Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/0AzvfnGKV5QC94WtSQaNdV0wKE8.roa
File: 0AzvfnGKV5QC94WtSQaNdV0wKE8.roa (raw, json)
Hash identifier: K0NEapdkPox5447k8RHa1s6kv8Dxl76yFlYy96Y6ISI=
Subject key identifier: D0:0C:EF:7E:71:8A:57:94:02:F7:85:AD:49:06:8D:75:5D:30:28:4F
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0194214405E504A29B80DF0A9B4840F6982F
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/0AzvfnGKV5QC94WtSQaNdV0wKE8.roa
Signing time: Wed 01 Jan 2025 09:48:13 +0000
ROA not before: Wed 01 Jan 2025 09:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57013
IP address blocks: 194.26.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:05:e5:04:a2:9b:80:df:0a:9b:48:40:f6:98:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d00cef7e718a579402f785ad49068d755d30284f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fd:cd:0e:16:03:e4:6c:66:16:50:ed:f5:90:
c0:94:f5:67:16:bf:9f:b6:3b:f3:0e:0d:74:06:b4:
d2:fd:88:0d:8c:7e:64:b3:70:c6:03:a6:2e:66:da:
8b:7b:47:ad:29:a8:22:24:a1:ab:f5:26:70:40:ce:
0d:dd:ee:a4:6b:ac:6b:61:13:c6:a1:16:13:4f:15:
5d:e9:84:c5:67:10:9b:ba:ef:74:1b:16:a2:b1:e3:
ec:8b:f7:48:09:65:b1:54:03:87:84:e0:ba:82:a4:
39:25:4b:d1:72:3a:f4:ab:92:15:0e:bd:82:20:f3:
41:e5:63:15:9e:4d:17:56:9c:25:9f:a6:8f:0c:40:
36:1c:ac:68:79:d4:95:7b:10:b1:73:a6:da:0f:5f:
ac:89:da:ce:cb:ee:97:86:85:49:b0:eb:c6:a4:72:
05:42:62:f3:fd:c7:04:ca:23:f8:43:17:1f:24:47:
20:3e:06:5f:37:eb:bd:85:b6:c7:e8:48:7c:d6:77:
98:ad:b6:9d:13:93:74:ac:36:1a:db:13:e1:e7:6a:
95:fd:dc:d9:62:dc:dc:19:63:b4:88:21:1f:94:dd:
fe:03:93:00:a9:6d:de:db:b1:d1:80:8c:4e:89:ba:
d0:5b:18:f7:b6:d8:db:f2:68:e6:27:74:78:fc:80:
0a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:0C:EF:7E:71:8A:57:94:02:F7:85:AD:49:06:8D:75:5D:30:28:4F
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/0AzvfnGKV5QC94WtSQaNdV0wKE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.205.0/24
Signature Algorithm: sha256WithRSAEncryption
39:23:ba:30:c0:0a:04:5e:a8:b5:4c:d6:5c:5c:4b:87:13:61:
97:02:e1:c0:14:2f:42:90:40:92:61:90:7a:2d:ed:0b:0d:7b:
f9:fd:65:2a:af:c0:28:27:78:94:19:1d:9f:95:8d:11:9e:cf:
56:5e:d2:11:a3:ca:8b:d5:0d:b5:f3:79:e6:df:b0:c2:85:94:
23:eb:25:87:80:85:f7:e5:b9:a1:95:60:7d:80:2b:2e:92:21:
73:5d:4a:aa:16:c6:48:a8:75:bd:3d:98:1c:02:db:bd:89:5c:
5a:80:b7:ac:d1:3a:49:22:da:58:2f:5e:30:40:6f:ea:43:10:
c0:96:2a:cd:45:47:47:69:21:9d:88:86:de:5f:7c:63:2e:7a:
32:ea:b1:f1:84:73:cc:a4:f7:8d:75:76:1e:4b:11:61:64:1e:
55:ac:5b:9e:e3:6b:87:59:67:4d:fb:1c:54:43:ca:ea:0b:b8:
a2:de:ad:c8:29:04:2d:c2:71:4d:1c:ea:4c:e7:76:88:b7:c3:
51:8e:49:fb:78:a2:53:e0:a9:27:f3:15:25:ca:b2:c6:77:cb:
73:c2:26:97:13:6e:f0:84:00:9e:38:69:2b:69:c8:95:15:11:
7e:e8:05:9d:f1:05:00:3e:f7:05:91:06:97:a4:41:01:55:30:
d5:dc:37:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRAXlBKKbgN8Km0hA9pgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDBjZWY3ZTcxOGE1Nzk0MDJmNzg1YWQ0OTA2OGQ3NTVkMzAyODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf3NDhYD5GxmFlDt9ZDAlPVnFr+f
tjvzDg10BrTS/YgNjH5ks3DGA6YuZtqLe0etKagiJKGr9SZwQM4N3e6ka6xrYRPG
oRYTTxVd6YTFZxCbuu90GxaisePsi/dICWWxVAOHhOC6gqQ5JUvRcjr0q5IVDr2C
IPNB5WMVnk0XVpwln6aPDEA2HKxoedSVexCxc6baD1+sidrOy+6XhoVJsOvGpHIF
QmLz/ccEyiP4QxcfJEcgPgZfN+u9hbbH6Eh81neYrbadE5N0rDYa2xPh52qV/dzZ
YtzcGWO0iCEflN3+A5MAqW3e27HRgIxOibrQWxj3ttjb8mjmJ3R4/IAK0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNAM735xileUAveFrUkGjXVdMChPMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvMEF6dmZuR0tWNVFDOTRXdFNRYU5kVjB3S0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhrNMA0G
CSqGSIb3DQEBCwUAA4IBAQA5I7owwAoEXqi1TNZcXEuHE2GXAuHAFC9CkECSYZB6
Le0LDXv5/WUqr8AoJ3iUGR2flY0Rns9WXtIRo8qL1Q2183nm37DChZQj6yWHgIX3
5bmhlWB9gCsukiFzXUqqFsZIqHW9PZgcAtu9iVxagLes0TpJItpYL14wQG/qQxDA
lirNRUdHaSGdiIbeX3xjLnoy6rHxhHPMpPeNdXYeSxFhZB5VrFue42uHWWdN+xxU
Q8rqC7ii3q3IKQQtwnFNHOpM53aIt8NRjkn7eKJT4Kkn8xUlyrLGd8tzwiaXE27w
hACeOGkraciVFRF+6AWd8QUAPvcFkQaXpEEBVTDV3DfE
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:24:45 2025 by rpki-client