Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/2f034c-23d4-469a-a006-cbed01781fce/1/1-tYkAAfygqrp19HcVsg_DhCfLGc.roa
File: 1-tYkAAfygqrp19HcVsg_DhCfLGc.roa (raw, json)
Hash identifier: 7ZwpGo1tip9pqxHrPt4TThD2x2AcCracKQmXrXKgesE=
Subject key identifier: FA:D6:24:00:07:F2:82:AA:E9:D7:D1:DC:56:C8:3F:0E:10:9F:2C:67
Certificate issuer: /CN=d9ec085baa8caa7b5b934eca29c17961fc88db1b
Certificate serial: 01920F37A705EEF34710DFC51A0E54C771B9
Authority key identifier: D9:EC:08:5B:AA:8C:AA:7B:5B:93:4E:CA:29:C1:79:61:FC:88:DB:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ewIW6qMqntbk07KKcF5YfyI2xs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/2f034c-23d4-469a-a006-cbed01781fce/1/1-tYkAAfygqrp19HcVsg_DhCfLGc.roa
Signing time: Fri 20 Sep 2024 11:35:58 +0000
ROA not before: Fri 20 Sep 2024 11:35:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12541
IP address blocks: 193.34.240.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0f:37:a7:05:ee:f3:47:10:df:c5:1a:0e:54:c7:71:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ec085baa8caa7b5b934eca29c17961fc88db1b
Validity
Not Before: Sep 20 11:35:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fad6240007f282aae9d7d1dc56c83f0e109f2c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:28:81:10:bb:92:67:0d:78:ab:66:ce:7c:5a:
07:64:44:97:ca:6d:97:97:41:1a:cf:09:e8:d5:68:
79:5a:0a:05:b6:d6:c3:ce:a6:79:16:d8:86:a2:06:
d8:87:bc:e8:fb:39:2b:18:fe:ed:26:36:ec:44:90:
9f:fa:b5:8c:be:06:93:de:1b:68:c9:f8:22:2e:a3:
8b:ae:59:85:17:45:2b:c9:dc:58:04:30:c4:82:81:
81:67:98:e1:54:91:0f:ed:8b:7c:2e:c6:8a:ad:e4:
a4:81:03:43:99:4c:0f:3f:6c:41:2d:ab:e7:6f:83:
06:bd:f9:ba:20:84:27:83:56:b3:88:7e:dc:b2:f5:
c3:69:d6:5c:ae:54:59:0e:ac:c5:c3:50:91:70:eb:
bb:72:6e:8f:63:17:c4:8d:c0:48:6f:bc:31:34:52:
c1:46:9e:ee:c5:43:49:3c:6e:43:8c:03:7f:5f:a1:
cf:c7:88:2a:ea:40:06:2f:0a:a5:fe:9e:83:3d:4e:
2b:79:75:49:8a:09:4e:ad:d3:21:11:98:25:45:6d:
d1:6b:5d:91:eb:0b:73:db:3b:8d:cd:59:97:3d:9b:
c2:5e:06:3d:31:6c:17:49:e6:22:7f:c7:81:25:1d:
8c:ac:85:7f:95:4d:5c:32:c5:48:4f:7e:08:fb:cf:
93:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D6:24:00:07:F2:82:AA:E9:D7:D1:DC:56:C8:3F:0E:10:9F:2C:67
X509v3 Authority Key Identifier:
keyid:D9:EC:08:5B:AA:8C:AA:7B:5B:93:4E:CA:29:C1:79:61:FC:88:DB:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ewIW6qMqntbk07KKcF5YfyI2xs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2f034c-23d4-469a-a006-cbed01781fce/1/1-tYkAAfygqrp19HcVsg_DhCfLGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2f034c-23d4-469a-a006-cbed01781fce/1/2ewIW6qMqntbk07KKcF5YfyI2xs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.240.0/22
Signature Algorithm: sha256WithRSAEncryption
26:1b:f5:9a:91:37:ac:03:df:5b:b6:f1:8d:13:c0:c5:cd:2c:
28:38:08:22:d4:84:59:4d:68:37:bf:d0:11:8a:f7:a1:ee:0e:
8a:eb:c4:95:9f:d1:48:19:56:68:e9:62:4f:a3:89:f4:62:ef:
57:82:da:de:ee:ff:54:ed:de:4c:f0:7a:85:3c:68:26:be:3e:
0d:13:e6:95:97:67:02:a8:36:d9:36:1d:0d:4f:70:6e:31:bc:
0d:ee:45:52:39:6e:3b:26:1e:01:7b:8a:fd:6f:74:0a:6a:8a:
db:b6:6b:9c:0f:ce:f5:69:6f:89:cf:07:9d:b5:7d:bf:fa:41:
25:8e:9d:6d:eb:6a:14:d6:96:13:95:2d:ea:5b:87:9b:e9:0e:
bb:ab:4e:86:d8:f5:67:50:ca:0a:b1:5b:47:16:65:e6:04:30:
b8:d5:6e:ac:0d:e5:4d:cd:e4:3b:f4:ea:e0:e2:d2:dd:9b:09:
59:b8:ee:63:6c:88:2c:60:fa:74:af:74:ef:ce:8a:b4:d1:fa:
4b:ce:31:51:9a:b1:03:f1:8e:52:61:2e:06:b2:56:50:a9:d9:
0e:62:d6:e2:b8:c9:54:00:58:8d:4c:a9:72:1f:15:bb:f0:c1:
61:a3:27:59:61:41:7e:c0:b2:f6:d4:49:e8:51:b4:b1:d9:51:
ab:c6:7c:15
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZIPN6cF7vNHEN/FGg5Ux3G5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWMwODViYWE4Y2FhN2I1YjkzNGVjYTI5YzE3OTYxZmM4
OGRiMWIwHhcNMjQwOTIwMTEzNTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQ2MjQwMDA3ZjI4MmFhZTlkN2QxZGM1NmM4M2YwZTEwOWYyYzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliiBELuSZw14q2bOfFoHZESXym2X
l0Eazwno1Wh5WgoFttbDzqZ5FtiGogbYh7zo+zkrGP7tJjbsRJCf+rWMvgaT3hto
yfgiLqOLrlmFF0UrydxYBDDEgoGBZ5jhVJEP7Yt8LsaKreSkgQNDmUwPP2xBLavn
b4MGvfm6IIQng1aziH7csvXDadZcrlRZDqzFw1CRcOu7cm6PYxfEjcBIb7wxNFLB
Rp7uxUNJPG5DjAN/X6HPx4gq6kAGLwql/p6DPU4reXVJiglOrdMhEZglRW3Ra12R
6wtz2zuNzVmXPZvCXgY9MWwXSeYif8eBJR2MrIV/lU1cMsVIT34I+8+T5QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPrWJAAH8oKq6dfR3FbIPw4QnyxnMB8GA1UdIwQY
MBaAFNnsCFuqjKp7W5NOyinBeWH8iNsbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmV3SVc2cU1xbnRiazA3S0tjRjVZZnlJMnhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yZjAzNGMtMjNkNC00NjlhLWEwMDYt
Y2JlZDAxNzgxZmNlLzEvMS10WWtBQWZ5Z3FycDE5SGNWc2dfRGhDZkxHYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDIvMmYwMzRjLTIzZDQtNDY5YS1hMDA2LWNiZWQwMTc4MWZj
ZS8xLzJld0lXNnFNcW50YmswN0tLY0Y1WWZ5STJ4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsEi8DAN
BgkqhkiG9w0BAQsFAAOCAQEAJhv1mpE3rAPfW7bxjRPAxc0sKDgIItSEWU1oN7/Q
EYr3oe4OiuvElZ/RSBlWaOliT6OJ9GLvV4La3u7/VO3eTPB6hTxoJr4+DRPmlZdn
Aqg22TYdDU9wbjG8De5FUjluOyYeAXuK/W90CmqK27ZrnA/O9Wlvic8HnbV9v/pB
JY6dbetqFNaWE5Ut6luHm+kOu6tOhtj1Z1DKCrFbRxZl5gQwuNVurA3lTc3kO/Tq
4OLS3ZsJWbjuY2yILGD6dK90786KtNH6S84xUZqxA/GOUmEuBrJWUKnZDmLW4rjJ
VABYjUypch8Vu/DBYaMnWWFBfsCy9tRJ6FG0sdlRq8Z8FQ==
-----END CERTIFICATE-----
Generated at Sun May 11 21:24:41 2025 by rpki-client