Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/gLZLrbhpO6mWtu79cX_I9beQtfY.roa
File: gLZLrbhpO6mWtu79cX_I9beQtfY.roa (raw, json)
Hash identifier: FKC1b4NqDGusVuG1PsHV/OorcR6VfmcWdy6GLsbONNI=
Subject key identifier: 80:B6:4B:AD:B8:69:3B:A9:96:B6:EE:FD:71:7F:C8:F5:B7:90:B5:F6
Certificate issuer: /CN=906426f483c36aacda8732324ab88ad5800c9a2d
Certificate serial: 019427B6065052A831744A48987E9799BDA7
Authority key identifier: 90:64:26:F4:83:C3:6A:AC:DA:87:32:32:4A:B8:8A:D5:80:0C:9A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/gLZLrbhpO6mWtu79cX_I9beQtfY.roa
Signing time: Thu 02 Jan 2025 15:50:28 +0000
ROA not before: Thu 02 Jan 2025 15:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20900
IP address blocks: 194.4.7.0/24 maxlen: 24
194.4.10.0/24 maxlen: 24
194.4.12.0/24 maxlen: 24
194.4.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:06:50:52:a8:31:74:4a:48:98:7e:97:99:bd:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=906426f483c36aacda8732324ab88ad5800c9a2d
Validity
Not Before: Jan 2 15:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80b64badb8693ba996b6eefd717fc8f5b790b5f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d4:4e:a8:94:4f:6b:14:3c:8e:1f:36:04:2f:
db:51:ed:b8:a6:7e:78:f3:45:46:a3:b5:89:dc:5a:
e5:84:bb:d2:c1:aa:86:d6:c2:cf:3d:e7:58:41:cb:
a4:5c:88:9c:67:8d:79:94:eb:9f:ed:2d:43:c4:29:
d5:28:b8:49:0b:95:6c:43:f6:a1:41:5f:d8:2c:44:
f1:69:16:f8:2e:11:60:37:47:59:5e:38:d9:a3:db:
c4:52:7e:a4:cc:1e:6a:a3:d5:42:b4:cd:9b:b4:d6:
7e:05:21:a6:dc:1d:f1:3d:73:cb:63:4e:fc:1c:78:
63:05:ff:bd:8b:5e:9e:d7:94:9e:a5:55:f3:a9:26:
3e:2a:f6:33:f8:89:96:05:d8:c3:9f:55:41:79:b8:
c0:57:66:da:cc:87:7a:9d:06:8c:8b:35:2c:83:e3:
6a:ad:b2:64:ff:74:2d:67:3f:f0:aa:6c:47:73:ce:
70:27:0a:c1:e6:d5:cc:8f:a5:11:ab:8c:8b:22:87:
ac:d8:fb:5b:99:aa:fd:42:ec:5f:87:04:f7:1b:c9:
18:95:7b:08:7d:95:0c:7b:63:45:0e:18:aa:d4:8b:
ba:c5:30:79:00:7f:9c:e9:08:da:03:4f:69:a5:64:
77:7b:dd:a9:dd:8a:87:3e:e5:5d:28:4a:ae:ad:48:
f0:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:B6:4B:AD:B8:69:3B:A9:96:B6:EE:FD:71:7F:C8:F5:B7:90:B5:F6
X509v3 Authority Key Identifier:
keyid:90:64:26:F4:83:C3:6A:AC:DA:87:32:32:4A:B8:8A:D5:80:0C:9A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/gLZLrbhpO6mWtu79cX_I9beQtfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.4.7.0/24
194.4.10.0/24
194.4.12.0/23
Signature Algorithm: sha256WithRSAEncryption
59:3e:08:10:99:fe:fb:7d:b4:e3:1f:cf:37:78:1e:fd:8b:8a:
28:4b:06:36:9f:a7:3e:ff:74:72:55:05:ef:98:65:7f:8a:77:
18:00:95:57:30:3b:91:98:cb:52:97:f4:98:b8:0c:27:ff:1d:
fb:96:af:d4:8a:bc:bd:26:4f:82:84:60:7a:3c:27:40:b8:07:
f4:5b:e6:a7:fc:4e:0a:30:12:57:4d:26:30:d0:43:16:b3:f1:
4e:f4:99:9c:be:3f:39:98:4d:ce:b2:11:e0:e0:01:19:58:3c:
96:cb:1f:fa:ba:4d:f3:ae:ed:e9:61:41:74:63:54:6a:56:bf:
e7:62:33:a1:3f:a9:14:e5:35:0e:27:0c:ea:2e:61:fc:6a:b8:
1c:7a:af:b4:c0:64:d8:56:29:f4:b2:45:6e:0d:7d:65:cb:73:
44:80:2d:b0:cb:9c:13:a7:3f:3c:c5:32:8c:fa:3f:12:2e:8b:
13:28:0f:7b:84:73:b7:3f:7f:05:2e:67:a8:ec:5c:e8:e2:5d:
e8:bf:3e:8c:7f:38:74:26:84:81:e5:5a:b4:0a:c9:18:60:b6:
77:2f:56:0b:c4:e3:7c:5d:b6:99:a7:50:1e:47:a7:70:94:3e:
5e:8e:e9:c8:14:e3:02:5a:83:3a:a8:bc:fa:0b:b8:81:37:51:
08:01:6f:2d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntgZQUqgxdEpImH6Xmb2nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjQyNmY0ODNjMzZhYWNkYTg3MzIzMjRhYjg4YWQ1ODAw
YzlhMmQwHhcNMjUwMTAyMTU1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGI2NGJhZGI4NjkzYmE5OTZiNmVlZmQ3MTdmYzhmNWI3OTBiNWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtROqJRPaxQ8jh82BC/bUe24pn54
80VGo7WJ3FrlhLvSwaqG1sLPPedYQcukXIicZ415lOuf7S1DxCnVKLhJC5VsQ/ah
QV/YLETxaRb4LhFgN0dZXjjZo9vEUn6kzB5qo9VCtM2btNZ+BSGm3B3xPXPLY078
HHhjBf+9i16e15SepVXzqSY+KvYz+ImWBdjDn1VBebjAV2bazId6nQaMizUsg+Nq
rbJk/3QtZz/wqmxHc85wJwrB5tXMj6URq4yLIoes2Ptbmar9QuxfhwT3G8kYlXsI
fZUMe2NFDhiq1Iu6xTB5AH+c6QjaA09ppWR3e92p3YqHPuVdKEqurUjw7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIC2S624aTuplrbu/XF/yPW3kLX2MB8GA1UdIwQY
MBaAFJBkJvSDw2qs2ocyMkq4itWADJotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NGQ0NDEtZDk4Ny00MDYyLTg5YzEt
OTRjNWFkMTdhN2EwLzEvZ0xaTHJiaHBPNm1XdHU3OWNYX0k5YmVRdGZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85NGQ0NDEtZDk4Ny00MDYyLTg5YzEtOTRjNWFkMTdhN2Ew
LzEva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwgQHAwQA
wgQKAwQBwgQMMA0GCSqGSIb3DQEBCwUAA4IBAQBZPggQmf77fbTjH883eB79i4oo
SwY2n6c+/3RyVQXvmGV/incYAJVXMDuRmMtSl/SYuAwn/x37lq/Uiry9Jk+ChGB6
PCdAuAf0W+an/E4KMBJXTSYw0EMWs/FO9Jmcvj85mE3OshHg4AEZWDyWyx/6uk3z
ru3pYUF0Y1RqVr/nYjOhP6kU5TUOJwzqLmH8argceq+0wGTYVin0skVuDX1ly3NE
gC2wy5wTpz88xTKM+j8SLosTKA97hHO3P38FLmeo7Fzo4l3ovz6Mfzh0JoSB5Vq0
CskYYLZ3L1YLxON8XbaZp1AeR6dwlD5ejunIFOMCWoM6qLz6C7iBN1EIAW8t
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:10:59 2025 by rpki-client