Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/4y-HwXvA0OxK3vVdPd5A33rGg9Q.roa
File: 4y-HwXvA0OxK3vVdPd5A33rGg9Q.roa (raw, json)
Hash identifier: gzORbcgXYU+qNBe8rAH5Phv3POsitSIbAnxxOJbLq5U=
Subject key identifier: E3:2F:87:C1:7B:C0:D0:EC:4A:DE:F5:5D:3D:DE:40:DF:7A:C6:83:D4
Certificate issuer: /CN=2f117ada3cb9515a6d8a6dcc15f2b0b1a7d9be1d
Certificate serial: 01941FFAA272009017CA303549A2BB9898D6
Authority key identifier: 2F:11:7A:DA:3C:B9:51:5A:6D:8A:6D:CC:15:F2:B0:B1:A7:D9:BE:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/4y-HwXvA0OxK3vVdPd5A33rGg9Q.roa
Signing time: Wed 01 Jan 2025 03:48:26 +0000
ROA not before: Wed 01 Jan 2025 03:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6900
IP address blocks: 141.93.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a2:72:00:90:17:ca:30:35:49:a2:bb:98:98:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f117ada3cb9515a6d8a6dcc15f2b0b1a7d9be1d
Validity
Not Before: Jan 1 03:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e32f87c17bc0d0ec4adef55d3dde40df7ac683d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:66:ce:88:03:cd:a7:04:17:9f:6d:1e:ef:cf:
6f:af:c1:ba:09:f9:cb:b2:1f:aa:31:92:f4:5c:b8:
d1:89:e5:d2:45:43:6f:f8:fe:62:e3:0d:c5:a2:48:
8b:a3:a9:08:ec:e7:26:b8:b1:48:f3:c7:b4:30:43:
a0:ef:e4:a7:0a:74:e6:13:5e:36:4f:db:d6:ed:1a:
02:3c:cd:4d:43:da:46:a8:dd:5a:91:d5:b9:fc:3c:
bb:53:f5:2e:d1:fd:5a:2d:27:5c:ad:2c:e7:60:65:
50:cc:1d:37:e5:d1:9f:f8:4c:40:5c:12:f1:88:54:
4e:f1:e7:2d:ac:45:c5:91:2b:89:2c:36:a5:2c:b0:
cf:ea:ca:41:81:2b:22:65:91:f1:f5:d7:b3:7d:02:
ff:df:82:ff:c8:08:88:79:f6:74:24:3d:87:be:ef:
35:2f:5a:ce:c0:6f:77:e8:13:45:cd:7b:a6:f9:8b:
cf:10:fe:5a:bc:35:83:0f:cf:1f:91:c9:41:89:73:
63:5c:27:bc:52:d1:27:f2:bc:c5:b4:81:2e:d5:2e:
c4:7b:99:a2:f1:b6:1f:ad:46:11:09:e6:9a:c6:34:
13:94:6c:91:33:df:b1:33:7c:eb:0c:9b:b1:ee:68:
3e:72:8e:74:d3:b6:b1:d0:31:5a:88:57:cd:63:e4:
bf:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:2F:87:C1:7B:C0:D0:EC:4A:DE:F5:5D:3D:DE:40:DF:7A:C6:83:D4
X509v3 Authority Key Identifier:
keyid:2F:11:7A:DA:3C:B9:51:5A:6D:8A:6D:CC:15:F2:B0:B1:A7:D9:BE:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/4y-HwXvA0OxK3vVdPd5A33rGg9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/LxF62jy5UVptim3MFfKwsafZvh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.93.23.0/24
Signature Algorithm: sha256WithRSAEncryption
89:f1:d1:63:3a:dc:06:32:c8:42:25:8e:b4:29:1a:46:97:62:
5d:fb:88:8b:b8:0c:10:af:b1:6a:ce:ba:f1:45:36:cf:fc:ed:
8a:e3:1d:c2:78:87:23:6e:9c:ce:e1:6c:99:e0:66:d1:a4:e3:
2f:95:4a:80:ee:17:28:34:be:7e:ee:43:08:eb:03:04:0a:3a:
bf:0a:4c:c1:f0:13:ca:c2:1b:f2:e7:f9:5a:17:61:66:e7:5b:
94:71:fa:05:74:aa:52:54:0a:ac:60:c5:53:bb:3e:d2:51:cd:
b1:18:97:50:84:44:5e:dc:53:7e:bf:8f:67:fd:7b:ee:60:3d:
70:ac:6f:98:69:05:f3:6c:e9:af:f1:b5:ef:20:87:09:bc:e8:
68:ec:78:ea:9f:60:c3:e8:f7:1d:63:9d:1a:3e:13:d2:e9:57:
83:79:10:8e:b3:e0:31:88:1e:01:68:5f:bf:a4:45:de:f9:0f:
8e:81:b1:6f:2a:1d:74:a3:fe:ac:1e:24:f0:40:93:94:32:17:
d6:61:d4:81:fe:60:2a:42:b4:f7:fc:cf:8c:5f:f6:88:1f:32:
a3:96:1a:c6:d0:ae:05:95:b6:03:4e:9e:9d:36:fd:37:e2:19:
2a:01:14:f6:bf:3c:57:e2:85:ed:35:9c:44:d6:6a:b1:79:c2:
69:d6:26:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qJyAJAXyjA1SaK7mJjWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMTE3YWRhM2NiOTUxNWE2ZDhhNmRjYzE1ZjJiMGIxYTdk
OWJlMWQwHhcNMjUwMTAxMDM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzJmODdjMTdiYzBkMGVjNGFkZWY1NWQzZGRlNDBkZjdhYzY4M2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GbOiAPNpwQXn20e789vr8G6CfnL
sh+qMZL0XLjRieXSRUNv+P5i4w3FokiLo6kI7OcmuLFI88e0MEOg7+SnCnTmE142
T9vW7RoCPM1NQ9pGqN1akdW5/Dy7U/Uu0f1aLSdcrSznYGVQzB035dGf+ExAXBLx
iFRO8ectrEXFkSuJLDalLLDP6spBgSsiZZHx9dezfQL/34L/yAiIefZ0JD2Hvu81
L1rOwG936BNFzXum+YvPEP5avDWDD88fkclBiXNjXCe8UtEn8rzFtIEu1S7Ee5mi
8bYfrUYRCeaaxjQTlGyRM9+xM3zrDJux7mg+co5007ax0DFaiFfNY+S/7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOMvh8F7wNDsSt71XT3eQN96xoPUMB8GA1UdIwQY
MBaAFC8Reto8uVFabYptzBXysLGn2b4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHhGNjJqeTVVVnB0aW0zTUZmS3dzYWZadmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9lZmY0NGQtMjRmZC00Mzg0LTk1MDct
N2EwMzRkMTcwYjg1LzEvNHktSHdYdkEwT3hLM3ZWZFBkNUEzM3JHZzlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9lZmY0NGQtMjRmZC00Mzg0LTk1MDctN2EwMzRkMTcwYjg1
LzEvTHhGNjJqeTVVVnB0aW0zTUZmS3dzYWZadmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjV0XMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ8dFjOtwGMshCJY60KRpGl2Jd+4iLuAwQr7Fqzrrx
RTbP/O2K4x3CeIcjbpzO4WyZ4GbRpOMvlUqA7hcoNL5+7kMI6wMECjq/CkzB8BPK
whvy5/laF2Fm51uUcfoFdKpSVAqsYMVTuz7SUc2xGJdQhERe3FN+v49n/XvuYD1w
rG+YaQXzbOmv8bXvIIcJvOho7Hjqn2DD6PcdY50aPhPS6VeDeRCOs+AxiB4BaF+/
pEXe+Q+OgbFvKh10o/6sHiTwQJOUMhfWYdSB/mAqQrT3/M+MX/aIHzKjlhrG0K4F
lbYDTp6dNv034hkqART2vzxX4oXtNZxE1mqxecJp1iak
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:03:38 2025 by rpki-client