Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/6dc978-bfd6-41ec-8a3a-c03017e98c53/1/aOkAtyzukqc5sT0nQvmQAKo_GwE.roa
File: aOkAtyzukqc5sT0nQvmQAKo_GwE.roa (raw, json)
Hash identifier: tKmIh9us+SIC42/VyDOhHLc8ei7fu8+7cV0VEf+3jQ8=
Subject key identifier: 68:E9:00:B7:2C:EE:92:A7:39:B1:3D:27:42:F9:90:00:AA:3F:1B:01
Certificate issuer: /CN=80e48485ce9b0e425640804edc0ed2ba6b8f4b8f
Certificate serial: 01857169BEDDADD0FEB08537A2BC3009F4FA
Authority key identifier: 80:E4:84:85:CE:9B:0E:42:56:40:80:4E:DC:0E:D2:BA:6B:8F:4B:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gOSEhc6bDkJWQIBO3A7SumuPS48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/6dc978-bfd6-41ec-8a3a-c03017e98c53/1/aOkAtyzukqc5sT0nQvmQAKo_GwE.roa
Signing time: Mon 02 Jan 2023 07:37:13 +0000
ROA not before: Mon 02 Jan 2023 07:37:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209742
IP address blocks: 193.151.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:be:dd:ad:d0:fe:b0:85:37:a2:bc:30:09:f4:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80e48485ce9b0e425640804edc0ed2ba6b8f4b8f
Validity
Not Before: Jan 2 07:37:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68e900b72cee92a739b13d2742f99000aa3f1b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3c:69:45:f2:bb:6f:1b:76:cb:b9:9c:75:5d:
1f:7d:3e:74:52:2a:b8:ef:97:b1:fe:38:e4:14:08:
c8:8c:2f:59:13:f8:f4:09:f4:b0:1c:75:6a:b4:6a:
ab:12:c8:ed:9c:0e:0b:e9:51:0f:c4:47:a6:07:ae:
a5:57:ad:98:3f:7f:b6:d5:93:9b:cb:d6:bf:19:e2:
a0:b7:32:74:45:e4:35:bc:99:83:cc:96:89:00:cf:
5d:a7:52:e6:cc:68:14:cb:a2:3b:e1:97:a0:8c:64:
79:74:19:e7:33:12:0f:0d:06:97:74:fd:f8:66:7b:
b9:d8:32:70:25:b1:f9:93:c6:67:14:7a:0e:de:ed:
f7:bc:a6:79:f8:fb:ee:3c:14:db:24:e2:6b:fb:b9:
58:41:0d:f5:35:66:eb:6c:77:6c:cc:d0:5f:40:fa:
59:8d:b9:6e:00:68:5c:46:3f:bb:23:29:68:01:f2:
1a:d1:f3:c2:a6:45:b5:b0:93:0b:bc:8f:38:2b:72:
b9:f2:54:ff:d4:8c:a1:8d:36:9a:e2:23:4d:76:4c:
8a:35:8b:5a:d3:2e:f8:5b:e7:03:69:4c:78:45:4f:
6d:76:70:ce:de:c2:45:f5:ba:10:bd:f8:cb:1f:40:
28:48:df:51:df:0f:19:07:68:88:11:a7:de:34:19:
91:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E9:00:B7:2C:EE:92:A7:39:B1:3D:27:42:F9:90:00:AA:3F:1B:01
X509v3 Authority Key Identifier:
keyid:80:E4:84:85:CE:9B:0E:42:56:40:80:4E:DC:0E:D2:BA:6B:8F:4B:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOSEhc6bDkJWQIBO3A7SumuPS48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/6dc978-bfd6-41ec-8a3a-c03017e98c53/1/aOkAtyzukqc5sT0nQvmQAKo_GwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/6dc978-bfd6-41ec-8a3a-c03017e98c53/1/gOSEhc6bDkJWQIBO3A7SumuPS48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.151.166.0/24
Signature Algorithm: sha256WithRSAEncryption
20:df:1a:77:28:24:54:b0:d5:2e:06:36:57:82:36:4f:c4:c9:
46:ac:40:47:16:2d:1a:c6:c0:72:3f:41:2f:84:ff:3e:8a:1e:
9b:c4:a9:cf:6a:0e:8e:4e:58:31:c6:29:fd:81:66:24:74:f8:
f5:e4:22:85:cb:3b:b7:42:5c:c4:19:e6:d6:28:61:2a:48:49:
42:28:93:a7:b4:64:67:0f:8a:ee:b2:4e:65:fd:49:90:58:8a:
06:8f:95:28:3d:23:c6:52:b2:34:ce:38:9e:10:72:c4:a5:1a:
fc:bc:40:50:6a:22:eb:d6:6d:9f:b4:09:fd:b0:91:a8:f4:8c:
33:b2:a2:aa:56:b8:f0:4a:89:0b:47:56:95:ba:de:7b:85:59:
51:fd:6c:f4:2f:82:d9:ba:d8:e9:f8:25:3b:9a:7c:f4:cd:08:
fe:67:55:59:73:a9:41:d6:fc:7f:e2:64:10:0f:49:91:42:f2:
3e:cc:e2:b2:60:60:1a:3f:73:e8:64:b7:1f:42:7d:ba:67:a0:
ae:a1:6f:27:10:57:41:08:77:a3:bc:a5:5d:fb:99:a0:b1:39:
7f:8c:83:66:29:a0:7b:1a:62:f9:01:23:b4:b7:6b:41:ec:09:
3c:4d:0d:ce:fb:73:12:a2:63:5e:15:f1:f6:67:27:0a:d7:f4:
da:b5:06:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxab7drdD+sIU3orwwCfT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZTQ4NDg1Y2U5YjBlNDI1NjQwODA0ZWRjMGVkMmJhNmI4
ZjRiOGYwHhcNMjMwMTAyMDczNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGU5MDBiNzJjZWU5MmE3MzliMTNkMjc0MmY5OTAwMGFhM2YxYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTxpRfK7bxt2y7mcdV0ffT50Uiq4
75ex/jjkFAjIjC9ZE/j0CfSwHHVqtGqrEsjtnA4L6VEPxEemB66lV62YP3+21ZOb
y9a/GeKgtzJ0ReQ1vJmDzJaJAM9dp1LmzGgUy6I74ZegjGR5dBnnMxIPDQaXdP34
Znu52DJwJbH5k8ZnFHoO3u33vKZ5+PvuPBTbJOJr+7lYQQ31NWbrbHdszNBfQPpZ
jbluAGhcRj+7IyloAfIa0fPCpkW1sJMLvI84K3K58lT/1IyhjTaa4iNNdkyKNYta
0y74W+cDaUx4RU9tdnDO3sJF9boQvfjLH0AoSN9R3w8ZB2iIEafeNBmR9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjpALcs7pKnObE9J0L5kACqPxsBMB8GA1UdIwQY
MBaAFIDkhIXOmw5CVkCATtwO0rprj0uPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ09TRWhjNmJEa0pXUUlCTzNBN1N1bXVQUzQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS82ZGM5NzgtYmZkNi00MWVjLThhM2Et
YzAzMDE3ZTk4YzUzLzEvYU9rQXR5enVrcWM1c1QwblF2bVFBS29fR3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS82ZGM5NzgtYmZkNi00MWVjLThhM2EtYzAzMDE3ZTk4YzUz
LzEvZ09TRWhjNmJEa0pXUUlCTzNBN1N1bXVQUzQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwZemMA0G
CSqGSIb3DQEBCwUAA4IBAQAg3xp3KCRUsNUuBjZXgjZPxMlGrEBHFi0axsByP0Ev
hP8+ih6bxKnPag6OTlgxxin9gWYkdPj15CKFyzu3QlzEGebWKGEqSElCKJOntGRn
D4rusk5l/UmQWIoGj5UoPSPGUrI0zjieEHLEpRr8vEBQaiLr1m2ftAn9sJGo9Iwz
sqKqVrjwSokLR1aVut57hVlR/Wz0L4LZutjp+CU7mnz0zQj+Z1VZc6lB1vx/4mQQ
D0mRQvI+zOKyYGAaP3PoZLcfQn26Z6CuoW8nEFdBCHejvKVd+5mgsTl/jINmKaB7
GmL5ASO0t2tB7Ak8TQ3O+3MSomNeFfH2ZycK1/TatQYE
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:32:49 2025 by rpki-client