Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/f3Wn9TOfcfxB3VYXWanqfMC6WRI.roa
File: f3Wn9TOfcfxB3VYXWanqfMC6WRI.roa (raw, json)
Hash identifier: CJSEzeKkH+A8u48zVCzb/MrI7FvV/Beze1CPp3UTLZU=
Subject key identifier: 7F:75:A7:F5:33:9F:71:FC:41:DD:56:17:59:A9:EA:7C:C0:BA:59:12
Certificate issuer: /CN=a220dda64843a4ee364b089356ca87995830fd77
Certificate serial: 0194214449D9FE9CB3C13E04B9EABBC08CA1
Authority key identifier: A2:20:DD:A6:48:43:A4:EE:36:4B:08:93:56:CA:87:99:58:30:FD:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/f3Wn9TOfcfxB3VYXWanqfMC6WRI.roa
Signing time: Wed 01 Jan 2025 09:48:30 +0000
ROA not before: Wed 01 Jan 2025 09:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25460
IP address blocks: 193.161.4.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:49:d9:fe:9c:b3:c1:3e:04:b9:ea:bb:c0:8c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a220dda64843a4ee364b089356ca87995830fd77
Validity
Not Before: Jan 1 09:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f75a7f5339f71fc41dd561759a9ea7cc0ba5912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e1:10:bf:f6:fb:85:99:90:fc:5a:5c:9d:d2:
60:b8:f3:f1:07:5f:8a:5f:b1:6e:1e:af:13:07:b7:
1b:36:42:64:83:1a:00:8a:b4:f9:79:da:d1:a4:d4:
c3:d5:80:6a:5d:34:f2:8c:ad:ef:18:19:24:87:ec:
96:4f:48:ab:bb:7c:37:20:30:29:28:67:42:d9:0f:
4b:a6:69:ed:fa:68:0c:de:62:4a:12:98:65:d2:0b:
7b:19:3a:35:72:0a:3a:e7:8f:92:5f:cd:dd:7c:e8:
ae:8e:c9:5e:13:81:1f:f0:e5:2e:41:a8:f1:6f:cb:
4f:cd:06:84:eb:49:45:0e:8b:b5:0c:5e:29:65:cc:
cb:92:d5:92:ac:b0:54:e4:35:5b:06:47:2d:ec:59:
0a:5d:d3:8f:b7:e1:60:ee:76:5d:4e:06:ee:49:77:
02:59:88:e9:c5:ed:43:47:07:f8:11:8a:db:bf:4f:
68:f2:5a:d9:7b:4c:f3:aa:ad:d4:b2:8a:47:bf:4d:
ce:5c:f7:6c:b4:97:a6:b7:a3:14:1d:3e:19:2d:6e:
8b:2c:8e:26:14:db:f6:ef:b5:12:eb:b8:2f:75:06:
95:c4:5d:02:e2:10:35:65:9f:d4:5c:77:e3:d0:b5:
ba:53:a5:8f:35:a1:bd:7f:0e:04:5e:ed:5b:5a:e7:
b0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:75:A7:F5:33:9F:71:FC:41:DD:56:17:59:A9:EA:7C:C0:BA:59:12
X509v3 Authority Key Identifier:
keyid:A2:20:DD:A6:48:43:A4:EE:36:4B:08:93:56:CA:87:99:58:30:FD:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/f3Wn9TOfcfxB3VYXWanqfMC6WRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.161.4.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:11:d8:0e:10:8e:24:64:99:c3:a0:6a:a8:02:15:46:69:4f:
69:4f:91:06:66:e9:78:94:61:a4:a8:06:c0:bc:86:4a:56:7b:
f6:bf:01:42:bc:f3:0c:fc:83:71:c0:5a:41:5c:c9:3a:62:7c:
48:20:8f:77:03:4a:0c:ac:c5:62:66:28:db:2b:cc:3e:17:5d:
7b:71:09:f7:16:bb:79:de:49:f3:07:7c:75:64:c0:17:94:cf:
4b:7a:05:0b:84:a6:c9:67:5c:e3:e3:59:e8:c1:ad:b9:7f:31:
e6:c3:61:18:50:32:6c:37:82:3f:5b:bc:24:c4:5d:b4:4d:91:
b6:51:49:ce:30:ab:0a:4f:a4:14:10:7a:83:97:4d:27:6f:02:
cf:0f:90:a9:4c:72:c1:09:5a:11:b6:fa:d6:12:47:53:24:85:
81:57:07:1e:ae:ed:3d:d8:69:09:6c:62:2a:c2:7e:cf:f4:d6:
c7:a0:44:5e:83:cd:6d:22:0b:69:07:c6:1c:6d:c9:72:81:79:
2e:64:2b:fb:50:22:7d:8c:c4:dc:43:14:99:c2:90:ff:37:b1:
43:15:49:df:17:0d:02:43:3c:99:c4:2f:47:fb:52:9d:bd:b8:
be:4c:47:53:e9:ac:c7:9b:d9:05:65:26:4f:61:40:49:03:71:
a4:b6:62:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhREnZ/pyzwT4Eueq7wIyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMjBkZGE2NDg0M2E0ZWUzNjRiMDg5MzU2Y2E4Nzk5NTgz
MGZkNzcwHhcNMjUwMTAxMDk0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjc1YTdmNTMzOWY3MWZjNDFkZDU2MTc1OWE5ZWE3Y2MwYmE1OTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+EQv/b7hZmQ/FpcndJguPPxB1+K
X7FuHq8TB7cbNkJkgxoAirT5edrRpNTD1YBqXTTyjK3vGBkkh+yWT0iru3w3IDAp
KGdC2Q9Lpmnt+mgM3mJKEphl0gt7GTo1cgo654+SX83dfOiujsleE4Ef8OUuQajx
b8tPzQaE60lFDou1DF4pZczLktWSrLBU5DVbBkct7FkKXdOPt+Fg7nZdTgbuSXcC
WYjpxe1DRwf4EYrbv09o8lrZe0zzqq3UsopHv03OXPdstJemt6MUHT4ZLW6LLI4m
FNv277US67gvdQaVxF0C4hA1ZZ/UXHfj0LW6U6WPNaG9fw4EXu1bWuewLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH91p/Uzn3H8Qd1WF1mp6nzAulkSMB8GA1UdIwQY
MBaAFKIg3aZIQ6TuNksIk1bKh5lYMP13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mZmE2ZDQtNTA4OS00NWE3LWEzOGYt
ZjVmODE0NTY1MWQzLzEvZjNXbjlUT2ZjZnhCM1ZZWFdhbnFmTUM2V1JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mZmE2ZDQtNTA4OS00NWE3LWEzOGYtZjVmODE0NTY1MWQz
LzEvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwaEEMA0G
CSqGSIb3DQEBCwUAA4IBAQB8EdgOEI4kZJnDoGqoAhVGaU9pT5EGZul4lGGkqAbA
vIZKVnv2vwFCvPMM/INxwFpBXMk6YnxIII93A0oMrMViZijbK8w+F117cQn3Frt5
3knzB3x1ZMAXlM9LegULhKbJZ1zj41nowa25fzHmw2EYUDJsN4I/W7wkxF20TZG2
UUnOMKsKT6QUEHqDl00nbwLPD5CpTHLBCVoRtvrWEkdTJIWBVwceru092GkJbGIq
wn7P9NbHoEReg81tIgtpB8YcbclygXkuZCv7UCJ9jMTcQxSZwpD/N7FDFUnfFw0C
QzyZxC9H+1Kdvbi+TEdT6azHm9kFZSZPYUBJA3GktmL4
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:46:51 2025 by rpki-client