Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cd4ac8-2235-4539-85b1-78a709d7fefd/1/0nxavr9Olkceoj9Ip5pQzq80Ltg.roa
File: 0nxavr9Olkceoj9Ip5pQzq80Ltg.roa (raw, json)
Hash identifier: H1nxHG1itzB1VNdjuc+c4R+YY5ECcG+a1AVdeHoHUKo=
Subject key identifier: D2:7C:5A:BE:BF:4E:96:47:1E:A2:3F:48:A7:9A:50:CE:AF:34:2E:D8
Certificate issuer: /CN=da16c6198d0dc1942fc11ea8fd046b8f8427e829
Certificate serial: 018CC5013AC594ACAB3FA125C2DCC415154B
Authority key identifier: DA:16:C6:19:8D:0D:C1:94:2F:C1:1E:A8:FD:04:6B:8F:84:27:E8:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2hbGGY0NwZQvwR6o_QRrj4Qn6Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cd4ac8-2235-4539-85b1-78a709d7fefd/1/0nxavr9Olkceoj9Ip5pQzq80Ltg.roa
Signing time: Mon 01 Jan 2024 12:30:41 +0000
ROA not before: Mon 01 Jan 2024 12:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206150
IP address blocks: 193.5.44.0/24 maxlen: 24
193.5.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:3a:c5:94:ac:ab:3f:a1:25:c2:dc:c4:15:15:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da16c6198d0dc1942fc11ea8fd046b8f8427e829
Validity
Not Before: Jan 1 12:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d27c5abebf4e96471ea23f48a79a50ceaf342ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ec:9a:4a:be:df:0a:3d:d9:d3:7a:3a:c4:24:
27:b0:b4:69:49:ac:9c:ac:65:41:43:7d:ef:1b:24:
0f:53:b4:c8:f3:0a:50:41:05:18:a5:14:3d:db:e0:
89:7b:2a:5d:94:cb:c7:b6:fb:fe:8f:bb:e9:65:d9:
48:f8:33:4c:81:2e:a4:43:aa:0c:42:e2:a2:2a:d0:
6c:28:d3:54:54:7b:05:3e:3d:8b:68:ea:99:e7:02:
db:76:74:e1:c5:8d:26:86:a9:cc:02:6c:26:b4:c2:
2b:47:ee:69:93:5e:69:21:fe:ef:67:6c:6e:5e:e8:
00:21:ce:ad:49:cd:90:f0:9c:d0:20:75:cf:e4:a0:
f7:d9:10:fa:04:93:ad:05:9a:82:bd:ec:07:1e:74:
fd:7a:f3:c0:7e:be:85:40:2f:f7:0a:0b:30:60:0b:
98:d6:e2:06:a3:9d:02:8c:13:d2:f0:df:5e:96:69:
c1:9f:cd:a8:bd:96:70:ba:c3:10:4c:d6:fa:a5:d5:
11:54:dd:44:d5:e0:55:bc:38:1c:52:8d:6e:80:55:
e2:f2:9f:16:52:09:67:7b:ef:68:ba:6b:62:1b:85:
89:35:01:57:4f:e6:43:c5:4b:7c:86:5d:92:b9:6a:
0f:22:9a:53:93:4b:16:af:bd:38:69:ae:ca:cc:04:
a2:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:7C:5A:BE:BF:4E:96:47:1E:A2:3F:48:A7:9A:50:CE:AF:34:2E:D8
X509v3 Authority Key Identifier:
keyid:DA:16:C6:19:8D:0D:C1:94:2F:C1:1E:A8:FD:04:6B:8F:84:27:E8:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2hbGGY0NwZQvwR6o_QRrj4Qn6Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cd4ac8-2235-4539-85b1-78a709d7fefd/1/0nxavr9Olkceoj9Ip5pQzq80Ltg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cd4ac8-2235-4539-85b1-78a709d7fefd/1/2hbGGY0NwZQvwR6o_QRrj4Qn6Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.44.0/23
Signature Algorithm: sha256WithRSAEncryption
42:de:53:ec:40:fd:b0:f0:44:c9:4b:1f:a4:ce:8a:72:2c:be:
0e:98:81:5e:4d:62:a2:6c:ad:5f:8d:64:6f:ad:37:10:b3:75:
d8:1d:80:8d:78:af:ed:d4:81:61:c0:a0:6c:fd:df:32:32:fa:
cb:d6:26:9f:a1:40:03:57:2e:df:6a:0a:73:ec:91:d3:79:19:
71:9e:2a:62:11:11:8c:31:39:27:5b:b7:10:3d:06:4c:ad:57:
17:0d:ef:87:da:8d:8e:7c:2a:bf:1f:bd:9d:51:a1:31:49:a8:
6d:79:93:c7:0d:40:c1:da:25:36:9a:6d:f3:60:b1:8d:9f:38:
0d:56:9c:a2:de:17:be:b7:b9:07:f2:6a:88:14:6f:e5:5b:fb:
af:bd:85:89:d5:08:ee:af:43:a3:8d:6c:8f:8c:a3:9b:b4:37:
39:55:7b:72:6d:fb:e9:5a:41:16:31:a4:03:a0:8f:12:27:67:
c2:48:27:0f:45:9b:ea:cf:fe:36:20:3b:a8:12:7d:53:a2:b1:
1d:1e:37:84:2e:9f:ca:14:72:91:f1:ed:fe:b0:0b:fe:4b:48:
86:56:43:a7:ee:0b:fa:0c:0b:3a:20:a4:6a:50:b8:c1:8a:43:
0d:17:c0:a6:e1:01:25:6f:85:7c:1c:10:b9:4e:a3:e4:6d:02:
2b:f7:d0:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFATrFlKyrP6ElwtzEFRVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMTZjNjE5OGQwZGMxOTQyZmMxMWVhOGZkMDQ2YjhmODQy
N2U4MjkwHhcNMjQwMTAxMTIzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjdjNWFiZWJmNGU5NjQ3MWVhMjNmNDhhNzlhNTBjZWFmMzQyZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleyaSr7fCj3Z03o6xCQnsLRpSayc
rGVBQ33vGyQPU7TI8wpQQQUYpRQ92+CJeypdlMvHtvv+j7vpZdlI+DNMgS6kQ6oM
QuKiKtBsKNNUVHsFPj2LaOqZ5wLbdnThxY0mhqnMAmwmtMIrR+5pk15pIf7vZ2xu
XugAIc6tSc2Q8JzQIHXP5KD32RD6BJOtBZqCvewHHnT9evPAfr6FQC/3CgswYAuY
1uIGo50CjBPS8N9elmnBn82ovZZwusMQTNb6pdURVN1E1eBVvDgcUo1ugFXi8p8W
Uglne+9oumtiG4WJNQFXT+ZDxUt8hl2SuWoPIppTk0sWr704aa7KzASiOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNJ8Wr6/TpZHHqI/SKeaUM6vNC7YMB8GA1UdIwQY
MBaAFNoWxhmNDcGUL8EeqP0Ea4+EJ+gpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmhiR0dZME53WlF2d1I2b19RUnJqNFFuNkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZDRhYzgtMjIzNS00NTM5LTg1YjEt
NzhhNzA5ZDdmZWZkLzEvMG54YXZyOU9sa2Nlb2o5SXA1cFF6cTgwTHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZDRhYzgtMjIzNS00NTM5LTg1YjEtNzhhNzA5ZDdmZWZk
LzEvMmhiR0dZME53WlF2d1I2b19RUnJqNFFuNkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwQUsMA0G
CSqGSIb3DQEBCwUAA4IBAQBC3lPsQP2w8ETJSx+kzopyLL4OmIFeTWKibK1fjWRv
rTcQs3XYHYCNeK/t1IFhwKBs/d8yMvrL1iafoUADVy7fagpz7JHTeRlxnipiERGM
MTknW7cQPQZMrVcXDe+H2o2OfCq/H72dUaExSahteZPHDUDB2iU2mm3zYLGNnzgN
Vpyi3he+t7kH8mqIFG/lW/uvvYWJ1Qjur0OjjWyPjKObtDc5VXtybfvpWkEWMaQD
oI8SJ2fCSCcPRZvqz/42IDuoEn1TorEdHjeELp/KFHKR8e3+sAv+S0iGVkOn7gv6
DAs6IKRqULjBikMNF8Cm4QElb4V8HBC5TqPkbQIr99BH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:03 2025 by rpki-client