Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/98a8b9-8e99-4db3-b061-e9230e588626/1/idTCOx8-4Tst-Qoz7K6F7H3dYN4.roa
File: idTCOx8-4Tst-Qoz7K6F7H3dYN4.roa (raw, json)
Hash identifier: arkT/3jnb38g6YOrTZp9aafP6pWkmdDHWiUSBAjozQo=
Subject key identifier: 89:D4:C2:3B:1F:3E:E1:3B:2D:F9:0A:33:EC:AE:85:EC:7D:DD:60:DE
Certificate issuer: /CN=acbc2da4fac77bbaad29a5986b4107f531ed2e3e
Certificate serial: 01942825FDAF0BDBDBB21BEAA4CF925F432B
Authority key identifier: AC:BC:2D:A4:FA:C7:7B:BA:AD:29:A5:98:6B:41:07:F5:31:ED:2E:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rLwtpPrHe7qtKaWYa0EH9THtLj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/98a8b9-8e99-4db3-b061-e9230e588626/1/idTCOx8-4Tst-Qoz7K6F7H3dYN4.roa
Signing time: Thu 02 Jan 2025 17:52:45 +0000
ROA not before: Thu 02 Jan 2025 17:52:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41400
IP address blocks: 193.93.36.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:fd:af:0b:db:db:b2:1b:ea:a4:cf:92:5f:43:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acbc2da4fac77bbaad29a5986b4107f531ed2e3e
Validity
Not Before: Jan 2 17:52:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89d4c23b1f3ee13b2df90a33ecae85ec7ddd60de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:02:ee:65:65:91:a3:df:0a:1c:92:a9:eb:08:
6a:68:3b:76:1e:2c:52:03:4b:55:7c:4b:7c:dc:1b:
c1:07:c5:11:ec:98:80:db:0b:94:4d:3f:14:ce:fc:
99:33:14:fd:d2:93:af:4c:45:c9:36:2d:b5:e0:f4:
04:5e:f3:5e:a3:db:80:94:5f:52:fb:a7:14:b2:2c:
79:c0:b0:b0:a0:ed:e2:be:85:22:ea:40:c0:69:9e:
14:3e:8b:a4:96:bb:2c:ee:9a:c9:76:2d:24:23:9e:
bb:b4:59:f7:7f:bb:c6:9e:2d:5e:8c:5a:24:16:aa:
8d:ec:a9:37:4d:8e:7f:43:86:09:e4:31:6f:0c:c4:
aa:dc:93:8d:31:3d:ba:b3:e8:82:50:c8:ff:f8:5c:
aa:21:f4:66:0d:31:c7:fb:6a:d0:31:c3:66:f0:32:
b1:65:a4:26:b1:ad:ca:31:46:cb:c3:63:a8:51:f5:
cb:53:52:60:a4:e6:48:12:76:9f:85:92:60:64:5e:
5b:82:da:5a:1e:b9:94:f9:b1:8b:3f:d0:38:b8:90:
25:ec:d6:23:02:1c:02:86:01:bc:a9:f2:92:cd:df:
c4:bb:02:39:30:5c:ec:ee:78:8d:7d:70:87:0a:fc:
40:af:36:f9:ea:8f:da:56:c9:df:12:27:9d:76:79:
1a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D4:C2:3B:1F:3E:E1:3B:2D:F9:0A:33:EC:AE:85:EC:7D:DD:60:DE
X509v3 Authority Key Identifier:
keyid:AC:BC:2D:A4:FA:C7:7B:BA:AD:29:A5:98:6B:41:07:F5:31:ED:2E:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rLwtpPrHe7qtKaWYa0EH9THtLj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/98a8b9-8e99-4db3-b061-e9230e588626/1/idTCOx8-4Tst-Qoz7K6F7H3dYN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/98a8b9-8e99-4db3-b061-e9230e588626/1/rLwtpPrHe7qtKaWYa0EH9THtLj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.36.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:e3:ac:2a:05:32:29:71:17:d7:9c:fa:b3:f4:b7:f9:d0:f4:
db:83:e4:fd:47:fd:8b:fa:4a:32:51:62:e6:19:29:40:ca:0a:
dc:3c:09:0d:38:20:9d:d1:71:e8:b9:2e:14:41:b5:09:df:96:
df:ed:bb:44:45:eb:b9:d2:ed:d9:27:6b:40:10:99:34:00:87:
a3:39:14:48:a1:cd:85:43:01:66:89:1d:5f:dd:1b:4c:63:07:
db:86:91:9d:88:a7:d1:43:59:69:68:ac:5b:cd:e8:17:ed:bb:
11:5c:41:ad:50:ad:2f:4c:ec:e6:ee:ed:fe:3a:ff:ca:e7:c5:
a4:da:0a:03:9e:b3:0e:00:cc:7e:9a:23:42:90:87:05:b1:94:
18:f3:79:8b:95:53:34:5c:8b:0f:8f:54:4a:8e:e1:49:c1:4b:
6f:7a:91:c9:ee:e2:62:6c:ca:01:d2:45:60:76:c7:70:dc:3b:
3e:37:e1:5c:f7:36:7a:bb:ca:cd:e7:a3:b5:25:51:79:5e:8f:
b5:d2:ad:d3:ad:0c:9a:f4:58:3f:66:53:e3:14:8f:4b:01:1e:
d4:fd:37:40:cc:9f:ac:9c:63:59:f9:53:f6:dc:72:43:af:26:
bc:6c:f0:9f:34:b3:62:c7:2a:d0:79:52:57:70:8a:cf:9a:4b:
a9:f3:76:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJf2vC9vbshvqpM+SX0MrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYmMyZGE0ZmFjNzdiYmFhZDI5YTU5ODZiNDEwN2Y1MzFl
ZDJlM2UwHhcNMjUwMTAyMTc1MjQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWQ0YzIzYjFmM2VlMTNiMmRmOTBhMzNlY2FlODVlYzdkZGQ2MGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxALuZWWRo98KHJKp6whqaDt2HixS
A0tVfEt83BvBB8UR7JiA2wuUTT8UzvyZMxT90pOvTEXJNi214PQEXvNeo9uAlF9S
+6cUsix5wLCwoO3ivoUi6kDAaZ4UPouklrss7prJdi0kI567tFn3f7vGni1ejFok
FqqN7Kk3TY5/Q4YJ5DFvDMSq3JONMT26s+iCUMj/+FyqIfRmDTHH+2rQMcNm8DKx
ZaQmsa3KMUbLw2OoUfXLU1JgpOZIEnafhZJgZF5bgtpaHrmU+bGLP9A4uJAl7NYj
AhwChgG8qfKSzd/EuwI5MFzs7niNfXCHCvxArzb56o/aVsnfEieddnkaqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFInUwjsfPuE7LfkKM+yuhex93WDeMB8GA1UdIwQY
MBaAFKy8LaT6x3u6rSmlmGtBB/Ux7S4+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckx3dHBQckhlN3F0S2FXWWEwRUg5VEh0TGo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS85OGE4YjktOGU5OS00ZGIzLWIwNjEt
ZTkyMzBlNTg4NjI2LzEvaWRUQ094OC00VHN0LVFvejdLNkY3SDNkWU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS85OGE4YjktOGU5OS00ZGIzLWIwNjEtZTkyMzBlNTg4NjI2
LzEvckx3dHBQckhlN3F0S2FXWWEwRUg5VEh0TGo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwV0kMA0G
CSqGSIb3DQEBCwUAA4IBAQCe46wqBTIpcRfXnPqz9Lf50PTbg+T9R/2L+koyUWLm
GSlAygrcPAkNOCCd0XHouS4UQbUJ35bf7btEReu50u3ZJ2tAEJk0AIejORRIoc2F
QwFmiR1f3RtMYwfbhpGdiKfRQ1lpaKxbzegX7bsRXEGtUK0vTOzm7u3+Ov/K58Wk
2goDnrMOAMx+miNCkIcFsZQY83mLlVM0XIsPj1RKjuFJwUtvepHJ7uJibMoB0kVg
dsdw3Ds+N+Fc9zZ6u8rN56O1JVF5Xo+10q3TrQya9Fg/ZlPjFI9LAR7U/TdAzJ+s
nGNZ+VP23HJDrya8bPCfNLNixyrQeVJXcIrPmkup83bq
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:15:11 2025 by rpki-client