Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/79721f-f40b-41d2-ac0e-c947e16c2c61/1/IzJAsPZQ1UGxFANdsG3oY69uKXA.roa
File: IzJAsPZQ1UGxFANdsG3oY69uKXA.roa (raw, json)
Hash identifier: CcyMr2iMEV8JAHDDzlmMrcymUQDZ/T8pHrLiuemKNGk=
Subject key identifier: 23:32:40:B0:F6:50:D5:41:B1:14:03:5D:B0:6D:E8:63:AF:6E:29:70
Certificate issuer: /CN=8e63704d5501ed75a6e20966ebf07a36555b1ab6
Certificate serial: 0194214463A2429559F4AB8317B254186864
Authority key identifier: 8E:63:70:4D:55:01:ED:75:A6:E2:09:66:EB:F0:7A:36:55:5B:1A:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmNwTVUB7XWm4glm6_B6NlVbGrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/79721f-f40b-41d2-ac0e-c947e16c2c61/1/IzJAsPZQ1UGxFANdsG3oY69uKXA.roa
Signing time: Wed 01 Jan 2025 09:48:37 +0000
ROA not before: Wed 01 Jan 2025 09:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 193.247.124.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:63:a2:42:95:59:f4:ab:83:17:b2:54:18:68:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e63704d5501ed75a6e20966ebf07a36555b1ab6
Validity
Not Before: Jan 1 09:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=233240b0f650d541b114035db06de863af6e2970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:36:52:39:c5:64:a5:20:37:16:9c:78:f0:d8:
86:c1:1a:a1:83:be:57:2b:5e:49:7d:13:d0:a2:86:
59:54:75:96:7a:2f:23:eb:a9:1b:23:5a:8e:62:56:
f2:28:8f:92:81:f4:50:bd:93:cc:0d:ff:3c:b3:2c:
20:32:7f:52:97:97:25:40:79:40:56:88:e9:7a:c9:
b1:89:df:56:1b:c7:50:01:56:19:c3:e6:e5:17:d6:
31:b8:7a:02:89:dd:5e:2b:eb:b2:b0:cf:22:2a:5d:
f9:71:ce:50:db:46:e1:c0:20:8c:60:5f:26:3d:80:
4e:dc:8f:37:cf:1c:1e:47:f6:b6:b5:93:b2:20:5a:
ec:23:85:32:ac:78:84:6b:13:96:ef:c3:d9:3c:9c:
ec:04:a5:15:8e:90:ca:e6:0b:eb:aa:82:71:7b:f1:
b8:90:45:35:8a:ad:bd:c6:b7:78:52:63:24:74:d5:
6d:b9:24:3f:a3:1b:c9:8e:45:3d:62:6f:67:14:bb:
c1:2a:0d:4e:2b:67:ee:20:53:6f:4e:4f:64:da:cb:
6a:98:1f:10:d6:88:4b:1a:d6:80:8f:f5:43:e1:a2:
19:4c:cd:a4:98:95:ad:90:7e:de:04:ab:1b:1d:b5:
d6:67:95:aa:a1:1b:47:d0:33:8b:00:5b:e9:34:97:
34:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:32:40:B0:F6:50:D5:41:B1:14:03:5D:B0:6D:E8:63:AF:6E:29:70
X509v3 Authority Key Identifier:
keyid:8E:63:70:4D:55:01:ED:75:A6:E2:09:66:EB:F0:7A:36:55:5B:1A:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmNwTVUB7XWm4glm6_B6NlVbGrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/79721f-f40b-41d2-ac0e-c947e16c2c61/1/IzJAsPZQ1UGxFANdsG3oY69uKXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/79721f-f40b-41d2-ac0e-c947e16c2c61/1/jmNwTVUB7XWm4glm6_B6NlVbGrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.247.124.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:6c:5a:91:7b:d0:1e:e2:d9:44:67:da:1c:4c:73:34:54:64:
9a:28:fb:01:77:0b:c8:2b:07:21:05:80:9b:64:6a:ee:1c:22:
c1:74:95:51:8e:04:37:17:93:1e:bc:fb:ff:63:76:bb:7c:d1:
55:d5:69:e5:8f:93:47:e6:9c:25:13:5e:6a:1f:94:86:11:38:
b7:60:d4:34:28:2e:39:32:18:8d:bf:68:75:b1:1f:51:4c:06:
95:28:35:5f:6c:0b:d8:93:41:6b:d7:88:6d:4f:5c:9b:ba:b8:
8c:2a:5e:47:8e:74:b4:3a:51:14:f4:70:4f:da:28:71:79:9e:
43:5d:e7:d8:4f:c2:3f:7b:db:44:7e:bb:ec:62:86:60:e1:5a:
98:b7:be:7a:89:9c:86:fe:1b:8a:d2:c5:23:3b:12:05:83:2e:
c5:08:93:e7:43:e6:0a:34:94:0c:a2:05:cc:47:49:2d:e9:84:
67:aa:a6:8d:96:c6:9c:ca:fa:59:e9:e3:3e:13:1f:b7:b8:8f:
4a:a0:82:31:8b:4d:4e:1d:44:c3:21:c0:d5:41:c3:52:b6:e9:
80:1b:3b:39:db:c9:3c:bd:aa:f7:cc:fb:22:ce:d8:89:02:c5:
58:e6:74:92:8c:0a:cf:fb:96:05:ea:fc:3b:2b:46:97:e4:90:
00:4f:ef:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRGOiQpVZ9KuDF7JUGGhkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjM3MDRkNTUwMWVkNzVhNmUyMDk2NmViZjA3YTM2NTU1
YjFhYjYwHhcNMjUwMTAxMDk0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzMyNDBiMGY2NTBkNTQxYjExNDAzNWRiMDZkZTg2M2FmNmUyOTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TZSOcVkpSA3Fpx48NiGwRqhg75X
K15JfRPQooZZVHWWei8j66kbI1qOYlbyKI+SgfRQvZPMDf88sywgMn9Sl5clQHlA
Vojpesmxid9WG8dQAVYZw+blF9YxuHoCid1eK+uysM8iKl35cc5Q20bhwCCMYF8m
PYBO3I83zxweR/a2tZOyIFrsI4UyrHiEaxOW78PZPJzsBKUVjpDK5gvrqoJxe/G4
kEU1iq29xrd4UmMkdNVtuSQ/oxvJjkU9Ym9nFLvBKg1OK2fuIFNvTk9k2stqmB8Q
1ohLGtaAj/VD4aIZTM2kmJWtkH7eBKsbHbXWZ5WqoRtH0DOLAFvpNJc09wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMyQLD2UNVBsRQDXbBt6GOvbilwMB8GA1UdIwQY
MBaAFI5jcE1VAe11puIJZuvwejZVWxq2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Od1RWVUI3WFdtNGdsbTZfQjZObFZiR3JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC83OTcyMWYtZjQwYi00MWQyLWFjMGUt
Yzk0N2UxNmMyYzYxLzEvSXpKQXNQWlExVUd4RkFOZHNHM29ZNjl1S1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC83OTcyMWYtZjQwYi00MWQyLWFjMGUtYzk0N2UxNmMyYzYx
LzEvam1Od1RWVUI3WFdtNGdsbTZfQjZObFZiR3JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwfd8MA0G
CSqGSIb3DQEBCwUAA4IBAQA+bFqRe9Ae4tlEZ9ocTHM0VGSaKPsBdwvIKwchBYCb
ZGruHCLBdJVRjgQ3F5MevPv/Y3a7fNFV1Wnlj5NH5pwlE15qH5SGETi3YNQ0KC45
MhiNv2h1sR9RTAaVKDVfbAvYk0Fr14htT1yburiMKl5HjnS0OlEU9HBP2ihxeZ5D
XefYT8I/e9tEfrvsYoZg4VqYt756iZyG/huK0sUjOxIFgy7FCJPnQ+YKNJQMogXM
R0kt6YRnqqaNlsacyvpZ6eM+Ex+3uI9KoIIxi01OHUTDIcDVQcNStumAGzs528k8
var3zPsiztiJAsVY5nSSjArP+5YF6vw7K0aX5JAAT+/J
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:35 2025 by rpki-client