Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/523a93-8bbd-44ac-88bd-4e7bca55f821/1/d4J3hFq0HNbxtJqDRfD1EPobeOE.roa
File: d4J3hFq0HNbxtJqDRfD1EPobeOE.roa (raw, json)
Hash identifier: PQTLVZJKuh/8lPtCIvv5FE3X+KDFKnubLty3294VMrk=
Subject key identifier: 77:82:77:84:5A:B4:1C:D6:F1:B4:9A:83:45:F0:F5:10:FA:1B:78:E1
Certificate issuer: /CN=e1aed1484e96e4bf7993e9b867b34c34d6a8ae36
Certificate serial: 0185710BF6ECAEA8A3CBE5675CBA9BAF2BA9
Authority key identifier: E1:AE:D1:48:4E:96:E4:BF:79:93:E9:B8:67:B3:4C:34:D6:A8:AE:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4a7RSE6W5L95k-m4Z7NMNNaorjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/523a93-8bbd-44ac-88bd-4e7bca55f821/1/d4J3hFq0HNbxtJqDRfD1EPobeOE.roa
Signing time: Mon 02 Jan 2023 05:54:47 +0000
ROA not before: Mon 02 Jan 2023 05:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8708
IP address blocks: 194.153.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:f6:ec:ae:a8:a3:cb:e5:67:5c:ba:9b:af:2b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1aed1484e96e4bf7993e9b867b34c34d6a8ae36
Validity
Not Before: Jan 2 05:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=778277845ab41cd6f1b49a8345f0f510fa1b78e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d9:f0:db:fb:c5:12:3b:0e:0e:0c:a0:24:54:
84:98:db:0f:71:27:54:a5:d5:fd:ec:0d:12:f4:f3:
07:86:c3:8d:80:b6:a7:94:4b:d4:04:02:d2:a9:c3:
82:69:6b:ae:f5:82:75:7f:60:d9:21:d4:09:7a:26:
c6:64:9e:90:f0:07:e3:ba:3b:2a:86:30:38:cb:8b:
1f:34:50:8b:09:a0:03:d9:df:77:ec:25:ac:6f:e3:
cc:2b:0a:4a:ef:00:93:cf:c0:51:f8:58:26:e8:bf:
de:ed:51:e9:39:97:f9:f9:7d:1b:33:e7:aa:fd:ba:
6f:fd:3e:2f:d7:6f:59:83:72:4e:9d:bf:36:2e:21:
3b:d4:c4:9c:f8:0c:51:12:94:ee:83:f6:68:f3:44:
0d:cb:83:12:32:54:71:49:a7:c4:4a:c8:20:0d:fc:
3e:8f:96:ca:4f:16:dd:7a:0b:80:37:6f:79:1c:bd:
85:0c:ad:09:b8:b8:51:28:f4:ec:a9:14:5a:95:16:
75:0c:b5:cd:59:ff:2a:47:ca:8c:7a:86:d4:84:6e:
ec:e1:47:50:55:63:45:56:54:b7:04:2a:06:2e:ae:
03:51:c0:f1:be:26:54:5b:11:de:b9:fd:85:30:c7:
6f:1e:c1:e4:5d:4e:a8:b0:59:d8:5a:f6:6d:36:13:
dd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:82:77:84:5A:B4:1C:D6:F1:B4:9A:83:45:F0:F5:10:FA:1B:78:E1
X509v3 Authority Key Identifier:
keyid:E1:AE:D1:48:4E:96:E4:BF:79:93:E9:B8:67:B3:4C:34:D6:A8:AE:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a7RSE6W5L95k-m4Z7NMNNaorjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/523a93-8bbd-44ac-88bd-4e7bca55f821/1/d4J3hFq0HNbxtJqDRfD1EPobeOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/523a93-8bbd-44ac-88bd-4e7bca55f821/1/4a7RSE6W5L95k-m4Z7NMNNaorjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.248.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:73:1a:4d:bb:87:89:37:db:93:7b:5c:9d:e7:60:01:41:fc:
9a:0e:4c:cf:a1:fe:6b:04:87:82:2b:26:92:b2:50:e0:e5:2e:
c3:a2:34:3b:72:3e:1c:ba:1f:28:e0:58:11:03:e2:78:3c:1b:
e7:fb:2b:ec:30:13:c9:15:58:30:33:01:f6:6b:31:06:4c:6e:
fa:7e:88:b4:42:1f:4b:14:79:dd:5e:d2:8e:bc:66:5a:1c:00:
fc:a4:b6:c7:11:0d:08:b3:35:33:46:87:fc:02:b6:ff:74:49:
77:7a:cd:b5:6c:35:98:0f:a0:5c:73:42:a3:1b:ed:80:74:70:
43:09:07:35:bd:75:52:d5:79:a1:b2:f8:29:49:8f:0e:56:32:
2c:98:f6:77:0d:b7:ea:b3:ef:4d:a7:e9:75:83:d2:9c:eb:fb:
18:93:1b:83:7a:f8:0b:15:1a:f5:ea:e3:3d:db:84:bb:d7:bf:
5b:60:96:9e:27:63:49:e9:5d:2d:a2:f8:f0:b0:af:b5:6d:f6:
42:6a:79:5f:04:92:d6:f6:81:8e:90:7a:34:7f:02:1e:da:1b:
c4:c8:b7:c1:30:80:73:bd:e8:c8:84:7b:83:b1:2c:9d:35:ef:
be:e0:35:a2:c1:7d:ff:f9:9b:8c:19:ec:32:ee:1e:0b:4d:cf:
5d:5b:7d:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxC/bsrqijy+VnXLqbryupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYWVkMTQ4NGU5NmU0YmY3OTkzZTliODY3YjM0YzM0ZDZh
OGFlMzYwHhcNMjMwMTAyMDU1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzgyNzc4NDVhYjQxY2Q2ZjFiNDlhODM0NWYwZjUxMGZhMWI3OGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dnw2/vFEjsODgygJFSEmNsPcSdU
pdX97A0S9PMHhsONgLanlEvUBALSqcOCaWuu9YJ1f2DZIdQJeibGZJ6Q8Afjujsq
hjA4y4sfNFCLCaAD2d937CWsb+PMKwpK7wCTz8BR+Fgm6L/e7VHpOZf5+X0bM+eq
/bpv/T4v129Zg3JOnb82LiE71MSc+AxREpTug/Zo80QNy4MSMlRxSafESsggDfw+
j5bKTxbdeguAN295HL2FDK0JuLhRKPTsqRRalRZ1DLXNWf8qR8qMeobUhG7s4UdQ
VWNFVlS3BCoGLq4DUcDxviZUWxHeuf2FMMdvHsHkXU6osFnYWvZtNhPdjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHeCd4RatBzW8bSag0Xw9RD6G3jhMB8GA1UdIwQY
MBaAFOGu0UhOluS/eZPpuGezTDTWqK42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGE3UlNFNlc1TDk1ay1tNFo3Tk1OTmFvcmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MjNhOTMtOGJiZC00NGFjLTg4YmQt
NGU3YmNhNTVmODIxLzEvZDRKM2hGcTBITmJ4dEpxRFJmRDFFUG9iZU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MjNhOTMtOGJiZC00NGFjLTg4YmQtNGU3YmNhNTVmODIx
LzEvNGE3UlNFNlc1TDk1ay1tNFo3Tk1OTmFvcmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpn4MA0G
CSqGSIb3DQEBCwUAA4IBAQCpcxpNu4eJN9uTe1yd52ABQfyaDkzPof5rBIeCKyaS
slDg5S7DojQ7cj4cuh8o4FgRA+J4PBvn+yvsMBPJFVgwMwH2azEGTG76foi0Qh9L
FHndXtKOvGZaHAD8pLbHEQ0IszUzRof8Arb/dEl3es21bDWYD6Bcc0KjG+2AdHBD
CQc1vXVS1XmhsvgpSY8OVjIsmPZ3Dbfqs+9Np+l1g9Kc6/sYkxuDevgLFRr16uM9
24S7179bYJaeJ2NJ6V0tovjwsK+1bfZCanlfBJLW9oGOkHo0fwIe2hvEyLfBMIBz
vejIhHuDsSydNe++4DWiwX3/+ZuMGewy7h4LTc9dW33b
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:21:39 2025 by rpki-client