Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f9a891-b818-499a-971c-bc5456962f2d/1/8ntjSMus2ECR1PU4tfABg9_MTk0.roa
File: 8ntjSMus2ECR1PU4tfABg9_MTk0.roa (raw, json)
Hash identifier: NThyxZZCDawOVk5/yNg7I3X8M08Hqe7vBd2lZGQPe1c=
Subject key identifier: F2:7B:63:48:CB:AC:D8:40:91:D4:F5:38:B5:F0:01:83:DF:CC:4E:4D
Certificate issuer: /CN=b4bb8aef8b0e6d9c6ff6320807f5a9007598eeb0
Certificate serial: 0194228D895B0169507B775B73FC8DEAC214
Authority key identifier: B4:BB:8A:EF:8B:0E:6D:9C:6F:F6:32:08:07:F5:A9:00:75:98:EE:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tLuK74sObZxv9jIIB_WpAHWY7rA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f9a891-b818-499a-971c-bc5456962f2d/1/8ntjSMus2ECR1PU4tfABg9_MTk0.roa
Signing time: Wed 01 Jan 2025 15:48:08 +0000
ROA not before: Wed 01 Jan 2025 15:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60631
IP address blocks: 193.242.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:89:5b:01:69:50:7b:77:5b:73:fc:8d:ea:c2:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4bb8aef8b0e6d9c6ff6320807f5a9007598eeb0
Validity
Not Before: Jan 1 15:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f27b6348cbacd84091d4f538b5f00183dfcc4e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ba:e5:ba:e0:a6:b9:2e:9d:a5:1c:d7:26:f4:
9e:99:ba:02:d7:10:79:2c:80:0e:d3:40:70:57:ca:
c7:85:b8:36:da:92:be:89:89:69:7d:2b:ea:bf:9f:
63:9c:8c:fc:44:50:7d:da:cc:fa:03:ec:c1:da:4b:
cf:fb:fc:ed:cf:7d:b9:13:d0:8c:5d:35:8e:4b:de:
16:45:6b:63:f7:4b:b7:82:38:6c:89:26:d8:6c:97:
f0:30:48:f0:8f:bf:5b:77:5a:53:6f:aa:a9:34:53:
a6:c2:85:f2:8b:0e:ec:47:bf:9d:3a:72:9f:db:82:
ce:fd:e9:a0:f2:34:ba:c8:0a:4a:29:92:85:49:17:
11:5b:c1:f8:1c:42:7c:85:e1:80:cf:4b:54:60:6b:
a3:15:d1:82:20:01:36:f7:4e:25:ec:d4:c6:04:60:
09:76:bb:da:22:5f:97:99:06:83:6d:e1:f9:c7:b7:
82:c4:53:b2:16:d6:10:8f:52:80:89:d9:57:ef:9c:
44:b8:54:33:65:18:4b:6d:46:a3:2b:f9:21:7a:60:
5f:69:82:ab:4a:da:ea:a1:fe:38:55:85:e3:b5:b4:
e6:84:75:04:47:d5:94:ec:ee:b2:ad:3e:5d:54:e6:
36:b3:21:cc:56:b0:76:73:f3:1f:18:63:a1:a3:62:
13:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7B:63:48:CB:AC:D8:40:91:D4:F5:38:B5:F0:01:83:DF:CC:4E:4D
X509v3 Authority Key Identifier:
keyid:B4:BB:8A:EF:8B:0E:6D:9C:6F:F6:32:08:07:F5:A9:00:75:98:EE:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tLuK74sObZxv9jIIB_WpAHWY7rA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f9a891-b818-499a-971c-bc5456962f2d/1/8ntjSMus2ECR1PU4tfABg9_MTk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f9a891-b818-499a-971c-bc5456962f2d/1/tLuK74sObZxv9jIIB_WpAHWY7rA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.242.125.0/24
Signature Algorithm: sha256WithRSAEncryption
30:da:a7:3e:5c:d4:bc:1c:01:96:36:7d:2b:4f:62:21:63:8d:
10:c6:d2:f4:ad:2a:6b:75:a1:66:0b:60:dd:f2:8b:3c:de:a7:
3a:5f:44:33:92:c6:79:6f:52:27:1b:14:99:12:b8:b7:a6:fe:
7b:92:60:07:7b:04:0b:97:d1:e9:71:21:9d:0a:d5:76:b2:5e:
90:68:3f:64:05:ad:ab:6f:50:73:76:95:87:96:55:86:0b:c8:
fc:d2:6a:20:5e:fa:8a:ad:e0:3c:91:57:e2:89:11:dc:c6:01:
2b:6f:7b:29:fa:43:6d:3b:45:1f:a6:bb:e4:a3:c0:20:00:ff:
4b:ca:5d:f3:0d:a8:9b:c6:a3:a8:8b:56:88:9d:51:b0:a2:a8:
0a:57:c8:99:d7:0e:3f:a1:f5:33:e9:6d:92:fd:4f:ec:3a:96:
69:f8:81:16:44:ab:84:90:19:1c:a6:71:46:6e:75:fb:27:02:
13:b2:6a:3f:7d:88:79:b4:7c:5d:26:e3:10:c3:35:10:3d:a9:
8c:4b:a1:02:05:c6:32:f7:40:84:94:fb:17:41:f1:52:27:8c:
27:35:af:5e:07:bf:8e:85:b4:82:98:76:b9:4e:b4:19:56:fe:
3c:a7:da:12:1b:78:c4:84:5d:10:d3:5e:39:d8:fb:5b:ea:45:
80:92:08:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijYlbAWlQe3dbc/yN6sIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YmI4YWVmOGIwZTZkOWM2ZmY2MzIwODA3ZjVhOTAwNzU5
OGVlYjAwHhcNMjUwMTAxMTU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjdiNjM0OGNiYWNkODQwOTFkNGY1MzhiNWYwMDE4M2RmY2M0ZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLrluuCmuS6dpRzXJvSemboC1xB5
LIAO00BwV8rHhbg22pK+iYlpfSvqv59jnIz8RFB92sz6A+zB2kvP+/ztz325E9CM
XTWOS94WRWtj90u3gjhsiSbYbJfwMEjwj79bd1pTb6qpNFOmwoXyiw7sR7+dOnKf
24LO/emg8jS6yApKKZKFSRcRW8H4HEJ8heGAz0tUYGujFdGCIAE2904l7NTGBGAJ
drvaIl+XmQaDbeH5x7eCxFOyFtYQj1KAidlX75xEuFQzZRhLbUajK/khemBfaYKr
Strqof44VYXjtbTmhHUER9WU7O6yrT5dVOY2syHMVrB2c/MfGGOho2IT1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJ7Y0jLrNhAkdT1OLXwAYPfzE5NMB8GA1UdIwQY
MBaAFLS7iu+LDm2cb/YyCAf1qQB1mO6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEx1Szc0c09iWnh2OWpJSUJfV3BBSFdZN3JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mOWE4OTEtYjgxOC00OTlhLTk3MWMt
YmM1NDU2OTYyZjJkLzEvOG50alNNdXMyRUNSMVBVNHRmQUJnOV9NVGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mOWE4OTEtYjgxOC00OTlhLTk3MWMtYmM1NDU2OTYyZjJk
LzEvdEx1Szc0c09iWnh2OWpJSUJfV3BBSFdZN3JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwfJ9MA0G
CSqGSIb3DQEBCwUAA4IBAQAw2qc+XNS8HAGWNn0rT2IhY40QxtL0rSprdaFmC2Dd
8os83qc6X0QzksZ5b1InGxSZEri3pv57kmAHewQLl9HpcSGdCtV2sl6QaD9kBa2r
b1BzdpWHllWGC8j80mogXvqKreA8kVfiiRHcxgErb3sp+kNtO0Ufprvko8AgAP9L
yl3zDaibxqOoi1aInVGwoqgKV8iZ1w4/ofUz6W2S/U/sOpZp+IEWRKuEkBkcpnFG
bnX7JwITsmo/fYh5tHxdJuMQwzUQPamMS6ECBcYy90CElPsXQfFSJ4wnNa9eB7+O
hbSCmHa5TrQZVv48p9oSG3jEhF0Q01452Ptb6kWAkggN
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:54:18 2025 by rpki-client