Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/IYmUJK1vApyWT119wps-ukf2n9E.roa
File: IYmUJK1vApyWT119wps-ukf2n9E.roa (raw, json)
Hash identifier: w1dWdBHD/FLi3tR98pk3iJlbhc1nR22X1Pwn/kqhO/0=
Subject key identifier: 21:89:94:24:AD:6F:02:9C:96:4F:5D:7D:C2:9B:3E:BA:47:F6:9F:D1
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 0194221F86F6909EE190FFD3A644C9F39E46
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/IYmUJK1vApyWT119wps-ukf2n9E.roa
Signing time: Wed 01 Jan 2025 13:47:58 +0000
ROA not before: Wed 01 Jan 2025 13:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63023
IP address blocks: 81.19.131.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:86:f6:90:9e:e1:90:ff:d3:a6:44:c9:f3:9e:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Jan 1 13:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21899424ad6f029c964f5d7dc29b3eba47f69fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b1:2d:f9:a9:be:41:a0:21:43:23:a4:70:36:
74:db:27:0e:68:ee:05:eb:cb:2d:dc:c5:09:8c:76:
8b:28:46:63:b1:ab:08:5d:52:52:79:c3:b7:a0:69:
9a:57:0c:a9:4e:72:b4:af:b1:4a:f4:11:b3:1c:f5:
47:ed:ea:99:da:c3:8b:60:e2:86:5f:1e:28:0a:22:
b9:95:67:31:72:1c:85:a3:3d:fc:f9:68:28:37:f6:
53:de:19:43:35:ac:38:e4:54:f8:01:9f:eb:9e:e5:
af:9f:3e:e6:13:0d:2c:8f:5f:f4:14:81:6e:44:5a:
0e:87:5e:8b:95:e1:20:6b:2f:f2:3e:44:ab:75:b5:
ee:79:bf:31:0f:b0:27:70:71:b0:c8:30:b9:42:23:
f3:77:c8:c2:e4:b0:54:5c:3f:55:a8:0b:f0:5e:02:
ec:54:94:e0:9b:46:72:08:0f:92:52:32:f1:85:57:
f3:db:2f:70:3a:1d:35:5d:83:51:ce:c3:2c:dc:96:
e8:9a:8f:f3:5a:e7:54:f0:e9:74:5f:eb:ae:51:b1:
73:1c:b2:96:7b:48:a1:78:0d:72:27:7c:01:b0:44:
cf:e5:31:b8:3b:6b:dc:fc:5e:e3:80:87:7b:22:0f:
bb:a1:8b:10:6b:36:e5:05:6d:ff:b6:74:2b:59:73:
79:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:89:94:24:AD:6F:02:9C:96:4F:5D:7D:C2:9B:3E:BA:47:F6:9F:D1
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/IYmUJK1vApyWT119wps-ukf2n9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.131.0/24
Signature Algorithm: sha256WithRSAEncryption
54:03:52:43:26:9d:b0:95:05:f7:8d:1e:2e:9e:f2:39:ad:7f:
60:04:a4:21:1f:c8:6a:8c:b3:41:db:c3:26:b9:47:53:ae:33:
2d:00:58:b7:39:0f:e4:a6:7e:ed:c4:54:df:ab:a2:22:c7:e2:
15:a2:1c:45:6d:41:5d:0b:5d:cf:c7:0e:de:c9:6c:ae:88:3c:
51:f5:30:10:77:81:b8:40:bd:30:d5:68:d3:ca:95:26:78:b8:
a9:92:40:91:94:64:88:d6:60:81:3a:56:7f:aa:f9:1c:31:83:
ce:d7:19:f5:1a:07:c4:67:9f:27:1b:67:78:1b:9f:03:fc:ab:
2d:6a:b2:49:b2:89:fd:e2:3c:2d:e0:ee:f1:ec:d6:e3:08:28:
ef:05:b9:08:68:7e:76:60:e7:e3:8b:67:72:35:ae:8d:f4:86:
59:5e:16:bd:c7:db:76:ae:43:31:23:fe:78:60:60:c8:e2:2f:
57:b4:bf:80:64:d2:20:73:3a:cf:a3:87:49:fe:b6:2c:50:32:
3d:ba:7f:6f:81:e3:d5:13:b7:4e:5d:48:ad:b8:79:d6:1d:1e:
29:f6:a4:9b:f9:b9:5c:25:ca:fc:35:cd:61:92:25:2f:3e:17:
b6:a2:d2:f4:89:95:77:39:18:d2:12:79:b8:a7:bb:a1:6d:9c:
75:72:16:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH4b2kJ7hkP/TpkTJ855GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2U5NjQwYTNlZjJmZWExOTM3NGFkOGY5OWY0MjNkN2Fh
N2M3NmIwHhcNMjUwMTAxMTM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTg5OTQyNGFkNmYwMjljOTY0ZjVkN2RjMjliM2ViYTQ3ZjY5ZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7Et+am+QaAhQyOkcDZ02ycOaO4F
68st3MUJjHaLKEZjsasIXVJSecO3oGmaVwypTnK0r7FK9BGzHPVH7eqZ2sOLYOKG
Xx4oCiK5lWcxchyFoz38+WgoN/ZT3hlDNaw45FT4AZ/rnuWvnz7mEw0sj1/0FIFu
RFoOh16LleEgay/yPkSrdbXueb8xD7AncHGwyDC5QiPzd8jC5LBUXD9VqAvwXgLs
VJTgm0ZyCA+SUjLxhVfz2y9wOh01XYNRzsMs3Jbomo/zWudU8Ol0X+uuUbFzHLKW
e0iheA1yJ3wBsETP5TG4O2vc/F7jgId7Ig+7oYsQazblBW3/tnQrWXN5qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCGJlCStbwKclk9dfcKbPrpH9p/RMB8GA1UdIwQY
MBaAFKTOlkCj7y/qGTdK2PmfQj16p8drMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQt
MjgzZmU1NGE2ZjJmLzEvSVltVUpLMXZBcHlXVDExOXdwcy11a2YybjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQtMjgzZmU1NGE2ZjJm
LzEvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAURODMA0G
CSqGSIb3DQEBCwUAA4IBAQBUA1JDJp2wlQX3jR4unvI5rX9gBKQhH8hqjLNB28Mm
uUdTrjMtAFi3OQ/kpn7txFTfq6Iix+IVohxFbUFdC13Pxw7eyWyuiDxR9TAQd4G4
QL0w1WjTypUmeLipkkCRlGSI1mCBOlZ/qvkcMYPO1xn1GgfEZ58nG2d4G58D/Kst
arJJson94jwt4O7x7NbjCCjvBbkIaH52YOfji2dyNa6N9IZZXha9x9t2rkMxI/54
YGDI4i9XtL+AZNIgczrPo4dJ/rYsUDI9un9vgePVE7dOXUituHnWHR4p9qSb+blc
Jcr8Nc1hkiUvPhe2otL0iZV3ORjSEnm4p7uhbZx1chaM
-----END CERTIFICATE-----
Generated at Tue Apr 8 22:24:45 2025 by rpki-client