Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/cd7bdf-2f6c-4402-95d7-c3d18b275465/1/biaVqvmvSdXGm7KvXuIR48UiQMQ.roa
File: biaVqvmvSdXGm7KvXuIR48UiQMQ.roa (raw, json)
Hash identifier: 96YbjTg6hpZKDXhUcqh74qhB5kIeIhcFJHKj9d22/uw=
Subject key identifier: 6E:26:95:AA:F9:AF:49:D5:C6:9B:B2:AF:5E:E2:11:E3:C5:22:40:C4
Certificate issuer: /CN=9a7582c014f26d23b6ef9c2e82f48570c0b67868
Certificate serial: 01856DC1ACCA1B6425945CD0115F4F45781D
Authority key identifier: 9A:75:82:C0:14:F2:6D:23:B6:EF:9C:2E:82:F4:85:70:C0:B6:78:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnWCwBTybSO275wugvSFcMC2eGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/cd7bdf-2f6c-4402-95d7-c3d18b275465/1/biaVqvmvSdXGm7KvXuIR48UiQMQ.roa
Signing time: Sun 01 Jan 2023 14:34:47 +0000
ROA not before: Sun 01 Jan 2023 14:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 193.3.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:ac:ca:1b:64:25:94:5c:d0:11:5f:4f:45:78:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a7582c014f26d23b6ef9c2e82f48570c0b67868
Validity
Not Before: Jan 1 14:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e2695aaf9af49d5c69bb2af5ee211e3c52240c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0f:f7:c6:95:ea:d6:94:ef:c5:d0:4e:89:d5:
f7:fb:36:9c:27:98:b8:42:a7:39:ba:09:8a:4b:ae:
d8:f1:6f:03:aa:06:64:66:5a:ee:7c:0f:6d:b8:ff:
a2:7c:3c:e9:1a:ab:f8:18:63:de:02:6e:de:32:d0:
5d:e9:59:e0:5f:74:bd:6c:22:75:82:da:22:df:41:
93:49:91:3a:e7:60:2d:21:67:ae:86:d8:42:50:b2:
0e:8d:52:c5:af:53:e2:3b:87:de:6c:3f:34:22:6a:
88:13:41:1b:e3:a9:35:2d:bd:0d:7e:cd:70:0e:50:
d7:22:43:88:ca:2e:0f:2f:67:04:74:6a:1c:f1:c1:
f5:a8:7d:16:22:d9:57:41:b5:46:10:a8:5c:b3:38:
73:80:59:61:5c:fc:df:56:f0:00:ab:e4:ba:43:12:
6d:8d:a1:9a:6c:1b:b7:a9:ef:60:42:b5:e0:f5:29:
76:f5:98:eb:2d:db:b5:94:fc:5f:9a:43:fd:48:c7:
42:90:08:b5:1e:98:d6:19:59:fd:4a:ed:08:68:d3:
8c:7d:0e:6a:4a:0f:21:d2:fa:43:00:8b:60:c0:91:
80:bd:fc:ca:fa:2e:dd:c5:8d:eb:3b:71:82:16:53:
3e:78:94:5e:b5:c0:68:f4:59:80:30:e2:36:b6:c9:
a3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:26:95:AA:F9:AF:49:D5:C6:9B:B2:AF:5E:E2:11:E3:C5:22:40:C4
X509v3 Authority Key Identifier:
keyid:9A:75:82:C0:14:F2:6D:23:B6:EF:9C:2E:82:F4:85:70:C0:B6:78:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnWCwBTybSO275wugvSFcMC2eGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/cd7bdf-2f6c-4402-95d7-c3d18b275465/1/biaVqvmvSdXGm7KvXuIR48UiQMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/cd7bdf-2f6c-4402-95d7-c3d18b275465/1/mnWCwBTybSO275wugvSFcMC2eGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.171.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:6c:14:3d:df:d5:b9:ef:42:34:29:cb:d6:3a:c6:b5:16:f3:
e8:8e:d6:da:3b:07:26:ad:b9:44:73:ab:c7:26:0a:1c:bd:c7:
4a:02:24:10:89:c0:e1:7c:61:24:40:90:7b:94:28:f7:fe:93:
25:9a:6c:7f:52:1a:00:f8:3f:2e:a1:7f:e7:18:03:7b:73:e1:
7f:bb:ff:f9:d2:53:b7:35:0b:08:54:c1:cc:b2:1d:8a:9b:b1:
69:ff:8a:16:b9:dd:bc:0c:f5:42:a1:03:e2:07:db:e0:7d:7e:
f9:80:23:ac:65:68:cc:c8:35:e1:a8:57:27:43:6f:b7:74:0f:
09:da:a6:d4:5e:f8:be:f7:5e:c7:bb:35:d7:59:5c:f6:72:d1:
78:18:65:75:bd:04:7c:c1:c6:4f:db:c8:25:2a:75:02:5b:21:
11:af:79:c7:e5:8b:be:66:5a:1c:ac:28:c0:cd:18:c8:2d:ff:
5f:f8:25:13:0d:98:59:05:82:85:dd:ac:48:da:34:52:0c:bc:
c2:e9:02:6c:d3:c0:db:3b:90:c6:aa:12:1c:17:fd:96:72:26:
4c:66:0c:c0:8e:68:9d:eb:d4:66:c2:21:f1:eb:10:ce:7e:ed:
d4:25:cb:21:90:ef:4c:84:c2:e5:49:64:61:7a:1a:50:e5:b4:
62:d8:51:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwazKG2QllFzQEV9PRXgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzU4MmMwMTRmMjZkMjNiNmVmOWMyZTgyZjQ4NTcwYzBi
Njc4NjgwHhcNMjMwMTAxMTQzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTI2OTVhYWY5YWY0OWQ1YzY5YmIyYWY1ZWUyMTFlM2M1MjI0MGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA/3xpXq1pTvxdBOidX3+zacJ5i4
Qqc5ugmKS67Y8W8DqgZkZlrufA9tuP+ifDzpGqv4GGPeAm7eMtBd6VngX3S9bCJ1
gtoi30GTSZE652AtIWeuhthCULIOjVLFr1PiO4febD80ImqIE0Eb46k1Lb0Nfs1w
DlDXIkOIyi4PL2cEdGoc8cH1qH0WItlXQbVGEKhcszhzgFlhXPzfVvAAq+S6QxJt
jaGabBu3qe9gQrXg9Sl29ZjrLdu1lPxfmkP9SMdCkAi1HpjWGVn9Su0IaNOMfQ5q
Sg8h0vpDAItgwJGAvfzK+i7dxY3rO3GCFlM+eJRetcBo9FmAMOI2tsmjZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4mlar5r0nVxpuyr17iEePFIkDEMB8GA1UdIwQY
MBaAFJp1gsAU8m0jtu+cLoL0hXDAtnhoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5XQ3dCVHliU08yNzV3dWd2U0ZjTUMyZUdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9jZDdiZGYtMmY2Yy00NDAyLTk1ZDct
YzNkMThiMjc1NDY1LzEvYmlhVnF2bXZTZFhHbTdLdlh1SVI0OFVpUU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9jZDdiZGYtMmY2Yy00NDAyLTk1ZDctYzNkMThiMjc1NDY1
LzEvbW5XQ3dCVHliU08yNzV3dWd2U0ZjTUMyZUdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQOrMA0G
CSqGSIb3DQEBCwUAA4IBAQBObBQ939W570I0KcvWOsa1FvPojtbaOwcmrblEc6vH
JgocvcdKAiQQicDhfGEkQJB7lCj3/pMlmmx/UhoA+D8uoX/nGAN7c+F/u//50lO3
NQsIVMHMsh2Km7Fp/4oWud28DPVCoQPiB9vgfX75gCOsZWjMyDXhqFcnQ2+3dA8J
2qbUXvi+917HuzXXWVz2ctF4GGV1vQR8wcZP28glKnUCWyERr3nH5Yu+ZlocrCjA
zRjILf9f+CUTDZhZBYKF3axI2jRSDLzC6QJs08DbO5DGqhIcF/2WciZMZgzAjmid
69RmwiHx6xDOfu3UJcshkO9MhMLlSWRhehpQ5bRi2FEq
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:33:58 2025 by rpki-client