Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/orZxC-53BDBk1U6uuSN8DRaau2c.roa
File: orZxC-53BDBk1U6uuSN8DRaau2c.roa (raw, json)
Hash identifier: HOGL1GzBKb2HP//0y1ozzX/F3kqSictn9tpzoAyDhSI=
Subject key identifier: A2:B6:71:0B:EE:77:04:30:64:D5:4E:AE:B9:23:7C:0D:16:9A:BB:67
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0195C45F39A61D28F16A268CEDD44C3A9D56
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/orZxC-53BDBk1U6uuSN8DRaau2c.roa
Signing time: Sun 23 Mar 2025 18:58:49 +0000
ROA not before: Sun 23 Mar 2025 18:58:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211405
IP address blocks: 193.23.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c4:5f:39:a6:1d:28:f1:6a:26:8c:ed:d4:4c:3a:9d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Mar 23 18:58:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2b6710bee77043064d54eaeb9237c0d169abb67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a7:0c:10:e5:08:78:2d:94:2c:f5:37:05:77:
75:ae:32:4f:22:ac:a2:ac:6e:7e:ef:03:7a:24:99:
0e:1d:17:81:61:0c:a1:f1:11:30:24:c3:78:d6:6b:
e2:9f:07:e8:68:b7:b3:81:62:3b:36:d8:47:64:d3:
1c:c9:b6:ed:41:23:f4:6f:98:14:82:39:5f:a2:c5:
3b:cb:05:b5:9d:81:4f:b3:13:7b:65:2c:25:50:58:
73:f7:f7:1d:d0:ae:2f:3f:ef:0e:bc:fd:95:f6:20:
5a:ed:78:98:cc:f8:42:4b:f0:8a:6a:75:da:c0:22:
d2:21:da:68:2e:22:29:c0:34:71:5b:f9:fb:b7:69:
0b:c7:23:1f:65:4d:55:7a:17:c0:6e:85:0c:ca:72:
0e:70:90:ab:63:e7:f3:22:83:d2:f4:ca:c8:5b:2c:
93:02:61:34:0b:12:8f:0d:67:fd:5f:22:ce:4a:89:
b5:7b:71:a9:4d:58:4f:dd:c2:eb:c9:99:85:fc:02:
36:86:fe:8d:1e:a3:8d:77:a5:c7:cb:70:2a:28:af:
6a:49:81:a4:f7:a1:16:f7:33:a5:3e:43:56:fe:d9:
f1:8a:5d:f9:33:cf:a5:34:92:e1:e7:a1:2b:80:69:
2b:08:8c:26:c6:d9:39:61:47:cf:ec:17:b6:56:13:
e8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B6:71:0B:EE:77:04:30:64:D5:4E:AE:B9:23:7C:0D:16:9A:BB:67
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/orZxC-53BDBk1U6uuSN8DRaau2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.198.0/24
Signature Algorithm: sha256WithRSAEncryption
01:80:50:d7:0e:ab:64:77:5b:a7:aa:a6:19:56:35:dd:c4:f2:
0c:33:fe:b3:d4:8d:9d:17:7d:87:eb:84:b7:ce:a5:a6:98:a3:
03:84:06:75:18:97:35:2f:35:7e:9a:93:85:a1:db:55:db:50:
d5:bc:3f:84:8a:3f:3b:61:3b:0d:05:e1:9b:39:d0:be:9c:6b:
9b:32:0c:ae:73:9b:b2:7b:c9:be:e1:bc:a7:1a:ec:c2:6a:4e:
b7:25:84:bb:8c:14:9b:fc:0b:c1:f5:a1:ea:74:cc:5e:85:8c:
13:e6:78:c2:c9:67:2f:75:15:9f:06:6a:de:5f:19:f4:11:4a:
e3:61:38:b4:74:76:33:ad:b6:e4:aa:97:de:9a:3e:91:20:4f:
57:52:34:7c:9f:da:14:7a:19:5e:fd:3d:7e:c8:4f:cb:b1:c0:
40:d4:0a:e4:bf:89:d3:b3:c7:1b:4e:68:f3:f0:bb:65:04:b4:
3e:5a:55:e6:98:12:cc:e4:e7:5b:1b:6a:64:5f:f9:20:ba:32:
8e:d3:c6:ef:03:e1:b4:5d:80:f4:d1:a3:66:f9:e7:90:55:cf:
0e:29:c4:eb:4f:d0:29:e5:85:37:cb:29:f6:b7:f9:ab:06:3e:
1d:49:bd:5c:5b:4e:e0:c7:3f:7d:8d:77:08:36:67:ae:67:bd:
27:a8:f4:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXEXzmmHSjxaiaM7dRMOp1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMzIzMTg1ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmI2NzEwYmVlNzcwNDMwNjRkNTRlYWViOTIzN2MwZDE2OWFiYjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqcMEOUIeC2ULPU3BXd1rjJPIqyi
rG5+7wN6JJkOHReBYQyh8REwJMN41mvinwfoaLezgWI7NthHZNMcybbtQSP0b5gU
gjlfosU7ywW1nYFPsxN7ZSwlUFhz9/cd0K4vP+8OvP2V9iBa7XiYzPhCS/CKanXa
wCLSIdpoLiIpwDRxW/n7t2kLxyMfZU1VehfAboUMynIOcJCrY+fzIoPS9MrIWyyT
AmE0CxKPDWf9XyLOSom1e3GpTVhP3cLryZmF/AI2hv6NHqONd6XHy3AqKK9qSYGk
96EW9zOlPkNW/tnxil35M8+lNJLh56ErgGkrCIwmxtk5YUfP7Be2VhPovwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKK2cQvudwQwZNVOrrkjfA0WmrtnMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvb3JaeEMtNTNCREJrMVU2dXVTTjhEUmFhdTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRfGMA0G
CSqGSIb3DQEBCwUAA4IBAQABgFDXDqtkd1unqqYZVjXdxPIMM/6z1I2dF32H64S3
zqWmmKMDhAZ1GJc1LzV+mpOFodtV21DVvD+Eij87YTsNBeGbOdC+nGubMgyuc5uy
e8m+4bynGuzCak63JYS7jBSb/AvB9aHqdMxehYwT5njCyWcvdRWfBmreXxn0EUrj
YTi0dHYzrbbkqpfemj6RIE9XUjR8n9oUehle/T1+yE/LscBA1Arkv4nTs8cbTmjz
8LtlBLQ+WlXmmBLM5OdbG2pkX/kgujKO08bvA+G0XYD00aNm+eeQVc8OKcTrT9Ap
5YU3yyn2t/mrBj4dSb1cW07gxz99jXcINmeuZ70nqPSp
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:00:11 2025 by rpki-client