Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/Z073Xoz6NNMLozbzx4BYZKRbE_Y.roa
File: Z073Xoz6NNMLozbzx4BYZKRbE_Y.roa (raw, json)
Hash identifier: GgoadE+XPM8kCbOw8AtDPP7sSAXbl83gRja3FPoUrsA=
Subject key identifier: 67:4E:F7:5E:8C:FA:34:D3:0B:A3:36:F3:C7:80:58:64:A4:5B:13:F6
Certificate issuer: /CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Certificate serial: 019426D97E2479BD5BDC1085C9A63AB265CB
Authority key identifier: 05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/Z073Xoz6NNMLozbzx4BYZKRbE_Y.roa
Signing time: Thu 02 Jan 2025 11:49:35 +0000
ROA not before: Thu 02 Jan 2025 11:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50128
IP address blocks: 194.1.130.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:7e:24:79:bd:5b:dc:10:85:c9:a6:3a:b2:65:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Validity
Not Before: Jan 2 11:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=674ef75e8cfa34d30ba336f3c7805864a45b13f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:13:7d:d4:a2:48:3b:12:cb:69:c7:ae:72:58:
0f:2c:21:79:a6:2c:05:ca:d0:a7:71:6a:66:20:8c:
ec:7f:af:04:28:2d:da:ee:44:45:8b:7c:18:6b:c5:
9d:22:dc:93:75:5d:24:11:ce:93:95:1e:26:5a:cd:
8c:42:50:36:c7:15:f1:60:53:a3:a9:6b:6c:65:8e:
8c:86:00:35:77:cb:42:c6:3b:63:f9:ea:01:30:2a:
91:f3:9c:3a:3f:8c:ae:a9:22:2c:44:18:65:f9:3d:
42:49:47:58:00:1d:1e:ef:c7:b4:1a:7c:63:df:7f:
1c:2b:27:8c:ea:d2:ed:0b:37:7a:1b:33:20:73:64:
50:43:a5:6c:c6:21:de:fc:b2:c5:7d:d3:a7:d0:87:
85:3d:dc:19:3b:13:db:c1:b9:ed:51:08:e8:73:45:
ad:93:fb:55:47:75:1d:6e:69:f7:2f:22:76:d8:d9:
0f:56:d9:48:cc:63:70:fe:e5:8b:34:14:d4:97:87:
6e:e6:c9:30:8a:7a:fb:1b:7a:6f:cf:f4:22:d0:11:
dc:a5:83:e2:68:f1:2b:9a:7e:e2:a5:51:a5:2b:36:
bc:68:34:b5:fe:21:e5:cd:70:90:61:33:ff:ad:4c:
7c:24:25:a8:4f:40:89:3b:76:6b:21:e8:30:62:d4:
62:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:4E:F7:5E:8C:FA:34:D3:0B:A3:36:F3:C7:80:58:64:A4:5B:13:F6
X509v3 Authority Key Identifier:
keyid:05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/Z073Xoz6NNMLozbzx4BYZKRbE_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.130.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:0a:bd:45:c3:72:07:34:05:a2:80:1d:70:27:d7:15:42:a3:
c0:44:c9:73:9a:05:6f:dd:78:ce:48:94:66:4c:2b:a6:bc:f8:
3b:42:77:aa:35:e5:be:6f:a9:20:e9:30:5d:21:6e:e9:ea:27:
e8:87:0b:4e:fb:d1:ff:59:9d:47:45:74:75:d2:a7:c3:5b:92:
35:d6:86:49:ef:5f:81:9c:e0:2a:68:05:82:25:8a:24:d2:99:
57:95:b4:37:cf:a5:71:40:ff:51:ac:5b:5e:40:58:8e:8f:20:
b4:0f:0c:e7:07:b3:82:f1:92:f1:99:ca:bc:d0:e6:98:7e:bd:
67:83:6a:a2:48:b2:05:66:ac:bc:20:17:9b:a4:c2:c3:a1:81:
c5:41:67:ab:69:fd:55:d8:ef:02:7e:91:04:ff:6f:01:0a:e8:
34:46:8e:e5:82:7e:e4:92:46:2f:11:d2:89:54:3d:7e:0a:cf:
68:94:fa:26:8e:33:9b:1e:db:ed:e0:78:0b:ff:c8:49:ee:ed:
b8:08:f0:b2:a6:66:54:e1:48:8c:e3:28:2b:fd:39:5e:98:69:
73:4d:77:68:24:3d:e7:76:d1:f9:25:3e:e0:7b:8b:73:ab:d0:
e4:13:29:16:38:8f:68:8c:41:fb:ac:cb:f6:8e:79:96:d9:6f:
9e:ae:d3:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2X4keb1b3BCFyaY6smXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjJkNWE2N2I3YTIwZjg2NWU3NTMxNjNhNmVkMGU1ZjM0
N2U4MzkwHhcNMjUwMTAyMTE0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzRlZjc1ZThjZmEzNGQzMGJhMzM2ZjNjNzgwNTg2NGE0NWIxM2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RN91KJIOxLLaceuclgPLCF5piwF
ytCncWpmIIzsf68EKC3a7kRFi3wYa8WdItyTdV0kEc6TlR4mWs2MQlA2xxXxYFOj
qWtsZY6MhgA1d8tCxjtj+eoBMCqR85w6P4yuqSIsRBhl+T1CSUdYAB0e78e0Gnxj
338cKyeM6tLtCzd6GzMgc2RQQ6VsxiHe/LLFfdOn0IeFPdwZOxPbwbntUQjoc0Wt
k/tVR3Udbmn3LyJ22NkPVtlIzGNw/uWLNBTUl4du5skwinr7G3pvz/Qi0BHcpYPi
aPErmn7ipVGlKza8aDS1/iHlzXCQYTP/rUx8JCWoT0CJO3ZrIegwYtRitQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGdO916M+jTTC6M288eAWGSkWxP2MB8GA1UdIwQY
MBaAFAVi1aZ7eiD4ZedTFjpu0OXzR+g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzct
NTA0YzhmYzIyMGVhLzEvWjA3M1hvejZOTk1Mb3pieng0QllaS1JiRV9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzctNTA0YzhmYzIyMGVh
LzEvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgGCMA0G
CSqGSIb3DQEBCwUAA4IBAQCPCr1Fw3IHNAWigB1wJ9cVQqPARMlzmgVv3XjOSJRm
TCumvPg7QneqNeW+b6kg6TBdIW7p6ifohwtO+9H/WZ1HRXR10qfDW5I11oZJ71+B
nOAqaAWCJYok0plXlbQ3z6VxQP9RrFteQFiOjyC0DwznB7OC8ZLxmcq80OaYfr1n
g2qiSLIFZqy8IBebpMLDoYHFQWeraf1V2O8CfpEE/28BCug0Ro7lgn7kkkYvEdKJ
VD1+Cs9olPomjjObHtvt4HgL/8hJ7u24CPCypmZU4UiM4ygr/TlemGlzTXdoJD3n
dtH5JT7ge4tzq9DkEykWOI9ojEH7rMv2jnmW2W+ertNw
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:12:11 2025 by rpki-client