Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/jXuJH5XlRjh9NbnahdD8Y6zEokQ.roa
File: jXuJH5XlRjh9NbnahdD8Y6zEokQ.roa (raw, json)
Hash identifier: uTge3zTxck7gBX+9co6u8laUzjU+YV+PjrgGrj8fBnM=
Subject key identifier: 8D:7B:89:1F:95:E5:46:38:7D:35:B9:DA:85:D0:FC:63:AC:C4:A2:44
Certificate issuer: /CN=44fc887c977393575de6257e75fa99cde2037c6c
Certificate serial: 019424B386D0EA2BD4DDE30497395ED30A9B
Authority key identifier: 44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/jXuJH5XlRjh9NbnahdD8Y6zEokQ.roa
Signing time: Thu 02 Jan 2025 01:48:52 +0000
ROA not before: Thu 02 Jan 2025 01:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 193.43.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:86:d0:ea:2b:d4:dd:e3:04:97:39:5e:d3:0a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44fc887c977393575de6257e75fa99cde2037c6c
Validity
Not Before: Jan 2 01:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d7b891f95e546387d35b9da85d0fc63acc4a244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9a:cc:89:6e:f0:34:70:94:e6:e2:c0:b8:e7:
e7:2d:e2:70:8a:44:87:35:f0:ef:6c:f2:35:27:0f:
1b:d8:93:93:24:c7:b5:90:2e:ac:a1:c0:bc:02:ce:
49:f7:66:41:07:ac:ed:2a:0c:19:fb:ee:79:f3:0a:
94:f5:3d:bc:45:e1:1a:70:67:2a:0c:fc:f4:de:83:
3a:07:f5:d0:04:1d:db:a3:02:5c:d8:71:d9:94:b8:
27:f9:60:9c:dd:00:08:db:8a:50:f9:ba:0d:06:c0:
24:4a:07:08:ce:2b:69:03:8b:3d:72:48:17:19:5d:
5c:fe:67:ea:05:c8:20:40:9d:5f:e5:39:6b:ab:00:
4b:93:cd:d5:cf:62:de:3c:8e:82:4d:df:96:bf:c3:
85:49:73:42:39:7a:3d:7e:c1:f5:20:6a:b3:bf:cd:
a9:dc:f7:b3:75:49:9e:59:13:40:70:a3:93:6e:b7:
aa:56:2b:4b:f7:24:f7:ea:49:07:2e:6d:54:35:ae:
5c:e0:78:28:15:f3:e6:de:87:41:f7:7b:dc:ae:8b:
a6:e4:bb:d4:7d:4e:f4:14:18:1e:02:d7:e1:32:68:
d5:55:e9:c2:ec:7b:08:08:22:14:a1:62:d8:0b:7d:
df:c9:83:b0:de:69:f9:47:6b:37:c4:92:a1:dd:d2:
37:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:7B:89:1F:95:E5:46:38:7D:35:B9:DA:85:D0:FC:63:AC:C4:A2:44
X509v3 Authority Key Identifier:
keyid:44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/jXuJH5XlRjh9NbnahdD8Y6zEokQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/RPyIfJdzk1dd5iV-dfqZzeIDfGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.143.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:d5:fe:8f:d8:f7:54:4a:43:a7:66:44:99:2f:53:7b:d5:ce:
ac:da:3e:28:fa:8b:f9:d1:97:f3:b0:55:43:80:d3:08:4c:7b:
a0:cb:04:f5:09:fa:af:5c:91:3d:b6:86:ca:0e:22:8c:26:b0:
57:f6:e7:4b:32:f1:02:0a:8b:aa:e2:27:e8:8f:79:03:49:de:
00:6b:33:e8:40:60:e4:63:92:b5:45:88:4a:c3:6c:e4:37:b9:
a6:78:05:13:24:f1:af:38:48:6e:53:03:6f:99:a9:79:91:40:
13:46:3c:47:9f:f0:7c:3e:95:2b:43:6f:19:83:59:e4:92:7a:
bb:94:60:4f:2a:0b:cd:7c:9b:8e:33:a9:74:88:e3:25:05:2d:
26:cc:24:22:07:f2:c2:99:e9:14:f8:4b:bd:14:88:66:7a:22:
5b:f0:80:f9:5a:2c:1f:b8:c4:26:59:c4:ec:e5:ff:86:92:a6:
88:a5:89:19:4b:d7:79:40:4f:c2:7c:1b:5a:0e:e5:98:52:2f:
53:0a:48:d1:09:0c:7b:4b:f2:e2:3e:82:40:12:b9:14:42:d7:
d4:68:1a:f4:24:ce:87:54:f4:dd:e0:b5:b7:d0:9e:4b:e6:28:
21:95:4a:b3:50:99:82:bf:75:eb:cc:24:b6:ca:6c:40:f8:dd:
b5:d7:b9:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks4bQ6ivU3eMElzle0wqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZmM4ODdjOTc3MzkzNTc1ZGU2MjU3ZTc1ZmE5OWNkZTIw
MzdjNmMwHhcNMjUwMTAyMDE0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDdiODkxZjk1ZTU0NjM4N2QzNWI5ZGE4NWQwZmM2M2FjYzRhMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5rMiW7wNHCU5uLAuOfnLeJwikSH
NfDvbPI1Jw8b2JOTJMe1kC6socC8As5J92ZBB6ztKgwZ++558wqU9T28ReEacGcq
DPz03oM6B/XQBB3bowJc2HHZlLgn+WCc3QAI24pQ+boNBsAkSgcIzitpA4s9ckgX
GV1c/mfqBcggQJ1f5TlrqwBLk83Vz2LePI6CTd+Wv8OFSXNCOXo9fsH1IGqzv82p
3PezdUmeWRNAcKOTbreqVitL9yT36kkHLm1UNa5c4HgoFfPm3odB93vcroum5LvU
fU70FBgeAtfhMmjVVenC7HsICCIUoWLYC33fyYOw3mn5R2s3xJKh3dI3+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI17iR+V5UY4fTW52oXQ/GOsxKJEMB8GA1UdIwQY
MBaAFET8iHyXc5NXXeYlfnX6mc3iA3xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMt
YzM2OWMxZDRjMzM3LzEvalh1Skg1WGxSamg5TmJuYWhkRDhZNnpFb2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMtYzM2OWMxZDRjMzM3
LzEvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSuPMA0G
CSqGSIb3DQEBCwUAA4IBAQDK1f6P2PdUSkOnZkSZL1N71c6s2j4o+ov50ZfzsFVD
gNMITHugywT1CfqvXJE9tobKDiKMJrBX9udLMvECCouq4ifoj3kDSd4AazPoQGDk
Y5K1RYhKw2zkN7mmeAUTJPGvOEhuUwNvmal5kUATRjxHn/B8PpUrQ28Zg1nkknq7
lGBPKgvNfJuOM6l0iOMlBS0mzCQiB/LCmekU+Eu9FIhmeiJb8ID5WiwfuMQmWcTs
5f+GkqaIpYkZS9d5QE/CfBtaDuWYUi9TCkjRCQx7S/LiPoJAErkUQtfUaBr0JM6H
VPTd4LW30J5L5ighlUqzUJmCv3XrzCS2ymxA+N2117mm
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:29 2025 by rpki-client