Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/ebed7d-5090-417a-b5b8-aa995902b84b/1/hOtE2f6RqrVKTnKq4mitSq4GEW8.roa
File: hOtE2f6RqrVKTnKq4mitSq4GEW8.roa (raw, json)
Hash identifier: o3xEB2xwahNf/hrxJ/DM1O/UGFrILVNi8EQRepInZF8=
Subject key identifier: 84:EB:44:D9:FE:91:AA:B5:4A:4E:72:AA:E2:68:AD:4A:AE:06:11:6F
Certificate issuer: /CN=64753d20b98a0ee770c3b5166a3f4a07f0515bdd
Certificate serial: 019425221330A8C5935763E6FC680D8EAB1D
Authority key identifier: 64:75:3D:20:B9:8A:0E:E7:70:C3:B5:16:6A:3F:4A:07:F0:51:5B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZHU9ILmKDudww7UWaj9KB_BRW90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/ebed7d-5090-417a-b5b8-aa995902b84b/1/hOtE2f6RqrVKTnKq4mitSq4GEW8.roa
Signing time: Thu 02 Jan 2025 03:49:37 +0000
ROA not before: Thu 02 Jan 2025 03:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9023
IP address blocks: 194.37.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:13:30:a8:c5:93:57:63:e6:fc:68:0d:8e:ab:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64753d20b98a0ee770c3b5166a3f4a07f0515bdd
Validity
Not Before: Jan 2 03:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84eb44d9fe91aab54a4e72aae268ad4aae06116f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:70:4e:a9:75:a8:e4:6a:a8:ba:97:e2:25:31:
74:c7:af:a9:6b:3a:e3:c6:24:d6:33:ab:ae:e2:b5:
ff:48:30:32:75:e0:42:7e:9e:5e:8b:a0:15:0e:bb:
84:0d:38:aa:84:9c:c7:0d:8b:1f:5c:32:a6:91:ee:
47:8a:b8:5b:41:28:f3:14:6c:b4:00:66:b6:1c:2b:
3f:79:b5:c4:4c:4b:0c:b5:64:63:47:83:7e:01:c0:
a3:52:9c:de:b5:5f:8c:0e:54:0e:65:24:93:04:29:
e5:b8:a6:cc:de:43:ce:e6:bf:ec:94:7e:16:c7:b2:
fd:ab:2f:1f:c5:6f:23:86:41:1f:9e:8b:aa:ff:41:
e1:99:f5:3c:4a:d7:58:cb:f6:f1:9f:84:3a:6f:88:
0c:76:2e:00:fb:32:e8:f1:a5:01:69:04:db:05:54:
4b:b6:e0:b2:a3:52:62:11:9a:5b:bf:de:f3:5f:5e:
da:b0:ae:cf:84:6d:d9:eb:61:7d:72:07:45:ce:2d:
e4:68:16:1e:03:50:02:65:5a:90:d6:ef:0f:ba:63:
af:39:78:d9:99:17:a5:50:65:18:7d:6e:f6:86:08:
5f:a3:11:89:6c:6a:26:7f:48:09:44:db:ef:7b:8c:
e0:db:18:3d:44:ca:ac:14:f4:43:9b:f3:60:27:59:
0a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:EB:44:D9:FE:91:AA:B5:4A:4E:72:AA:E2:68:AD:4A:AE:06:11:6F
X509v3 Authority Key Identifier:
keyid:64:75:3D:20:B9:8A:0E:E7:70:C3:B5:16:6A:3F:4A:07:F0:51:5B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZHU9ILmKDudww7UWaj9KB_BRW90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/ebed7d-5090-417a-b5b8-aa995902b84b/1/hOtE2f6RqrVKTnKq4mitSq4GEW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/ebed7d-5090-417a-b5b8-aa995902b84b/1/ZHU9ILmKDudww7UWaj9KB_BRW90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.37.253.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:2b:f3:58:d1:52:00:5e:b6:26:80:73:97:62:23:a9:3c:9e:
5e:35:1e:5c:fd:59:f5:de:08:9e:8b:4d:a3:8a:1a:d9:04:00:
96:06:7a:c2:6b:5f:01:de:d2:8b:15:1f:e0:ae:25:ed:cf:41:
24:35:9f:da:0a:6a:28:0a:ba:a9:0b:4c:e6:0b:1a:fa:5a:fa:
aa:9b:c8:a5:23:7b:ba:79:57:cd:3d:cf:c1:10:97:ae:a0:e5:
99:06:41:3f:85:ba:36:a6:17:b1:39:fd:a8:cc:8f:25:72:27:
e3:57:69:31:9a:22:42:54:a0:14:54:7e:f4:a2:7c:f0:2b:ae:
46:ce:06:9f:fa:38:d8:d1:9d:d4:f7:f0:a6:2f:00:7a:44:6d:
84:60:1c:93:93:0d:5f:7c:7f:bf:59:2a:a4:e1:9b:c3:63:68:
e2:58:be:6e:ef:61:bd:db:c9:d6:78:84:9e:17:cc:d7:fb:a9:
40:f2:93:83:28:e7:8c:2b:c6:df:f7:21:87:34:d1:65:40:1d:
cc:0c:16:d2:12:84:e1:98:e1:d8:3c:ca:64:c2:86:ee:65:b3:
4a:e1:5d:0d:22:f6:32:45:51:72:3d:cd:68:e7:c9:58:3f:a6:
df:81:10:79:aa:e3:72:8f:45:0f:f4:9c:e6:99:2e:a7:9e:82:
5b:00:e6:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIhMwqMWTV2Pm/GgNjqsdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NzUzZDIwYjk4YTBlZTc3MGMzYjUxNjZhM2Y0YTA3ZjA1
MTViZGQwHhcNMjUwMTAyMDM0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGViNDRkOWZlOTFhYWI1NGE0ZTcyYWFlMjY4YWQ0YWFlMDYxMTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3BOqXWo5GqoupfiJTF0x6+pazrj
xiTWM6uu4rX/SDAydeBCfp5ei6AVDruEDTiqhJzHDYsfXDKmke5HirhbQSjzFGy0
AGa2HCs/ebXETEsMtWRjR4N+AcCjUpzetV+MDlQOZSSTBCnluKbM3kPO5r/slH4W
x7L9qy8fxW8jhkEfnouq/0HhmfU8StdYy/bxn4Q6b4gMdi4A+zLo8aUBaQTbBVRL
tuCyo1JiEZpbv97zX17asK7PhG3Z62F9cgdFzi3kaBYeA1ACZVqQ1u8PumOvOXjZ
mRelUGUYfW72hghfoxGJbGomf0gJRNvve4zg2xg9RMqsFPRDm/NgJ1kKDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITrRNn+kaq1Sk5yquJorUquBhFvMB8GA1UdIwQY
MBaAFGR1PSC5ig7ncMO1Fmo/SgfwUVvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkhVOUlMbUtEdWR3dzdVV2FqOUtCX0JSVzkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lYmVkN2QtNTA5MC00MTdhLWI1Yjgt
YWE5OTU5MDJiODRiLzEvaE90RTJmNlJxclZLVG5LcTRtaXRTcTRHRVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lYmVkN2QtNTA5MC00MTdhLWI1YjgtYWE5OTU5MDJiODRi
LzEvWkhVOUlMbUtEdWR3dzdVV2FqOUtCX0JSVzkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiX9MA0G
CSqGSIb3DQEBCwUAA4IBAQCcK/NY0VIAXrYmgHOXYiOpPJ5eNR5c/Vn13giei02j
ihrZBACWBnrCa18B3tKLFR/griXtz0EkNZ/aCmooCrqpC0zmCxr6Wvqqm8ilI3u6
eVfNPc/BEJeuoOWZBkE/hbo2phexOf2ozI8lcifjV2kxmiJCVKAUVH70onzwK65G
zgaf+jjY0Z3U9/CmLwB6RG2EYByTkw1ffH+/WSqk4ZvDY2jiWL5u72G928nWeISe
F8zX+6lA8pODKOeMK8bf9yGHNNFlQB3MDBbSEoThmOHYPMpkwobuZbNK4V0NIvYy
RVFyPc1o58lYP6bfgRB5quNyj0UP9JzmmS6nnoJbAOYR
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:27:29 2025 by rpki-client