Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/da3e5a-3002-41b0-af9a-3a73c333e7e7/1/NFxIuk4KnMOoaK7t1Cp4prQGCpc.roa
File: NFxIuk4KnMOoaK7t1Cp4prQGCpc.roa (raw, json)
Hash identifier: qLz7+g7LrMIsBpRTz+960ZyB6BF4g8W2iE+TmwJoilE=
Subject key identifier: 34:5C:48:BA:4E:0A:9C:C3:A8:68:AE:ED:D4:2A:78:A6:B4:06:0A:97
Certificate issuer: /CN=011994b1c5ae8f582bbecf67772b14b6d977baac
Certificate serial: 0194221F867D89941EE637D2CD364E94B2E2
Authority key identifier: 01:19:94:B1:C5:AE:8F:58:2B:BE:CF:67:77:2B:14:B6:D9:77:BA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ARmUscWuj1grvs9ndysUttl3uqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/da3e5a-3002-41b0-af9a-3a73c333e7e7/1/NFxIuk4KnMOoaK7t1Cp4prQGCpc.roa
Signing time: Wed 01 Jan 2025 13:47:58 +0000
ROA not before: Wed 01 Jan 2025 13:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215928
IP address blocks: 193.57.201.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:86:7d:89:94:1e:e6:37:d2:cd:36:4e:94:b2:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=011994b1c5ae8f582bbecf67772b14b6d977baac
Validity
Not Before: Jan 1 13:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=345c48ba4e0a9cc3a868aeedd42a78a6b4060a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:07:49:d7:f3:1a:8f:27:93:22:1a:0d:e9:e3:
6b:d4:ea:76:8a:dc:54:d2:55:8d:43:09:55:21:fc:
6b:39:73:2e:97:6b:0e:82:b1:a6:60:94:f1:62:65:
b9:f4:78:f9:69:83:44:61:5f:7a:b8:45:52:b1:71:
d7:fb:b6:f9:ce:23:8c:e4:2e:98:12:ed:00:e4:19:
59:69:31:b3:1f:6f:14:43:b8:21:1a:42:b7:61:8b:
e1:6e:38:73:69:3f:15:cb:b3:79:60:3f:47:a6:9d:
33:d0:ae:5f:ff:7e:74:77:a1:c2:7c:47:cf:db:40:
92:ec:f6:3b:20:1c:60:da:96:47:4d:27:81:1c:72:
c3:41:e0:5c:ff:04:99:74:f0:a7:f4:8a:a4:1c:fc:
32:54:f2:c6:50:da:7f:74:a0:0a:da:fc:6f:9e:8c:
cb:f9:c4:c8:d5:23:2d:9b:d3:be:9f:0c:30:00:4f:
dd:33:2a:d4:b3:78:a8:20:61:61:f8:47:86:37:0d:
59:da:3f:12:0a:99:e2:9c:77:61:87:ab:c0:8d:62:
ea:38:59:a5:12:3d:fd:69:3e:52:b5:4e:7a:2e:70:
3b:ec:9f:8f:70:d3:68:91:96:65:69:17:18:ca:c5:
5a:8a:30:c0:c6:28:98:4a:55:ff:c2:0d:72:82:77:
d8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:5C:48:BA:4E:0A:9C:C3:A8:68:AE:ED:D4:2A:78:A6:B4:06:0A:97
X509v3 Authority Key Identifier:
keyid:01:19:94:B1:C5:AE:8F:58:2B:BE:CF:67:77:2B:14:B6:D9:77:BA:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ARmUscWuj1grvs9ndysUttl3uqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/da3e5a-3002-41b0-af9a-3a73c333e7e7/1/NFxIuk4KnMOoaK7t1Cp4prQGCpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/da3e5a-3002-41b0-af9a-3a73c333e7e7/1/ARmUscWuj1grvs9ndysUttl3uqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.201.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:bc:d6:7e:46:15:b8:a9:df:32:1f:d4:e4:75:92:ee:83:b4:
38:94:8b:2b:85:2b:2d:e0:b2:64:88:21:df:7b:05:b5:60:fe:
d3:06:cf:3d:a3:3b:af:0d:9f:16:66:e2:1b:05:e6:78:46:43:
36:ce:cb:25:12:42:80:82:f7:9b:76:c6:0c:35:fa:82:7c:51:
3c:bd:a2:94:bc:e0:a9:40:f4:42:6b:00:38:50:6e:8b:3d:6a:
a0:96:90:06:81:98:c0:4f:b1:5b:81:24:97:55:77:19:29:ce:
5e:1c:bd:a4:47:72:b3:b1:84:c1:01:1a:14:ee:5c:37:aa:08:
d0:50:bc:fa:07:23:10:10:25:ce:88:ca:67:bb:4c:79:93:d1:
23:96:3a:b9:93:d4:7c:6c:e0:b1:04:1d:e1:22:90:29:bb:77:
9b:99:25:36:6f:38:ef:d1:14:04:28:55:50:ab:2c:6e:b4:0d:
0d:35:97:7f:cf:85:85:4b:93:30:3d:a3:bd:2a:36:9b:2a:18:
f0:80:c5:a1:7c:d7:ff:f8:7a:a3:d7:58:a0:2a:ae:e9:ba:4b:
b9:01:cc:1d:e3:10:b9:14:b0:cc:f2:d5:9f:88:78:c9:83:67:
a2:2b:0d:d1:5e:43:a0:66:53:a2:20:44:05:92:9e:e9:21:18:
3d:ef:9c:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH4Z9iZQe5jfSzTZOlLLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMTk5NGIxYzVhZThmNTgyYmJlY2Y2Nzc3MmIxNGI2ZDk3
N2JhYWMwHhcNMjUwMTAxMTM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDVjNDhiYTRlMGE5Y2MzYTg2OGFlZWRkNDJhNzhhNmI0MDYwYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gdJ1/MajyeTIhoN6eNr1Op2itxU
0lWNQwlVIfxrOXMul2sOgrGmYJTxYmW59Hj5aYNEYV96uEVSsXHX+7b5ziOM5C6Y
Eu0A5BlZaTGzH28UQ7ghGkK3YYvhbjhzaT8Vy7N5YD9Hpp0z0K5f/350d6HCfEfP
20CS7PY7IBxg2pZHTSeBHHLDQeBc/wSZdPCn9IqkHPwyVPLGUNp/dKAK2vxvnozL
+cTI1SMtm9O+nwwwAE/dMyrUs3ioIGFh+EeGNw1Z2j8SCpninHdhh6vAjWLqOFml
Ej39aT5StU56LnA77J+PcNNokZZlaRcYysVaijDAxiiYSlX/wg1ygnfYkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRcSLpOCpzDqGiu7dQqeKa0BgqXMB8GA1UdIwQY
MBaAFAEZlLHFro9YK77PZ3crFLbZd7qsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVJtVXNjV3VqMWdydnM5bmR5c1V0dGwzdXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9kYTNlNWEtMzAwMi00MWIwLWFmOWEt
M2E3M2MzMzNlN2U3LzEvTkZ4SXVrNEtuTU9vYUs3dDFDcDRwclFHQ3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9kYTNlNWEtMzAwMi00MWIwLWFmOWEtM2E3M2MzMzNlN2U3
LzEvQVJtVXNjV3VqMWdydnM5bmR5c1V0dGwzdXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTnJMA0G
CSqGSIb3DQEBCwUAA4IBAQAtvNZ+RhW4qd8yH9TkdZLug7Q4lIsrhSst4LJkiCHf
ewW1YP7TBs89ozuvDZ8WZuIbBeZ4RkM2zsslEkKAgvebdsYMNfqCfFE8vaKUvOCp
QPRCawA4UG6LPWqglpAGgZjAT7FbgSSXVXcZKc5eHL2kR3KzsYTBARoU7lw3qgjQ
ULz6ByMQECXOiMpnu0x5k9Ejljq5k9R8bOCxBB3hIpApu3ebmSU2bzjv0RQEKFVQ
qyxutA0NNZd/z4WFS5MwPaO9KjabKhjwgMWhfNf/+Hqj11igKq7puku5Acwd4xC5
FLDM8tWfiHjJg2eiKw3RXkOgZlOiIEQFkp7pIRg975xi
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:17:43 2025 by rpki-client