Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/c15671-ba1b-48f2-b691-fa57c126bc2a/1/dHmQJZqThrz58J_TSvHl_H-39E8.roa
File: dHmQJZqThrz58J_TSvHl_H-39E8.roa (raw, json)
Hash identifier: lBrrDh2GaFmnqywSNW3PsD5utU5WNEXu75PvBG3VZjI=
Subject key identifier: 74:79:90:25:9A:93:86:BC:F9:F0:9F:D3:4A:F1:E5:FC:7F:B7:F4:4F
Certificate issuer: /CN=b2af8f1774e05925f24e41dee69e5b623d9ac63d
Certificate serial: 019422FC2A68B8039CF203F43B390835EE0E
Authority key identifier: B2:AF:8F:17:74:E0:59:25:F2:4E:41:DE:E6:9E:5B:62:3D:9A:C6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sq-PF3TgWSXyTkHe5p5bYj2axj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/c15671-ba1b-48f2-b691-fa57c126bc2a/1/dHmQJZqThrz58J_TSvHl_H-39E8.roa
Signing time: Wed 01 Jan 2025 17:48:58 +0000
ROA not before: Wed 01 Jan 2025 17:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12637
IP address blocks: 193.200.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2a:68:b8:03:9c:f2:03:f4:3b:39:08:35:ee:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2af8f1774e05925f24e41dee69e5b623d9ac63d
Validity
Not Before: Jan 1 17:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=747990259a9386bcf9f09fd34af1e5fc7fb7f44f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ec:75:ee:79:ef:bf:13:0e:cd:e4:3d:e6:c4:
dd:e4:5a:1f:ab:bf:31:12:65:00:17:60:cb:90:79:
5b:14:83:c1:ba:65:a7:dc:fd:8c:91:13:8c:32:a3:
02:42:6d:92:85:1b:ef:c8:06:1a:98:01:3f:99:44:
fb:e8:46:c5:14:01:6a:81:91:7a:7d:bd:9f:e5:55:
a0:6c:04:93:3b:fc:91:6c:75:ce:b7:3a:5d:91:a2:
19:cd:2e:d1:db:a2:2e:ba:97:1f:45:38:37:12:92:
82:9e:ee:3e:77:fa:2e:7c:38:52:88:4e:94:af:c4:
05:3d:18:56:71:78:a5:65:91:ff:3f:28:e3:e7:8a:
71:ed:cc:9d:b5:7b:4b:84:4d:a5:9e:2c:34:5b:f6:
4e:fc:b4:d5:53:c7:9a:66:a6:86:f9:66:8c:d5:fb:
bf:fb:05:87:76:87:10:b3:ed:81:ab:0a:fe:62:02:
e1:aa:d7:0f:b7:c9:4e:3f:bf:64:cc:84:74:80:15:
5b:9f:fe:b4:63:f2:ec:60:2f:10:63:b6:1b:b7:f0:
4f:d9:dd:fa:e4:52:89:a7:11:e1:6c:90:40:3c:f2:
0d:8a:d6:d9:8a:ad:cf:84:19:cb:b6:15:17:5c:fe:
f2:a6:32:96:45:7d:0a:0c:6a:4e:a2:79:cb:5f:e6:
59:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:79:90:25:9A:93:86:BC:F9:F0:9F:D3:4A:F1:E5:FC:7F:B7:F4:4F
X509v3 Authority Key Identifier:
keyid:B2:AF:8F:17:74:E0:59:25:F2:4E:41:DE:E6:9E:5B:62:3D:9A:C6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sq-PF3TgWSXyTkHe5p5bYj2axj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/c15671-ba1b-48f2-b691-fa57c126bc2a/1/dHmQJZqThrz58J_TSvHl_H-39E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/c15671-ba1b-48f2-b691-fa57c126bc2a/1/sq-PF3TgWSXyTkHe5p5bYj2axj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.3.0/24
Signature Algorithm: sha256WithRSAEncryption
57:d6:7a:29:c2:de:fe:2f:b7:b9:6a:33:bb:43:66:7d:33:20:
55:d3:39:56:15:1a:9e:d8:f6:0b:46:38:d3:f8:6f:01:38:4e:
97:db:56:1e:c3:96:76:41:ee:6b:d3:e2:2f:77:1b:bc:cb:d9:
98:81:18:be:6e:a2:f9:be:d1:84:f6:70:ca:7d:67:d6:5d:96:
e3:3b:29:59:5b:13:3e:8d:e1:e1:93:63:68:23:ad:64:59:28:
ff:78:18:8f:75:81:76:4d:2c:b9:df:b8:d2:6f:a3:46:98:bb:
3f:53:6f:ef:c7:34:10:05:cc:b6:08:18:09:f3:1e:5a:24:55:
4c:c0:34:fa:2d:f7:85:3e:25:f5:c5:aa:a0:76:be:68:e9:68:
e8:2b:81:02:b8:5e:fd:40:e0:b1:86:ab:20:4e:c3:5a:a4:a0:
3b:e0:7f:ae:c2:5a:6f:43:2b:d4:b2:27:9d:40:36:ea:7c:e2:
2d:4e:75:41:53:0f:ab:ce:fc:68:ee:d0:da:64:cd:a5:4f:ae:
86:57:0f:a5:11:79:31:6b:7e:d0:73:f4:d0:88:6d:02:6e:76:
29:f8:12:1f:b0:ee:16:95:04:96:48:81:eb:10:26:68:42:0f:
64:93:72:48:17:cf:df:58:d4:d0:87:18:a7:6e:47:1f:d3:5f:
f9:3e:66:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/CpouAOc8gP0OzkINe4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYWY4ZjE3NzRlMDU5MjVmMjRlNDFkZWU2OWU1YjYyM2Q5
YWM2M2QwHhcNMjUwMTAxMTc0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDc5OTAyNTlhOTM4NmJjZjlmMDlmZDM0YWYxZTVmYzdmYjdmNDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+x17nnvvxMOzeQ95sTd5Fofq78x
EmUAF2DLkHlbFIPBumWn3P2MkROMMqMCQm2ShRvvyAYamAE/mUT76EbFFAFqgZF6
fb2f5VWgbASTO/yRbHXOtzpdkaIZzS7R26IuupcfRTg3EpKCnu4+d/oufDhSiE6U
r8QFPRhWcXilZZH/Pyjj54px7cydtXtLhE2lniw0W/ZO/LTVU8eaZqaG+WaM1fu/
+wWHdocQs+2Bqwr+YgLhqtcPt8lOP79kzIR0gBVbn/60Y/LsYC8QY7Ybt/BP2d36
5FKJpxHhbJBAPPINitbZiq3PhBnLthUXXP7ypjKWRX0KDGpOonnLX+ZZJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHR5kCWak4a8+fCf00rx5fx/t/RPMB8GA1UdIwQY
MBaAFLKvjxd04Fkl8k5B3uaeW2I9msY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3EtUEYzVGdXU1h5VGtIZTVwNWJZajJheGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9jMTU2NzEtYmExYi00OGYyLWI2OTEt
ZmE1N2MxMjZiYzJhLzEvZEhtUUpacVRocno1OEpfVFN2SGxfSC0zOUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9jMTU2NzEtYmExYi00OGYyLWI2OTEtZmE1N2MxMjZiYzJh
LzEvc3EtUEYzVGdXU1h5VGtIZTVwNWJZajJheGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcgDMA0G
CSqGSIb3DQEBCwUAA4IBAQBX1nopwt7+L7e5ajO7Q2Z9MyBV0zlWFRqe2PYLRjjT
+G8BOE6X21Yew5Z2Qe5r0+Ivdxu8y9mYgRi+bqL5vtGE9nDKfWfWXZbjOylZWxM+
jeHhk2NoI61kWSj/eBiPdYF2TSy537jSb6NGmLs/U2/vxzQQBcy2CBgJ8x5aJFVM
wDT6LfeFPiX1xaqgdr5o6WjoK4ECuF79QOCxhqsgTsNapKA74H+uwlpvQyvUsied
QDbqfOItTnVBUw+rzvxo7tDaZM2lT66GVw+lEXkxa37Qc/TQiG0CbnYp+BIfsO4W
lQSWSIHrECZoQg9kk3JIF8/fWNTQhxinbkcf01/5PmZ0
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:29:32 2025 by rpki-client