Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/14f2a8-d3b7-443d-ac3b-4ba44377bd86/1/g3im9InQw-S7o9FDYMfxSwOiyqI.roa
File: g3im9InQw-S7o9FDYMfxSwOiyqI.roa (raw, json)
Hash identifier: aOFPtdFS5g/b24jgEdPoeVJ2T4W2zzLVdnuL77f+Bz0=
Subject key identifier: 83:78:A6:F4:89:D0:C3:E4:BB:A3:D1:43:60:C7:F1:4B:03:A2:CA:A2
Certificate issuer: /CN=ce3847667510f4f2e59bb1b394ae27e8dad0dc97
Certificate serial: 01941FFA7D42AACB196028CD691EFB8BD3EF
Authority key identifier: CE:38:47:66:75:10:F4:F2:E5:9B:B1:B3:94:AE:27:E8:DA:D0:DC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zjhHZnUQ9PLlm7GzlK4n6NrQ3Jc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/14f2a8-d3b7-443d-ac3b-4ba44377bd86/1/g3im9InQw-S7o9FDYMfxSwOiyqI.roa
Signing time: Wed 01 Jan 2025 03:48:17 +0000
ROA not before: Wed 01 Jan 2025 03:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34309
IP address blocks: 193.141.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:7d:42:aa:cb:19:60:28:cd:69:1e:fb:8b:d3:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce3847667510f4f2e59bb1b394ae27e8dad0dc97
Validity
Not Before: Jan 1 03:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8378a6f489d0c3e4bba3d14360c7f14b03a2caa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:28:aa:a4:16:c5:46:16:ce:8f:96:3d:e5:3d:
49:a4:33:c8:d5:40:a4:16:2a:aa:52:e1:3a:e4:d3:
39:97:fa:63:35:0d:d3:70:a1:8d:f0:5c:90:56:4d:
51:8b:ce:71:24:cd:9d:8f:6e:02:1b:0e:e1:61:d9:
fb:cf:d3:fe:8e:4e:66:0f:ed:19:91:6e:13:91:8e:
d1:a7:ac:86:1c:98:89:25:4a:d8:15:44:0b:e0:e9:
27:37:67:bd:1d:01:12:30:ae:71:d6:d5:81:14:99:
ce:79:81:ea:84:41:bd:3c:36:1e:d1:4b:62:ff:f6:
88:bc:9f:09:5e:a7:b3:2a:3e:9a:56:4c:16:71:6d:
66:88:be:87:c9:57:27:06:f2:10:55:87:31:c7:4c:
7f:9b:ec:e0:7e:1a:95:26:3a:5e:71:56:44:93:cc:
e8:79:f5:34:42:5e:e5:3f:66:8f:15:dc:2a:f2:58:
7b:c6:95:a1:71:33:66:47:45:8b:b8:aa:87:8c:26:
c2:55:11:51:5f:0c:0e:3e:43:41:5c:32:53:c7:76:
c7:46:c7:b0:25:59:0e:21:84:49:0b:a4:67:33:c7:
a6:9e:8c:c8:82:1f:40:46:85:97:59:c8:df:9f:06:
60:d8:82:92:c8:45:af:e7:36:3a:ca:e8:54:6e:fc:
3a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:78:A6:F4:89:D0:C3:E4:BB:A3:D1:43:60:C7:F1:4B:03:A2:CA:A2
X509v3 Authority Key Identifier:
keyid:CE:38:47:66:75:10:F4:F2:E5:9B:B1:B3:94:AE:27:E8:DA:D0:DC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zjhHZnUQ9PLlm7GzlK4n6NrQ3Jc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/14f2a8-d3b7-443d-ac3b-4ba44377bd86/1/g3im9InQw-S7o9FDYMfxSwOiyqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/14f2a8-d3b7-443d-ac3b-4ba44377bd86/1/zjhHZnUQ9PLlm7GzlK4n6NrQ3Jc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.141.96.0/24
Signature Algorithm: sha256WithRSAEncryption
18:50:b0:4e:fc:f8:9f:de:72:2d:78:57:5f:7a:aa:cc:82:b1:
e2:a2:ca:61:ed:cf:ba:7b:c1:5e:f8:98:29:80:ad:3b:78:4b:
c0:b3:3f:ee:c3:19:c9:04:34:cd:05:c2:2a:1d:ae:c9:5e:64:
76:6c:ba:28:a4:a9:c6:57:90:bb:64:2f:f0:94:40:4d:07:73:
63:89:b2:02:a2:ca:1a:3c:b2:89:84:2c:ad:cd:d4:2e:ec:55:
8b:f8:bc:ee:2b:61:41:19:34:dd:9f:b8:f4:1e:1d:96:a0:10:
c8:97:69:98:2b:a9:0e:61:cc:b7:69:f1:91:26:0c:e5:c6:7d:
04:bf:19:f3:12:29:9c:3c:cf:57:50:a3:22:ea:c3:62:3e:ff:
a4:ab:08:06:bf:17:27:3a:69:2e:b4:a0:f8:82:15:18:4f:19:
b8:b4:da:11:7d:38:60:55:61:f6:22:3c:ef:d4:9c:ec:3b:43:
10:7a:b7:b1:04:ff:36:f6:55:b9:2f:57:4a:9d:03:e7:1f:86:
dc:a9:e8:ca:1d:78:82:3f:76:24:01:bf:8d:d3:86:fd:9b:47:
31:48:06:07:12:9e:1e:54:8f:54:95:8a:1f:ac:18:99:61:c1:
c9:40:fa:23:4a:e7:a5:50:2f:6b:dd:fa:52:4d:28:77:9b:05:
60:ce:97:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+n1CqssZYCjNaR77i9PvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMzg0NzY2NzUxMGY0ZjJlNTliYjFiMzk0YWUyN2U4ZGFk
MGRjOTcwHhcNMjUwMTAxMDM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzc4YTZmNDg5ZDBjM2U0YmJhM2QxNDM2MGM3ZjE0YjAzYTJjYWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5CiqpBbFRhbOj5Y95T1JpDPI1UCk
FiqqUuE65NM5l/pjNQ3TcKGN8FyQVk1Ri85xJM2dj24CGw7hYdn7z9P+jk5mD+0Z
kW4TkY7Rp6yGHJiJJUrYFUQL4OknN2e9HQESMK5x1tWBFJnOeYHqhEG9PDYe0Uti
//aIvJ8JXqezKj6aVkwWcW1miL6HyVcnBvIQVYcxx0x/m+zgfhqVJjpecVZEk8zo
efU0Ql7lP2aPFdwq8lh7xpWhcTNmR0WLuKqHjCbCVRFRXwwOPkNBXDJTx3bHRsew
JVkOIYRJC6RnM8emnozIgh9ARoWXWcjfnwZg2IKSyEWv5zY6yuhUbvw63QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIN4pvSJ0MPku6PRQ2DH8UsDosqiMB8GA1UdIwQY
MBaAFM44R2Z1EPTy5Zuxs5SuJ+ja0NyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvempoSFpuVVE5UExsbTdHemxLNG42TnJRM0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNGYyYTgtZDNiNy00NDNkLWFjM2It
NGJhNDQzNzdiZDg2LzEvZzNpbTlJblF3LVM3bzlGRFlNZnhTd09peXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNGYyYTgtZDNiNy00NDNkLWFjM2ItNGJhNDQzNzdiZDg2
LzEvempoSFpuVVE5UExsbTdHemxLNG42TnJRM0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY1gMA0G
CSqGSIb3DQEBCwUAA4IBAQAYULBO/Pif3nIteFdfeqrMgrHiosph7c+6e8Fe+Jgp
gK07eEvAsz/uwxnJBDTNBcIqHa7JXmR2bLoopKnGV5C7ZC/wlEBNB3NjibICosoa
PLKJhCytzdQu7FWL+LzuK2FBGTTdn7j0Hh2WoBDIl2mYK6kOYcy3afGRJgzlxn0E
vxnzEimcPM9XUKMi6sNiPv+kqwgGvxcnOmkutKD4ghUYTxm4tNoRfThgVWH2Ijzv
1JzsO0MQerexBP829lW5L1dKnQPnH4bcqejKHXiCP3YkAb+N04b9m0cxSAYHEp4e
VI9UlYofrBiZYcHJQPojSuelUC9r3fpSTSh3mwVgzpez
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:01:15 2025 by rpki-client