Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/abcd8e-b04b-48e8-8dac-fd559242d471/1/tWrNNpvQLnIYXShcXDmxPXzlROA.roa
File: tWrNNpvQLnIYXShcXDmxPXzlROA.roa (raw, json)
Hash identifier: rl7K0aTuna5/yne12oTJUAQ6OhB1j3YlRj4Y9PjqK84=
Subject key identifier: B5:6A:CD:36:9B:D0:2E:72:18:5D:28:5C:5C:39:B1:3D:7C:E5:44:E0
Certificate issuer: /CN=d1bf176af8dba30fef325365ef3404812ce2d84a
Certificate serial: 0194214452C6E3315570EE4BAF6BAAA6EFE3
Authority key identifier: D1:BF:17:6A:F8:DB:A3:0F:EF:32:53:65:EF:34:04:81:2C:E2:D8:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0b8Xavjbow_vMlNl7zQEgSzi2Eo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/abcd8e-b04b-48e8-8dac-fd559242d471/1/tWrNNpvQLnIYXShcXDmxPXzlROA.roa
Signing time: Wed 01 Jan 2025 09:48:33 +0000
ROA not before: Wed 01 Jan 2025 09:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197016
IP address blocks: 194.8.236.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:52:c6:e3:31:55:70:ee:4b:af:6b:aa:a6:ef:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1bf176af8dba30fef325365ef3404812ce2d84a
Validity
Not Before: Jan 1 09:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b56acd369bd02e72185d285c5c39b13d7ce544e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:72:bd:7f:42:52:2e:8e:a8:2e:06:4d:8e:61:
2b:5c:db:86:1e:f7:df:4f:c7:5b:7a:49:d4:cd:04:
f5:db:57:69:7b:b1:3f:b1:82:74:92:04:67:c4:cf:
96:02:71:b6:51:19:64:4d:23:4d:ac:c4:8a:a2:78:
1a:0f:64:f0:ec:85:1d:38:37:eb:a0:ca:a6:e8:b4:
f1:56:cf:c7:58:7a:ca:77:aa:5c:01:29:fb:b1:cf:
af:3d:7b:49:7c:19:e7:a4:9a:52:b2:08:e8:75:3d:
5d:01:bd:78:39:b8:7e:8a:36:6e:0c:7a:3f:5c:c6:
93:c6:cd:53:d6:2c:b5:97:ff:04:5d:f9:0f:d8:8a:
b5:2c:fc:6d:8c:25:56:1d:65:d2:58:dc:bb:77:ce:
df:82:ba:f3:0b:aa:94:2b:e0:8c:20:1e:a1:80:c8:
54:4a:d8:b9:93:66:ee:6e:4b:15:f5:31:11:48:dc:
ba:bd:ac:7d:97:dc:a3:73:de:5b:e3:8b:e5:6d:21:
fc:70:a3:cf:91:73:fd:b5:31:60:02:36:f3:d4:de:
94:62:70:a8:c9:b7:85:84:a1:c8:8c:91:27:33:00:
f9:ad:fd:43:13:44:46:14:b8:b6:ab:cb:8f:5d:ee:
e0:c3:ac:f5:e4:c0:18:9f:b7:45:d8:b2:62:8c:31:
e1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6A:CD:36:9B:D0:2E:72:18:5D:28:5C:5C:39:B1:3D:7C:E5:44:E0
X509v3 Authority Key Identifier:
keyid:D1:BF:17:6A:F8:DB:A3:0F:EF:32:53:65:EF:34:04:81:2C:E2:D8:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b8Xavjbow_vMlNl7zQEgSzi2Eo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/abcd8e-b04b-48e8-8dac-fd559242d471/1/tWrNNpvQLnIYXShcXDmxPXzlROA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/abcd8e-b04b-48e8-8dac-fd559242d471/1/0b8Xavjbow_vMlNl7zQEgSzi2Eo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.236.0/23
Signature Algorithm: sha256WithRSAEncryption
23:bd:27:74:14:83:03:fc:b5:2a:55:f9:a9:cc:10:01:7f:54:
36:a4:c7:b3:06:23:8e:39:64:ca:6d:60:69:ef:78:52:55:f0:
aa:bb:e1:02:b4:6c:80:b0:08:5a:33:df:91:31:4d:be:fa:0e:
0b:d7:3d:f2:22:49:90:2c:f8:b0:3b:d9:1a:4e:1e:dc:4c:10:
fc:ac:f8:ce:95:60:3b:9d:2a:29:43:66:75:55:98:07:ed:6b:
0a:49:8b:15:53:9c:65:e9:ed:7f:36:f2:19:29:a8:f2:f6:f3:
3c:74:0f:28:ed:4a:33:0e:49:48:67:03:3c:f3:15:04:00:c2:
b1:8d:5e:01:34:8b:0f:1e:39:3e:a7:f7:64:81:e2:6e:ab:fa:
38:22:be:dd:30:68:03:93:14:c8:0e:44:f5:79:df:e1:31:1e:
6f:45:b4:3d:91:6a:55:ec:22:b0:81:2f:45:48:bb:ec:d1:1d:
35:8d:04:d4:46:c0:af:6f:a5:c0:4d:2b:18:7c:c8:ea:6f:99:
11:3e:fb:1c:1a:eb:a6:a8:13:c6:e1:34:3e:74:37:30:95:46:
1a:bf:22:a8:37:9a:68:cc:00:3b:b3:22:33:ce:4a:b9:99:4d:
95:29:71:2f:1f:59:ce:52:5a:95:df:5e:4d:c8:ff:68:0b:08:
a9:9e:83:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRFLG4zFVcO5Lr2uqpu/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYmYxNzZhZjhkYmEzMGZlZjMyNTM2NWVmMzQwNDgxMmNl
MmQ4NGEwHhcNMjUwMTAxMDk0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTZhY2QzNjliZDAyZTcyMTg1ZDI4NWM1YzM5YjEzZDdjZTU0NGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnK9f0JSLo6oLgZNjmErXNuGHvff
T8dbeknUzQT121dpe7E/sYJ0kgRnxM+WAnG2URlkTSNNrMSKongaD2Tw7IUdODfr
oMqm6LTxVs/HWHrKd6pcASn7sc+vPXtJfBnnpJpSsgjodT1dAb14Obh+ijZuDHo/
XMaTxs1T1iy1l/8EXfkP2Iq1LPxtjCVWHWXSWNy7d87fgrrzC6qUK+CMIB6hgMhU
Sti5k2bubksV9TERSNy6vax9l9yjc95b44vlbSH8cKPPkXP9tTFgAjbz1N6UYnCo
ybeFhKHIjJEnMwD5rf1DE0RGFLi2q8uPXe7gw6z15MAYn7dF2LJijDHhXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVqzTab0C5yGF0oXFw5sT185UTgMB8GA1UdIwQY
MBaAFNG/F2r426MP7zJTZe80BIEs4thKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGI4WGF2amJvd192TWxObDd6UUVnU3ppMkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9hYmNkOGUtYjA0Yi00OGU4LThkYWMt
ZmQ1NTkyNDJkNDcxLzEvdFdyTk5wdlFMbklZWFNoY1hEbXhQWHpsUk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9hYmNkOGUtYjA0Yi00OGU4LThkYWMtZmQ1NTkyNDJkNDcx
LzEvMGI4WGF2amJvd192TWxObDd6UUVnU3ppMkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwgjsMA0G
CSqGSIb3DQEBCwUAA4IBAQAjvSd0FIMD/LUqVfmpzBABf1Q2pMezBiOOOWTKbWBp
73hSVfCqu+ECtGyAsAhaM9+RMU2++g4L1z3yIkmQLPiwO9kaTh7cTBD8rPjOlWA7
nSopQ2Z1VZgH7WsKSYsVU5xl6e1/NvIZKajy9vM8dA8o7UozDklIZwM88xUEAMKx
jV4BNIsPHjk+p/dkgeJuq/o4Ir7dMGgDkxTIDkT1ed/hMR5vRbQ9kWpV7CKwgS9F
SLvs0R01jQTURsCvb6XATSsYfMjqb5kRPvscGuumqBPG4TQ+dDcwlUYavyKoN5po
zAA7syIzzkq5mU2VKXEvH1nOUlqV315NyP9oCwipnoN6
-----END CERTIFICATE-----
Generated at Tue Apr 29 02:04:35 2025 by rpki-client