Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/30256c-f201-4f48-aca0-dbe6c910bba6/1/IhekhU6m6siADVsydLLUojGt3d4.roa
File: IhekhU6m6siADVsydLLUojGt3d4.roa (raw, json)
Hash identifier: Ie3OUaBFXbHVHoRv6fa60x6E6g/3rnXK7E53n8a6clg=
Subject key identifier: 22:17:A4:85:4E:A6:EA:C8:80:0D:5B:32:74:B2:D4:A2:31:AD:DD:DE
Certificate issuer: /CN=ac94a3691064803d863060230a660f2305eec2e7
Certificate serial: 01942445419D968266AE67FD13A2F2CA100E
Authority key identifier: AC:94:A3:69:10:64:80:3D:86:30:60:23:0A:66:0F:23:05:EE:C2:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJSjaRBkgD2GMGAjCmYPIwXuwuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/30256c-f201-4f48-aca0-dbe6c910bba6/1/IhekhU6m6siADVsydLLUojGt3d4.roa
Signing time: Wed 01 Jan 2025 23:48:25 +0000
ROA not before: Wed 01 Jan 2025 23:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1715
IP address blocks: 140.93.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:41:9d:96:82:66:ae:67:fd:13:a2:f2:ca:10:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac94a3691064803d863060230a660f2305eec2e7
Validity
Not Before: Jan 1 23:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2217a4854ea6eac8800d5b3274b2d4a231adddde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f8:23:2d:29:3d:c9:81:40:10:c9:06:21:6a:
47:85:ec:96:5c:6c:97:5d:80:34:93:4f:80:ff:cd:
a3:d3:5a:02:37:6c:e4:7f:95:0f:34:b5:0f:26:78:
8d:39:82:1e:8d:89:51:e5:c6:d7:a2:b8:23:aa:fa:
a7:a0:98:75:c9:f4:f0:fb:7c:24:05:a0:21:ed:33:
34:01:ee:65:ff:77:de:ab:49:d2:78:2c:62:ca:9e:
40:40:07:65:d9:f6:7e:72:99:ab:bf:e3:b0:e0:23:
0c:93:83:53:03:7b:44:76:fd:7c:71:7a:21:2b:39:
2c:26:5b:b8:63:e1:ed:3c:07:7c:27:a2:b9:a9:cc:
d2:32:0a:68:b9:33:dc:2a:35:2f:df:93:a6:cf:43:
4b:24:c2:00:04:67:49:da:91:b8:cb:5f:71:9f:7e:
18:67:76:8c:ce:80:5d:50:84:58:11:df:f2:7d:0a:
6e:77:45:3a:0a:b9:1b:f9:f3:1a:ee:ae:bb:85:0c:
b3:a1:6b:7d:fe:69:e0:78:4b:07:42:db:71:89:b7:
cf:e5:99:63:a0:62:bc:87:0c:74:22:8a:2e:8c:19:
6b:d9:86:7e:ad:0c:39:4b:36:e9:e5:e4:a8:36:7a:
80:98:27:b9:a6:20:4a:82:24:8c:f4:2f:3a:86:25:
1d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:17:A4:85:4E:A6:EA:C8:80:0D:5B:32:74:B2:D4:A2:31:AD:DD:DE
X509v3 Authority Key Identifier:
keyid:AC:94:A3:69:10:64:80:3D:86:30:60:23:0A:66:0F:23:05:EE:C2:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJSjaRBkgD2GMGAjCmYPIwXuwuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/30256c-f201-4f48-aca0-dbe6c910bba6/1/IhekhU6m6siADVsydLLUojGt3d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/30256c-f201-4f48-aca0-dbe6c910bba6/1/rJSjaRBkgD2GMGAjCmYPIwXuwuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
61:fe:f7:e1:3b:c4:d5:c9:9e:b1:00:ae:b0:47:aa:7a:ca:21:
cb:e4:82:a5:6c:a6:51:da:66:ac:96:43:eb:95:8e:ce:31:37:
59:50:76:a7:bf:5d:dd:e9:ce:80:58:dd:8b:1b:93:ea:34:bd:
f3:46:23:7a:37:5c:2a:e5:0e:dc:91:40:cd:f4:6c:25:da:87:
8d:18:62:88:c7:70:27:8d:95:90:19:4f:bf:d0:2e:95:cb:1d:
f0:19:06:3f:5e:93:d2:27:71:48:c0:cf:4a:b7:be:50:3b:30:
92:d4:07:2c:b9:fa:34:bb:29:37:fb:aa:ed:69:a0:7c:68:ac:
c6:2d:73:3b:6b:2c:e1:5c:9c:e2:98:22:37:a3:dd:20:48:c8:
a7:7a:92:31:40:c5:0f:bc:94:82:f0:78:37:e8:6e:8c:65:e0:
88:e8:47:2b:fc:14:5f:e0:15:0d:91:30:55:b9:f5:5b:c2:20:
3a:a1:4d:4e:76:b0:a5:c0:b1:79:6c:08:9b:9b:84:94:b3:27:
71:1e:33:ba:5b:76:d4:33:0b:92:30:29:e3:7b:2e:b5:42:64:
cc:76:22:c1:99:e0:5f:50:fc:a7:cf:ea:54:dd:86:8f:bd:38:
22:55:d8:62:db:05:46:6b:02:8f:58:dc:66:4f:f3:cb:06:d0:
62:e3:7c:b4
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQkRUGdloJmrmf9E6LyyhAOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOTRhMzY5MTA2NDgwM2Q4NjMwNjAyMzBhNjYwZjIzMDVl
ZWMyZTcwHhcNMjUwMTAxMjM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjE3YTQ4NTRlYTZlYWM4ODAwZDViMzI3NGIyZDRhMjMxYWRkZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfgjLSk9yYFAEMkGIWpHheyWXGyX
XYA0k0+A/82j01oCN2zkf5UPNLUPJniNOYIejYlR5cbXorgjqvqnoJh1yfTw+3wk
BaAh7TM0Ae5l/3feq0nSeCxiyp5AQAdl2fZ+cpmrv+Ow4CMMk4NTA3tEdv18cXoh
KzksJlu4Y+HtPAd8J6K5qczSMgpouTPcKjUv35Omz0NLJMIABGdJ2pG4y19xn34Y
Z3aMzoBdUIRYEd/yfQpud0U6Crkb+fMa7q67hQyzoWt9/mngeEsHQttxibfP5Zlj
oGK8hwx0IooujBlr2YZ+rQw5Szbp5eSoNnqAmCe5piBKgiSM9C86hiUdbQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFCIXpIVOpurIgA1bMnSy1KIxrd3eMB8GA1UdIwQY
MBaAFKyUo2kQZIA9hjBgIwpmDyMF7sLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckpTamFSQmtnRDJHTUdBakNtWVBJd1h1d3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8zMDI1NmMtZjIwMS00ZjQ4LWFjYTAt
ZGJlNmM5MTBiYmE2LzEvSWhla2hVNm02c2lBRFZzeWRMTFVvakd0M2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8zMDI1NmMtZjIwMS00ZjQ4LWFjYTAtZGJlNmM5MTBiYmE2
LzEvckpTamFSQmtnRDJHTUdBakNtWVBJd1h1d3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjF0wDQYJ
KoZIhvcNAQELBQADggEBAGH+9+E7xNXJnrEArrBHqnrKIcvkgqVsplHaZqyWQ+uV
js4xN1lQdqe/Xd3pzoBY3Ysbk+o0vfNGI3o3XCrlDtyRQM30bCXah40YYojHcCeN
lZAZT7/QLpXLHfAZBj9ek9IncUjAz0q3vlA7MJLUByy5+jS7KTf7qu1poHxorMYt
cztrLOFcnOKYIjej3SBIyKd6kjFAxQ+8lILweDfoboxl4IjoRyv8FF/gFQ2RMFW5
9VvCIDqhTU52sKXAsXlsCJubhJSzJ3EeM7pbdtQzC5IwKeN7LrVCZMx2IsGZ4F9Q
/KfP6lTdho+9OCJV2GLbBUZrAo9Y3GZP88sG0GLjfLQ=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:39 2025 by rpki-client