Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/Sb-J4R6jgDy1hu0trOifGY0aUIY.roa
File: Sb-J4R6jgDy1hu0trOifGY0aUIY.roa (raw, json)
Hash identifier: BnRnuIbBZBHwGOy/+XFTLzwpti+5vGhUFRVEfpqfups=
Subject key identifier: 49:BF:89:E1:1E:A3:80:3C:B5:86:ED:2D:AC:E8:9F:19:8D:1A:50:86
Certificate issuer: /CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Certificate serial: 0194274818351EE2A3DE68123BB1F06748A9
Authority key identifier: 23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/Sb-J4R6jgDy1hu0trOifGY0aUIY.roa
Signing time: Thu 02 Jan 2025 13:50:23 +0000
ROA not before: Thu 02 Jan 2025 13:50:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61986
IP address blocks: 193.164.94.0/24 maxlen: 24
193.164.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:18:35:1e:e2:a3:de:68:12:3b:b1:f0:67:48:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Validity
Not Before: Jan 2 13:50:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49bf89e11ea3803cb586ed2dace89f198d1a5086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:da:d5:76:03:16:ce:5d:9d:8a:46:26:7a:69:
63:f2:4e:b7:ef:1b:67:86:4a:42:f9:ac:51:f7:15:
fb:bf:5a:d2:37:89:4a:e2:26:16:b7:7c:ef:f2:8f:
50:ee:05:59:94:b0:e0:c1:21:eb:a3:15:7c:91:27:
3a:d7:8a:60:09:64:2e:fe:9f:64:ee:32:0c:ee:48:
f1:dc:9a:a1:00:b0:df:8d:af:35:15:14:7b:52:82:
60:5b:61:9d:d7:ec:e6:9e:70:6c:4b:91:ca:c0:04:
d4:a7:5f:70:8b:df:fb:72:39:13:39:38:79:aa:0c:
83:46:4c:b2:90:fd:93:32:10:85:e6:11:3b:9b:eb:
78:be:1a:b4:04:c7:4d:fd:86:7d:40:7f:58:fe:06:
ab:68:9b:63:e7:4a:2b:37:ce:02:13:f0:d5:4c:77:
a0:ba:f8:10:a4:cd:a1:61:af:e4:25:a9:00:bc:73:
4a:74:32:a8:01:e2:1c:ce:05:d1:8c:d4:70:27:6e:
a0:29:57:09:86:ce:0b:27:a6:4a:15:cf:bd:b1:98:
d0:39:44:e7:4a:2a:23:cd:5a:48:88:84:98:bd:d0:
de:26:11:e0:25:f3:4a:b9:b7:12:e2:2c:24:d0:2a:
ec:6f:3c:da:a8:1d:88:0d:1f:60:e1:22:1a:96:9e:
c9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:BF:89:E1:1E:A3:80:3C:B5:86:ED:2D:AC:E8:9F:19:8D:1A:50:86
X509v3 Authority Key Identifier:
keyid:23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/Sb-J4R6jgDy1hu0trOifGY0aUIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.164.94.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:35:81:a2:8a:89:15:4c:56:e1:3a:47:b7:4d:d8:8d:24:81:
df:68:ab:49:ac:b4:42:60:6f:91:07:4a:cf:d1:3e:b4:12:f5:
9f:50:69:0a:92:4e:f1:33:a3:0e:dc:9e:be:c4:4f:17:c0:08:
81:51:b5:68:a1:10:70:cd:de:9a:0d:98:11:2d:e0:e2:56:1d:
d3:b3:ea:9b:1d:8b:05:27:45:c3:ef:17:fd:fc:5d:f9:77:af:
79:4e:8e:c0:d2:0c:2a:96:46:e9:19:ca:c6:f6:8c:9b:c1:c8:
62:91:d1:f9:49:4c:d2:18:5e:b9:77:3e:f6:2b:7d:2c:69:d0:
93:c8:ad:da:31:ff:26:68:56:fe:d7:51:32:b4:00:d1:d5:af:
f8:2f:9b:84:43:89:85:7c:24:56:d1:a8:54:f4:d4:80:6c:8d:
55:b2:7f:11:80:43:44:cf:09:34:71:22:67:bd:1c:cd:58:0d:
bb:2b:c8:b4:c4:a0:96:d5:74:e6:15:49:ec:5d:e7:b2:fc:5c:
0b:58:ee:ad:a8:9b:ea:bb:40:69:47:7b:be:39:52:42:67:90:
d7:2e:e5:b4:82:80:d3:b4:28:88:8e:6f:94:e9:0c:ae:97:b0:
18:f0:b0:9f:7d:83:02:a1:8a:b1:89:c1:65:ea:a0:59:ea:c1:
05:9c:2f:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSBg1HuKj3mgSO7HwZ0ipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzhhNGE5YzUyMzI1YTg1OTIwODA5YmExYTRkODllMjFj
MDJmMTcwHhcNMjUwMTAyMTM1MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWJmODllMTFlYTM4MDNjYjU4NmVkMmRhY2U4OWYxOThkMWE1MDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNrVdgMWzl2dikYmemlj8k637xtn
hkpC+axR9xX7v1rSN4lK4iYWt3zv8o9Q7gVZlLDgwSHroxV8kSc614pgCWQu/p9k
7jIM7kjx3JqhALDfja81FRR7UoJgW2Gd1+zmnnBsS5HKwATUp19wi9/7cjkTOTh5
qgyDRkyykP2TMhCF5hE7m+t4vhq0BMdN/YZ9QH9Y/garaJtj50orN84CE/DVTHeg
uvgQpM2hYa/kJakAvHNKdDKoAeIczgXRjNRwJ26gKVcJhs4LJ6ZKFc+9sZjQOUTn
SiojzVpIiISYvdDeJhHgJfNKubcS4iwk0CrsbzzaqB2IDR9g4SIalp7JQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEm/ieEeo4A8tYbtLazonxmNGlCGMB8GA1UdIwQY
MBaAFCN4pKnFIyWoWSCAm6Gk2J4hwC8XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmIt
OTM3ZTI3ZWUxYjViLzEvU2ItSjRSNmpnRHkxaHUwdHJPaWZHWTBhVUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmItOTM3ZTI3ZWUxYjVi
LzEvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwaReMA0G
CSqGSIb3DQEBCwUAA4IBAQAvNYGiiokVTFbhOke3TdiNJIHfaKtJrLRCYG+RB0rP
0T60EvWfUGkKkk7xM6MO3J6+xE8XwAiBUbVooRBwzd6aDZgRLeDiVh3Ts+qbHYsF
J0XD7xf9/F35d695To7A0gwqlkbpGcrG9oybwchikdH5SUzSGF65dz72K30sadCT
yK3aMf8maFb+11EytADR1a/4L5uEQ4mFfCRW0ahU9NSAbI1Vsn8RgENEzwk0cSJn
vRzNWA27K8i0xKCW1XTmFUnsXeey/FwLWO6tqJvqu0BpR3u+OVJCZ5DXLuW0goDT
tCiIjm+U6Qyul7AY8LCffYMCoYqxicFl6qBZ6sEFnC+V
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:16 2025 by rpki-client