Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/79f15a-5cba-4d40-b30b-e35a223b49c7/1/kf3kJU5iO7T2BjxJ8agaP22As0g.roa
File: kf3kJU5iO7T2BjxJ8agaP22As0g.roa (raw, json)
Hash identifier: 6biDLkp/WSQoW2uWUpFKCh5FtwQ9kjocP16pC2UTYzg=
Subject key identifier: 91:FD:E4:25:4E:62:3B:B4:F6:06:3C:49:F1:A8:1A:3F:6D:80:B3:48
Certificate issuer: /CN=9be228d713bec6d4c9abcec2f00a28e821fc27bf
Certificate serial: 01941F8C8C7E24B0D28CD8F899F433026CFD
Authority key identifier: 9B:E2:28:D7:13:BE:C6:D4:C9:AB:CE:C2:F0:0A:28:E8:21:FC:27:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-Io1xO-xtTJq87C8Aoo6CH8J78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/79f15a-5cba-4d40-b30b-e35a223b49c7/1/kf3kJU5iO7T2BjxJ8agaP22As0g.roa
Signing time: Wed 01 Jan 2025 01:48:12 +0000
ROA not before: Wed 01 Jan 2025 01:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 193.238.124.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:8c:7e:24:b0:d2:8c:d8:f8:99:f4:33:02:6c:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9be228d713bec6d4c9abcec2f00a28e821fc27bf
Validity
Not Before: Jan 1 01:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91fde4254e623bb4f6063c49f1a81a3f6d80b348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c8:2f:c8:d7:b1:bb:a0:56:ca:18:fc:5b:da:
e9:63:86:16:68:b3:c7:e5:2e:12:a0:a7:ab:dd:51:
33:de:e4:2f:0a:d1:67:63:38:e3:e4:15:cb:1d:e8:
dc:d9:c6:4e:b1:c3:bb:2a:fd:21:f2:33:de:75:08:
0d:a3:1d:7a:8f:49:47:34:23:2e:57:50:4d:72:29:
5f:b0:98:29:8b:d3:12:03:4e:c5:bc:9c:9b:7d:56:
ba:1a:0e:c3:b6:d4:5d:b9:21:6c:e8:4d:38:d6:ad:
d4:4a:d6:cb:e9:1f:ab:c1:b4:ae:b5:fe:85:f1:58:
41:f3:ec:0c:2c:0f:dd:34:ef:c5:36:fc:2d:6f:83:
95:31:54:22:02:2f:5d:40:ce:50:1d:7f:cf:57:da:
ec:65:1d:b5:8f:c7:e4:07:03:2b:09:6a:85:a1:01:
8c:14:a6:ad:8a:2d:dd:df:34:49:ed:37:9e:01:df:
6e:0f:ec:d7:5d:7a:4b:27:f7:0e:31:27:2c:26:23:
71:51:6d:7d:0f:b4:da:d9:6c:5c:0e:09:09:3f:d2:
38:79:72:a8:e5:37:ed:0a:4e:57:27:0d:0d:ed:b8:
0d:9a:6b:c4:64:9f:1b:61:2b:08:f8:21:c4:ab:93:
37:7a:3c:99:22:3a:7f:b3:c6:49:8b:87:6d:36:04:
8f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FD:E4:25:4E:62:3B:B4:F6:06:3C:49:F1:A8:1A:3F:6D:80:B3:48
X509v3 Authority Key Identifier:
keyid:9B:E2:28:D7:13:BE:C6:D4:C9:AB:CE:C2:F0:0A:28:E8:21:FC:27:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-Io1xO-xtTJq87C8Aoo6CH8J78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/79f15a-5cba-4d40-b30b-e35a223b49c7/1/kf3kJU5iO7T2BjxJ8agaP22As0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/79f15a-5cba-4d40-b30b-e35a223b49c7/1/m-Io1xO-xtTJq87C8Aoo6CH8J78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.238.124.0/22
Signature Algorithm: sha256WithRSAEncryption
76:e6:2b:08:91:b6:96:58:b6:d8:33:74:a8:10:9a:ad:21:2b:
1d:fc:84:28:c4:f5:ff:fa:10:a1:81:81:37:7a:a4:bc:14:28:
4b:ed:49:1e:dc:5f:e3:f6:7c:ab:fc:a9:20:c7:c0:ca:54:17:
61:de:13:5e:49:1a:f4:e8:11:80:a6:8a:d3:79:d0:8a:51:99:
34:98:e6:89:76:fa:95:d8:9f:6a:53:60:b6:2d:ef:ab:3d:02:
ae:57:2f:0c:24:b4:19:68:f9:04:e1:b2:31:7d:ea:68:d1:0d:
41:30:63:1a:86:25:fa:f7:e9:0c:06:4a:dd:4a:ad:e0:ed:1e:
36:39:7b:66:ac:0f:c7:30:e4:c0:3e:d9:a6:cb:b5:f4:33:50:
8a:87:36:da:51:3a:2d:e7:95:87:7b:aa:fa:88:02:c3:0c:43:
b4:e2:cb:94:ef:c7:41:a4:de:4c:39:8f:2c:3b:f8:49:eb:88:
91:6b:1c:5f:02:c9:d6:ff:6a:11:8a:2f:85:0a:25:a3:98:fd:
e7:b4:a4:ae:83:65:e2:db:3c:fd:45:f0:21:2d:88:5e:ad:9b:
25:dd:97:d0:9e:2d:7c:a7:0d:c9:7c:3f:a7:57:be:11:1b:15:
ff:2f:86:ae:7b:71:62:59:7d:9c:13:84:ce:f7:49:fd:8d:74:
94:d6:12:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjIx+JLDSjNj4mfQzAmz9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZTIyOGQ3MTNiZWM2ZDRjOWFiY2VjMmYwMGEyOGU4MjFm
YzI3YmYwHhcNMjUwMTAxMDE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWZkZTQyNTRlNjIzYmI0ZjYwNjNjNDlmMWE4MWEzZjZkODBiMzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsgvyNexu6BWyhj8W9rpY4YWaLPH
5S4SoKer3VEz3uQvCtFnYzjj5BXLHejc2cZOscO7Kv0h8jPedQgNox16j0lHNCMu
V1BNcilfsJgpi9MSA07FvJybfVa6Gg7DttRduSFs6E041q3UStbL6R+rwbSutf6F
8VhB8+wMLA/dNO/FNvwtb4OVMVQiAi9dQM5QHX/PV9rsZR21j8fkBwMrCWqFoQGM
FKatii3d3zRJ7TeeAd9uD+zXXXpLJ/cOMScsJiNxUW19D7Ta2WxcDgkJP9I4eXKo
5TftCk5XJw0N7bgNmmvEZJ8bYSsI+CHEq5M3ejyZIjp/s8ZJi4dtNgSP9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJH95CVOYju09gY8SfGoGj9tgLNIMB8GA1UdIwQY
MBaAFJviKNcTvsbUyavOwvAKKOgh/Ce/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbS1JbzF4Ty14dFRKcTg3QzhBb282Q0g4Sjc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS83OWYxNWEtNWNiYS00ZDQwLWIzMGIt
ZTM1YTIyM2I0OWM3LzEva2Yza0pVNWlPN1QyQmp4SjhhZ2FQMjJBczBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS83OWYxNWEtNWNiYS00ZDQwLWIzMGItZTM1YTIyM2I0OWM3
LzEvbS1JbzF4Ty14dFRKcTg3QzhBb282Q0g4Sjc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwe58MA0G
CSqGSIb3DQEBCwUAA4IBAQB25isIkbaWWLbYM3SoEJqtISsd/IQoxPX/+hChgYE3
eqS8FChL7Uke3F/j9nyr/Kkgx8DKVBdh3hNeSRr06BGAporTedCKUZk0mOaJdvqV
2J9qU2C2Le+rPQKuVy8MJLQZaPkE4bIxfepo0Q1BMGMahiX69+kMBkrdSq3g7R42
OXtmrA/HMOTAPtmmy7X0M1CKhzbaUTot55WHe6r6iALDDEO04suU78dBpN5MOY8s
O/hJ64iRaxxfAsnW/2oRii+FCiWjmP3ntKSug2Xi2zz9RfAhLYherZsl3ZfQni18
pw3JfD+nV74RGxX/L4aue3FiWX2cE4TO90n9jXSU1hKL
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:43:44 2025 by rpki-client