Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/c2df59-9f1e-48df-8466-c6495853cc1a/1/jgAsessKAm9uqTW97_vJxlFphmg.roa
File: jgAsessKAm9uqTW97_vJxlFphmg.roa (raw, json)
Hash identifier: SBPtFGq/5yKwTAX24BEiHsnyylA3vI1PAj8aDZuhBbE=
Subject key identifier: 8E:00:2C:7A:CB:0A:02:6F:6E:A9:35:BD:EF:FB:C9:C6:51:69:86:68
Certificate issuer: /CN=1d2fefbd168f18661eca15569dc6218f86746942
Certificate serial: 01941F8C09A926AC903E33CA8967F678638C
Authority key identifier: 1D:2F:EF:BD:16:8F:18:66:1E:CA:15:56:9D:C6:21:8F:86:74:69:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HS_vvRaPGGYeyhVWncYhj4Z0aUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/c2df59-9f1e-48df-8466-c6495853cc1a/1/jgAsessKAm9uqTW97_vJxlFphmg.roa
Signing time: Wed 01 Jan 2025 01:47:38 +0000
ROA not before: Wed 01 Jan 2025 01:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1213
IP address blocks: 140.203.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:09:a9:26:ac:90:3e:33:ca:89:67:f6:78:63:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d2fefbd168f18661eca15569dc6218f86746942
Validity
Not Before: Jan 1 01:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e002c7acb0a026f6ea935bdeffbc9c651698668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d8:e0:08:79:1e:d3:dc:22:da:f2:fa:1d:c0:
9a:c3:3f:4d:14:a9:ff:42:ef:d3:94:2a:4d:12:12:
5d:84:46:21:a1:b7:fa:dd:a6:de:4f:92:b0:0f:cc:
a5:48:f5:66:c3:af:79:70:27:39:e8:14:26:1c:67:
53:8d:e4:f5:f5:18:5f:e4:11:3c:1a:9b:c0:d8:f4:
95:62:e1:7d:5b:59:28:44:d8:27:95:05:4c:b0:87:
3a:58:e8:72:8a:50:be:29:3f:d8:e7:59:c6:23:9c:
62:16:83:1a:29:52:1f:31:65:9f:26:e0:49:58:fe:
d3:dc:17:30:92:9e:35:4a:07:87:8f:4a:13:dd:14:
42:4c:22:99:d6:c8:c2:59:29:e6:d6:1f:02:35:3c:
de:73:53:04:2f:08:50:a8:21:48:cb:a1:4f:e5:56:
50:2a:6d:21:cb:dd:0f:fc:fd:49:f6:15:97:61:db:
d8:18:a3:82:e0:86:1c:fe:87:ee:b2:2e:f6:f9:86:
d6:09:03:89:45:8c:05:6c:fc:34:13:38:40:71:64:
63:a0:a7:e7:1a:93:b2:bf:3c:fe:8f:b6:6a:57:56:
32:20:23:73:81:19:f0:be:b9:dd:c7:24:37:e6:53:
1c:57:82:77:06:14:87:f1:9e:76:d8:47:de:e1:93:
2c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:00:2C:7A:CB:0A:02:6F:6E:A9:35:BD:EF:FB:C9:C6:51:69:86:68
X509v3 Authority Key Identifier:
keyid:1D:2F:EF:BD:16:8F:18:66:1E:CA:15:56:9D:C6:21:8F:86:74:69:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HS_vvRaPGGYeyhVWncYhj4Z0aUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c2df59-9f1e-48df-8466-c6495853cc1a/1/jgAsessKAm9uqTW97_vJxlFphmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c2df59-9f1e-48df-8466-c6495853cc1a/1/HS_vvRaPGGYeyhVWncYhj4Z0aUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.203.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:18:8b:1a:e8:18:b9:d4:64:0e:50:0e:71:60:55:d6:9b:26:
1d:8a:fa:db:04:39:17:e6:14:30:74:89:d5:4e:4b:91:19:cc:
76:bb:3f:6e:9a:06:c5:79:4d:e1:4e:6d:af:d6:d5:1a:4a:4d:
a2:f6:74:57:bb:27:1e:bb:e0:4b:95:16:8f:98:73:3a:53:5d:
c6:32:b6:5c:fc:22:b4:4a:79:c5:e1:3c:5b:0c:30:f8:ed:f5:
c5:ae:59:31:75:8b:a6:26:04:1b:47:65:7b:0b:38:8f:88:bd:
62:bc:1a:0e:09:56:3a:7f:7d:6a:43:bc:ef:47:c8:2a:69:0e:
45:d3:6b:70:71:d5:82:7d:70:85:79:78:ff:b1:e7:56:ac:d1:
7f:c9:61:a1:96:a8:f0:47:03:0c:cf:1c:b8:26:64:a4:4a:68:
33:af:bb:7e:f0:7a:8a:88:6b:6d:28:a1:e1:f4:9d:db:d8:ff:
53:08:c3:ba:2d:c3:45:d4:48:37:cd:93:81:8a:8b:32:81:61:
6c:d5:cb:92:dd:a7:d0:67:9e:c7:0b:28:29:3b:be:37:13:86:
76:44:7e:ed:8f:d7:df:9f:3a:d6:10:bf:42:71:18:47:79:d6:
39:b3:ee:fa:5f:ec:48:c2:ca:fb:69:19:21:83:0a:e8:8c:83:
d7:03:78:4b
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQfjAmpJqyQPjPKiWf2eGOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMmZlZmJkMTY4ZjE4NjYxZWNhMTU1NjlkYzYyMThmODY3
NDY5NDIwHhcNMjUwMTAxMDE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTAwMmM3YWNiMGEwMjZmNmVhOTM1YmRlZmZiYzljNjUxNjk4NjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3djgCHke09wi2vL6HcCawz9NFKn/
Qu/TlCpNEhJdhEYhobf63abeT5KwD8ylSPVmw695cCc56BQmHGdTjeT19Rhf5BE8
GpvA2PSVYuF9W1koRNgnlQVMsIc6WOhyilC+KT/Y51nGI5xiFoMaKVIfMWWfJuBJ
WP7T3Bcwkp41SgeHj0oT3RRCTCKZ1sjCWSnm1h8CNTzec1MELwhQqCFIy6FP5VZQ
Km0hy90P/P1J9hWXYdvYGKOC4IYc/ofusi72+YbWCQOJRYwFbPw0EzhAcWRjoKfn
GpOyvzz+j7ZqV1YyICNzgRnwvrndxyQ35lMcV4J3BhSH8Z522Efe4ZMsuQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFI4ALHrLCgJvbqk1ve/7ycZRaYZoMB8GA1UdIwQY
MBaAFB0v770WjxhmHsoVVp3GIY+GdGlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNfdnZSYVBHR1lleWhWV25jWWhqNFowYVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9jMmRmNTktOWYxZS00OGRmLTg0NjYt
YzY0OTU4NTNjYzFhLzEvamdBc2Vzc0tBbTl1cVRXOTdfdkp4bEZwaG1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9jMmRmNTktOWYxZS00OGRmLTg0NjYtYzY0OTU4NTNjYzFh
LzEvSFNfdnZSYVBHR1lleWhWV25jWWhqNFowYVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjMswDQYJ
KoZIhvcNAQELBQADggEBAEsYixroGLnUZA5QDnFgVdabJh2K+tsEORfmFDB0idVO
S5EZzHa7P26aBsV5TeFOba/W1RpKTaL2dFe7Jx674EuVFo+YczpTXcYytlz8IrRK
ecXhPFsMMPjt9cWuWTF1i6YmBBtHZXsLOI+IvWK8Gg4JVjp/fWpDvO9HyCppDkXT
a3Bx1YJ9cIV5eP+x51as0X/JYaGWqPBHAwzPHLgmZKRKaDOvu37weoqIa20ooeH0
ndvY/1MIw7otw0XUSDfNk4GKizKBYWzVy5Ldp9BnnscLKCk7vjcThnZEfu2P19+f
OtYQv0JxGEd51jmz7vpf7EjCyvtpGSGDCuiMg9cDeEs=
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:56:34 2025 by rpki-client