Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/s3CD24AurNDhU5l0KzX89OIgsIY.roa
File: s3CD24AurNDhU5l0KzX89OIgsIY.roa (raw, json)
Hash identifier: j74AELSwt2VeN/kZd/dKyAyFPFjNPOflv3KMrplCA7M=
Subject key identifier: B3:70:83:DB:80:2E:AC:D0:E1:53:99:74:2B:35:FC:F4:E2:20:B0:86
Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial: 019425FDC4C8C9B766B78542F6AC5E2E3C19
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/s3CD24AurNDhU5l0KzX89OIgsIY.roa
Signing time: Thu 02 Jan 2025 07:49:35 +0000
ROA not before: Thu 02 Jan 2025 07:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44006
IP address blocks: 194.28.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c4:c8:c9:b7:66:b7:85:42:f6:ac:5e:2e:3c:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Validity
Not Before: Jan 2 07:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b37083db802eacd0e15399742b35fcf4e220b086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ea:41:dc:a7:f4:29:e7:ca:7a:ba:3d:91:4a:
3c:1d:24:50:95:8e:60:26:91:a4:91:f5:c4:e6:73:
5d:21:ba:f2:4e:bc:e5:e1:2b:fd:0d:61:e5:54:3d:
d5:a2:e3:1b:7c:66:9e:a7:de:00:0a:7d:06:94:85:
ca:ce:ee:56:ce:ae:38:e0:10:81:61:e3:52:ad:db:
79:43:44:3d:2e:0f:e1:44:27:ff:20:1c:be:38:59:
09:78:43:ab:78:9d:94:ad:e8:01:fe:df:8e:3e:00:
68:f8:4e:16:c8:a3:81:22:50:0a:d0:e5:8e:1e:99:
15:e9:f0:ca:30:f6:0f:da:1d:ea:00:09:7d:43:39:
86:fd:46:c5:73:af:34:0c:ed:0f:af:08:87:f2:37:
ca:8a:b6:11:dd:c8:18:82:62:b4:59:7f:b3:36:60:
22:c6:3f:ac:bc:98:77:e2:eb:27:bb:54:4c:1c:1d:
a3:af:af:7b:13:2b:d3:20:be:83:b9:38:3f:86:c6:
c5:3b:0e:37:1d:58:21:ab:61:f7:40:3f:68:9a:4a:
a1:e4:7c:7b:49:9c:47:2e:a5:62:a4:9e:72:ff:da:
48:bb:44:dc:5e:c6:84:5d:6d:75:69:d2:7f:5a:88:
32:71:54:ec:dc:8a:a1:19:e7:c1:04:50:74:54:81:
01:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:70:83:DB:80:2E:AC:D0:E1:53:99:74:2B:35:FC:F4:E2:20:B0:86
X509v3 Authority Key Identifier:
keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/s3CD24AurNDhU5l0KzX89OIgsIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.100.0/24
Signature Algorithm: sha256WithRSAEncryption
01:90:00:a0:b5:db:a7:e1:68:b0:1b:34:5c:04:ec:78:77:fd:
bf:42:5b:79:71:fd:4f:af:08:59:e1:0a:95:6e:9b:c1:e7:60:
c5:46:76:4f:53:86:f1:11:0c:40:5c:80:64:e0:88:98:16:e4:
65:6c:dd:3e:20:cf:b8:a9:50:da:e3:65:37:df:51:25:cf:0c:
ad:f8:ce:de:99:d5:80:cf:55:52:14:98:f8:92:64:94:6c:18:
08:58:cc:61:bd:a3:01:1a:e9:b0:7e:71:19:3f:5c:ab:b7:b5:
ba:07:5d:19:eb:49:58:cd:84:22:6d:7c:36:12:05:57:f3:b5:
0f:1d:15:18:53:de:f0:80:aa:c5:c8:6b:49:11:58:b8:a7:9a:
71:a5:9e:fa:0f:b2:4b:ff:56:0d:30:ee:11:18:e1:98:2b:55:
5f:2c:04:8a:51:0d:29:e6:f7:a7:89:a9:9b:f8:82:35:c1:de:
8a:87:65:24:f7:72:65:e7:21:c1:f0:3f:67:2c:30:59:95:79:
f0:15:b3:74:e7:e0:95:c8:35:04:c8:8e:cb:44:2e:31:cd:88:
fa:0e:a2:bb:8b:5a:22:df:20:a6:aa:d4:ea:4b:9a:bf:dc:a7:
83:45:42:b4:02:71:25:80:39:1e:21:a7:ad:90:28:29:05:ab:
a5:33:18:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/cTIybdmt4VC9qxeLjwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjUwMTAyMDc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzcwODNkYjgwMmVhY2QwZTE1Mzk5NzQyYjM1ZmNmNGUyMjBiMDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OpB3Kf0KefKero9kUo8HSRQlY5g
JpGkkfXE5nNdIbryTrzl4Sv9DWHlVD3VouMbfGaep94ACn0GlIXKzu5Wzq444BCB
YeNSrdt5Q0Q9Lg/hRCf/IBy+OFkJeEOreJ2UregB/t+OPgBo+E4WyKOBIlAK0OWO
HpkV6fDKMPYP2h3qAAl9QzmG/UbFc680DO0PrwiH8jfKirYR3cgYgmK0WX+zNmAi
xj+svJh34usnu1RMHB2jr697EyvTIL6DuTg/hsbFOw43HVghq2H3QD9omkqh5Hx7
SZxHLqVipJ5y/9pIu0TcXsaEXW11adJ/WogycVTs3IqhGefBBFB0VIEBcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLNwg9uALqzQ4VOZdCs1/PTiILCGMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvczNDRDI0QXVyTkRoVTVsMEt6WDg5T0lnc0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhxkMA0G
CSqGSIb3DQEBCwUAA4IBAQABkACgtdun4WiwGzRcBOx4d/2/Qlt5cf1PrwhZ4QqV
bpvB52DFRnZPU4bxEQxAXIBk4IiYFuRlbN0+IM+4qVDa42U331Elzwyt+M7emdWA
z1VSFJj4kmSUbBgIWMxhvaMBGumwfnEZP1yrt7W6B10Z60lYzYQibXw2EgVX87UP
HRUYU97wgKrFyGtJEVi4p5pxpZ76D7JL/1YNMO4RGOGYK1VfLASKUQ0p5veniamb
+II1wd6Kh2Uk93Jl5yHB8D9nLDBZlXnwFbN05+CVyDUEyI7LRC4xzYj6DqK7i1oi
3yCmqtTqS5q/3KeDRUK0AnElgDkeIaetkCgpBaulMxhR
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:02:46 2025 by rpki-client