWBDRwHp1XwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFBLO8sBR+jlFIpoAeyJtMOq5iU6dMB8GA1UdIwQY
MBaAFL8XSlgzveaqeCTDQJl2LQCXiFf/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnhkS1dETzk1cXA0Sk1OQW1YWXRBSmVJVl84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kYWYyNWMtMWI0OS00NzE5LTkyMDMt
MzI1NGU0ZDcxMjJlLzEvRXM3eXdGSDZPVVVpbWdCN0ltMHc2cm1KVHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kYWYyNWMtMWI0OS00NzE5LTkyMDMtMzI1NGU0ZDcxMjJl
LzEvdnhkS1dETzk1cXA0Sk1OQW1YWXRBSmVJVl84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDBADBo/ED
AwLBoDANBgkqhkiG9w0BAQsFAAOCAQEAe+B3LUiuKoYEgISTBRsxrIB3pLJWulGg
x57KS5Ayjsbf/nC9c/S1V+dsJb+RIvJyy6bYkL9QyvIUAWK+oUDBCBzqmGXMjxtH
Ugh3ZYO5+zJ06MBX7j8IlSQPG7s0uEDfCIpMghv8luSO7y7YC/hwCF2ggKVbd91M
a3iVUVNGTZV6k9nY89naAbUBR3KSGKZTEtiZ/VhAu05NGr+Y4+FlWFXZgog2peDl
/7CNafDOOdOEbi7PsG2l8m+L4O7LznBcfl8jzdrTkYSKfJMZDAB9E1yd3RSloS+K
9Jd2jdt5KOXnwQ50TTEPngwAfYkEOigmiZcSPcTPZj8jkgCj5NlTkw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:10 2025 by rpki-client