Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/eAJiVBNvE0IULG7R4z1gVS69pLA.roa
File: eAJiVBNvE0IULG7R4z1gVS69pLA.roa (raw, json)
Hash identifier: QoJDEXYhQDRJB8MYutZYTPZYY9iPjZd/nnWPHEaC0fM=
Subject key identifier: 78:02:62:54:13:6F:13:42:14:2C:6E:D1:E3:3D:60:55:2E:BD:A4:B0
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 01949D39ECBE066CD3883FDDF9A2A754C14B
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/eAJiVBNvE0IULG7R4z1gVS69pLA.roa
Signing time: Sat 25 Jan 2025 11:30:06 +0000
ROA not before: Sat 25 Jan 2025 11:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 193.3.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9d:39:ec:be:06:6c:d3:88:3f:dd:f9:a2:a7:54:c1:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 25 11:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78026254136f1342142c6ed1e33d60552ebda4b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:1f:ca:f5:f1:50:b2:60:9c:ed:c2:52:7e:c7:
0b:71:e9:90:92:2b:e6:73:18:4a:4f:4a:27:5f:1c:
d5:97:0c:90:cd:e5:62:ce:5c:e2:bb:81:16:f3:2c:
77:be:85:d2:61:00:77:bf:93:d8:6a:e7:83:00:d2:
b8:c2:4f:a0:f5:14:9d:e6:15:5c:af:bb:0e:8d:0a:
9d:10:d3:23:c8:69:52:2d:72:d1:3e:86:f2:84:8a:
60:88:8d:c2:c7:78:aa:92:6f:a7:dd:5e:fb:07:33:
2b:a1:dc:3e:5d:f2:d3:64:e9:f3:b7:09:a5:a0:64:
e3:f8:e1:f0:4d:c7:05:8d:61:bf:ef:d3:bf:f5:4c:
1c:c4:64:13:bd:68:04:34:e3:47:84:35:f8:81:82:
1a:65:29:24:a4:c0:06:ad:c2:c7:47:34:26:ea:df:
53:bd:77:81:a3:bc:08:60:e1:93:c5:0e:19:e2:00:
83:97:03:8d:c7:c2:d5:f4:7d:98:8d:76:c6:43:69:
61:a0:ff:e8:69:24:07:7f:d7:21:c3:c9:21:89:a0:
00:23:49:e8:78:07:77:aa:46:29:de:1e:0f:ec:f3:
40:18:96:96:ad:ed:aa:6c:72:4e:d5:49:47:65:85:
be:14:10:50:c3:2c:19:00:19:53:24:20:39:08:72:
86:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:02:62:54:13:6F:13:42:14:2C:6E:D1:E3:3D:60:55:2E:BD:A4:B0
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/eAJiVBNvE0IULG7R4z1gVS69pLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.20.0/24
Signature Algorithm: sha256WithRSAEncryption
72:0b:57:48:f2:99:21:a4:f7:da:0f:41:88:aa:91:b9:53:93:
ee:d7:e0:2d:ca:93:c4:d7:69:1f:ca:db:6c:26:93:ec:c8:69:
d1:fe:23:be:18:e7:b2:12:8b:bc:16:04:b7:75:72:39:52:d0:
f8:d8:cf:9d:4a:a7:df:f6:b1:41:84:a3:2c:ba:22:06:50:04:
4b:99:a4:08:78:f0:95:53:3a:b8:94:a3:08:fe:59:74:87:5d:
3b:89:b1:e9:0e:94:c2:a0:c9:0e:e7:0e:eb:c2:45:e3:0a:c6:
16:ac:74:19:65:a2:eb:82:4c:f5:1a:a2:7f:46:8f:37:cc:1b:
ba:44:10:74:76:92:60:a4:32:6b:61:27:1c:25:00:42:08:f1:
7a:e6:a1:02:72:77:b1:40:d2:51:ac:fb:1d:e0:e4:ab:cb:cc:
25:87:80:4c:f1:b5:88:c9:de:e4:c5:63:62:92:50:8e:8e:e8:
28:54:08:b1:98:5d:6d:e1:4c:0e:2d:7b:5b:f0:1e:d8:f9:ba:
6a:40:3f:a3:97:fd:58:5d:9d:a7:0e:47:ce:ff:53:93:bb:aa:
7d:88:f2:81:b8:0e:e0:37:a7:7b:be:57:f7:08:9a:a5:c5:8d:
c2:af:64:bf:1c:d0:a5:3e:61:1f:5c:e5:b2:d1:36:d1:1c:81:
55:d0:a8:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSdOey+BmzTiD/d+aKnVMFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjUwMTI1MTEzMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODAyNjI1NDEzNmYxMzQyMTQyYzZlZDFlMzNkNjA1NTJlYmRhNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6R/K9fFQsmCc7cJSfscLcemQkivm
cxhKT0onXxzVlwyQzeVizlziu4EW8yx3voXSYQB3v5PYaueDANK4wk+g9RSd5hVc
r7sOjQqdENMjyGlSLXLRPobyhIpgiI3Cx3iqkm+n3V77BzMrodw+XfLTZOnztwml
oGTj+OHwTccFjWG/79O/9UwcxGQTvWgENONHhDX4gYIaZSkkpMAGrcLHRzQm6t9T
vXeBo7wIYOGTxQ4Z4gCDlwONx8LV9H2YjXbGQ2lhoP/oaSQHf9chw8khiaAAI0no
eAd3qkYp3h4P7PNAGJaWre2qbHJO1UlHZYW+FBBQwywZABlTJCA5CHKGUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHgCYlQTbxNCFCxu0eM9YFUuvaSwMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvZUFKaVZCTnZFMElVTEc3UjR6MWdWUzY5cExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQMUMA0G
CSqGSIb3DQEBCwUAA4IBAQByC1dI8pkhpPfaD0GIqpG5U5Pu1+AtypPE12kfytts
JpPsyGnR/iO+GOeyEou8FgS3dXI5UtD42M+dSqff9rFBhKMsuiIGUARLmaQIePCV
Uzq4lKMI/ll0h107ibHpDpTCoMkO5w7rwkXjCsYWrHQZZaLrgkz1GqJ/Ro83zBu6
RBB0dpJgpDJrYSccJQBCCPF65qECcnexQNJRrPsd4OSry8wlh4BM8bWIyd7kxWNi
klCOjugoVAixmF1t4UwOLXtb8B7Y+bpqQD+jl/1YXZ2nDkfO/1OTu6p9iPKBuA7g
N6d7vlf3CJqlxY3Cr2S/HNClPmEfXOWy0TbRHIFV0KgT
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:29:27 2025 by rpki-client