Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/_XMSvqKClmx5Ke0x9SjwrELKh2c.roa
File: _XMSvqKClmx5Ke0x9SjwrELKh2c.roa (raw, json)
Hash identifier: OMLczGOwRyrJl1CJL/hcwc4N1GtLJXp6msweO3yS8mc=
Subject key identifier: FD:73:12:BE:A2:82:96:6C:79:29:ED:31:F5:28:F0:AC:42:CA:87:67
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D59815C5F040393A58408527A6B6D7
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/_XMSvqKClmx5Ke0x9SjwrELKh2c.roa
Signing time: Wed 01 Jan 2025 07:47:36 +0000
ROA not before: Wed 01 Jan 2025 07:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 193.253.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:98:15:c5:f0:40:39:3a:58:40:85:27:a6:b6:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd7312bea282966c7929ed31f528f0ac42ca8767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:aa:65:2c:dd:59:13:dd:19:43:5d:de:2a:8c:
97:47:81:27:9a:3f:61:60:98:31:09:e5:74:2c:ff:
c5:d0:31:2c:34:f3:4e:d2:ad:30:f3:bf:05:e7:90:
86:06:f8:47:cc:c8:69:fc:77:6b:e5:90:6e:db:fe:
84:70:df:67:62:d6:a0:66:43:34:62:b8:51:e9:04:
a8:c3:a3:59:ee:d6:6f:89:ea:35:43:7d:e9:f3:72:
f4:90:f3:a9:2b:db:84:76:c3:02:a8:f3:b2:1a:c3:
72:f0:cd:d9:0e:e1:c1:71:73:4b:f8:20:52:89:80:
ae:26:5e:9b:61:9a:5b:0b:50:70:96:a8:e8:40:b1:
4c:e3:07:d4:85:c1:87:7e:ab:a9:3d:30:c2:88:66:
d2:5a:d6:d0:90:2e:e1:e9:15:45:bf:9b:6a:0c:95:
64:cb:f8:aa:f9:60:46:d2:c9:dc:87:fb:db:69:65:
2c:47:7e:44:3c:2f:09:7d:40:e9:a5:d7:45:08:eb:
96:7d:8d:03:67:82:82:65:84:b2:f3:a6:6c:d6:52:
5e:c9:5d:f1:2e:24:38:da:f8:4b:a6:15:bc:0e:88:
4d:d8:c6:51:05:3f:62:18:e9:c4:cc:04:1d:67:68:
84:f5:e1:3f:2a:ea:82:24:78:6d:eb:81:ab:84:02:
e8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:73:12:BE:A2:82:96:6C:79:29:ED:31:F5:28:F0:AC:42:CA:87:67
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/_XMSvqKClmx5Ke0x9SjwrELKh2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.253.149.0/24
Signature Algorithm: sha256WithRSAEncryption
82:3d:e0:e4:cc:63:10:26:a8:59:6d:96:cd:c5:b8:23:b5:d7:
17:28:f4:2c:51:4f:c8:3b:70:34:2a:c9:8f:82:b3:85:83:6a:
a5:68:68:1b:a8:27:02:32:a2:da:12:db:91:bf:cc:63:91:be:
d6:1a:f0:26:f1:27:c1:1e:50:86:c6:8b:5d:20:c9:39:70:28:
c1:cf:f5:c7:42:29:ae:c8:3a:cf:b0:72:91:48:d7:f8:90:6b:
cc:2c:f6:16:c7:c0:f4:72:de:a8:50:71:cf:16:ce:57:a1:93:
29:04:d0:a1:63:8b:d1:55:b9:87:64:f5:c4:3f:0f:53:ce:dd:
e9:6d:1c:59:00:18:ef:62:88:f5:18:86:a6:01:be:77:79:04:
0b:f4:38:f8:98:8b:45:72:8f:da:94:1d:71:f4:49:43:05:bd:
98:6b:7a:22:83:13:07:7f:eb:29:e1:1c:e2:fe:94:fe:49:a7:
02:50:6c:d2:42:8a:6a:6d:fb:e6:07:89:cb:16:5d:da:0a:0f:
b7:a0:2e:9b:75:e6:f2:d2:c5:81:3d:15:7b:05:5d:4e:8d:c9:
da:cf:8c:8f:a7:94:e6:d2:dc:84:d5:56:96:4c:9f:e9:4a:1c:
47:28:0f:b1:b0:48:d9:44:f3:aa:93:da:6a:1a:5d:d7:ee:50:
64:c5:62:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1ZgVxfBAOTpYQIUnprbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDczMTJiZWEyODI5NjZjNzkyOWVkMzFmNTI4ZjBhYzQyY2E4NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KplLN1ZE90ZQ13eKoyXR4Enmj9h
YJgxCeV0LP/F0DEsNPNO0q0w878F55CGBvhHzMhp/Hdr5ZBu2/6EcN9nYtagZkM0
YrhR6QSow6NZ7tZvieo1Q33p83L0kPOpK9uEdsMCqPOyGsNy8M3ZDuHBcXNL+CBS
iYCuJl6bYZpbC1BwlqjoQLFM4wfUhcGHfqupPTDCiGbSWtbQkC7h6RVFv5tqDJVk
y/iq+WBG0snch/vbaWUsR35EPC8JfUDppddFCOuWfY0DZ4KCZYSy86Zs1lJeyV3x
LiQ42vhLphW8DohN2MZRBT9iGOnEzAQdZ2iE9eE/KuqCJHht64GrhALoBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1zEr6igpZseSntMfUo8KxCyodnMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvX1hNU3ZxS0NsbXg1S2UweDlTandyRUxLaDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwf2VMA0G
CSqGSIb3DQEBCwUAA4IBAQCCPeDkzGMQJqhZbZbNxbgjtdcXKPQsUU/IO3A0KsmP
grOFg2qlaGgbqCcCMqLaEtuRv8xjkb7WGvAm8SfBHlCGxotdIMk5cCjBz/XHQimu
yDrPsHKRSNf4kGvMLPYWx8D0ct6oUHHPFs5XoZMpBNChY4vRVbmHZPXEPw9Tzt3p
bRxZABjvYoj1GIamAb53eQQL9Dj4mItFco/alB1x9ElDBb2Ya3oigxMHf+sp4Rzi
/pT+SacCUGzSQopqbfvmB4nLFl3aCg+3oC6bdeby0sWBPRV7BV1Ojcnaz4yPp5Tm
0tyE1VaWTJ/pShxHKA+xsEjZRPOqk9pqGl3X7lBkxWLv
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:59:10 2025 by rpki-client