Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/30d69e-f0e7-46f3-9759-ed32c5612840/1/5n1EQkcmRaucyrGX88Dgx7YQ19k.roa
File: 5n1EQkcmRaucyrGX88Dgx7YQ19k.roa (raw, json)
Hash identifier: t4Vnu9tnDcftty/GlXBTfwRRN3QnsJxvx0/8WS/aC10=
Subject key identifier: E6:7D:44:42:47:26:45:AB:9C:CA:B1:97:F3:C0:E0:C7:B6:10:D7:D9
Certificate issuer: /CN=2528b71f1e7ca69531dd5df2559513598db1c7f3
Certificate serial: 019424B4011C7C545576D9E7E9BCAA72B8DB
Authority key identifier: 25:28:B7:1F:1E:7C:A6:95:31:DD:5D:F2:55:95:13:59:8D:B1:C7:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JSi3Hx58ppUx3V3yVZUTWY2xx_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/30d69e-f0e7-46f3-9759-ed32c5612840/1/5n1EQkcmRaucyrGX88Dgx7YQ19k.roa
Signing time: Thu 02 Jan 2025 01:49:24 +0000
ROA not before: Thu 02 Jan 2025 01:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205376
IP address blocks: 193.141.67.0/24 maxlen: 24
194.120.16.0/23 maxlen: 23
2001:67c:2e58::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b4:01:1c:7c:54:55:76:d9:e7:e9:bc:aa:72:b8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2528b71f1e7ca69531dd5df2559513598db1c7f3
Validity
Not Before: Jan 2 01:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e67d4442472645ab9ccab197f3c0e0c7b610d7d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:78:71:d1:f6:23:0b:e5:2a:e4:f4:96:52:6a:
4e:7c:4b:0a:a5:29:f0:46:7b:77:9a:ce:10:0e:5e:
10:5a:05:9d:2c:8c:0d:0b:e8:fb:ef:0d:7b:e3:73:
91:9c:2b:cb:84:03:11:43:11:20:19:7d:48:1a:81:
5b:bd:02:48:7d:7e:b4:4c:ae:ab:43:dc:80:72:66:
f4:73:12:77:d0:e6:b8:d5:16:d2:24:c1:32:de:37:
ab:1f:ea:e6:a2:3d:83:de:8c:0f:e7:74:e5:2c:b7:
e8:4e:27:4b:37:29:92:f0:9c:f1:b4:96:51:c1:0e:
a4:af:19:f7:c8:e4:eb:53:ca:ec:b1:21:6f:6b:1f:
a3:2b:2e:fd:67:77:6a:6f:ec:86:46:de:8d:68:bb:
9e:41:04:12:96:a4:e2:91:26:4c:88:75:82:48:2f:
50:d0:a6:51:59:d0:22:91:fb:0d:5c:79:86:cc:96:
43:91:85:19:5f:14:e0:28:7d:b5:81:4d:7a:38:6f:
ea:d2:99:dd:5c:ec:9e:3e:fb:60:9c:84:06:8f:f7:
50:b1:5a:50:ec:e5:6d:03:e1:bf:90:cf:68:d2:f0:
af:ea:93:14:a9:31:c1:df:1c:3a:f5:dd:84:ec:88:
fa:5b:de:da:af:dc:c4:77:48:87:ae:81:70:e5:2a:
02:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7D:44:42:47:26:45:AB:9C:CA:B1:97:F3:C0:E0:C7:B6:10:D7:D9
X509v3 Authority Key Identifier:
keyid:25:28:B7:1F:1E:7C:A6:95:31:DD:5D:F2:55:95:13:59:8D:B1:C7:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JSi3Hx58ppUx3V3yVZUTWY2xx_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/30d69e-f0e7-46f3-9759-ed32c5612840/1/5n1EQkcmRaucyrGX88Dgx7YQ19k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/30d69e-f0e7-46f3-9759-ed32c5612840/1/JSi3Hx58ppUx3V3yVZUTWY2xx_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.141.67.0/24
194.120.16.0/23
IPv6:
2001:67c:2e58::/48
Signature Algorithm: sha256WithRSAEncryption
87:b4:1d:9e:a4:3e:d8:2c:7e:3c:11:cc:dd:3f:8b:a7:10:7c:
78:7e:c7:94:3f:0b:d9:c0:8f:a6:c0:7b:7f:bd:0e:30:8d:06:
ad:68:61:f7:7f:e2:59:3f:04:e4:f4:2f:4f:13:ca:1a:77:02:
4d:03:c4:59:2c:97:84:4b:42:56:a0:60:71:c4:dd:f5:ff:82:
72:22:26:bf:8a:5d:71:ea:ee:39:10:e4:2e:51:84:43:10:b2:
40:43:87:60:16:ea:8f:a7:4e:21:f6:45:d1:25:30:1c:8c:7b:
40:d0:ad:27:40:ec:e8:98:fc:c9:4a:fa:8c:31:7e:c6:a3:5c:
32:83:c6:5b:25:12:83:17:c1:97:4b:9a:b2:29:ef:f8:49:04:
c4:b4:ea:1c:57:c4:b1:77:31:4e:bb:78:1b:74:cf:75:82:75:
4f:d1:21:13:e0:f6:95:66:f5:a1:43:e9:b9:5e:f3:cb:34:e7:
05:48:4c:8e:27:3f:79:66:57:17:b7:82:9a:35:f1:65:c6:94:
99:2e:61:81:47:6a:52:bf:ac:5e:3f:73:1d:6a:1b:7b:f9:98:
b0:70:a5:d7:e9:c4:c4:0c:54:1c:a8:26:81:52:fc:19:62:65:
dd:42:7a:67:75:92:18:28:2d:c8:9b:af:d6:9d:41:67:0b:ca:
6b:80:81:a9
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQktAEcfFRVdtnn6byqcrjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MjhiNzFmMWU3Y2E2OTUzMWRkNWRmMjU1OTUxMzU5OGRi
MWM3ZjMwHhcNMjUwMTAyMDE0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjdkNDQ0MjQ3MjY0NWFiOWNjYWIxOTdmM2MwZTBjN2I2MTBkN2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXhx0fYjC+Uq5PSWUmpOfEsKpSnw
Rnt3ms4QDl4QWgWdLIwNC+j77w1743ORnCvLhAMRQxEgGX1IGoFbvQJIfX60TK6r
Q9yAcmb0cxJ30Oa41RbSJMEy3jerH+rmoj2D3owP53TlLLfoTidLNymS8JzxtJZR
wQ6krxn3yOTrU8rssSFvax+jKy79Z3dqb+yGRt6NaLueQQQSlqTikSZMiHWCSC9Q
0KZRWdAikfsNXHmGzJZDkYUZXxTgKH21gU16OG/q0pndXOyePvtgnIQGj/dQsVpQ
7OVtA+G/kM9o0vCv6pMUqTHB3xw69d2E7Ij6W97ar9zEd0iHroFw5SoCOwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOZ9REJHJkWrnMqxl/PA4Me2ENfZMB8GA1UdIwQY
MBaAFCUotx8efKaVMd1d8lWVE1mNscfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlNpM0h4NThwcFV4M1YzeVZaVVRXWTJ4eF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zMGQ2OWUtZjBlNy00NmYzLTk3NTkt
ZWQzMmM1NjEyODQwLzEvNW4xRVFrY21SYXVjeXJHWDg4RGd4N1lRMTlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zMGQ2OWUtZjBlNy00NmYzLTk3NTktZWQzMmM1NjEyODQw
LzEvSlNpM0h4NThwcFV4M1YzeVZaVVRXWTJ4eF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwY1DAwQB
wngQMA8EAgACMAkDBwAgAQZ8LlgwDQYJKoZIhvcNAQELBQADggEBAIe0HZ6kPtgs
fjwRzN0/i6cQfHh+x5Q/C9nAj6bAe3+9DjCNBq1oYfd/4lk/BOT0L08Tyhp3Ak0D
xFksl4RLQlagYHHE3fX/gnIiJr+KXXHq7jkQ5C5RhEMQskBDh2AW6o+nTiH2RdEl
MByMe0DQrSdA7OiY/MlK+owxfsajXDKDxlslEoMXwZdLmrIp7/hJBMS06hxXxLF3
MU67eBt0z3WCdU/RIRPg9pVm9aFD6ble88s05wVITI4nP3lmVxe3gpo18WXGlJku
YYFHalK/rF4/cx1qG3v5mLBwpdfpxMQMVByoJoFS/BliZd1Cemd1khgoLcibr9ad
QWcLymuAgak=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:42 2025 by rpki-client