Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/RBMjukEqx2sl5l36QHoeYAt53xA.roa
File: RBMjukEqx2sl5l36QHoeYAt53xA.roa (raw, json)
Hash identifier: CigZBgIJK8KdYbz4Z/LqbjrH2hEu5NpbSyzTklo12XU=
Subject key identifier: 44:13:23:BA:41:2A:C7:6B:25:E6:5D:FA:40:7A:1E:60:0B:79:DF:10
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01942747319AD605F1BB082B7572F491B0B0
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/RBMjukEqx2sl5l36QHoeYAt53xA.roa
Signing time: Thu 02 Jan 2025 13:49:24 +0000
ROA not before: Thu 02 Jan 2025 13:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210538
IP address blocks: 160.20.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:31:9a:d6:05:f1:bb:08:2b:75:72:f4:91:b0:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 2 13:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=441323ba412ac76b25e65dfa407a1e600b79df10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9f:1b:43:b3:9b:8c:b2:36:f1:a3:9d:0b:2c:
65:a0:93:60:a1:44:51:18:21:4c:04:f6:ac:ef:aa:
97:74:9f:97:cb:9d:ad:d0:14:52:89:43:87:fd:71:
de:4f:eb:04:be:12:da:0b:0b:86:d2:24:bf:7b:0d:
79:d1:e5:48:51:af:2d:ef:f8:f4:cb:e3:d6:4b:7e:
48:48:e5:6c:60:63:d6:ef:05:93:57:4a:fb:02:15:
37:49:62:49:ad:a0:57:6f:a2:95:1c:b7:24:7e:05:
d5:c0:14:d8:7a:72:03:91:c7:00:fb:df:fc:ce:b1:
4b:29:9b:93:af:ee:5a:18:7c:ed:91:0f:a3:4f:a7:
b3:21:b5:b8:ac:34:b5:25:ce:ef:f1:fb:6d:58:d7:
c7:56:97:dc:4f:6b:2c:09:17:72:48:f3:36:91:ce:
46:23:e6:6f:da:c3:cb:36:68:98:be:52:b8:de:d0:
b8:70:5c:1a:4d:52:bc:40:72:27:9b:54:7c:18:21:
ea:a0:0e:7d:a3:b6:ba:c0:9f:83:ec:8b:41:b4:fe:
20:cc:1f:1e:5a:2b:4d:72:3c:54:94:1e:a7:4c:db:
26:d7:86:25:5f:e6:9c:91:db:4e:44:3c:3b:69:b9:
18:0a:df:e3:fe:6a:e5:35:78:69:a7:49:71:cd:dd:
e4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:13:23:BA:41:2A:C7:6B:25:E6:5D:FA:40:7A:1E:60:0B:79:DF:10
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/RBMjukEqx2sl5l36QHoeYAt53xA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.20.108.0/24
Signature Algorithm: sha256WithRSAEncryption
53:a0:fc:b4:2a:7b:32:6e:02:9d:3a:79:f8:56:43:bc:b9:0d:
ed:16:87:2d:b5:29:62:05:8a:18:fb:c1:79:18:02:d8:71:9e:
75:96:46:8b:43:10:99:9e:57:5e:1f:ad:62:0b:89:4e:16:75:
31:22:57:ea:ae:7d:67:e1:e4:43:b1:db:5f:33:6a:43:69:e4:
5b:ec:1e:47:72:01:94:ec:0b:57:d7:4b:03:8f:aa:9f:fe:5e:
6a:20:87:59:30:0d:a3:1e:00:ae:b2:e1:b1:97:e5:e2:8f:b2:
d5:64:8e:d2:db:15:17:55:fe:8b:23:6e:8a:05:98:9a:87:63:
2d:ac:b9:3f:d4:a3:64:cc:57:40:8b:1c:9d:5b:b6:09:a5:88:
63:3b:88:f6:8d:61:19:d7:b7:1c:c8:42:3a:9c:16:3b:68:f3:
82:0e:85:b9:28:8b:fd:15:0d:9e:80:94:b4:3a:6d:1f:1c:69:
c4:19:3e:a4:e2:e3:6f:b4:a6:06:26:8b:26:5d:94:c9:f7:11:
2f:6c:66:a7:31:dd:02:7e:ef:f6:3c:d2:91:c3:d6:0b:82:9e:
6e:6b:c8:a3:8b:c9:14:43:4e:15:6f:3f:51:7b:94:a7:9f:6d:
3e:32:4c:e8:84:4a:09:59:ae:9e:73:55:f8:db:48:75:e9:d9:
6a:e4:b6:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRzGa1gXxuwgrdXL0kbCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMTAyMTM0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDEzMjNiYTQxMmFjNzZiMjVlNjVkZmE0MDdhMWU2MDBiNzlkZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ8bQ7ObjLI28aOdCyxloJNgoURR
GCFMBPas76qXdJ+Xy52t0BRSiUOH/XHeT+sEvhLaCwuG0iS/ew150eVIUa8t7/j0
y+PWS35ISOVsYGPW7wWTV0r7AhU3SWJJraBXb6KVHLckfgXVwBTYenIDkccA+9/8
zrFLKZuTr+5aGHztkQ+jT6ezIbW4rDS1Jc7v8fttWNfHVpfcT2ssCRdySPM2kc5G
I+Zv2sPLNmiYvlK43tC4cFwaTVK8QHInm1R8GCHqoA59o7a6wJ+D7ItBtP4gzB8e
WitNcjxUlB6nTNsm14YlX+ackdtORDw7abkYCt/j/mrlNXhpp0lxzd3k8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEQTI7pBKsdrJeZd+kB6HmALed8QMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvUkJNanVrRXF4MnNsNWwzNlFIb2VZQXQ1M3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBRsMA0G
CSqGSIb3DQEBCwUAA4IBAQBToPy0KnsybgKdOnn4VkO8uQ3tFocttSliBYoY+8F5
GALYcZ51lkaLQxCZnldeH61iC4lOFnUxIlfqrn1n4eRDsdtfM2pDaeRb7B5HcgGU
7AtX10sDj6qf/l5qIIdZMA2jHgCusuGxl+Xij7LVZI7S2xUXVf6LI26KBZiah2Mt
rLk/1KNkzFdAixydW7YJpYhjO4j2jWEZ17ccyEI6nBY7aPOCDoW5KIv9FQ2egJS0
Om0fHGnEGT6k4uNvtKYGJosmXZTJ9xEvbGanMd0Cfu/2PNKRw9YLgp5ua8iji8kU
Q04Vbz9Re5Snn20+MkzohEoJWa6ec1X420h16dlq5Lah
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:07:40 2025 by rpki-client