Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0G_GbSemE-JjfZjgJ_W8msRAzF0.roa
File: 0G_GbSemE-JjfZjgJ_W8msRAzF0.roa (raw, json)
Hash identifier: bJTXec9EkOthoKBuMKLpHvY/0deWC/ChI90zsMNqkNw=
Subject key identifier: D0:6F:C6:6D:27:A6:13:E2:63:7D:98:E0:27:F5:BC:9A:C4:40:CC:5D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0194AB243F1EE221AF848B669AE8AB8B8EB1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0G_GbSemE-JjfZjgJ_W8msRAzF0.roa
Signing time: Tue 28 Jan 2025 04:21:06 +0000
ROA not before: Tue 28 Jan 2025 04:21:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24875
IP address blocks: 194.87.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ab:24:3f:1e:e2:21:af:84:8b:66:9a:e8:ab:8b:8e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 28 04:21:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d06fc66d27a613e2637d98e027f5bc9ac440cc5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:61:18:26:99:c3:61:6c:d5:11:6a:d6:33:5f:
bb:ae:10:68:7c:90:21:c8:f7:83:91:99:fc:8d:23:
94:57:1f:b7:b1:15:85:af:be:34:a7:2c:f6:46:8e:
fa:bb:91:5e:86:25:a9:b9:54:60:77:51:8a:e1:a0:
d3:07:4b:f9:0d:4a:22:53:ac:b7:20:38:a3:f5:3e:
36:0c:d8:2d:ee:61:d1:7f:ef:b6:85:00:b9:e2:0b:
d9:2f:f8:98:d8:10:fb:3c:4f:99:6d:77:cc:ed:43:
1f:d0:2e:6f:33:66:7d:18:d8:4d:bc:d3:3b:ee:7d:
a5:d6:6d:21:05:3e:f4:f0:9f:71:9a:e9:32:16:22:
eb:ff:e6:a4:2b:2f:83:30:d4:3e:6d:98:10:93:55:
a9:34:ce:f7:a9:2d:fb:7e:02:71:1e:e9:41:f6:41:
05:a4:d3:a3:46:5c:35:50:06:44:c8:0c:bd:1b:ad:
54:34:fa:55:13:a8:60:56:14:fe:0f:91:13:45:39:
48:39:42:09:0d:de:18:01:06:60:b6:e7:e8:cf:96:
5b:66:65:85:30:84:4d:60:4c:de:aa:34:e0:72:ab:
3a:e6:a4:c2:7d:76:1c:33:06:76:10:eb:7a:c4:73:
fe:12:32:f3:fe:8a:35:e4:aa:77:0e:a2:d9:81:03:
0b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:6F:C6:6D:27:A6:13:E2:63:7D:98:E0:27:F5:BC:9A:C4:40:CC:5D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0G_GbSemE-JjfZjgJ_W8msRAzF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.53.0/24
Signature Algorithm: sha256WithRSAEncryption
26:3e:5a:37:5b:77:57:dd:12:47:53:d0:bd:a5:31:b6:d6:b8:
f8:f4:66:2f:ef:e1:48:78:bb:03:9c:d3:6d:9a:50:6f:3b:5c:
c5:e3:66:95:c8:3c:07:02:3b:7a:d8:ae:af:26:f4:43:a3:19:
c0:c5:fe:77:b3:60:60:5d:06:68:1f:26:43:8a:e9:ac:d7:79:
ec:e8:8f:bd:0e:51:42:99:0e:ca:85:89:cc:cd:df:b3:9e:d8:
2f:02:ca:69:c6:bc:74:9e:b1:ce:b3:08:4b:d3:83:ec:33:5d:
7c:59:6f:70:99:49:95:d9:69:a3:f2:11:c8:ae:ee:3a:15:e0:
28:6d:55:7a:f9:1a:3a:b6:53:66:1b:d1:2e:2c:e5:f3:85:44:
ce:92:db:9e:7b:b8:a2:9f:f1:68:53:8d:86:f3:b9:ce:2f:4a:
15:74:e2:61:80:40:78:2f:d0:ad:ec:ec:01:ad:a6:cb:8d:8a:
f5:58:c1:3e:d5:68:84:fd:ab:cf:2a:6b:0e:85:eb:87:2d:03:
12:73:f3:a4:d5:c6:17:94:74:84:1e:23:ca:3c:17:3c:08:d5:
9e:ac:ce:25:2a:87:1e:08:58:26:bd:d3:8f:e9:d8:52:d6:3c:
13:b4:88:0a:b8:37:c7:13:6a:ad:1d:17:ba:73:33:78:15:27:
52:43:7c:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSrJD8e4iGvhItmmuiri46xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTI4MDQyMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDZmYzY2ZDI3YTYxM2UyNjM3ZDk4ZTAyN2Y1YmM5YWM0NDBjYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmEYJpnDYWzVEWrWM1+7rhBofJAh
yPeDkZn8jSOUVx+3sRWFr740pyz2Ro76u5FehiWpuVRgd1GK4aDTB0v5DUoiU6y3
IDij9T42DNgt7mHRf++2hQC54gvZL/iY2BD7PE+ZbXfM7UMf0C5vM2Z9GNhNvNM7
7n2l1m0hBT708J9xmukyFiLr/+akKy+DMNQ+bZgQk1WpNM73qS37fgJxHulB9kEF
pNOjRlw1UAZEyAy9G61UNPpVE6hgVhT+D5ETRTlIOUIJDd4YAQZgtufoz5ZbZmWF
MIRNYEzeqjTgcqs65qTCfXYcMwZ2EOt6xHP+EjLz/oo15Kp3DqLZgQMLNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNBvxm0nphPiY32Y4Cf1vJrEQMxdMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMEdfR2JTZW1FLUpqZlpqZ0pfVzhtc1JBekYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlc1MA0G
CSqGSIb3DQEBCwUAA4IBAQAmPlo3W3dX3RJHU9C9pTG21rj49GYv7+FIeLsDnNNt
mlBvO1zF42aVyDwHAjt62K6vJvRDoxnAxf53s2BgXQZoHyZDiums13ns6I+9DlFC
mQ7KhYnMzd+zntgvAsppxrx0nrHOswhL04PsM118WW9wmUmV2Wmj8hHIru46FeAo
bVV6+Ro6tlNmG9EuLOXzhUTOktuee7iin/FoU42G87nOL0oVdOJhgEB4L9Ct7OwB
rabLjYr1WME+1WiE/avPKmsOheuHLQMSc/Ok1cYXlHSEHiPKPBc8CNWerM4lKoce
CFgmvdOP6dhS1jwTtIgKuDfHE2qtHRe6czN4FSdSQ3ww
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:01:20 2025 by rpki-client