Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/4bb067-c365-452e-a93e-39da1ae8b731/1/ipmJ5LQmK4ddp63lgFVAIAYopkE.roa
File: ipmJ5LQmK4ddp63lgFVAIAYopkE.roa (raw, json)
Hash identifier: YVYb+vZufn7OkrWKbNACiC73zlWWGlO/lMGiNA3e8zY=
Subject key identifier: 8A:99:89:E4:B4:26:2B:87:5D:A7:AD:E5:80:55:40:20:06:28:A6:41
Certificate issuer: /CN=eb153da3c24ce1236e20c46861635dc8efb56a92
Certificate serial: 019422FB09CD6026F14CDE262DA6FC6CFCD3
Authority key identifier: EB:15:3D:A3:C2:4C:E1:23:6E:20:C4:68:61:63:5D:C8:EF:B5:6A:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6xU9o8JM4SNuIMRoYWNdyO-1apI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/4bb067-c365-452e-a93e-39da1ae8b731/1/ipmJ5LQmK4ddp63lgFVAIAYopkE.roa
Signing time: Wed 01 Jan 2025 17:47:44 +0000
ROA not before: Wed 01 Jan 2025 17:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8708
IP address blocks: 193.201.20.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:09:cd:60:26:f1:4c:de:26:2d:a6:fc:6c:fc:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb153da3c24ce1236e20c46861635dc8efb56a92
Validity
Not Before: Jan 1 17:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a9989e4b4262b875da7ade5805540200628a641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:76:51:45:16:45:48:bf:28:73:e4:83:84:bc:
48:83:f1:22:87:8c:1b:e7:ee:1c:01:62:bf:26:d2:
1f:31:33:38:4a:eb:15:4d:3d:45:3e:90:bc:c1:33:
a1:9e:42:ef:fc:f4:94:9e:bf:68:5a:6a:ff:0c:0c:
08:54:c1:34:c3:5f:7c:5e:ad:a4:81:11:5a:e9:35:
d1:be:04:ea:1d:bf:47:c5:e2:b7:d1:75:ef:15:b9:
92:38:ca:f5:a5:4c:16:2c:97:35:97:0d:4d:3b:63:
a1:db:14:fd:f7:80:3f:5d:de:a0:38:a2:e9:82:8d:
60:28:a1:3d:b8:a5:c8:2f:77:f5:a5:1b:48:a7:7e:
84:d7:30:67:40:2f:b5:ac:d7:6a:ac:40:cb:45:7b:
c8:a1:6b:8f:fc:c4:57:00:3b:25:27:5c:1a:4c:68:
30:7e:2b:df:f9:12:8a:7f:e5:af:a9:d3:0a:49:11:
2c:e4:51:75:59:76:a8:a3:c6:bf:29:42:da:d3:21:
65:50:43:fd:af:a5:2f:e2:87:41:f0:54:c5:98:9b:
e6:cd:78:5e:9b:1a:6b:36:48:fc:05:a1:fb:24:3f:
65:2a:39:e6:b4:42:c7:b9:5d:28:87:65:7b:6b:52:
08:27:a1:40:7c:e9:8d:a4:f7:7d:19:b5:10:89:5a:
f8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:99:89:E4:B4:26:2B:87:5D:A7:AD:E5:80:55:40:20:06:28:A6:41
X509v3 Authority Key Identifier:
keyid:EB:15:3D:A3:C2:4C:E1:23:6E:20:C4:68:61:63:5D:C8:EF:B5:6A:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6xU9o8JM4SNuIMRoYWNdyO-1apI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4bb067-c365-452e-a93e-39da1ae8b731/1/ipmJ5LQmK4ddp63lgFVAIAYopkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4bb067-c365-452e-a93e-39da1ae8b731/1/6xU9o8JM4SNuIMRoYWNdyO-1apI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.20.0/23
Signature Algorithm: sha256WithRSAEncryption
33:8a:7e:9c:06:cc:03:4a:c6:92:36:0e:06:3c:db:c8:f8:36:
6b:a9:05:be:95:43:5e:66:61:6e:91:b6:12:2e:3f:41:55:38:
fd:b3:6f:af:ff:86:7e:1e:97:02:e0:96:8c:31:d7:dc:b2:a3:
70:24:8f:cd:dd:8e:64:03:c3:72:19:a2:c6:47:c3:69:4c:f9:
bb:36:8c:0f:01:21:0c:29:b2:08:47:90:e7:17:eb:67:fc:ed:
52:f7:b7:81:a3:2d:51:af:9d:aa:55:8b:a0:38:26:39:b7:3e:
65:1e:31:2f:76:2b:10:51:ae:28:86:0b:12:5d:a3:d5:40:a0:
8c:55:8c:99:3b:a4:27:bb:dc:0e:6c:be:e1:af:ea:c0:9d:d8:
2f:b1:bf:c7:cd:4a:84:d4:55:e5:40:88:26:a3:68:7f:12:22:
63:d0:33:42:02:3d:34:f7:d8:c8:e7:f6:16:6e:41:6b:77:0a:
9d:5c:1a:03:37:b5:67:13:5e:61:f3:27:b9:d5:56:85:94:d8:
ce:61:78:8f:1d:d0:99:bc:af:89:25:84:75:31:11:50:f6:8a:
63:ee:24:76:d7:af:f7:a4:94:76:37:e5:43:e6:cc:11:f8:74:
bd:e2:a7:30:bb:0e:83:c2:8d:8f:6a:1e:0c:12:b5:a1:c3:2a:
de:f1:df:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+wnNYCbxTN4mLab8bPzTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMTUzZGEzYzI0Y2UxMjM2ZTIwYzQ2ODYxNjM1ZGM4ZWZi
NTZhOTIwHhcNMjUwMTAxMTc0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTk5ODllNGI0MjYyYjg3NWRhN2FkZTU4MDU1NDAyMDA2MjhhNjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHZRRRZFSL8oc+SDhLxIg/Eih4wb
5+4cAWK/JtIfMTM4SusVTT1FPpC8wTOhnkLv/PSUnr9oWmr/DAwIVME0w198Xq2k
gRFa6TXRvgTqHb9HxeK30XXvFbmSOMr1pUwWLJc1lw1NO2Oh2xT994A/Xd6gOKLp
go1gKKE9uKXIL3f1pRtIp36E1zBnQC+1rNdqrEDLRXvIoWuP/MRXADslJ1waTGgw
fivf+RKKf+WvqdMKSREs5FF1WXaoo8a/KULa0yFlUEP9r6Uv4odB8FTFmJvmzXhe
mxprNkj8BaH7JD9lKjnmtELHuV0oh2V7a1IIJ6FAfOmNpPd9GbUQiVr4GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIqZieS0JiuHXaet5YBVQCAGKKZBMB8GA1UdIwQY
MBaAFOsVPaPCTOEjbiDEaGFjXcjvtWqSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnhVOW84Sk00U051SU1Sb1lXTmR5Ty0xYXBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80YmIwNjctYzM2NS00NTJlLWE5M2Ut
MzlkYTFhZThiNzMxLzEvaXBtSjVMUW1LNGRkcDYzbGdGVkFJQVlvcGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80YmIwNjctYzM2NS00NTJlLWE5M2UtMzlkYTFhZThiNzMx
LzEvNnhVOW84Sk00U051SU1Sb1lXTmR5Ty0xYXBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwckUMA0G
CSqGSIb3DQEBCwUAA4IBAQAzin6cBswDSsaSNg4GPNvI+DZrqQW+lUNeZmFukbYS
Lj9BVTj9s2+v/4Z+HpcC4JaMMdfcsqNwJI/N3Y5kA8NyGaLGR8NpTPm7NowPASEM
KbIIR5DnF+tn/O1S97eBoy1Rr52qVYugOCY5tz5lHjEvdisQUa4ohgsSXaPVQKCM
VYyZO6Qnu9wObL7hr+rAndgvsb/HzUqE1FXlQIgmo2h/EiJj0DNCAj0099jI5/YW
bkFrdwqdXBoDN7VnE15h8ye51VaFlNjOYXiPHdCZvK+JJYR1MRFQ9opj7iR216/3
pJR2N+VD5swR+HS94qcwuw6Dwo2Pah4MErWhwyre8d9e
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:23 2025 by rpki-client