Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/081b84-4ece-4005-b28d-9f293172bb6b/1/vICAXNaVi9WpUOInUKGa4x8kVzo.roa
File: vICAXNaVi9WpUOInUKGa4x8kVzo.roa (raw, json)
Hash identifier: wwadTuvBpX7uW9J+Oei6uXdC+2oxhi7N3s69AlGUoYc=
Subject key identifier: BC:80:80:5C:D6:95:8B:D5:A9:50:E2:27:50:A1:9A:E3:1F:24:57:3A
Certificate issuer: /CN=67fd3e19f583361fe5d90a412b1280f7cffb801f
Certificate serial: 0194228DA8B55A26637358FC016EC9581F8C
Authority key identifier: 67:FD:3E:19:F5:83:36:1F:E5:D9:0A:41:2B:12:80:F7:CF:FB:80:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_0-GfWDNh_l2QpBKxKA98_7gB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/081b84-4ece-4005-b28d-9f293172bb6b/1/vICAXNaVi9WpUOInUKGa4x8kVzo.roa
Signing time: Wed 01 Jan 2025 15:48:16 +0000
ROA not before: Wed 01 Jan 2025 15:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51395
IP address blocks: 194.15.228.0/22 maxlen: 22
2001:67c:2f0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:a8:b5:5a:26:63:73:58:fc:01:6e:c9:58:1f:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67fd3e19f583361fe5d90a412b1280f7cffb801f
Validity
Not Before: Jan 1 15:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc80805cd6958bd5a950e22750a19ae31f24573a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:24:b5:d2:a5:4a:98:33:dc:9c:3c:f8:c1:49:
cc:1f:4e:87:12:ea:3b:4b:75:a5:e8:0c:29:2e:b9:
91:a8:32:49:90:59:33:96:ab:8b:17:84:e1:45:45:
73:a5:6f:ff:33:39:f1:54:07:57:f5:31:cb:6e:f1:
d3:73:8b:bf:dc:f4:f5:46:23:b4:de:a0:f1:10:a4:
88:36:1b:41:a3:3f:c2:52:6d:75:1f:c8:ec:f9:78:
b4:48:d0:98:d2:63:57:14:44:7a:ee:b3:1b:da:09:
4a:89:a2:6d:91:ad:7f:0c:89:80:c3:38:00:c9:86:
11:c4:6f:60:2f:6e:bb:ec:00:59:76:11:74:3c:8f:
50:a1:d2:1f:17:74:97:25:4a:96:f4:16:d0:27:45:
b2:b5:0f:7a:cb:58:c1:61:87:46:9b:a0:25:85:1d:
8d:f1:e4:a8:1d:bb:d9:9b:b3:09:56:1c:2e:21:dc:
06:cc:f2:52:1e:82:d3:4f:d4:fa:83:58:e5:c6:17:
06:92:93:ec:b0:a8:b6:d6:43:58:ce:21:7f:71:dc:
ed:13:b0:f8:73:97:0c:1c:a5:1f:9a:cb:b1:f0:67:
85:f4:82:19:02:4d:0e:8b:ff:20:99:dd:9d:b4:82:
bf:12:4a:50:2b:ec:1b:a0:a4:89:4b:5c:01:23:17:
0c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:80:80:5C:D6:95:8B:D5:A9:50:E2:27:50:A1:9A:E3:1F:24:57:3A
X509v3 Authority Key Identifier:
keyid:67:FD:3E:19:F5:83:36:1F:E5:D9:0A:41:2B:12:80:F7:CF:FB:80:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_0-GfWDNh_l2QpBKxKA98_7gB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/081b84-4ece-4005-b28d-9f293172bb6b/1/vICAXNaVi9WpUOInUKGa4x8kVzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/081b84-4ece-4005-b28d-9f293172bb6b/1/Z_0-GfWDNh_l2QpBKxKA98_7gB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.228.0/22
IPv6:
2001:67c:2f0::/48
Signature Algorithm: sha256WithRSAEncryption
2e:ed:08:5d:83:7c:ed:df:ed:d7:ae:8c:53:17:81:36:49:1b:
0b:61:72:1e:eb:87:bb:fa:b7:43:e0:c8:ea:d8:ab:ce:63:3d:
51:a4:6d:cf:a4:bf:a6:53:97:1c:12:f3:f1:9f:d9:dd:d8:85:
89:d5:b0:95:92:22:e0:b2:74:a4:47:f9:34:6f:b3:c1:3b:09:
8c:9a:51:b6:93:e6:3e:b1:7b:5a:40:a1:d8:aa:6a:66:6e:ab:
eb:ff:f5:e9:5e:17:f0:7d:5a:7b:83:51:2d:dc:14:83:ef:40:
39:fc:56:8f:44:e6:33:c5:a0:79:ba:cc:fe:a3:84:33:ac:19:
5d:02:73:b3:b4:9c:28:2b:c9:60:df:18:a1:00:3e:cc:72:12:
13:58:3c:e4:02:79:e1:59:d5:77:4e:dd:54:eb:e3:b3:ce:1b:
24:1e:f3:ef:96:f8:de:d3:f4:f1:52:47:24:ee:34:9d:46:02:
9a:8f:b8:22:9e:e6:98:ef:2b:6a:3b:a4:ae:87:3a:c9:e3:6a:
5c:7d:5b:68:7a:d0:1b:37:e3:18:49:b5:bc:46:93:61:f9:b5:
09:bd:50:04:f3:51:d5:24:b3:5b:81:12:33:8a:a2:e6:0c:91:
4f:ba:a6:1d:49:cb:9d:83:be:38:6d:80:83:6f:26:72:fe:b1:
60:76:43:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQijai1WiZjc1j8AW7JWB+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZmQzZTE5ZjU4MzM2MWZlNWQ5MGE0MTJiMTI4MGY3Y2Zm
YjgwMWYwHhcNMjUwMTAxMTU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzgwODA1Y2Q2OTU4YmQ1YTk1MGUyMjc1MGExOWFlMzFmMjQ1NzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSS10qVKmDPcnDz4wUnMH06HEuo7
S3Wl6AwpLrmRqDJJkFkzlquLF4ThRUVzpW//MznxVAdX9THLbvHTc4u/3PT1RiO0
3qDxEKSINhtBoz/CUm11H8js+Xi0SNCY0mNXFER67rMb2glKiaJtka1/DImAwzgA
yYYRxG9gL2677ABZdhF0PI9QodIfF3SXJUqW9BbQJ0WytQ96y1jBYYdGm6AlhR2N
8eSoHbvZm7MJVhwuIdwGzPJSHoLTT9T6g1jlxhcGkpPssKi21kNYziF/cdztE7D4
c5cMHKUfmsux8GeF9IIZAk0Oi/8gmd2dtIK/EkpQK+wboKSJS1wBIxcMXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLyAgFzWlYvVqVDiJ1ChmuMfJFc6MB8GA1UdIwQY
MBaAFGf9Phn1gzYf5dkKQSsSgPfP+4AfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl8wLUdmV0ROaF9sMlFwQkt4S0E5OF83Z0I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8wODFiODQtNGVjZS00MDA1LWIyOGQt
OWYyOTMxNzJiYjZiLzEvdklDQVhOYVZpOVdwVU9JblVLR2E0eDhrVnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8wODFiODQtNGVjZS00MDA1LWIyOGQtOWYyOTMxNzJiYjZi
LzEvWl8wLUdmV0ROaF9sMlFwQkt4S0E5OF83Z0I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwg/kMA8E
AgACMAkDBwAgAQZ8AvAwDQYJKoZIhvcNAQELBQADggEBAC7tCF2DfO3f7deujFMX
gTZJGwthch7rh7v6t0PgyOrYq85jPVGkbc+kv6ZTlxwS8/Gf2d3YhYnVsJWSIuCy
dKRH+TRvs8E7CYyaUbaT5j6xe1pAodiqamZuq+v/9eleF/B9WnuDUS3cFIPvQDn8
Vo9E5jPFoHm6zP6jhDOsGV0Cc7O0nCgryWDfGKEAPsxyEhNYPOQCeeFZ1XdO3VTr
47POGyQe8++W+N7T9PFSRyTuNJ1GApqPuCKe5pjvK2o7pK6HOsnjalx9W2h60Bs3
4xhJtbxGk2H5tQm9UATzUdUks1uBEjOKouYMkU+6ph1Jy52DvjhtgINvJnL+sWB2
Q9Q=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:07:59 2025 by rpki-client