Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bc5cc8-b3ef-40fc-ae40-78ec8023068f/1/AO9S5FPNyFUFF8sl00iZG2uj63o.roa
File: AO9S5FPNyFUFF8sl00iZG2uj63o.roa (raw, json)
Hash identifier: dj/tZS47oYr7HP4aHIaoRYk9wXqksDBdwIFty9clVxk=
Subject key identifier: 00:EF:52:E4:53:CD:C8:55:05:17:CB:25:D3:48:99:1B:6B:A3:EB:7A
Certificate issuer: /CN=87c3b85a7befbb4490d7ac852eb8be84bf938b4d
Certificate serial: 01941FFA716552E87080B75756202600B276
Authority key identifier: 87:C3:B8:5A:7B:EF:BB:44:90:D7:AC:85:2E:B8:BE:84:BF:93:8B:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h8O4Wnvvu0SQ16yFLri-hL-Ti00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bc5cc8-b3ef-40fc-ae40-78ec8023068f/1/AO9S5FPNyFUFF8sl00iZG2uj63o.roa
Signing time: Wed 01 Jan 2025 03:48:14 +0000
ROA not before: Wed 01 Jan 2025 03:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41198
IP address blocks: 194.140.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:71:65:52:e8:70:80:b7:57:56:20:26:00:b2:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87c3b85a7befbb4490d7ac852eb8be84bf938b4d
Validity
Not Before: Jan 1 03:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00ef52e453cdc8550517cb25d348991b6ba3eb7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b7:32:11:da:8d:cc:9e:29:83:59:f4:b4:a1:
f6:b7:5a:17:c6:d5:36:f0:55:eb:5b:ec:4a:6b:0e:
c4:49:1f:eb:85:39:e7:6f:cd:18:41:79:45:c0:3b:
18:76:ed:13:6b:a9:f7:c2:a4:a3:a4:1d:87:ea:8d:
13:61:f6:2a:d7:d8:82:27:d4:67:30:9d:22:54:b5:
6f:1a:01:ad:e5:a6:de:ab:14:ba:c6:5e:ed:e2:9f:
7b:28:17:fa:36:be:07:89:11:8c:35:cf:cc:4f:c0:
47:64:f3:a2:1a:15:7c:ba:10:20:c7:ee:93:62:1a:
be:65:c2:50:91:d8:02:0b:a7:20:17:8e:3a:c8:71:
98:20:b2:03:6e:de:0a:5a:c7:dd:bb:88:ed:f3:0d:
38:b7:cf:35:29:96:78:08:a9:5a:90:6d:4f:44:e2:
f6:58:f7:de:29:ef:b3:ef:17:4d:6e:ae:54:95:92:
1f:71:3d:fb:61:e1:82:0a:9e:1a:fa:22:d9:0a:83:
b8:3e:26:d0:00:bb:92:3f:5d:42:56:36:75:cf:18:
62:cf:25:3c:1f:f2:d8:71:0b:26:0b:7a:03:60:f2:
e6:e4:9a:42:0a:f1:9f:ff:e2:24:d1:22:30:ac:45:
f7:4c:83:7b:56:28:22:ad:e3:12:43:23:f4:59:c5:
67:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:EF:52:E4:53:CD:C8:55:05:17:CB:25:D3:48:99:1B:6B:A3:EB:7A
X509v3 Authority Key Identifier:
keyid:87:C3:B8:5A:7B:EF:BB:44:90:D7:AC:85:2E:B8:BE:84:BF:93:8B:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8O4Wnvvu0SQ16yFLri-hL-Ti00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc5cc8-b3ef-40fc-ae40-78ec8023068f/1/AO9S5FPNyFUFF8sl00iZG2uj63o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc5cc8-b3ef-40fc-ae40-78ec8023068f/1/h8O4Wnvvu0SQ16yFLri-hL-Ti00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.140.254.0/24
Signature Algorithm: sha256WithRSAEncryption
15:e8:3f:af:92:71:16:8f:1e:dd:0a:e7:16:73:d7:4a:e6:14:
71:65:b4:52:15:5f:13:b6:7c:66:12:fa:a3:2a:93:07:b6:15:
75:40:2c:8c:2d:69:96:fd:e1:90:3f:1d:25:dd:d7:d4:21:c5:
19:02:9d:2a:d7:21:17:6b:06:96:06:04:c2:9c:78:fb:b3:e7:
6d:15:93:31:b5:4d:62:6d:f1:65:1d:e2:09:c1:c5:f9:89:bf:
e1:02:ce:9b:c6:fe:e0:13:ee:c6:94:4b:98:ce:64:9b:86:a2:
c8:1c:2b:b5:22:af:14:e0:2c:72:0d:a6:e3:6a:27:19:5f:0d:
14:d2:7d:d6:1e:02:cf:d8:0d:38:a8:e3:52:ce:f1:31:06:e5:
d5:74:e6:f0:1a:89:9f:4a:3f:d5:eb:3b:72:c0:aa:8a:69:2e:
37:05:2b:0c:a6:40:b3:6a:09:89:d2:79:14:3e:de:2e:6b:da:
1e:a1:9e:ce:95:6b:23:58:f7:83:c2:4d:4d:39:c6:5f:ba:b5:
86:29:31:ba:15:04:fc:7b:f5:71:50:fc:36:10:c2:c2:64:08:
55:fb:c3:40:1e:59:55:e2:d3:5f:13:00:42:6c:26:ae:59:0f:
9e:b0:41:05:7b:de:f7:52:a2:bc:f0:03:38:4c:67:71:e7:1d:
c7:31:0b:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+nFlUuhwgLdXViAmALJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YzNiODVhN2JlZmJiNDQ5MGQ3YWM4NTJlYjhiZTg0YmY5
MzhiNGQwHhcNMjUwMTAxMDM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGVmNTJlNDUzY2RjODU1MDUxN2NiMjVkMzQ4OTkxYjZiYTNlYjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7cyEdqNzJ4pg1n0tKH2t1oXxtU2
8FXrW+xKaw7ESR/rhTnnb80YQXlFwDsYdu0Ta6n3wqSjpB2H6o0TYfYq19iCJ9Rn
MJ0iVLVvGgGt5abeqxS6xl7t4p97KBf6Nr4HiRGMNc/MT8BHZPOiGhV8uhAgx+6T
Yhq+ZcJQkdgCC6cgF446yHGYILIDbt4KWsfdu4jt8w04t881KZZ4CKlakG1PROL2
WPfeKe+z7xdNbq5UlZIfcT37YeGCCp4a+iLZCoO4PibQALuSP11CVjZ1zxhizyU8
H/LYcQsmC3oDYPLm5JpCCvGf/+Ik0SIwrEX3TIN7VigireMSQyP0WcVn9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFADvUuRTzchVBRfLJdNImRtro+t6MB8GA1UdIwQY
MBaAFIfDuFp777tEkNeshS64voS/k4tNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDhPNFdudnZ1MFNRMTZ5RkxyaS1oTC1UaTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYzVjYzgtYjNlZi00MGZjLWFlNDAt
NzhlYzgwMjMwNjhmLzEvQU85UzVGUE55RlVGRjhzbDAwaVpHMnVqNjNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iYzVjYzgtYjNlZi00MGZjLWFlNDAtNzhlYzgwMjMwNjhm
LzEvaDhPNFdudnZ1MFNRMTZ5RkxyaS1oTC1UaTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwoz+MA0G
CSqGSIb3DQEBCwUAA4IBAQAV6D+vknEWjx7dCucWc9dK5hRxZbRSFV8TtnxmEvqj
KpMHthV1QCyMLWmW/eGQPx0l3dfUIcUZAp0q1yEXawaWBgTCnHj7s+dtFZMxtU1i
bfFlHeIJwcX5ib/hAs6bxv7gE+7GlEuYzmSbhqLIHCu1Iq8U4CxyDabjaicZXw0U
0n3WHgLP2A04qONSzvExBuXVdObwGomfSj/V6ztywKqKaS43BSsMpkCzagmJ0nkU
Pt4ua9oeoZ7OlWsjWPeDwk1NOcZfurWGKTG6FQT8e/VxUPw2EMLCZAhV+8NAHllV
4tNfEwBCbCauWQ+esEEFe973UqK88AM4TGdx5x3HMQum
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:13:38 2025 by rpki-client