Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/30cd87-f375-4b93-8d39-65d6ca3f49d8/1/aHJU3TtGM9M9L2c33hiqaeAD6-M.roa
File: aHJU3TtGM9M9L2c33hiqaeAD6-M.roa (raw, json)
Hash identifier: Jnk6c3GJ5E4y6b+inckEyRoPVADxMl1TsyYlid/Y0Y0=
Subject key identifier: 68:72:54:DD:3B:46:33:D3:3D:2F:67:37:DE:18:AA:69:E0:03:EB:E3
Certificate issuer: /CN=69525a362e87705a1ec022d16560f276d59cee1d
Certificate serial: 0194258F6E70974ADA48F29B0642D221AC27
Authority key identifier: 69:52:5A:36:2E:87:70:5A:1E:C0:22:D1:65:60:F2:76:D5:9C:EE:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aVJaNi6HcFoewCLRZWDydtWc7h0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/30cd87-f375-4b93-8d39-65d6ca3f49d8/1/aHJU3TtGM9M9L2c33hiqaeAD6-M.roa
Signing time: Thu 02 Jan 2025 05:49:04 +0000
ROA not before: Thu 02 Jan 2025 05:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21263
IP address blocks: 194.0.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:6e:70:97:4a:da:48:f2:9b:06:42:d2:21:ac:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69525a362e87705a1ec022d16560f276d59cee1d
Validity
Not Before: Jan 2 05:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=687254dd3b4633d33d2f6737de18aa69e003ebe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:00:75:2d:f7:a1:4b:48:0b:86:3e:63:de:e1:
89:1e:16:1a:29:9f:49:e5:12:0b:bb:47:79:cf:58:
54:b6:9d:9e:7e:8f:a8:ca:6f:d7:64:6f:63:ea:2a:
a3:59:fc:a6:d1:f5:9b:c2:cf:96:87:7c:76:e4:4c:
8b:2e:e2:87:49:62:84:bb:0f:16:85:e5:88:c1:2b:
a3:d5:0c:1d:bc:23:ea:c0:ad:c0:f2:d3:df:b3:ee:
db:81:0e:39:31:f6:22:fb:52:24:53:ce:e0:ba:12:
02:24:e0:67:eb:b9:c1:be:d8:49:18:3f:01:1e:b3:
86:e9:97:ff:4a:24:98:f2:c0:bf:a7:e1:2b:5d:71:
c9:1e:4f:bb:89:fd:e7:ad:c5:11:20:47:6e:84:73:
bd:7a:af:c6:b7:a6:61:a3:36:3c:54:44:e6:a4:c5:
88:1a:52:ab:5c:ae:fa:0f:ac:d3:09:5d:6e:8b:b8:
1f:51:92:6e:13:8d:5e:e0:94:b6:bd:72:09:7b:f9:
ad:61:a2:e8:55:4c:17:15:bf:4b:d7:0e:21:52:fb:
ef:29:01:60:e4:d4:c8:6d:55:7a:f6:ce:18:c8:8f:
16:54:84:62:20:85:85:a7:71:5c:92:f1:6f:96:5e:
6a:92:d8:a3:65:2c:b1:a0:43:58:fd:1b:f3:b9:fb:
18:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:72:54:DD:3B:46:33:D3:3D:2F:67:37:DE:18:AA:69:E0:03:EB:E3
X509v3 Authority Key Identifier:
keyid:69:52:5A:36:2E:87:70:5A:1E:C0:22:D1:65:60:F2:76:D5:9C:EE:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVJaNi6HcFoewCLRZWDydtWc7h0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/30cd87-f375-4b93-8d39-65d6ca3f49d8/1/aHJU3TtGM9M9L2c33hiqaeAD6-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/30cd87-f375-4b93-8d39-65d6ca3f49d8/1/aVJaNi6HcFoewCLRZWDydtWc7h0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.220.0/24
Signature Algorithm: sha256WithRSAEncryption
65:a7:40:27:af:6f:90:cb:2a:d8:ff:45:19:e6:db:25:ad:76:
f8:d0:c4:22:5a:78:60:73:90:df:0d:32:d6:79:6b:81:b3:b1:
7c:b9:f2:ef:ad:e2:45:e1:be:d0:42:51:14:87:90:3c:df:4f:
00:99:45:f3:ea:53:ce:b7:1b:cf:2e:0b:c7:7f:9d:62:e6:d5:
00:4f:fc:19:8b:56:c9:83:d6:2f:fe:e1:d5:03:63:e1:39:54:
3e:61:70:8a:8c:c1:b3:ed:73:e6:7f:cc:b6:73:b4:1f:e6:d1:
ca:9c:a2:d0:38:75:5d:c7:b5:e5:e7:a7:92:39:a4:ff:9c:45:
a3:19:40:e1:60:cc:82:f4:66:2d:b5:00:c4:64:b3:c2:96:a1:
71:f5:4d:d9:98:cc:75:d1:87:c3:ff:34:37:5d:bc:07:00:af:
ba:76:d5:15:5a:1e:ac:4a:10:da:93:17:bb:6b:d2:ad:34:85:
86:b2:46:17:c5:96:5d:84:ff:09:7c:66:93:33:b6:8d:ca:39:
db:ac:c8:02:1d:f1:26:04:78:90:ec:9f:ee:e0:1c:a6:2f:a4:
19:33:82:34:2f:67:ba:21:6a:6f:37:95:a1:47:8e:c7:85:3d:
8d:aa:b6:62:42:ec:86:16:31:f3:91:6b:09:b9:18:70:b2:ea:
d1:0f:ff:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj25wl0raSPKbBkLSIawnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTI1YTM2MmU4NzcwNWExZWMwMjJkMTY1NjBmMjc2ZDU5
Y2VlMWQwHhcNMjUwMTAyMDU0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODcyNTRkZDNiNDYzM2QzM2QyZjY3MzdkZTE4YWE2OWUwMDNlYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAB1LfehS0gLhj5j3uGJHhYaKZ9J
5RILu0d5z1hUtp2efo+oym/XZG9j6iqjWfym0fWbws+Wh3x25EyLLuKHSWKEuw8W
heWIwSuj1QwdvCPqwK3A8tPfs+7bgQ45MfYi+1IkU87guhICJOBn67nBvthJGD8B
HrOG6Zf/SiSY8sC/p+ErXXHJHk+7if3nrcURIEduhHO9eq/Gt6ZhozY8VETmpMWI
GlKrXK76D6zTCV1ui7gfUZJuE41e4JS2vXIJe/mtYaLoVUwXFb9L1w4hUvvvKQFg
5NTIbVV69s4YyI8WVIRiIIWFp3FckvFvll5qktijZSyxoENY/RvzufsYwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhyVN07RjPTPS9nN94YqmngA+vjMB8GA1UdIwQY
MBaAFGlSWjYuh3BaHsAi0WVg8nbVnO4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZKYU5pNkhjRm9ld0NMUlpXRHlkdFdjN2gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8zMGNkODctZjM3NS00YjkzLThkMzkt
NjVkNmNhM2Y0OWQ4LzEvYUhKVTNUdEdNOU05TDJjMzNoaXFhZUFENi1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8zMGNkODctZjM3NS00YjkzLThkMzktNjVkNmNhM2Y0OWQ4
LzEvYVZKYU5pNkhjRm9ld0NMUlpXRHlkdFdjN2gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgDcMA0G
CSqGSIb3DQEBCwUAA4IBAQBlp0Anr2+QyyrY/0UZ5tslrXb40MQiWnhgc5DfDTLW
eWuBs7F8ufLvreJF4b7QQlEUh5A8308AmUXz6lPOtxvPLgvHf51i5tUAT/wZi1bJ
g9Yv/uHVA2PhOVQ+YXCKjMGz7XPmf8y2c7Qf5tHKnKLQOHVdx7Xl56eSOaT/nEWj
GUDhYMyC9GYttQDEZLPClqFx9U3ZmMx10YfD/zQ3XbwHAK+6dtUVWh6sShDakxe7
a9KtNIWGskYXxZZdhP8JfGaTM7aNyjnbrMgCHfEmBHiQ7J/u4BymL6QZM4I0L2e6
IWpvN5WhR47HhT2NqrZiQuyGFjHzkWsJuRhwsurRD//r
-----END CERTIFICATE-----
Generated at Sat Apr 26 11:35:12 2025 by rpki-client