Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/Jds9VOdsrBFbfq4zn6-y356BGP4.roa
File: Jds9VOdsrBFbfq4zn6-y356BGP4.roa (raw, json)
Hash identifier: HezTqg7qCIYcC14zyjNtznQH/Br2gzRPiHXceTw8UGg=
Subject key identifier: 25:DB:3D:54:E7:6C:AC:11:5B:7E:AE:33:9F:AF:B2:DF:9E:81:18:FE
Certificate issuer: /CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Certificate serial: 01947B90FBF26893F202FC26B4853EB1B364
Authority key identifier: 92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/Jds9VOdsrBFbfq4zn6-y356BGP4.roa
Signing time: Sat 18 Jan 2025 22:38:06 +0000
ROA not before: Sat 18 Jan 2025 22:38:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49981
IP address blocks: 147.161.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7b:90:fb:f2:68:93:f2:02:fc:26:b4:85:3e:b1:b3:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Validity
Not Before: Jan 18 22:38:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25db3d54e76cac115b7eae339fafb2df9e8118fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:85:24:23:ae:cc:03:1e:23:d5:fa:57:37:8c:
e9:06:01:d8:cb:30:a7:df:17:10:df:a0:68:d4:4d:
00:e4:7a:6b:15:3c:c7:f7:db:e1:97:14:34:91:83:
d2:0d:c1:97:67:e2:9e:c3:98:35:1d:ca:14:e0:41:
2a:94:50:c9:2e:4e:3d:94:75:bf:46:dc:d4:fb:40:
67:18:cd:51:57:09:06:d0:58:44:0c:8a:9a:f8:19:
8e:83:40:2b:5f:fe:f2:e7:27:98:04:f9:fd:e5:6d:
36:28:46:59:79:66:90:f3:0f:39:28:a7:58:6c:9c:
94:7f:37:98:ac:0c:93:ae:79:8f:bd:e2:10:0a:98:
49:01:83:9e:63:8e:a0:48:52:1e:54:88:09:02:4e:
04:e2:f3:ce:ca:8e:ca:11:02:3c:51:cd:d7:28:87:
bc:18:9f:63:95:6f:0d:57:24:14:3c:59:f9:bf:9c:
6a:06:e1:24:59:97:bf:86:65:dc:49:79:1a:c0:2e:
23:33:83:7a:d5:13:b6:66:35:d3:db:25:95:ca:a9:
8c:65:c8:b6:28:fc:ae:ce:03:d4:03:f5:dc:e8:34:
06:78:b7:93:b0:41:c0:87:29:2d:4a:19:50:06:4b:
ee:9f:ee:f3:bc:bf:0d:ce:08:3a:d9:ed:16:43:07:
e1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:DB:3D:54:E7:6C:AC:11:5B:7E:AE:33:9F:AF:B2:DF:9E:81:18:FE
X509v3 Authority Key Identifier:
keyid:92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/Jds9VOdsrBFbfq4zn6-y356BGP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.161.2.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:e4:9e:d6:09:32:63:b0:00:57:da:1b:f1:e8:50:5f:3c:52:
1d:79:e4:54:b0:62:e2:15:db:a4:29:f6:ca:e2:6b:ec:bc:2a:
2d:75:ea:ad:0a:3e:43:f2:5f:f9:79:80:88:db:29:41:66:3d:
f7:f2:29:23:41:66:44:12:a7:29:c9:9b:ff:82:7b:19:05:8f:
6f:61:d6:45:72:1d:c1:eb:62:ac:3e:25:44:7b:9f:57:cc:64:
a1:52:01:2f:65:fd:b6:6b:17:a5:e2:a1:2f:93:79:50:44:67:
ba:6b:db:f1:41:14:85:7b:7a:f6:d9:0c:87:36:ad:52:6f:2e:
71:7d:78:b0:be:53:2a:36:c2:fd:9d:ae:31:b4:42:64:ca:9d:
bd:56:2f:15:35:73:bd:fc:b4:d1:48:1e:6b:7e:94:b2:1c:0f:
e6:41:fe:f0:6a:d8:39:eb:0f:43:68:9f:cd:b8:f8:6f:f5:2c:
63:d3:08:6b:27:9e:6e:5c:92:7f:33:f1:dd:8e:68:90:19:c3:
05:7f:cf:05:33:36:68:9a:36:37:9d:bf:04:60:b3:ad:c4:7a:
45:cc:f4:0b:d6:65:da:88:bc:dd:2c:b5:c5:9b:e5:48:df:c9:
25:bb:5a:d3:fb:24:b7:52:6e:92:83:aa:53:a3:4a:5b:e3:e4:
d9:78:33:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZR7kPvyaJPyAvwmtIU+sbNkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZTcyMDQ2NWM1Y2QwZGE5YzZhMTNiNDRmYTBkODZmNjQ5
ZTUwNTUwHhcNMjUwMTE4MjIzODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWRiM2Q1NGU3NmNhYzExNWI3ZWFlMzM5ZmFmYjJkZjllODExOGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYUkI67MAx4j1fpXN4zpBgHYyzCn
3xcQ36Bo1E0A5HprFTzH99vhlxQ0kYPSDcGXZ+Kew5g1HcoU4EEqlFDJLk49lHW/
RtzU+0BnGM1RVwkG0FhEDIqa+BmOg0ArX/7y5yeYBPn95W02KEZZeWaQ8w85KKdY
bJyUfzeYrAyTrnmPveIQCphJAYOeY46gSFIeVIgJAk4E4vPOyo7KEQI8Uc3XKIe8
GJ9jlW8NVyQUPFn5v5xqBuEkWZe/hmXcSXkawC4jM4N61RO2ZjXT2yWVyqmMZci2
KPyuzgPUA/Xc6DQGeLeTsEHAhyktShlQBkvun+7zvL8Nzgg62e0WQwfhMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCXbPVTnbKwRW36uM5+vst+egRj+MB8GA1UdIwQY
MBaAFJLnIEZcXNDanGoTtE+g2G9knlBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDkt
OTA5NmUxNjc0ZTIyLzEvSmRzOVZPZHNyQkZiZnE0em42LXkzNTZCR1A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDktOTA5NmUxNjc0ZTIy
LzEva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk6ECMA0G
CSqGSIb3DQEBCwUAA4IBAQC95J7WCTJjsABX2hvx6FBfPFIdeeRUsGLiFdukKfbK
4mvsvCotdeqtCj5D8l/5eYCI2ylBZj338ikjQWZEEqcpyZv/gnsZBY9vYdZFch3B
62KsPiVEe59XzGShUgEvZf22axel4qEvk3lQRGe6a9vxQRSFe3r22QyHNq1Sby5x
fXiwvlMqNsL9na4xtEJkyp29Vi8VNXO9/LTRSB5rfpSyHA/mQf7watg56w9DaJ/N
uPhv9Sxj0whrJ55uXJJ/M/HdjmiQGcMFf88FMzZomjY3nb8EYLOtxHpFzPQL1mXa
iLzdLLXFm+VI38klu1rT+yS3Um6Sg6pTo0pb4+TZeDO+
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:06:13 2025 by rpki-client