Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/IAaDUlLUfgx8yfwZmpcftz_J3zA.roa
File: IAaDUlLUfgx8yfwZmpcftz_J3zA.roa (raw, json)
Hash identifier: v1q3KD/AbTqO/Q8Ibts7qUHfFpUCjL1VF+LMfn/fbQI=
Subject key identifier: 20:06:83:52:52:D4:7E:0C:7C:C9:FC:19:9A:97:1F:B7:3F:C9:DF:30
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 019424B401247C815893EAAF446DFD2F0F45
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/IAaDUlLUfgx8yfwZmpcftz_J3zA.roa
Signing time: Thu 02 Jan 2025 01:49:23 +0000
ROA not before: Thu 02 Jan 2025 01:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1100
IP address blocks: 147.189.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b4:01:24:7c:81:58:93:ea:af:44:6d:fd:2f:0f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Jan 2 01:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2006835252d47e0c7cc9fc199a971fb73fc9df30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:65:eb:ab:69:a6:9a:e0:1b:5a:55:7c:dd:54:
f8:b2:d4:db:46:f2:a8:ce:2e:17:e2:a2:f1:8f:8d:
58:e3:0c:d0:a2:f6:fd:81:37:3a:73:15:ff:34:50:
07:35:7b:2a:e1:96:1b:48:a2:66:24:bc:2f:8e:7b:
f2:aa:03:36:94:95:fc:50:cf:e7:9c:f6:7d:ca:c3:
84:28:53:98:4a:fa:b0:41:e1:57:d7:98:56:72:3b:
b9:c1:65:52:fb:50:94:74:e8:92:4f:b5:74:59:b4:
5f:46:0e:3a:7d:0d:16:6d:84:85:e9:1b:5f:2e:29:
5d:06:49:00:4a:d8:2b:5d:5b:ba:65:60:28:cc:f3:
2f:d9:69:5d:12:2b:28:e8:58:8e:29:75:69:a7:1c:
7d:dd:25:31:7b:67:03:89:5e:06:34:82:28:6a:27:
c2:91:10:d5:58:44:8b:20:50:7c:ab:d4:be:98:46:
8b:dd:5d:27:06:02:df:6e:fe:14:ec:46:a5:56:2c:
fd:39:bb:a9:64:e9:8e:09:8a:a0:33:ca:f8:ca:7a:
b4:9b:ff:0b:97:d9:43:a7:08:3e:e4:4c:47:93:4f:
da:6e:0f:3d:aa:24:10:f1:1c:fe:35:c4:fb:81:66:
0c:2a:c4:c1:56:1d:86:55:a5:d6:88:3a:c9:f0:0c:
76:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:06:83:52:52:D4:7E:0C:7C:C9:FC:19:9A:97:1F:B7:3F:C9:DF:30
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/IAaDUlLUfgx8yfwZmpcftz_J3zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.138.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:7a:da:2b:da:50:93:c3:7d:d1:07:33:ad:6f:5a:d5:13:8e:
63:0f:1e:6a:53:15:bf:b8:64:3a:2c:6c:8f:4e:37:1c:8b:60:
14:e4:81:74:1b:ec:43:30:0c:d0:58:54:b8:40:ab:a7:c2:85:
24:84:a1:17:23:45:84:d5:2e:5c:fa:b1:2e:e3:d1:63:35:82:
a7:83:02:fc:3f:65:3b:4f:41:f8:33:30:49:b1:4c:58:d8:8b:
48:82:44:21:f6:ae:e4:c9:a0:d4:e8:bd:06:bc:6f:24:03:a8:
e0:01:bf:18:95:d1:ca:4b:3d:5a:58:62:76:2e:21:5e:f3:7a:
6f:45:97:43:02:3f:c3:0c:60:f7:21:d8:37:3d:d8:0b:f3:92:
d7:e1:b3:b1:0e:f7:e1:a0:f6:b7:e9:32:4f:6b:83:56:c9:81:
5c:b4:b7:93:74:97:bb:03:45:8d:33:12:83:cc:dd:9b:00:0a:
64:cb:fc:cd:77:cf:c6:6f:82:24:d3:5d:b7:09:eb:15:e6:42:
54:22:75:35:43:42:00:af:6d:4f:ad:7c:57:51:9b:6d:78:38:
12:16:5b:47:55:6b:5a:54:72:5e:dd:cb:88:e0:68:18:cd:2b:
dc:c1:03:f7:ae:a4:65:08:e4:88:ec:63:53:cb:86:45:7a:7c:
d5:c7:93:fc
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQktAEkfIFYk+qvRG39Lw9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjUwMTAyMDE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDA2ODM1MjUyZDQ3ZTBjN2NjOWZjMTk5YTk3MWZiNzNmYzlkZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGXrq2mmmuAbWlV83VT4stTbRvKo
zi4X4qLxj41Y4wzQovb9gTc6cxX/NFAHNXsq4ZYbSKJmJLwvjnvyqgM2lJX8UM/n
nPZ9ysOEKFOYSvqwQeFX15hWcju5wWVS+1CUdOiST7V0WbRfRg46fQ0WbYSF6Rtf
LildBkkAStgrXVu6ZWAozPMv2WldEiso6FiOKXVppxx93SUxe2cDiV4GNIIoaifC
kRDVWESLIFB8q9S+mEaL3V0nBgLfbv4U7EalViz9ObupZOmOCYqgM8r4ynq0m/8L
l9lDpwg+5ExHk0/abg89qiQQ8Rz+NcT7gWYMKsTBVh2GVaXWiDrJ8Ax2TwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCAGg1JS1H4MfMn8GZqXH7c/yd8wMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL0lBYURVbExVZmd4OHlmd1ptcGNmdHpfSjN6QS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTvYow
DQYJKoZIhvcNAQELBQADggEBACx62ivaUJPDfdEHM61vWtUTjmMPHmpTFb+4ZDos
bI9ONxyLYBTkgXQb7EMwDNBYVLhAq6fChSSEoRcjRYTVLlz6sS7j0WM1gqeDAvw/
ZTtPQfgzMEmxTFjYi0iCRCH2ruTJoNTovQa8byQDqOABvxiV0cpLPVpYYnYuIV7z
em9Fl0MCP8MMYPch2Dc92Avzktfhs7EO9+Gg9rfpMk9rg1bJgVy0t5N0l7sDRY0z
EoPM3ZsACmTL/M13z8ZvgiTTXbcJ6xXmQlQidTVDQgCvbU+tfFdRm214OBIWW0dV
a1pUcl7dy4jgaBjNK9zBA/eupGUI5IjsY1PLhkV6fNXHk/w=
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:14:56 2025 by rpki-client