Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/_1clFmdCjLVKYH4_35D31lxg7wc.roa
File: _1clFmdCjLVKYH4_35D31lxg7wc.roa (raw, json)
Hash identifier: VBfrQ89CdqnuZC07KGrLzuIvaet6PoBUi1aDC1K1SZo=
Subject key identifier: FF:57:25:16:67:42:8C:B5:4A:60:7E:3F:DF:90:F7:D6:5C:60:EF:07
Certificate issuer: /CN=a88ad546f1a0ef8cf75c92a748bd5c86362e209b
Certificate serial: 019427B47F4731C47947CC0E9DFBDE5DAFB2
Authority key identifier: A8:8A:D5:46:F1:A0:EF:8C:F7:5C:92:A7:48:BD:5C:86:36:2E:20:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIrVRvGg74z3XJKnSL1chjYuIJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/_1clFmdCjLVKYH4_35D31lxg7wc.roa
Signing time: Thu 02 Jan 2025 15:48:47 +0000
ROA not before: Thu 02 Jan 2025 15:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 193.31.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:7f:47:31:c4:79:47:cc:0e:9d:fb:de:5d:af:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a88ad546f1a0ef8cf75c92a748bd5c86362e209b
Validity
Not Before: Jan 2 15:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff57251667428cb54a607e3fdf90f7d65c60ef07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:df:f1:e8:8c:09:d5:3a:67:9c:aa:4f:98:06:
f8:73:2d:2e:e0:7c:86:71:53:c0:18:49:d2:81:fa:
37:36:41:e1:a2:6a:99:f8:00:eb:3f:43:e6:28:47:
4f:51:17:ca:ab:3b:0a:45:88:30:51:3c:d5:01:f7:
96:37:8f:cb:86:d4:2f:13:39:02:95:5d:7f:02:02:
87:17:7e:3f:b1:80:7a:79:31:9f:90:49:7a:0e:e5:
02:15:10:10:13:2f:c4:78:3e:19:c6:99:c7:72:ce:
97:12:65:0a:0d:40:f5:e7:b2:7c:5b:7c:f0:9e:c4:
7a:1a:f8:27:84:f5:5a:b9:3b:59:ae:9e:d8:43:36:
4c:f1:c7:55:c4:9d:1d:db:a0:eb:94:43:47:fe:9d:
cd:0c:9c:0f:80:97:2f:4e:c7:93:c1:9b:59:7a:d9:
11:16:b0:e6:55:77:bd:42:2f:69:41:5e:d6:c1:09:
5d:86:2d:20:a3:fc:d8:fe:30:98:d3:49:e3:7b:12:
08:22:4d:75:72:d7:36:b4:d4:db:9b:d3:df:0b:9d:
44:e9:0c:a4:35:cb:03:00:90:e6:8d:5b:b8:b4:af:
d7:c4:6d:5a:7d:0f:38:be:76:21:f9:67:f4:4c:a6:
3f:2f:a1:1c:78:c8:b0:77:5b:bf:df:d1:20:23:33:
d1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:57:25:16:67:42:8C:B5:4A:60:7E:3F:DF:90:F7:D6:5C:60:EF:07
X509v3 Authority Key Identifier:
keyid:A8:8A:D5:46:F1:A0:EF:8C:F7:5C:92:A7:48:BD:5C:86:36:2E:20:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIrVRvGg74z3XJKnSL1chjYuIJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/_1clFmdCjLVKYH4_35D31lxg7wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/qIrVRvGg74z3XJKnSL1chjYuIJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.31.111.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:d3:45:9b:28:66:c7:cf:b9:32:45:82:31:5e:b7:01:62:39:
85:e8:e9:be:8d:56:e0:97:f8:d5:ee:d7:3b:d1:39:bd:7c:e4:
37:b1:38:ae:26:0f:54:10:e0:37:a7:00:b2:14:1a:f1:43:14:
93:4c:72:3a:3d:a3:6f:87:b8:b5:9e:9d:2d:8b:69:3a:8b:42:
fc:fc:a0:25:32:f3:26:49:85:f3:e8:90:7b:67:4d:2f:03:a4:
ea:30:68:d6:4e:29:7f:d5:27:23:b9:27:19:9d:0a:2d:93:3c:
fe:7d:e2:1b:6a:55:9d:31:5c:c0:57:5a:2f:87:69:43:f6:82:
44:45:c6:f4:a9:12:70:d2:9e:0f:c2:48:30:61:ab:0f:03:3d:
cc:51:9d:48:c8:43:74:7f:02:6a:45:4f:48:31:f0:0c:17:98:
9f:a5:e5:84:86:82:35:8e:f7:cb:2a:e3:94:00:bb:9b:93:5f:
9e:67:60:8b:8c:8a:b9:7a:5c:7e:e0:1c:e8:69:3e:db:ae:01:
97:e8:0a:d3:a4:80:10:5d:0d:c8:e7:39:49:9e:0f:03:82:85:
9d:02:e5:c9:a8:8a:f1:3c:9c:5e:fc:f8:af:dd:c1:2c:d9:02:
e0:a3:e7:84:5b:5f:4d:c3:f8:7e:99:80:88:62:50:75:67:ac:
0b:1e:84:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntH9HMcR5R8wOnfveXa+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4OGFkNTQ2ZjFhMGVmOGNmNzVjOTJhNzQ4YmQ1Yzg2MzYy
ZTIwOWIwHhcNMjUwMTAyMTU0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjU3MjUxNjY3NDI4Y2I1NGE2MDdlM2ZkZjkwZjdkNjVjNjBlZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9/x6IwJ1TpnnKpPmAb4cy0u4HyG
cVPAGEnSgfo3NkHhomqZ+ADrP0PmKEdPURfKqzsKRYgwUTzVAfeWN4/LhtQvEzkC
lV1/AgKHF34/sYB6eTGfkEl6DuUCFRAQEy/EeD4ZxpnHcs6XEmUKDUD157J8W3zw
nsR6GvgnhPVauTtZrp7YQzZM8cdVxJ0d26DrlENH/p3NDJwPgJcvTseTwZtZetkR
FrDmVXe9Qi9pQV7WwQldhi0go/zY/jCY00njexIIIk11ctc2tNTbm9PfC51E6Qyk
NcsDAJDmjVu4tK/XxG1afQ84vnYh+Wf0TKY/L6EceMiwd1u/39EgIzPRawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9XJRZnQoy1SmB+P9+Q99ZcYO8HMB8GA1UdIwQY
MBaAFKiK1UbxoO+M91ySp0i9XIY2LiCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlyVlJ2R2c3NHozWEpLblNMMWNoall1SUpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81MDBhOGMtNmEyZC00MzRiLTk2ZjEt
MThlYjc3OWE2NDk3LzEvXzFjbEZtZENqTFZLWUg0XzM1RDMxbHhnN3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81MDBhOGMtNmEyZC00MzRiLTk2ZjEtMThlYjc3OWE2NDk3
LzEvcUlyVlJ2R2c3NHozWEpLblNMMWNoall1SUpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR9vMA0G
CSqGSIb3DQEBCwUAA4IBAQCO00WbKGbHz7kyRYIxXrcBYjmF6Om+jVbgl/jV7tc7
0Tm9fOQ3sTiuJg9UEOA3pwCyFBrxQxSTTHI6PaNvh7i1np0ti2k6i0L8/KAlMvMm
SYXz6JB7Z00vA6TqMGjWTil/1ScjuScZnQotkzz+feIbalWdMVzAV1ovh2lD9oJE
Rcb0qRJw0p4PwkgwYasPAz3MUZ1IyEN0fwJqRU9IMfAMF5ifpeWEhoI1jvfLKuOU
ALubk1+eZ2CLjIq5elx+4BzoaT7brgGX6ArTpIAQXQ3I5zlJng8DgoWdAuXJqIrx
PJxe/Piv3cEs2QLgo+eEW19Nw/h+mYCIYlB1Z6wLHoSf
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:43:57 2025 by rpki-client