Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c6ab94-65b3-471c-b08c-076a750b8541/1/rlceh0z0qi4FxUGYf1S5hv84tmY.roa
File: rlceh0z0qi4FxUGYf1S5hv84tmY.roa (raw, json)
Hash identifier: YCNm2JKiZX4EgTQdbPRuaICefNmNsS+Ht6wjs3LlOwQ=
Subject key identifier: AE:57:1E:87:4C:F4:AA:2E:05:C5:41:98:7F:54:B9:86:FF:38:B6:66
Certificate issuer: /CN=eee416590585a5d351dbbca1f0b3ca9f62ab785d
Certificate serial: 0194266BAAFFC67D57382C726AC4252D9E12
Authority key identifier: EE:E4:16:59:05:85:A5:D3:51:DB:BC:A1:F0:B3:CA:9F:62:AB:78:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7uQWWQWFpdNR27yh8LPKn2KreF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c6ab94-65b3-471c-b08c-076a750b8541/1/rlceh0z0qi4FxUGYf1S5hv84tmY.roa
Signing time: Thu 02 Jan 2025 09:49:37 +0000
ROA not before: Thu 02 Jan 2025 09:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25117
IP address blocks: 193.56.242.0/23 maxlen: 24
193.56.244.0/23 maxlen: 24
193.57.120.0/23 maxlen: 24
193.57.124.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:aa:ff:c6:7d:57:38:2c:72:6a:c4:25:2d:9e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eee416590585a5d351dbbca1f0b3ca9f62ab785d
Validity
Not Before: Jan 2 09:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae571e874cf4aa2e05c541987f54b986ff38b666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:20:87:ca:02:21:cc:f4:a8:c2:27:9a:68:2d:
a7:33:7e:c1:77:90:39:3a:fb:12:db:8a:00:5e:9b:
22:74:fb:53:ac:00:ac:f0:4d:09:ac:c1:b6:b3:1a:
f3:e3:f6:e5:c0:5d:22:aa:fe:ee:8d:fc:50:61:3b:
03:87:ab:2d:d8:a4:da:3a:0c:1a:cb:41:25:35:2a:
9d:62:15:c8:3d:a2:71:48:92:f8:a5:40:e7:cd:e4:
63:50:48:31:da:b1:f6:04:f6:0a:76:74:a3:a5:06:
a6:71:ba:2d:92:23:d3:0e:88:fe:f6:ac:cb:76:4f:
3b:fc:b7:bf:28:5d:29:04:c8:ab:64:c9:92:ac:ab:
ac:a0:03:a9:2c:b2:94:24:9b:6b:9a:65:7f:3a:a8:
e3:63:26:4e:93:a7:01:ac:35:65:c3:a9:b1:c0:50:
33:f0:70:a6:22:19:76:e2:e4:33:79:ae:e6:d8:21:
a0:4c:71:3c:48:63:32:f3:da:e6:10:9b:b4:be:09:
d9:44:f3:a8:4a:9e:27:34:30:7c:81:6f:73:f6:66:
2f:c0:6b:56:5b:5a:b4:74:b6:da:9d:01:29:a6:c9:
af:25:d9:70:0a:51:33:95:ce:8c:ef:ef:86:31:57:
e6:d2:94:30:72:47:b1:b7:07:0b:4b:fc:49:1a:10:
d1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:57:1E:87:4C:F4:AA:2E:05:C5:41:98:7F:54:B9:86:FF:38:B6:66
X509v3 Authority Key Identifier:
keyid:EE:E4:16:59:05:85:A5:D3:51:DB:BC:A1:F0:B3:CA:9F:62:AB:78:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7uQWWQWFpdNR27yh8LPKn2KreF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c6ab94-65b3-471c-b08c-076a750b8541/1/rlceh0z0qi4FxUGYf1S5hv84tmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c6ab94-65b3-471c-b08c-076a750b8541/1/7uQWWQWFpdNR27yh8LPKn2KreF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.242.0-193.56.245.255
193.57.120.0/23
193.57.124.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:4d:ca:67:d0:40:30:ee:53:24:45:dd:41:05:32:c2:fa:c1:
ad:7b:38:64:3d:aa:83:ef:63:8a:4d:c5:bd:f6:3e:70:eb:ee:
1d:01:2e:ec:5b:3b:41:2f:b7:ea:fb:35:da:ac:94:72:cd:42:
49:f8:40:6b:5e:b6:9f:8f:4a:bb:da:ef:ca:b4:5c:e2:4d:88:
53:e0:d1:76:2a:63:9e:c7:22:aa:42:19:39:4e:fa:42:fc:74:
af:7d:a8:2a:1e:80:cc:2b:f5:ee:e4:88:48:b4:fc:66:3d:e3:
61:6f:dd:80:19:6f:8e:a9:df:e5:00:70:ce:0e:7e:f7:a7:86:
55:d3:4e:4d:00:1e:05:97:72:06:d1:55:15:13:17:a2:33:e1:
cb:e2:82:1a:e3:36:5c:e8:6f:98:5f:d6:06:bd:75:a3:e1:90:
2b:17:aa:4a:01:05:47:a7:09:d0:45:87:24:b2:e6:f3:6c:66:
58:78:0f:6e:14:3a:1c:9b:2b:65:a1:bd:dc:2b:cf:20:92:f6:
6b:61:8b:ff:88:e2:77:50:ad:e5:93:fd:07:7b:f2:96:36:7f:
57:dc:71:3f:bd:3c:dc:89:27:5d:6d:e4:08:5a:8d:f4:b9:79:
05:04:a2:bb:77:a9:19:d6:14:6d:f2:eb:75:87:36:1f:d3:59:
ab:1f:77:47
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQma6r/xn1XOCxyasQlLZ4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZTQxNjU5MDU4NWE1ZDM1MWRiYmNhMWYwYjNjYTlmNjJh
Yjc4NWQwHhcNMjUwMTAyMDk0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTU3MWU4NzRjZjRhYTJlMDVjNTQxOTg3ZjU0Yjk4NmZmMzhiNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSCHygIhzPSowieaaC2nM37Bd5A5
OvsS24oAXpsidPtTrACs8E0JrMG2sxrz4/blwF0iqv7ujfxQYTsDh6st2KTaOgwa
y0ElNSqdYhXIPaJxSJL4pUDnzeRjUEgx2rH2BPYKdnSjpQamcbotkiPTDoj+9qzL
dk87/Le/KF0pBMirZMmSrKusoAOpLLKUJJtrmmV/OqjjYyZOk6cBrDVlw6mxwFAz
8HCmIhl24uQzea7m2CGgTHE8SGMy89rmEJu0vgnZRPOoSp4nNDB8gW9z9mYvwGtW
W1q0dLbanQEppsmvJdlwClEzlc6M7++GMVfm0pQwckextwcLS/xJGhDRSwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFK5XHodM9KouBcVBmH9UuYb/OLZmMB8GA1UdIwQY
MBaAFO7kFlkFhaXTUdu8ofCzyp9iq3hdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3VRV1dRV0ZwZE5SMjd5aDhMUEtuMktyZUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jNmFiOTQtNjViMy00NzFjLWIwOGMt
MDc2YTc1MGI4NTQxLzEvcmxjZWgwejBxaTRGeFVHWWYxUzVodjg0dG1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jNmFiOTQtNjViMy00NzFjLWIwOGMtMDc2YTc1MGI4NTQx
LzEvN3VRV1dRV0ZwZE5SMjd5aDhMUEtuMktyZUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAHBOPID
BAHBOPQDBAHBOXgDBAHBOXwwDQYJKoZIhvcNAQELBQADggEBAKdNymfQQDDuUyRF
3UEFMsL6wa17OGQ9qoPvY4pNxb32PnDr7h0BLuxbO0Evt+r7NdqslHLNQkn4QGte
tp+PSrva78q0XOJNiFPg0XYqY57HIqpCGTlO+kL8dK99qCoegMwr9e7kiEi0/GY9
42Fv3YAZb46p3+UAcM4OfvenhlXTTk0AHgWXcgbRVRUTF6Iz4cvighrjNlzob5hf
1ga9daPhkCsXqkoBBUenCdBFhySy5vNsZlh4D24UOhybK2WhvdwrzyCS9mthi/+I
4ndQreWT/Qd78pY2f1fccT+9PNyJJ11t5AhajfS5eQUEort3qRnWFG3y63WHNh/T
Wasfd0c=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:23 2025 by rpki-client