Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/i0RDi_U7uzzsvT-XFmIVtdEjJBo.roa
File: i0RDi_U7uzzsvT-XFmIVtdEjJBo.roa (raw, json)
Hash identifier: X9TMi1KOMUhN1/FdkRCwtv/2lL+OgpgqNMtUKl79L/E=
Subject key identifier: 8B:44:43:8B:F5:3B:BB:3C:EC:BD:3F:97:16:62:15:B5:D1:23:24:1A
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 019428260A67F8AC6BF87C8DCBE9CA725F3D
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/i0RDi_U7uzzsvT-XFmIVtdEjJBo.roa
Signing time: Thu 02 Jan 2025 17:52:49 +0000
ROA not before: Thu 02 Jan 2025 17:52:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 193.3.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:0a:67:f8:ac:6b:f8:7c:8d:cb:e9:ca:72:5f:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 2 17:52:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b44438bf53bbb3cecbd3f97166215b5d123241a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d3:6a:af:96:05:3a:f1:c4:26:4e:28:29:00:
e7:d3:dd:b0:ba:1b:0c:f7:a6:33:d6:8f:c1:bb:88:
43:ce:87:48:7a:95:5b:e7:3e:33:b5:0d:25:9f:fa:
08:b7:bc:e2:c6:6c:4b:b5:09:6c:e7:83:21:51:3c:
25:df:50:9b:33:17:b1:e9:bb:21:b5:c0:24:4c:eb:
69:24:ed:ec:a4:47:cf:d6:a2:77:c3:c0:50:68:46:
bb:fe:b5:87:be:33:89:89:26:cf:62:fa:42:1f:b1:
d7:de:24:0a:a0:eb:e6:58:be:f2:cf:cb:b4:1e:ee:
fc:d1:03:a8:05:32:82:19:74:de:35:15:c4:94:47:
02:22:41:cc:ff:eb:93:fa:91:ca:2e:ff:6b:c2:03:
25:83:db:8a:63:bb:75:e2:ca:a9:f8:2b:10:13:fd:
be:01:2d:12:9c:9e:9b:d3:bd:5d:98:e8:f7:00:2b:
66:44:4e:f7:85:1d:61:ce:ca:03:e9:91:72:e4:96:
ee:2a:d0:40:fa:7a:80:b9:56:6c:a5:d9:34:ae:87:
c0:89:d7:11:2f:0f:b0:ab:a6:09:ec:af:b8:8b:be:
35:0d:86:1f:f1:b9:3a:75:8f:7c:36:37:28:b8:03:
4d:30:66:66:b8:a7:b9:29:04:e9:74:eb:06:9d:c7:
3a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:44:43:8B:F5:3B:BB:3C:EC:BD:3F:97:16:62:15:B5:D1:23:24:1A
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/i0RDi_U7uzzsvT-XFmIVtdEjJBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.20.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:fa:41:0c:6e:51:7b:3b:ff:e4:2c:fc:73:52:56:d1:b6:8b:
f4:91:15:43:fa:d6:b4:46:f9:3a:45:e9:83:00:ca:4d:4c:d1:
cc:e5:31:53:f1:60:14:c4:87:cc:d3:23:26:3a:b0:73:df:a9:
eb:eb:dc:36:9a:07:d9:22:7d:99:88:25:87:ab:70:c4:ee:6b:
d0:88:b8:ff:11:9a:d0:5a:65:44:7f:4f:db:28:54:af:d1:c7:
eb:2f:cf:6c:92:52:98:5d:be:32:bb:f2:45:6b:90:51:9c:08:
93:96:95:f9:62:10:a4:78:b9:19:8f:85:45:76:47:1d:3a:ee:
e5:bb:b6:c5:1e:ff:26:99:d5:3a:2b:2c:55:8e:f2:b9:81:7f:
5d:3c:88:3d:52:e8:7e:3a:0b:2a:3b:a7:d3:99:5d:90:8f:46:
42:10:86:05:18:96:7c:e4:72:8f:6a:c1:f3:07:e6:f8:7d:fb:
d3:a5:8d:01:88:92:e6:ee:98:ee:47:a8:5d:f8:44:00:18:e3:
a5:fd:e1:7a:fb:b4:e4:5f:21:3b:cc:55:60:e5:9d:12:98:ca:
17:0d:3c:11:1b:22:0d:f7:fd:21:db:6a:cf:14:c6:bf:cf:6a:
b3:52:06:41:6d:a5:0a:51:bb:23:2b:2e:0c:bc:94:a2:a8:16:
5c:57:55:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJgpn+Kxr+HyNy+nKcl89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjUwMTAyMTc1MjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQ0NDM4YmY1M2JiYjNjZWNiZDNmOTcxNjYyMTViNWQxMjMyNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NNqr5YFOvHEJk4oKQDn092wuhsM
96Yz1o/Bu4hDzodIepVb5z4ztQ0ln/oIt7zixmxLtQls54MhUTwl31CbMxex6bsh
tcAkTOtpJO3spEfP1qJ3w8BQaEa7/rWHvjOJiSbPYvpCH7HX3iQKoOvmWL7yz8u0
Hu780QOoBTKCGXTeNRXElEcCIkHM/+uT+pHKLv9rwgMlg9uKY7t14sqp+CsQE/2+
AS0SnJ6b071dmOj3ACtmRE73hR1hzsoD6ZFy5JbuKtBA+nqAuVZspdk0rofAidcR
Lw+wq6YJ7K+4i741DYYf8bk6dY98NjcouANNMGZmuKe5KQTpdOsGncc6iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItEQ4v1O7s87L0/lxZiFbXRIyQaMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvaTBSRGlfVTd1enpzdlQtWEZtSVZ0ZEVqSkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQMUMA0G
CSqGSIb3DQEBCwUAA4IBAQB8+kEMblF7O//kLPxzUlbRtov0kRVD+ta0Rvk6RemD
AMpNTNHM5TFT8WAUxIfM0yMmOrBz36nr69w2mgfZIn2ZiCWHq3DE7mvQiLj/EZrQ
WmVEf0/bKFSv0cfrL89sklKYXb4yu/JFa5BRnAiTlpX5YhCkeLkZj4VFdkcdOu7l
u7bFHv8mmdU6KyxVjvK5gX9dPIg9Uuh+OgsqO6fTmV2Qj0ZCEIYFGJZ85HKPasHz
B+b4ffvTpY0BiJLm7pjuR6hd+EQAGOOl/eF6+7TkXyE7zFVg5Z0SmMoXDTwRGyIN
9/0h22rPFMa/z2qzUgZBbaUKUbsjKy4MvJSiqBZcV1Uw
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:41:28 2025 by rpki-client