Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/922bcd-f1ad-4d63-8243-294b1aa14866/1/vZncObou1n1Gou3XB_i7Ru4V5WA.roa
File: vZncObou1n1Gou3XB_i7Ru4V5WA.roa (raw, json)
Hash identifier: iik1zhTFoCIgqbBLWbxX8UR2ffHIMvhG03bvL/Xp/YU=
Subject key identifier: BD:99:DC:39:BA:2E:D6:7D:46:A2:ED:D7:07:F8:BB:46:EE:15:E5:60
Certificate issuer: /CN=895364dd8ff730a908b09b5f9913c153fc16aa3c
Certificate serial: 0194274872992FB7F806705CD6CF3FA266BF
Authority key identifier: 89:53:64:DD:8F:F7:30:A9:08:B0:9B:5F:99:13:C1:53:FC:16:AA:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iVNk3Y_3MKkIsJtfmRPBU_wWqjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/922bcd-f1ad-4d63-8243-294b1aa14866/1/vZncObou1n1Gou3XB_i7Ru4V5WA.roa
Signing time: Thu 02 Jan 2025 13:50:46 +0000
ROA not before: Thu 02 Jan 2025 13:50:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44129
IP address blocks: 193.169.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:72:99:2f:b7:f8:06:70:5c:d6:cf:3f:a2:66:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=895364dd8ff730a908b09b5f9913c153fc16aa3c
Validity
Not Before: Jan 2 13:50:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd99dc39ba2ed67d46a2edd707f8bb46ee15e560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d9:f1:0c:bc:c4:46:b3:ee:1d:74:e3:c5:86:
2e:f8:36:47:80:5b:cd:a3:27:78:60:56:7d:da:0a:
e3:fb:c4:41:96:76:05:4b:d9:fa:d6:0b:bf:ed:58:
6a:12:05:e2:28:99:72:37:35:5a:ce:db:4c:19:70:
17:cd:5d:67:a1:d6:a1:6f:85:dc:63:43:81:76:ed:
65:e3:bd:79:9b:9a:d2:6a:f8:29:18:78:1a:69:7c:
c7:54:2d:3f:ac:3e:87:01:7c:25:39:36:f4:81:d4:
3f:45:83:40:1e:5d:46:fd:da:7a:5f:98:49:fc:59:
cd:1c:9c:47:42:4a:5d:e9:22:bb:94:62:c7:de:8f:
8c:60:e3:9f:fb:3f:7b:34:97:e3:58:e4:7b:fa:8a:
da:9e:85:20:f0:9a:63:0b:3e:d4:c6:79:5b:60:4b:
12:41:d8:dd:d2:86:76:91:56:2a:31:96:3c:a7:c1:
43:8e:0d:07:6a:32:17:51:b0:97:b8:16:6f:aa:0f:
84:cf:e2:94:40:12:fa:0b:bd:96:0b:d4:06:1c:26:
b4:75:e1:61:48:22:ae:1e:21:f6:61:cd:9c:54:a0:
41:bc:51:88:e0:b7:fb:0f:78:4b:53:ba:be:0c:7d:
5c:1f:84:e8:33:08:ec:f7:7a:e9:fc:b9:cd:86:08:
2c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:99:DC:39:BA:2E:D6:7D:46:A2:ED:D7:07:F8:BB:46:EE:15:E5:60
X509v3 Authority Key Identifier:
keyid:89:53:64:DD:8F:F7:30:A9:08:B0:9B:5F:99:13:C1:53:FC:16:AA:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iVNk3Y_3MKkIsJtfmRPBU_wWqjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/922bcd-f1ad-4d63-8243-294b1aa14866/1/vZncObou1n1Gou3XB_i7Ru4V5WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/922bcd-f1ad-4d63-8243-294b1aa14866/1/iVNk3Y_3MKkIsJtfmRPBU_wWqjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.31.0/24
Signature Algorithm: sha256WithRSAEncryption
79:7b:1e:37:39:77:43:02:b0:c7:60:07:92:b9:91:b4:9a:a8:
76:b8:a0:ab:a4:a9:b8:2d:9e:da:67:4f:bb:d7:85:01:2b:d7:
c9:38:99:e4:1d:77:86:a0:6b:1d:71:f1:1f:db:b8:15:32:ba:
34:7f:61:1d:52:9a:f3:59:8d:85:ba:87:09:7d:7a:cf:55:55:
84:77:bb:8a:d6:8a:8e:c2:c9:f1:62:c1:04:4f:25:3e:e7:3c:
90:ef:2a:52:6e:9b:aa:25:6e:dc:c0:be:5e:d0:e8:95:11:0f:
68:60:26:5c:b8:79:32:33:03:07:50:66:19:34:c9:32:fe:cb:
77:ef:e0:50:3b:b4:31:0f:6f:50:f3:09:53:5e:9f:2a:60:ff:
eb:6b:62:c8:b6:2f:ce:c5:31:d8:31:69:fa:35:5f:00:23:a4:
e3:f8:e0:31:b3:b7:e3:88:f5:4d:68:db:b0:9a:7a:81:1c:47:
d0:f5:2f:57:71:35:81:ad:63:52:6d:e2:0b:ce:5e:cf:c5:b3:
38:79:ea:c8:17:05:53:69:24:59:85:34:ef:42:61:a3:9d:ed:
26:58:aa:55:10:11:67:ee:a8:26:4d:20:7b:d5:9a:fb:26:e3:
00:e8:42:40:34:e0:64:ef:bb:11:a1:49:fc:02:81:9c:ce:e9:
ec:3b:29:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSHKZL7f4BnBc1s8/oma/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NTM2NGRkOGZmNzMwYTkwOGIwOWI1Zjk5MTNjMTUzZmMx
NmFhM2MwHhcNMjUwMTAyMTM1MDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDk5ZGMzOWJhMmVkNjdkNDZhMmVkZDcwN2Y4YmI0NmVlMTVlNTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndnxDLzERrPuHXTjxYYu+DZHgFvN
oyd4YFZ92grj+8RBlnYFS9n61gu/7VhqEgXiKJlyNzVazttMGXAXzV1nodahb4Xc
Y0OBdu1l4715m5rSavgpGHgaaXzHVC0/rD6HAXwlOTb0gdQ/RYNAHl1G/dp6X5hJ
/FnNHJxHQkpd6SK7lGLH3o+MYOOf+z97NJfjWOR7+oranoUg8JpjCz7UxnlbYEsS
Qdjd0oZ2kVYqMZY8p8FDjg0HajIXUbCXuBZvqg+Ez+KUQBL6C72WC9QGHCa0deFh
SCKuHiH2Yc2cVKBBvFGI4Lf7D3hLU7q+DH1cH4ToMwjs93rp/LnNhggsvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL2Z3Dm6LtZ9RqLt1wf4u0buFeVgMB8GA1UdIwQY
MBaAFIlTZN2P9zCpCLCbX5kTwVP8Fqo8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVZOazNZXzNNS2tJc0p0Zm1SUEJVX3dXcWp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy85MjJiY2QtZjFhZC00ZDYzLTgyNDMt
Mjk0YjFhYTE0ODY2LzEvdlpuY09ib3UxbjFHb3UzWEJfaTdSdTRWNVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy85MjJiY2QtZjFhZC00ZDYzLTgyNDMtMjk0YjFhYTE0ODY2
LzEvaVZOazNZXzNNS2tJc0p0Zm1SUEJVX3dXcWp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwakfMA0G
CSqGSIb3DQEBCwUAA4IBAQB5ex43OXdDArDHYAeSuZG0mqh2uKCrpKm4LZ7aZ0+7
14UBK9fJOJnkHXeGoGsdcfEf27gVMro0f2EdUprzWY2FuocJfXrPVVWEd7uK1oqO
wsnxYsEETyU+5zyQ7ypSbpuqJW7cwL5e0OiVEQ9oYCZcuHkyMwMHUGYZNMky/st3
7+BQO7QxD29Q8wlTXp8qYP/ra2LIti/OxTHYMWn6NV8AI6Tj+OAxs7fjiPVNaNuw
mnqBHEfQ9S9XcTWBrWNSbeILzl7PxbM4eerIFwVTaSRZhTTvQmGjne0mWKpVEBFn
7qgmTSB71Zr7JuMA6EJANOBk77sRoUn8AoGczunsOymA
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:44 2025 by rpki-client