Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/9df11b-0187-4a91-b5d1-2d28a19135fd/1/JTkFn5E31NEi0T3jHFsEReuBpS0.roa
File: JTkFn5E31NEi0T3jHFsEReuBpS0.roa (raw, json)
Hash identifier: kKlmo0yCwDoRfIckDgl+hlLcGOfvby6dj08uXZBlD8g=
Subject key identifier: 25:39:05:9F:91:37:D4:D1:22:D1:3D:E3:1C:5B:04:45:EB:81:A5:2D
Certificate issuer: /CN=0687a4aca581d8ebcdfe24b65f1e70a12f289a78
Certificate serial: 019425213B33CA8BE6D283FE6E6DEFE674C5
Authority key identifier: 06:87:A4:AC:A5:81:D8:EB:CD:FE:24:B6:5F:1E:70:A1:2F:28:9A:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BoekrKWB2OvN_iS2Xx5woS8omng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/9df11b-0187-4a91-b5d1-2d28a19135fd/1/JTkFn5E31NEi0T3jHFsEReuBpS0.roa
Signing time: Thu 02 Jan 2025 03:48:42 +0000
ROA not before: Thu 02 Jan 2025 03:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 193.33.176.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:3b:33:ca:8b:e6:d2:83:fe:6e:6d:ef:e6:74:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0687a4aca581d8ebcdfe24b65f1e70a12f289a78
Validity
Not Before: Jan 2 03:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2539059f9137d4d122d13de31c5b0445eb81a52d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7c:c7:9c:c5:10:7e:9f:93:a5:ec:b8:b2:07:
3e:c0:b0:b0:65:15:8e:25:bb:93:e1:3f:08:f4:1b:
2a:c7:c2:28:04:6b:9c:c5:b8:8e:b4:80:1a:3f:0e:
f5:84:a7:31:84:cb:1d:fa:5c:b2:9c:be:e8:3a:51:
7d:79:38:57:cd:5a:5f:52:8a:7f:08:df:07:db:27:
47:84:c4:3b:65:87:4c:11:df:06:3f:0b:05:b5:10:
e0:2a:6c:ec:ff:5d:32:62:74:20:09:9b:92:68:c7:
0d:81:b3:60:5b:a0:0b:44:81:01:6e:1a:91:fd:8e:
86:ce:1d:62:dd:99:3d:87:9a:1f:5b:59:be:bd:39:
d4:51:1c:18:2a:9d:ac:46:9a:5e:6b:42:91:77:9d:
8d:da:fb:df:75:87:fb:3e:3e:b5:0a:bf:b2:18:d3:
1a:2b:8b:18:1a:ad:63:53:ef:68:7c:bb:cc:f2:5a:
0d:ee:c2:4c:db:bb:eb:dd:d3:7f:b8:ee:f8:7a:8c:
3f:23:be:d1:c3:47:7f:06:19:82:21:b7:66:88:19:
85:7b:da:b1:8a:8e:12:bd:44:f1:6e:30:97:9e:e4:
2f:7b:5a:88:24:99:ff:b8:70:fc:fd:ff:ed:30:0c:
17:c8:03:f9:ab:ca:98:31:e7:00:f7:cb:f3:e3:76:
ad:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:39:05:9F:91:37:D4:D1:22:D1:3D:E3:1C:5B:04:45:EB:81:A5:2D
X509v3 Authority Key Identifier:
keyid:06:87:A4:AC:A5:81:D8:EB:CD:FE:24:B6:5F:1E:70:A1:2F:28:9A:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BoekrKWB2OvN_iS2Xx5woS8omng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/9df11b-0187-4a91-b5d1-2d28a19135fd/1/JTkFn5E31NEi0T3jHFsEReuBpS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/9df11b-0187-4a91-b5d1-2d28a19135fd/1/BoekrKWB2OvN_iS2Xx5woS8omng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.176.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:61:85:0a:79:09:65:2c:a9:83:8e:a6:80:a0:4b:da:dc:cc:
7a:9a:1d:2d:af:6f:47:04:f9:a3:7d:93:a0:90:0f:ea:99:74:
0f:dd:46:18:00:84:bb:bc:25:96:09:9b:2d:a4:01:b5:28:2d:
e6:45:70:c3:fb:4c:6e:c0:5a:a3:8b:eb:82:a6:83:24:94:5e:
98:b2:84:42:cb:00:2a:9b:cf:b0:bf:b7:eb:de:5f:f3:3b:13:
9d:33:39:ce:73:6a:94:17:42:e6:11:9a:f8:07:59:89:42:28:
71:ca:bc:eb:dd:e1:0b:98:4d:2f:f1:75:45:09:fe:07:2f:41:
2e:04:9c:18:64:14:39:fd:8d:6d:22:cc:87:a1:f0:ed:3e:9c:
90:0c:7a:24:12:de:a9:e2:9c:c1:36:f2:33:13:66:18:4a:db:
1a:5d:e9:7b:eb:fb:37:fd:ec:72:f6:2d:38:e8:e0:39:f0:8b:
6c:87:08:e3:a2:cd:b1:85:0e:75:9b:b3:f7:cf:19:8d:d7:71:
71:7d:b2:d3:92:f6:78:2a:da:42:2e:1f:29:ba:2f:e5:1a:9f:
8f:f5:9e:57:04:62:17:7d:1c:12:09:8a:6b:32:2c:df:e3:f9:
bd:9a:f6:e8:65:23:9f:15:3d:44:d4:37:bf:8e:e0:aa:8d:57:
99:0b:52:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlITszyovm0oP+bm3v5nTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ODdhNGFjYTU4MWQ4ZWJjZGZlMjRiNjVmMWU3MGExMmYy
ODlhNzgwHhcNMjUwMTAyMDM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTM5MDU5ZjkxMzdkNGQxMjJkMTNkZTMxYzViMDQ0NWViODFhNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynzHnMUQfp+Tpey4sgc+wLCwZRWO
JbuT4T8I9Bsqx8IoBGucxbiOtIAaPw71hKcxhMsd+lyynL7oOlF9eThXzVpfUop/
CN8H2ydHhMQ7ZYdMEd8GPwsFtRDgKmzs/10yYnQgCZuSaMcNgbNgW6ALRIEBbhqR
/Y6Gzh1i3Zk9h5ofW1m+vTnUURwYKp2sRppea0KRd52N2vvfdYf7Pj61Cr+yGNMa
K4sYGq1jU+9ofLvM8loN7sJM27vr3dN/uO74eow/I77Rw0d/BhmCIbdmiBmFe9qx
io4SvUTxbjCXnuQve1qIJJn/uHD8/f/tMAwXyAP5q8qYMecA98vz43atbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCU5BZ+RN9TRItE94xxbBEXrgaUtMB8GA1UdIwQY
MBaAFAaHpKylgdjrzf4ktl8ecKEvKJp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm9la3JLV0IyT3ZOX2lTMlh4NXdvUzhvbW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy85ZGYxMWItMDE4Ny00YTkxLWI1ZDEt
MmQyOGExOTEzNWZkLzEvSlRrRm41RTMxTkVpMFQzakhGc0VSZXVCcFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy85ZGYxMWItMDE4Ny00YTkxLWI1ZDEtMmQyOGExOTEzNWZk
LzEvQm9la3JLV0IyT3ZOX2lTMlh4NXdvUzhvbW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwSGwMA0G
CSqGSIb3DQEBCwUAA4IBAQCPYYUKeQllLKmDjqaAoEva3Mx6mh0tr29HBPmjfZOg
kA/qmXQP3UYYAIS7vCWWCZstpAG1KC3mRXDD+0xuwFqji+uCpoMklF6YsoRCywAq
m8+wv7fr3l/zOxOdMznOc2qUF0LmEZr4B1mJQihxyrzr3eELmE0v8XVFCf4HL0Eu
BJwYZBQ5/Y1tIsyHofDtPpyQDHokEt6p4pzBNvIzE2YYStsaXel76/s3/exy9i04
6OA58Itshwjjos2xhQ51m7P3zxmN13FxfbLTkvZ4KtpCLh8pui/lGp+P9Z5XBGIX
fRwSCYprMizf4/m9mvboZSOfFT1E1De/juCqjVeZC1IT
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:32 2025 by rpki-client