Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/4099d7-c3ce-4721-b0e9-7ab1fa0ba399/1/CwTJXDuwwtXY5lds5AcNMw4m4MM.roa
File: CwTJXDuwwtXY5lds5AcNMw4m4MM.roa (raw, json)
Hash identifier: pkjwfyNy3tBr0gdIHHue6NuT85XueEkqyX3eSoK30mk=
Subject key identifier: 0B:04:C9:5C:3B:B0:C2:D5:D8:E6:57:6C:E4:07:0D:33:0E:26:E0:C3
Certificate issuer: /CN=bfa0a38f85d2f53053b8c8943d9017b0b8f771ac
Certificate serial: 01942748436CA66B484FE95237B5A825F104
Authority key identifier: BF:A0:A3:8F:85:D2:F5:30:53:B8:C8:94:3D:90:17:B0:B8:F7:71:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6Cjj4XS9TBTuMiUPZAXsLj3caw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/4099d7-c3ce-4721-b0e9-7ab1fa0ba399/1/CwTJXDuwwtXY5lds5AcNMw4m4MM.roa
Signing time: Thu 02 Jan 2025 13:50:34 +0000
ROA not before: Thu 02 Jan 2025 13:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15404
IP address blocks: 193.58.6.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:43:6c:a6:6b:48:4f:e9:52:37:b5:a8:25:f1:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfa0a38f85d2f53053b8c8943d9017b0b8f771ac
Validity
Not Before: Jan 2 13:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b04c95c3bb0c2d5d8e6576ce4070d330e26e0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c8:4e:58:57:39:ff:7f:47:83:c0:f1:cb:65:
e3:ff:da:5a:dc:3c:12:c7:40:be:75:07:9e:4c:d3:
ad:11:74:ff:f5:a4:21:50:12:b5:d6:e2:3f:b4:56:
56:6b:ee:06:95:f1:98:ae:58:de:b8:8e:2b:d9:cf:
bb:bd:47:b5:7e:24:ec:16:4e:8e:d0:23:fe:98:21:
34:79:08:b8:a4:26:cb:37:0d:e2:c4:7a:fe:46:db:
5f:56:03:fa:2a:89:a7:40:01:50:04:5e:00:a9:5e:
e7:43:8b:2c:e7:8c:36:26:cb:96:c4:cc:8d:fa:f0:
89:8b:12:06:6d:e9:61:93:9c:5a:c8:6a:fe:dc:46:
e5:74:01:5f:8a:23:c1:18:e5:24:35:56:9a:47:e2:
a4:a0:97:1c:28:c2:df:ce:54:75:a2:36:fb:cf:8f:
a9:6d:d2:2b:b5:4e:8e:8c:fa:8c:c6:6a:80:67:e2:
dc:ea:bd:92:f3:b7:74:cc:7a:df:7c:0f:06:5d:af:
b8:89:49:d9:ac:df:eb:cf:02:7f:b5:f3:2a:c1:c3:
de:05:fb:5f:e7:ac:5d:51:a5:82:68:e3:90:00:4e:
6e:6f:4c:65:8b:7a:0b:54:e3:b4:0a:5d:48:c8:1f:
5c:94:84:50:60:58:6a:a7:14:38:36:72:2a:df:fa:
b4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:04:C9:5C:3B:B0:C2:D5:D8:E6:57:6C:E4:07:0D:33:0E:26:E0:C3
X509v3 Authority Key Identifier:
keyid:BF:A0:A3:8F:85:D2:F5:30:53:B8:C8:94:3D:90:17:B0:B8:F7:71:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6Cjj4XS9TBTuMiUPZAXsLj3caw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/4099d7-c3ce-4721-b0e9-7ab1fa0ba399/1/CwTJXDuwwtXY5lds5AcNMw4m4MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/4099d7-c3ce-4721-b0e9-7ab1fa0ba399/1/v6Cjj4XS9TBTuMiUPZAXsLj3caw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.6.0/24
Signature Algorithm: sha256WithRSAEncryption
09:f3:a9:be:d8:2f:19:66:f8:3c:2b:a5:e5:5b:57:3f:1f:49:
af:7f:f6:f3:3e:26:41:bf:9d:ec:22:81:67:d2:f4:fe:d0:32:
a9:30:12:b0:a5:8d:68:a8:6a:01:c9:3f:88:19:8e:7f:12:99:
15:c1:37:b1:18:9f:e4:f8:79:50:d5:e5:5c:de:2e:e9:23:4d:
bc:48:81:4f:7e:71:c2:6b:58:1e:06:dc:ad:67:37:32:c6:d9:
fc:6d:2c:5e:2e:29:e6:5b:9c:10:d0:44:c2:80:70:9b:0f:76:
ce:55:82:d8:16:27:5a:12:49:d7:d3:71:40:ac:6b:51:04:81:
e9:1e:b4:8d:90:4a:b7:1f:26:74:ec:47:bc:2c:fc:5d:f0:ef:
84:8e:4f:98:90:de:5c:c3:5e:31:b8:b8:d8:3a:83:a1:9c:96:
00:bd:66:48:cb:93:94:3a:16:86:dd:d9:ef:ae:e8:41:ff:11:
1b:64:52:5b:c5:14:7c:96:c9:9b:c4:e0:32:5e:21:ce:a6:fb:
14:b1:d3:18:19:2d:57:72:59:8d:74:2e:0f:70:df:7c:7e:bd:
4a:9d:2b:60:48:c9:6b:b9:63:b3:12:21:1c:34:2e:3a:c1:e4:
f2:ef:f8:6c:a1:50:82:81:35:76:8a:b9:c7:57:4a:6a:d4:6d:
b9:c9:09:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSENspmtIT+lSN7WoJfEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYTBhMzhmODVkMmY1MzA1M2I4Yzg5NDNkOTAxN2IwYjhm
NzcxYWMwHhcNMjUwMTAyMTM1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjA0Yzk1YzNiYjBjMmQ1ZDhlNjU3NmNlNDA3MGQzMzBlMjZlMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8hOWFc5/39Hg8Dxy2Xj/9pa3DwS
x0C+dQeeTNOtEXT/9aQhUBK11uI/tFZWa+4GlfGYrljeuI4r2c+7vUe1fiTsFk6O
0CP+mCE0eQi4pCbLNw3ixHr+RttfVgP6KomnQAFQBF4AqV7nQ4ss54w2JsuWxMyN
+vCJixIGbelhk5xayGr+3EbldAFfiiPBGOUkNVaaR+KkoJccKMLfzlR1ojb7z4+p
bdIrtU6OjPqMxmqAZ+Lc6r2S87d0zHrffA8GXa+4iUnZrN/rzwJ/tfMqwcPeBftf
56xdUaWCaOOQAE5ub0xli3oLVOO0Cl1IyB9clIRQYFhqpxQ4NnIq3/q0swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsEyVw7sMLV2OZXbOQHDTMOJuDDMB8GA1UdIwQY
MBaAFL+go4+F0vUwU7jIlD2QF7C493GsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjZDamo0WFM5VEJUdU1pVVBaQVhzTGozY2F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi80MDk5ZDctYzNjZS00NzIxLWIwZTkt
N2FiMWZhMGJhMzk5LzEvQ3dUSlhEdXd3dFhZNWxkczVBY05NdzRtNE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi80MDk5ZDctYzNjZS00NzIxLWIwZTktN2FiMWZhMGJhMzk5
LzEvdjZDamo0WFM5VEJUdU1pVVBaQVhzTGozY2F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwToGMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ86m+2C8ZZvg8K6XlW1c/H0mvf/bzPiZBv53sIoFn
0vT+0DKpMBKwpY1oqGoByT+IGY5/EpkVwTexGJ/k+HlQ1eVc3i7pI028SIFPfnHC
a1geBtytZzcyxtn8bSxeLinmW5wQ0ETCgHCbD3bOVYLYFidaEknX03FArGtRBIHp
HrSNkEq3HyZ07Ee8LPxd8O+Ejk+YkN5cw14xuLjYOoOhnJYAvWZIy5OUOhaG3dnv
ruhB/xEbZFJbxRR8lsmbxOAyXiHOpvsUsdMYGS1XclmNdC4PcN98fr1KnStgSMlr
uWOzEiEcNC46weTy7/hsoVCCgTV2irnHV0pq1G25yQnP
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:50:28 2025 by rpki-client