Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/vmqKHuLzrPkqklGr2oHlX4A5H1s.roa
File: vmqKHuLzrPkqklGr2oHlX4A5H1s.roa (raw, json)
Hash identifier: HWx6FXZlLIKlHVfqDThyZuNv2Ccv+hNVkaueWiNq1XE=
Subject key identifier: BE:6A:8A:1E:E2:F3:AC:F9:2A:92:51:AB:DA:81:E5:5F:80:39:1F:5B
Certificate issuer: /CN=de5e6c2330911bc1dc8c83d411ef6b1208b3bbd6
Certificate serial: 019426D975EBDA71897E8A2BE01B106B8334
Authority key identifier: DE:5E:6C:23:30:91:1B:C1:DC:8C:83:D4:11:EF:6B:12:08:B3:BB:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3l5sIzCRG8HcjIPUEe9rEgizu9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/vmqKHuLzrPkqklGr2oHlX4A5H1s.roa
Signing time: Thu 02 Jan 2025 11:49:33 +0000
ROA not before: Thu 02 Jan 2025 11:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215756
IP address blocks: 194.1.176.0/24 maxlen: 24
2001:678:8cc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:75:eb:da:71:89:7e:8a:2b:e0:1b:10:6b:83:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de5e6c2330911bc1dc8c83d411ef6b1208b3bbd6
Validity
Not Before: Jan 2 11:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be6a8a1ee2f3acf92a9251abda81e55f80391f5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7a:45:27:56:62:c9:9f:91:9c:fa:2a:e0:c1:
5a:35:9b:e9:48:7e:72:4c:d3:28:43:6d:f1:ac:30:
82:63:e7:c9:a8:d3:e0:fb:b9:8b:3f:ac:57:9a:08:
b3:d5:fb:9d:b8:44:44:a2:99:f6:af:81:b5:25:65:
69:ea:30:21:ec:d8:8c:f0:58:e1:c3:0b:ab:b8:56:
76:0b:ee:f7:86:16:4f:97:9a:d1:1c:d1:75:c5:20:
32:6e:c8:b0:5d:f2:25:d3:7d:c0:9e:91:24:7a:e1:
01:ed:8d:07:c9:0c:e7:fd:cc:80:04:47:39:73:38:
6b:4e:08:3c:36:f5:24:83:e4:cf:01:bc:b9:fc:cf:
96:b2:59:8f:57:2f:76:79:93:db:b5:d6:03:ab:5e:
95:69:b3:23:6f:28:7f:35:0a:c2:50:da:b0:b5:50:
e2:e0:69:f7:eb:fb:88:bf:dc:d7:fe:25:b9:88:df:
8a:6c:32:37:cc:c4:d0:14:7f:06:45:cf:24:38:a0:
c8:df:3d:7e:c5:50:5f:63:30:1e:0e:65:ba:f7:62:
07:de:c8:8b:9a:d9:6c:a9:73:24:46:45:3e:1c:73:
25:08:80:35:d0:85:05:f1:7f:73:27:2a:17:ec:58:
45:ce:e3:20:61:a4:c1:bf:06:69:ae:7a:44:b4:63:
4f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:6A:8A:1E:E2:F3:AC:F9:2A:92:51:AB:DA:81:E5:5F:80:39:1F:5B
X509v3 Authority Key Identifier:
keyid:DE:5E:6C:23:30:91:1B:C1:DC:8C:83:D4:11:EF:6B:12:08:B3:BB:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3l5sIzCRG8HcjIPUEe9rEgizu9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/vmqKHuLzrPkqklGr2oHlX4A5H1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/3l5sIzCRG8HcjIPUEe9rEgizu9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.176.0/24
IPv6:
2001:678:8cc::/48
Signature Algorithm: sha256WithRSAEncryption
b0:96:57:9c:52:41:e1:4c:b4:b0:f2:a1:6e:ca:55:f5:df:3a:
9f:23:e8:b1:48:0c:4c:46:37:7f:58:11:aa:c9:ec:13:f1:25:
02:47:cf:5d:f6:87:bc:0a:54:7a:62:21:b6:87:64:45:55:db:
ef:2b:1e:98:e6:24:f0:d9:a9:fd:a8:62:b6:8f:2e:b6:3d:f2:
c7:02:aa:62:e5:60:5d:98:70:c2:83:8c:74:6a:85:d9:78:52:
9f:e2:95:b1:d8:09:bd:2d:50:bf:b5:6b:7a:53:c1:3d:96:26:
5b:70:e4:e1:77:76:bc:33:ab:d3:c0:1d:ce:a9:b7:b7:8d:10:
6b:10:a9:b3:92:6b:0a:f9:e4:6a:1d:19:81:02:c5:8d:2b:af:
02:a1:74:c5:e9:ad:34:d2:35:db:c7:1a:6d:4c:62:54:9b:70:
43:6b:27:26:0a:63:43:31:c1:d6:4e:15:35:fd:66:56:23:c5:
93:9d:99:2c:ff:02:07:a8:86:49:e1:e6:81:d2:03:cb:1c:63:
9c:c5:03:10:83:43:79:78:31:7e:b4:63:99:14:aa:81:e8:7f:
90:87:4d:d5:e0:40:01:05:62:61:b0:2e:28:b6:82:96:f4:c8:
87:ec:db:dd:fb:0c:6c:8e:9b:5a:6a:7b:d7:35:3f:7e:c1:e0:
43:4e:14:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQm2XXr2nGJfoor4BsQa4M0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNWU2YzIzMzA5MTFiYzFkYzhjODNkNDExZWY2YjEyMDhi
M2JiZDYwHhcNMjUwMTAyMTE0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTZhOGExZWUyZjNhY2Y5MmE5MjUxYWJkYTgxZTU1ZjgwMzkxZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3pFJ1ZiyZ+RnPoq4MFaNZvpSH5y
TNMoQ23xrDCCY+fJqNPg+7mLP6xXmgiz1fuduEREopn2r4G1JWVp6jAh7NiM8Fjh
wwuruFZ2C+73hhZPl5rRHNF1xSAybsiwXfIl033AnpEkeuEB7Y0HyQzn/cyABEc5
czhrTgg8NvUkg+TPAby5/M+WslmPVy92eZPbtdYDq16VabMjbyh/NQrCUNqwtVDi
4Gn36/uIv9zX/iW5iN+KbDI3zMTQFH8GRc8kOKDI3z1+xVBfYzAeDmW692IH3siL
mtlsqXMkRkU+HHMlCIA10IUF8X9zJyoX7FhFzuMgYaTBvwZprnpEtGNPhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL5qih7i86z5KpJRq9qB5V+AOR9bMB8GA1UdIwQY
MBaAFN5ebCMwkRvB3IyD1BHvaxIIs7vWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2w1c0l6Q1JHOEhjaklQVUVlOXJFZ2l6dTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kZTlkNzItZmNkNC00YzdjLTg5Y2Et
ZGU0YmE3ODZmODcyLzEvdm1xS0h1THpyUGtxa2xHcjJvSGxYNEE1SDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kZTlkNzItZmNkNC00YzdjLTg5Y2EtZGU0YmE3ODZmODcy
LzEvM2w1c0l6Q1JHOEhjaklQVUVlOXJFZ2l6dTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgGwMA8E
AgACMAkDBwAgAQZ4CMwwDQYJKoZIhvcNAQELBQADggEBALCWV5xSQeFMtLDyoW7K
VfXfOp8j6LFIDExGN39YEarJ7BPxJQJHz132h7wKVHpiIbaHZEVV2+8rHpjmJPDZ
qf2oYraPLrY98scCqmLlYF2YcMKDjHRqhdl4Up/ilbHYCb0tUL+1a3pTwT2WJltw
5OF3drwzq9PAHc6pt7eNEGsQqbOSawr55GodGYECxY0rrwKhdMXprTTSNdvHGm1M
YlSbcENrJyYKY0MxwdZOFTX9ZlYjxZOdmSz/Ageohknh5oHSA8scY5zFAxCDQ3l4
MX60Y5kUqoHof5CHTdXgQAEFYmGwLii2gpb0yIfs2937DGyOm1pqe9c1P37B4ENO
FOc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:59:23 2025 by rpki-client