Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/4XuqnuqpzriKoKvnugxZEMFXqIc.roa
File: 4XuqnuqpzriKoKvnugxZEMFXqIc.roa (raw, json)
Hash identifier: /9+892CgTMjRxnMXOFtKthEKVZ5Xw9n5NacRMM+Yskg=
Subject key identifier: E1:7B:AA:9E:EA:A9:CE:B8:8A:A0:AB:E7:BA:0C:59:10:C1:57:A8:87
Certificate issuer: /CN=b3143920956802a8eb4b4627a2ff4f3987ec1a3d
Certificate serial: 01856D78A10EDA72996417683C813907F89F
Authority key identifier: B3:14:39:20:95:68:02:A8:EB:4B:46:27:A2:FF:4F:39:87:EC:1A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxQ5IJVoAqjrS0Ynov9POYfsGj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/4XuqnuqpzriKoKvnugxZEMFXqIc.roa
Signing time: Sun 01 Jan 2023 13:15:00 +0000
ROA not before: Sun 01 Jan 2023 13:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47913
IP address blocks: 81.25.24.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:a1:0e:da:72:99:64:17:68:3c:81:39:07:f8:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3143920956802a8eb4b4627a2ff4f3987ec1a3d
Validity
Not Before: Jan 1 13:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e17baa9eeaa9ceb88aa0abe7ba0c5910c157a887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6f:6d:1b:b8:65:f0:12:ae:f3:32:d7:54:0b:
84:7a:91:46:1c:09:fa:ca:bf:73:82:9d:ff:8c:08:
64:3f:7b:6e:c8:2f:fd:9b:07:66:62:67:52:0f:f0:
6c:ab:0e:21:6d:7f:76:89:3e:bb:ed:42:d8:09:14:
a7:13:e4:5e:e5:8c:82:ec:63:b5:0d:65:3c:59:67:
02:c6:c3:32:5f:b7:ad:44:fd:60:2d:ad:3c:ae:a7:
67:9f:de:4b:55:69:99:0a:ef:51:3c:ce:74:9a:75:
52:e2:fb:78:a1:e9:f3:3b:c8:28:55:e0:25:73:4b:
e6:45:f1:63:6c:ed:31:fb:84:68:bc:c5:08:51:83:
cc:e1:72:63:d0:b8:c8:25:99:64:9b:29:79:ba:d9:
13:ab:0e:63:00:83:ef:2e:af:01:b2:6e:f9:12:8c:
f0:36:2b:3d:1a:60:43:15:80:f5:c0:bd:4b:62:69:
03:9b:7a:7f:b1:e5:16:5e:ea:d7:cd:17:29:2a:10:
32:2b:14:15:cf:3b:4f:07:44:a6:9a:41:dd:1e:0f:
e4:71:d3:3e:53:14:d7:01:74:24:a3:94:5a:97:74:
e9:ab:0c:b5:b2:88:d5:54:d5:62:66:6e:5a:fd:90:
bc:b2:af:12:d6:cd:e8:eb:fd:fb:90:67:2b:6b:31:
86:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:7B:AA:9E:EA:A9:CE:B8:8A:A0:AB:E7:BA:0C:59:10:C1:57:A8:87
X509v3 Authority Key Identifier:
keyid:B3:14:39:20:95:68:02:A8:EB:4B:46:27:A2:FF:4F:39:87:EC:1A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxQ5IJVoAqjrS0Ynov9POYfsGj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/4XuqnuqpzriKoKvnugxZEMFXqIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/sxQ5IJVoAqjrS0Ynov9POYfsGj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.24.0/21
Signature Algorithm: sha256WithRSAEncryption
15:ed:ed:3b:cf:cf:87:db:56:66:ac:1b:23:47:78:b3:c8:20:
47:b6:12:bb:f1:54:60:46:89:02:f8:9c:f6:d3:bc:1f:95:19:
22:4e:88:bc:fd:50:58:89:7d:83:a5:b7:52:24:21:80:01:0d:
18:8b:d5:ae:90:6f:f7:a8:96:5e:cb:e6:8e:9a:a2:30:79:b6:
e8:4c:a2:4e:b1:f1:5d:19:95:66:15:53:6f:1b:83:96:e9:78:
ae:1e:27:72:5d:2e:9b:1d:f5:bf:b4:f2:93:b5:ef:57:3d:67:
1c:d3:4a:78:f1:a9:15:ac:aa:7c:0f:8d:59:b0:f1:bc:2c:53:
ad:ac:fd:2d:b1:93:39:c7:c8:f1:aa:0c:42:7b:37:49:62:31:
28:72:cc:f2:91:03:4d:72:11:f4:07:32:aa:5f:71:6f:e0:ac:
35:1b:fc:a5:6c:09:00:83:3f:9b:c4:9a:ca:be:9c:42:7d:a8:
02:f5:89:11:17:f4:f2:d5:c1:60:4a:4a:ed:3f:b1:0c:56:62:
9c:3c:35:75:ae:ef:65:02:d0:62:10:a8:28:84:a0:5d:27:3e:
1c:5b:80:f1:c7:fd:42:62:9e:72:6e:62:b7:84:1f:71:b8:ff:
2e:e5:2c:0a:78:f3:ed:d3:89:cf:06:17:80:d0:3f:38:6e:90:
3d:44:2c:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteKEO2nKZZBdoPIE5B/ifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMTQzOTIwOTU2ODAyYThlYjRiNDYyN2EyZmY0ZjM5ODdl
YzFhM2QwHhcNMjMwMTAxMTMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTdiYWE5ZWVhYTljZWI4OGFhMGFiZTdiYTBjNTkxMGMxNTdhODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi29tG7hl8BKu8zLXVAuEepFGHAn6
yr9zgp3/jAhkP3tuyC/9mwdmYmdSD/Bsqw4hbX92iT677ULYCRSnE+Re5YyC7GO1
DWU8WWcCxsMyX7etRP1gLa08rqdnn95LVWmZCu9RPM50mnVS4vt4oenzO8goVeAl
c0vmRfFjbO0x+4RovMUIUYPM4XJj0LjIJZlkmyl5utkTqw5jAIPvLq8Bsm75Eozw
Nis9GmBDFYD1wL1LYmkDm3p/seUWXurXzRcpKhAyKxQVzztPB0SmmkHdHg/kcdM+
UxTXAXQko5Ral3Tpqwy1sojVVNViZm5a/ZC8sq8S1s3o6/37kGcrazGGDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOF7qp7qqc64iqCr57oMWRDBV6iHMB8GA1UdIwQY
MBaAFLMUOSCVaAKo60tGJ6L/TzmH7Bo9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3hRNUlKVm9BcWpyUzBZbm92OVBPWWZzR2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9hMWMxNDItODk0My00OWY0LThjYzkt
NmVmMmI5ZDdmMTA0LzEvNFh1cW51cXB6cmlLb0t2bnVneFpFTUZYcUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9hMWMxNDItODk0My00OWY0LThjYzktNmVmMmI5ZDdmMTA0
LzEvc3hRNUlKVm9BcWpyUzBZbm92OVBPWWZzR2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDURkYMA0G
CSqGSIb3DQEBCwUAA4IBAQAV7e07z8+H21ZmrBsjR3izyCBHthK78VRgRokC+Jz2
07wflRkiToi8/VBYiX2DpbdSJCGAAQ0Yi9WukG/3qJZey+aOmqIwebboTKJOsfFd
GZVmFVNvG4OW6XiuHidyXS6bHfW/tPKTte9XPWcc00p48akVrKp8D41ZsPG8LFOt
rP0tsZM5x8jxqgxCezdJYjEocszykQNNchH0BzKqX3Fv4Kw1G/ylbAkAgz+bxJrK
vpxCfagC9YkRF/Ty1cFgSkrtP7EMVmKcPDV1ru9lAtBiEKgohKBdJz4cW4Dxx/1C
Yp5ybmK3hB9xuP8u5SwKePPt04nPBheA0D84bpA9RCxB
-----END CERTIFICATE-----
Generated at Sun Jun 8 21:35:01 2025 by rpki-client