Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/E4huDfnBgL0SxNSokvbPURylILA.roa
File: E4huDfnBgL0SxNSokvbPURylILA.roa (raw, json)
Hash identifier: zOemPLhh8aAGXUosEE9IsR6O7Wk0CnUuiw1iVN/GQiI=
Subject key identifier: 13:88:6E:0D:F9:C1:80:BD:12:C4:D4:A8:92:F6:CF:51:1C:A5:20:B0
Certificate issuer: /CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Certificate serial: 0195326916B1E812D60E355C97415EFF37E2
Authority key identifier: BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/E4huDfnBgL0SxNSokvbPURylILA.roa
Signing time: Sun 23 Feb 2025 10:45:02 +0000
ROA not before: Sun 23 Feb 2025 10:45:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 193.31.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:32:69:16:b1:e8:12:d6:0e:35:5c:97:41:5e:ff:37:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Validity
Not Before: Feb 23 10:45:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13886e0df9c180bd12c4d4a892f6cf511ca520b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bf:80:f2:f8:f8:4f:55:de:f2:77:2e:66:ac:
30:f4:59:1b:24:54:82:36:5e:af:bf:ca:85:f1:c8:
c5:76:b0:61:77:ee:31:14:c7:0c:61:a5:68:1f:46:
b9:8f:27:b3:79:8f:1b:89:d7:9f:ed:65:e4:0b:c9:
ce:84:0f:aa:af:6d:1f:16:7a:98:a0:5b:3b:2e:74:
24:26:b9:28:dd:a3:4c:ca:7f:96:aa:6c:66:da:0b:
c4:15:33:26:e6:38:6d:cb:11:84:69:69:96:6e:0c:
3d:73:b4:51:f4:5e:78:5b:e4:26:c1:df:5b:34:7b:
57:60:96:5f:04:dd:8d:88:7e:1f:ec:5b:f9:05:60:
4f:27:6f:bd:b5:e5:fe:cb:b7:d0:15:a2:40:51:3e:
7a:c6:7b:e5:cb:6c:56:71:66:f9:fc:3f:f6:e7:b7:
ff:e4:db:00:cb:4b:8e:3c:52:4a:58:09:6b:9e:3d:
74:08:fa:1c:d3:8e:6a:9f:96:bb:c2:04:cc:a3:47:
02:82:6f:b7:8a:c8:a3:44:e3:3a:d5:7e:98:83:b9:
59:61:25:c0:d5:80:5a:30:2c:08:c4:08:71:51:cf:
2a:a2:99:1e:a9:dd:c1:0f:9d:9c:30:62:cd:4e:c3:
d6:50:0d:8d:b7:15:de:7c:ec:55:df:7f:e1:05:49:
6f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:88:6E:0D:F9:C1:80:BD:12:C4:D4:A8:92:F6:CF:51:1C:A5:20:B0
X509v3 Authority Key Identifier:
keyid:BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/E4huDfnBgL0SxNSokvbPURylILA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.31.60.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:d3:75:8c:ed:b1:7d:2e:74:fe:50:05:5d:0b:b4:2a:ab:c6:
78:ed:d1:6c:11:7b:99:e4:59:94:d1:bc:70:8e:54:b7:8d:78:
5e:6f:46:72:52:3f:72:62:c4:29:b2:b5:55:89:5a:ec:df:ee:
0b:df:f3:fc:34:20:2a:0c:b9:8f:75:a0:d1:0a:8a:d1:2c:59:
b6:a5:88:9c:21:bb:8d:8a:73:db:17:76:c1:47:96:8f:1c:f3:
c3:26:9c:f4:87:6c:02:f0:26:51:87:d3:8a:49:c9:0a:e0:7d:
6c:1f:d0:d3:37:21:56:54:d2:6f:e4:52:3b:d5:3c:83:5f:09:
72:22:81:d0:35:07:75:0c:ed:22:60:bb:e0:e1:ae:d9:f1:d2:
6d:dc:41:18:a4:00:0e:b2:c1:3f:0f:ff:8e:c9:4b:b2:b9:6b:
6e:7b:34:bb:f6:ed:68:80:39:c7:29:f0:cf:3f:b9:83:36:5c:
bb:2c:45:11:ae:fe:40:ef:9b:b9:9d:11:e2:b0:de:0a:38:13:
3b:f1:4e:83:4a:7e:1b:83:c1:4a:64:a7:a4:0c:1b:d9:d6:75:
6a:9d:c3:73:61:34:2c:ba:dc:60:7c:06:1e:a3:09:e7:92:ee:
a5:9f:89:1d:f9:28:3c:0e:72:2d:bd:87:ff:7a:61:7c:09:6a:
cf:9d:09:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUyaRax6BLWDjVcl0Fe/zfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWQ1ZmVhZmQzOTE3NDcyNWJmZTRiZWY5MWJkMjdjN2Iy
ZjZmOTEwHhcNMjUwMjIzMTA0NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzg4NmUwZGY5YzE4MGJkMTJjNGQ0YTg5MmY2Y2Y1MTFjYTUyMGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7+A8vj4T1Xe8ncuZqww9FkbJFSC
Nl6vv8qF8cjFdrBhd+4xFMcMYaVoH0a5jyezeY8bidef7WXkC8nOhA+qr20fFnqY
oFs7LnQkJrko3aNMyn+Wqmxm2gvEFTMm5jhtyxGEaWmWbgw9c7RR9F54W+Qmwd9b
NHtXYJZfBN2NiH4f7Fv5BWBPJ2+9teX+y7fQFaJAUT56xnvly2xWcWb5/D/257f/
5NsAy0uOPFJKWAlrnj10CPoc045qn5a7wgTMo0cCgm+3isijROM61X6Yg7lZYSXA
1YBaMCwIxAhxUc8qopkeqd3BD52cMGLNTsPWUA2NtxXefOxV33/hBUlvawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBOIbg35wYC9EsTUqJL2z1EcpSCwMB8GA1UdIwQY
MBaAFL8dX+r9ORdHJb/kvvkb0nx7L2+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMt
MWE4Yzg0MmFmZTJhLzEvRTRodURmbkJnTDBTeE5Tb2t2YlBVUnlsSUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMtMWE4Yzg0MmFmZTJh
LzEvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR88MA0G
CSqGSIb3DQEBCwUAA4IBAQAa03WM7bF9LnT+UAVdC7Qqq8Z47dFsEXuZ5FmU0bxw
jlS3jXheb0ZyUj9yYsQpsrVViVrs3+4L3/P8NCAqDLmPdaDRCorRLFm2pYicIbuN
inPbF3bBR5aPHPPDJpz0h2wC8CZRh9OKSckK4H1sH9DTNyFWVNJv5FI71TyDXwly
IoHQNQd1DO0iYLvg4a7Z8dJt3EEYpAAOssE/D/+OyUuyuWtuezS79u1ogDnHKfDP
P7mDNly7LEURrv5A75u5nRHisN4KOBM78U6DSn4bg8FKZKekDBvZ1nVqncNzYTQs
utxgfAYeownnku6ln4kd+Sg8DnItvYf/emF8CWrPnQmP
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:59:24 2025 by rpki-client