Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/a7ff8c-147e-4c4a-8675-8778cd8c0500/1/2mW2J8U4upAr0hqyab4IDLjtHbI.roa
File: 2mW2J8U4upAr0hqyab4IDLjtHbI.roa (raw, json)
Hash identifier: XMWWor+8W4y47R0Qgou0+5ruXWCfd0YmakBeZqhGlOY=
Subject key identifier: DA:65:B6:27:C5:38:BA:90:2B:D2:1A:B2:69:BE:08:0C:B8:ED:1D:B2
Certificate issuer: /CN=a89c840d1ef0cd52dcf5faa65335a5dd5054c465
Certificate serial: 01856CAEF63A7BE69E56578D3593E18A724F
Authority key identifier: A8:9C:84:0D:1E:F0:CD:52:DC:F5:FA:A6:53:35:A5:DD:50:54:C4:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qJyEDR7wzVLc9fqmUzWl3VBUxGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/a7ff8c-147e-4c4a-8675-8778cd8c0500/1/2mW2J8U4upAr0hqyab4IDLjtHbI.roa
Signing time: Sun 01 Jan 2023 09:34:43 +0000
ROA not before: Sun 01 Jan 2023 09:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28682
IP address blocks: 193.243.140.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:f6:3a:7b:e6:9e:56:57:8d:35:93:e1:8a:72:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a89c840d1ef0cd52dcf5faa65335a5dd5054c465
Validity
Not Before: Jan 1 09:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da65b627c538ba902bd21ab269be080cb8ed1db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1a:90:dc:d3:6d:f2:8a:34:9e:bc:ba:59:5a:
3a:9b:e4:cd:a2:1d:7b:92:02:e5:bb:7c:e6:97:60:
37:ff:af:29:ba:95:51:6b:c5:f2:94:31:ac:2a:21:
52:40:02:05:48:d8:1c:0c:01:04:37:13:d3:58:2a:
27:71:22:cf:83:cc:43:f5:7d:9c:84:dd:d2:89:68:
61:91:72:49:3a:26:3c:17:53:cf:61:0b:a0:51:58:
37:20:8a:d2:e8:ca:42:0e:96:c5:67:1d:94:9a:de:
75:ec:27:28:58:92:80:68:8e:15:66:4f:59:ee:6b:
ae:db:e1:1e:0e:de:db:bf:39:38:18:e5:9f:a6:47:
ae:2c:2c:98:30:36:22:a7:00:96:58:53:85:0f:8b:
66:83:41:d6:be:ca:2e:75:41:d3:28:97:08:a3:19:
44:61:2c:10:41:13:c3:ea:05:2b:91:88:f9:8d:cd:
be:be:2b:a7:0f:e9:e3:b5:7d:1e:26:7d:cb:c7:22:
6b:15:a3:51:26:9b:0a:cc:b0:d4:d2:cf:48:3a:eb:
90:6e:b3:c0:31:0d:a0:38:ca:7f:bd:e5:75:d1:44:
72:68:30:52:56:56:e8:06:c6:ed:34:10:a3:98:c7:
90:0e:fb:45:10:c5:bc:39:7a:c3:62:a1:ee:a0:81:
35:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:65:B6:27:C5:38:BA:90:2B:D2:1A:B2:69:BE:08:0C:B8:ED:1D:B2
X509v3 Authority Key Identifier:
keyid:A8:9C:84:0D:1E:F0:CD:52:DC:F5:FA:A6:53:35:A5:DD:50:54:C4:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qJyEDR7wzVLc9fqmUzWl3VBUxGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/a7ff8c-147e-4c4a-8675-8778cd8c0500/1/2mW2J8U4upAr0hqyab4IDLjtHbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/a7ff8c-147e-4c4a-8675-8778cd8c0500/1/qJyEDR7wzVLc9fqmUzWl3VBUxGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.243.140.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:dd:95:b9:4b:0a:48:c8:40:b7:93:63:27:ec:9d:14:ec:ec:
cc:cc:4a:f0:ab:4d:14:e9:bd:1e:9f:ab:ce:66:e3:6f:36:fc:
05:92:b8:9f:c6:94:bc:e3:1b:e0:00:7a:7a:3e:9f:48:4a:3b:
52:c4:6b:37:c0:5e:27:e4:a7:6b:a0:ab:2c:3b:f0:bf:0b:7a:
88:d4:e4:67:8d:2d:eb:15:40:57:05:7b:01:4b:86:40:39:77:
0f:92:df:00:ad:31:a7:60:de:9e:a7:fd:b3:f4:a4:a6:61:ad:
3e:55:3c:11:c7:46:4c:78:af:d7:b1:70:98:5e:8f:03:a3:dc:
f6:26:73:a2:09:de:f0:90:43:c5:5e:d3:c4:89:33:6b:e4:9b:
fb:51:a0:c3:96:8e:3a:e2:ac:17:20:13:18:3d:90:07:27:e7:
c6:3e:61:5f:06:fd:6e:5b:15:7f:65:67:47:ac:7c:dd:16:e2:
2e:72:bf:72:af:33:6a:48:b2:b4:19:f2:3e:3b:5e:c2:cf:09:
44:7c:ab:c9:90:2f:dd:78:4e:89:4d:f7:6a:6d:d4:b2:03:0e:
c8:c1:c3:e3:81:50:71:36:6e:60:a7:12:1d:e5:ee:ea:00:ef:
2f:e3:2d:7f:c1:17:ff:b5:15:28:7e:42:cb:92:fe:c4:77:ff:
37:b1:17:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrvY6e+aeVleNNZPhinJPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4OWM4NDBkMWVmMGNkNTJkY2Y1ZmFhNjUzMzVhNWRkNTA1
NGM0NjUwHhcNMjMwMTAxMDkzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTY1YjYyN2M1MzhiYTkwMmJkMjFhYjI2OWJlMDgwY2I4ZWQxZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBqQ3NNt8oo0nry6WVo6m+TNoh17
kgLlu3zml2A3/68pupVRa8XylDGsKiFSQAIFSNgcDAEENxPTWConcSLPg8xD9X2c
hN3SiWhhkXJJOiY8F1PPYQugUVg3IIrS6MpCDpbFZx2Umt517CcoWJKAaI4VZk9Z
7muu2+EeDt7bvzk4GOWfpkeuLCyYMDYipwCWWFOFD4tmg0HWvsoudUHTKJcIoxlE
YSwQQRPD6gUrkYj5jc2+viunD+njtX0eJn3LxyJrFaNRJpsKzLDU0s9IOuuQbrPA
MQ2gOMp/veV10URyaDBSVlboBsbtNBCjmMeQDvtFEMW8OXrDYqHuoIE1HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNpltifFOLqQK9Iasmm+CAy47R2yMB8GA1UdIwQY
MBaAFKichA0e8M1S3PX6plM1pd1QVMRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUp5RURSN3d6VkxjOWZxbVV6V2wzVkJVeEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9hN2ZmOGMtMTQ3ZS00YzRhLTg2NzUt
ODc3OGNkOGMwNTAwLzEvMm1XMko4VTR1cEFyMGhxeWFiNElETGp0SGJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9hN2ZmOGMtMTQ3ZS00YzRhLTg2NzUtODc3OGNkOGMwNTAw
LzEvcUp5RURSN3d6VkxjOWZxbVV6V2wzVkJVeEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwfOMMA0G
CSqGSIb3DQEBCwUAA4IBAQBa3ZW5SwpIyEC3k2Mn7J0U7OzMzErwq00U6b0en6vO
ZuNvNvwFkrifxpS84xvgAHp6Pp9ISjtSxGs3wF4n5KdroKssO/C/C3qI1ORnjS3r
FUBXBXsBS4ZAOXcPkt8ArTGnYN6ep/2z9KSmYa0+VTwRx0ZMeK/XsXCYXo8Do9z2
JnOiCd7wkEPFXtPEiTNr5Jv7UaDDlo464qwXIBMYPZAHJ+fGPmFfBv1uWxV/ZWdH
rHzdFuIucr9yrzNqSLK0GfI+O17CzwlEfKvJkC/deE6JTfdqbdSyAw7IwcPjgVBx
Nm5gpxId5e7qAO8v4y1/wRf/tRUofkLLkv7Ed/83sRfZ
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:06:56 2025 by rpki-client