Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/C2lOXCmp50JxgRXiUYxe6B0_iZ4.roa
File: C2lOXCmp50JxgRXiUYxe6B0_iZ4.roa (raw, json)
Hash identifier: 8UNsnDOqjjcGGg587BCaothe5brbvtl6qwWOiSpwE6Y=
Subject key identifier: 0B:69:4E:5C:29:A9:E7:42:71:81:15:E2:51:8C:5E:E8:1D:3F:89:9E
Certificate issuer: /CN=d45a8d91fe44f1a9639aed561c1bcafcbf10b25d
Certificate serial: 0194258FABBA5AF571BB9C25A38F4ACCCE18
Authority key identifier: D4:5A:8D:91:FE:44:F1:A9:63:9A:ED:56:1C:1B:CA:FC:BF:10:B2:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FqNkf5E8aljmu1WHBvK_L8Qsl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/C2lOXCmp50JxgRXiUYxe6B0_iZ4.roa
Signing time: Thu 02 Jan 2025 05:49:20 +0000
ROA not before: Thu 02 Jan 2025 05:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24956
IP address blocks: 194.120.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:ab:ba:5a:f5:71:bb:9c:25:a3:8f:4a:cc:ce:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45a8d91fe44f1a9639aed561c1bcafcbf10b25d
Validity
Not Before: Jan 2 05:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b694e5c29a9e742718115e2518c5ee81d3f899e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7a:63:94:e2:d6:f8:93:de:4e:dc:77:08:cd:
4b:9e:78:1d:3c:1b:ba:4c:b6:d4:0e:db:37:7e:21:
ab:d9:54:89:10:fd:a5:7c:c5:9b:12:f5:09:57:e2:
a5:06:b1:d5:09:ac:fd:0d:fd:ca:ef:13:e6:71:72:
cf:a2:93:6a:e6:5c:ca:44:97:16:c5:13:36:29:c9:
8c:d6:02:30:84:21:4e:0d:99:02:c4:a8:6e:84:7a:
0d:06:30:2c:f1:36:64:01:20:35:06:6e:4c:cd:fd:
23:14:97:0d:02:ed:cb:35:4c:43:37:70:68:e2:59:
75:b2:2e:8d:4f:3b:b2:ae:8b:6b:14:92:b8:a7:4f:
4b:55:a1:d8:a2:66:77:5a:38:76:e9:54:7f:7b:79:
0f:41:7b:c5:d7:14:71:1c:0f:4f:3f:e6:bc:43:70:
8f:49:a7:d0:29:cd:b6:d5:28:a6:85:44:e2:8d:f4:
72:11:d8:5e:ff:71:24:79:4a:46:57:45:cc:31:23:
ef:72:bc:2e:f5:43:fe:67:57:75:93:b2:22:5c:0e:
72:ba:6a:b6:21:95:92:de:5e:6a:46:d6:97:e8:b2:
f0:2e:65:88:06:1d:92:29:39:38:f8:70:86:d1:a7:
f3:00:c1:71:0a:25:46:f5:38:ac:78:b4:54:87:01:
14:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:69:4E:5C:29:A9:E7:42:71:81:15:E2:51:8C:5E:E8:1D:3F:89:9E
X509v3 Authority Key Identifier:
keyid:D4:5A:8D:91:FE:44:F1:A9:63:9A:ED:56:1C:1B:CA:FC:BF:10:B2:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FqNkf5E8aljmu1WHBvK_L8Qsl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/C2lOXCmp50JxgRXiUYxe6B0_iZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/1FqNkf5E8aljmu1WHBvK_L8Qsl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.120.234.0/24
Signature Algorithm: sha256WithRSAEncryption
89:d9:19:5b:24:07:d1:1a:d2:5b:89:09:78:0b:63:70:a8:b5:
6b:61:3f:ba:57:37:a7:66:a2:e0:d0:22:ce:55:b6:e3:8f:5b:
4d:62:1a:97:80:26:5d:de:0b:5c:37:0c:24:73:6d:25:6c:b9:
17:12:b3:bf:e2:87:7c:6e:e0:8c:5f:32:4a:87:d4:17:70:62:
75:d0:5a:e0:d5:50:f0:09:08:5e:2d:66:32:84:a9:cf:01:22:
90:44:cd:0c:c0:35:9a:d6:e4:2e:ee:d0:86:51:f4:54:0d:ef:
91:dc:2c:52:db:3c:1a:9b:3c:15:1c:de:b0:4b:04:31:65:08:
9d:bb:17:6d:e9:ea:fc:77:ec:e2:14:e4:79:fe:ee:ae:30:6c:
83:80:80:94:63:01:30:35:17:6f:2f:73:1e:d4:86:08:64:ff:
28:8e:76:33:0a:00:6c:e7:b5:8e:0b:be:91:f3:5f:43:8c:09:
c8:ae:53:2f:50:8a:0e:10:0b:89:40:eb:b8:c4:c7:dd:11:80:
d9:3e:f1:87:cf:7f:a2:9e:02:23:da:fc:3c:e7:66:97:99:ff:
af:3b:4b:17:5b:b4:d9:85:04:25:28:4e:56:72:f2:f1:c1:f8:
b8:b6:13:f8:a7:69:c3:2e:bb:28:34:36:f3:38:46:15:ba:9e:
c5:71:8e:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj6u6WvVxu5wlo49KzM4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWE4ZDkxZmU0NGYxYTk2MzlhZWQ1NjFjMWJjYWZjYmYx
MGIyNWQwHhcNMjUwMTAyMDU0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjY5NGU1YzI5YTllNzQyNzE4MTE1ZTI1MThjNWVlODFkM2Y4OTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5npjlOLW+JPeTtx3CM1LnngdPBu6
TLbUDts3fiGr2VSJEP2lfMWbEvUJV+KlBrHVCaz9Df3K7xPmcXLPopNq5lzKRJcW
xRM2KcmM1gIwhCFODZkCxKhuhHoNBjAs8TZkASA1Bm5Mzf0jFJcNAu3LNUxDN3Bo
4ll1si6NTzuyrotrFJK4p09LVaHYomZ3Wjh26VR/e3kPQXvF1xRxHA9PP+a8Q3CP
SafQKc221SimhUTijfRyEdhe/3EkeUpGV0XMMSPvcrwu9UP+Z1d1k7IiXA5yumq2
IZWS3l5qRtaX6LLwLmWIBh2SKTk4+HCG0afzAMFxCiVG9TiseLRUhwEUkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAtpTlwpqedCcYEV4lGMXugdP4meMB8GA1UdIwQY
MBaAFNRajZH+RPGpY5rtVhwbyvy/ELJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZxTmtmNUU4YWxqbXUxV0hCdktfTDhRc2wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mYWM0MDYtMWQ5Yi00NjFkLTg1NWIt
NTg4NjVkMWUxNGUwLzEvQzJsT1hDbXA1MEp4Z1JYaVVZeGU2QjBfaVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mYWM0MDYtMWQ5Yi00NjFkLTg1NWItNTg4NjVkMWUxNGUw
LzEvMUZxTmtmNUU4YWxqbXUxV0hCdktfTDhRc2wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnjqMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ2RlbJAfRGtJbiQl4C2NwqLVrYT+6VzenZqLg0CLO
Vbbjj1tNYhqXgCZd3gtcNwwkc20lbLkXErO/4od8buCMXzJKh9QXcGJ10Frg1VDw
CQheLWYyhKnPASKQRM0MwDWa1uQu7tCGUfRUDe+R3CxS2zwamzwVHN6wSwQxZQid
uxdt6er8d+ziFOR5/u6uMGyDgICUYwEwNRdvL3Me1IYIZP8ojnYzCgBs57WOC76R
819DjAnIrlMvUIoOEAuJQOu4xMfdEYDZPvGHz3+ingIj2vw852aXmf+vO0sXW7TZ
hQQlKE5WcvLxwfi4thP4p2nDLrsoNDbzOEYVup7FcY7n
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:25:59 2025 by rpki-client