Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/af19a0-7cbf-4078-a987-68f2fa001fa7/1/lPK8fmOBXjRw9-w6K-x4RRsdXag.roa
File: lPK8fmOBXjRw9-w6K-x4RRsdXag.roa (raw, json)
Hash identifier: xkt3YoVHRxkDkdpPayFqDFqLd1JlrYwaOS9KFpJXY3o=
Subject key identifier: 94:F2:BC:7E:63:81:5E:34:70:F7:EC:3A:2B:EC:78:45:1B:1D:5D:A8
Certificate issuer: /CN=0d2f81b8c17f55dcdddec54c8cceadd695d28f07
Certificate serial: 019426D9C73B593C52494FA75430EB1E0687
Authority key identifier: 0D:2F:81:B8:C1:7F:55:DC:DD:DE:C5:4C:8C:CE:AD:D6:95:D2:8F:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DS-BuMF_Vdzd3sVMjM6t1pXSjwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/af19a0-7cbf-4078-a987-68f2fa001fa7/1/lPK8fmOBXjRw9-w6K-x4RRsdXag.roa
Signing time: Thu 02 Jan 2025 11:49:53 +0000
ROA not before: Thu 02 Jan 2025 11:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20849
IP address blocks: 194.153.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:c7:3b:59:3c:52:49:4f:a7:54:30:eb:1e:06:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2f81b8c17f55dcdddec54c8cceadd695d28f07
Validity
Not Before: Jan 2 11:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94f2bc7e63815e3470f7ec3a2bec78451b1d5da8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:db:01:83:7c:82:04:39:e4:d7:50:c8:cc:81:
33:52:56:67:2e:d8:39:52:6f:93:a7:fb:c1:c0:e9:
de:10:df:bb:ac:ad:f2:0f:be:66:67:b6:02:3f:51:
a6:62:26:26:99:10:2b:16:52:41:91:47:3d:79:f8:
94:a5:a3:be:5e:e0:4c:4a:4a:ae:2e:19:cf:7c:3f:
cf:1d:9a:5e:ed:44:23:a9:0b:3c:d6:fc:74:38:53:
dd:dd:d2:d3:86:26:8b:98:61:60:76:95:fe:b9:8b:
77:fb:4a:5f:b0:a8:8d:57:0d:7b:72:c1:13:56:33:
fb:46:7b:53:7f:9b:b6:26:12:14:58:52:5d:f3:e7:
4b:fd:89:bb:52:c8:e4:b2:c0:5e:da:f7:6e:5a:eb:
2d:54:e3:a4:9e:eb:48:bd:5b:1d:29:a0:76:95:1e:
77:18:82:c9:c6:24:5b:4f:3e:ea:53:13:58:c6:e8:
d7:0c:b0:3e:fd:51:ec:bc:b6:b5:84:3a:27:a0:a9:
4c:db:ba:80:1d:f3:cd:e8:40:9e:25:b1:0d:77:ad:
a0:e8:22:29:ec:ee:9f:55:3b:14:84:86:81:17:6c:
4c:0e:4b:e6:bd:e5:64:60:99:d0:be:31:4b:a8:dd:
2a:3e:a1:2b:7b:6a:fa:70:1e:1e:98:66:d8:f3:4c:
33:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F2:BC:7E:63:81:5E:34:70:F7:EC:3A:2B:EC:78:45:1B:1D:5D:A8
X509v3 Authority Key Identifier:
keyid:0D:2F:81:B8:C1:7F:55:DC:DD:DE:C5:4C:8C:CE:AD:D6:95:D2:8F:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DS-BuMF_Vdzd3sVMjM6t1pXSjwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/af19a0-7cbf-4078-a987-68f2fa001fa7/1/lPK8fmOBXjRw9-w6K-x4RRsdXag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/af19a0-7cbf-4078-a987-68f2fa001fa7/1/DS-BuMF_Vdzd3sVMjM6t1pXSjwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.146.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:fe:a3:92:f1:3f:91:27:ef:97:02:81:0b:84:97:7f:92:29:
6e:0d:12:36:7b:a3:36:24:43:71:7d:0d:77:91:11:c2:73:06:
8f:d6:2f:39:2e:85:e7:8b:29:9d:2a:07:db:0b:b2:df:75:a8:
90:08:2d:4b:04:6a:45:52:f1:e7:95:c9:7f:6e:c5:1f:fc:0d:
2b:6a:a0:73:36:fd:5b:73:ff:81:05:aa:b4:69:6b:00:05:c8:
81:04:03:f5:1c:b9:3d:56:c7:62:af:1c:6b:e7:4f:38:ec:7b:
dc:b7:b7:ff:05:bc:da:1e:5b:10:cd:7c:25:a0:87:d3:79:ba:
8d:9e:7d:56:44:14:5e:68:2c:84:0a:58:cd:0d:79:94:52:14:
e8:28:55:74:55:6b:88:b7:f7:dd:70:42:5f:b5:d5:df:be:55:
66:a4:08:82:3d:de:c4:36:3a:03:fa:d5:ab:f3:4c:23:94:ca:
ad:66:ab:5e:3b:bc:72:ca:da:a3:0d:54:f7:88:de:8e:3c:08:
fe:e1:a2:d5:c1:bf:40:0f:ba:3d:4c:3a:ed:cf:79:da:d3:d4:
34:b5:d6:18:82:d7:73:3b:c6:7e:b7:e5:76:90:da:f1:b6:a6:
bf:62:fe:4b:6b:a3:a3:55:55:c3:2c:1d:c8:67:a1:82:57:bf:
8c:d2:a7:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2cc7WTxSSU+nVDDrHgaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMmY4MWI4YzE3ZjU1ZGNkZGRlYzU0YzhjY2VhZGQ2OTVk
MjhmMDcwHhcNMjUwMTAyMTE0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGYyYmM3ZTYzODE1ZTM0NzBmN2VjM2EyYmVjNzg0NTFiMWQ1ZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtsBg3yCBDnk11DIzIEzUlZnLtg5
Um+Tp/vBwOneEN+7rK3yD75mZ7YCP1GmYiYmmRArFlJBkUc9efiUpaO+XuBMSkqu
LhnPfD/PHZpe7UQjqQs81vx0OFPd3dLThiaLmGFgdpX+uYt3+0pfsKiNVw17csET
VjP7RntTf5u2JhIUWFJd8+dL/Ym7UsjkssBe2vduWustVOOknutIvVsdKaB2lR53
GILJxiRbTz7qUxNYxujXDLA+/VHsvLa1hDonoKlM27qAHfPN6ECeJbENd62g6CIp
7O6fVTsUhIaBF2xMDkvmveVkYJnQvjFLqN0qPqEre2r6cB4emGbY80wzZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJTyvH5jgV40cPfsOivseEUbHV2oMB8GA1UdIwQY
MBaAFA0vgbjBf1Xc3d7FTIzOrdaV0o8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFMtQnVNRl9WZHpkM3NWTWpNNnQxcFhTandjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZjE5YTAtN2NiZi00MDc4LWE5ODct
NjhmMmZhMDAxZmE3LzEvbFBLOGZtT0JYalJ3OS13NksteDRSUnNkWGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZjE5YTAtN2NiZi00MDc4LWE5ODctNjhmMmZhMDAxZmE3
LzEvRFMtQnVNRl9WZHpkM3NWTWpNNnQxcFhTandjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpmSMA0G
CSqGSIb3DQEBCwUAA4IBAQCN/qOS8T+RJ++XAoELhJd/kiluDRI2e6M2JENxfQ13
kRHCcwaP1i85LoXniymdKgfbC7LfdaiQCC1LBGpFUvHnlcl/bsUf/A0raqBzNv1b
c/+BBaq0aWsABciBBAP1HLk9Vsdirxxr50847Hvct7f/BbzaHlsQzXwloIfTebqN
nn1WRBReaCyECljNDXmUUhToKFV0VWuIt/fdcEJftdXfvlVmpAiCPd7ENjoD+tWr
80wjlMqtZqteO7xyytqjDVT3iN6OPAj+4aLVwb9AD7o9TDrtz3na09Q0tdYYgtdz
O8Z+t+V2kNrxtqa/Yv5La6OjVVXDLB3IZ6GCV7+M0qdS
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:48:10 2025 by rpki-client