Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/f45bda-786e-41e9-8323-ba4926e965e8/1/tYexsQdQ-bwy8SQ16CJTCKZPCX8.roa
File: tYexsQdQ-bwy8SQ16CJTCKZPCX8.roa (raw, json)
Hash identifier: 4iRrkMtR/RQqmCmFoKMuS1dWTtpIHivuyEUKzRu+I4I=
Subject key identifier: B5:87:B1:B1:07:50:F9:BC:32:F1:24:35:E8:22:53:08:A6:4F:09:7F
Certificate issuer: /CN=2067f30a0d90d2d172992e9aea6f739d01b28792
Certificate serial: 01941F8CA8A16EA32597CF16C3F171B285BA
Authority key identifier: 20:67:F3:0A:0D:90:D2:D1:72:99:2E:9A:EA:6F:73:9D:01:B2:87:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IGfzCg2Q0tFymS6a6m9znQGyh5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/f45bda-786e-41e9-8323-ba4926e965e8/1/tYexsQdQ-bwy8SQ16CJTCKZPCX8.roa
Signing time: Wed 01 Jan 2025 01:48:19 +0000
ROA not before: Wed 01 Jan 2025 01:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198283
IP address blocks: 194.8.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a8:a1:6e:a3:25:97:cf:16:c3:f1:71:b2:85:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2067f30a0d90d2d172992e9aea6f739d01b28792
Validity
Not Before: Jan 1 01:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b587b1b10750f9bc32f12435e8225308a64f097f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:23:be:f8:a4:0d:95:57:b4:60:6f:c6:77:2d:
4e:58:6a:68:6e:30:f5:b1:58:8c:0a:53:8e:81:b6:
73:90:c2:c8:a3:e1:92:a8:5d:ab:fa:4f:c5:7e:37:
2f:fb:91:b5:23:a3:5e:5b:8a:c5:a6:a6:b6:02:6d:
4d:05:aa:f7:7d:7c:ad:7f:d5:d2:04:e1:68:d8:94:
52:27:66:6e:32:0f:e1:a9:df:96:c8:6c:71:cf:c5:
07:0e:fd:34:6a:a3:d4:6c:ed:df:98:7e:e4:ea:8e:
b8:de:44:6f:68:26:8b:0b:ac:49:cd:7e:1a:66:03:
c5:29:c8:c3:6b:58:39:77:77:a1:e0:c7:9c:09:d5:
f8:56:62:3c:38:4d:16:14:02:4f:0d:31:82:56:b1:
58:50:b5:8a:ae:27:1c:06:80:a0:54:db:7f:58:ee:
fc:6b:a5:32:ad:f5:08:d7:d4:f5:39:51:b1:7b:be:
a2:d7:e1:72:65:8d:90:83:74:82:1e:52:47:8a:c0:
94:30:24:55:d3:2e:72:2a:5f:00:f4:6d:31:af:f1:
c0:39:7c:4b:cd:50:8f:52:c2:7b:83:01:c3:39:ee:
4f:69:4b:ba:0e:12:f3:31:fb:63:a1:fd:d0:a1:4d:
4f:fc:80:77:22:ab:c8:af:f5:05:da:f3:2f:e8:ee:
a1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:87:B1:B1:07:50:F9:BC:32:F1:24:35:E8:22:53:08:A6:4F:09:7F
X509v3 Authority Key Identifier:
keyid:20:67:F3:0A:0D:90:D2:D1:72:99:2E:9A:EA:6F:73:9D:01:B2:87:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IGfzCg2Q0tFymS6a6m9znQGyh5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/f45bda-786e-41e9-8323-ba4926e965e8/1/tYexsQdQ-bwy8SQ16CJTCKZPCX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/f45bda-786e-41e9-8323-ba4926e965e8/1/IGfzCg2Q0tFymS6a6m9znQGyh5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.4.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:7b:be:83:6c:a2:23:22:83:be:4d:3c:a2:32:54:c0:d4:02:
5e:41:d1:9a:44:36:a9:7e:3d:78:06:74:a0:93:14:48:2a:7d:
dd:1e:7a:b4:2b:49:12:73:fe:23:bd:f3:97:2d:73:f5:c8:2f:
35:af:2c:d2:97:1f:2d:ff:a8:54:63:13:5b:37:b6:98:9f:bc:
74:f3:ed:47:0d:8c:18:60:2a:63:6b:e2:9f:d2:97:2d:67:26:
96:8e:ef:0d:bd:1b:d0:2c:57:7f:c2:1e:1b:45:be:23:8e:49:
99:f9:01:65:dd:ce:37:93:5a:7e:ed:19:8b:1c:76:ab:9a:3b:
d2:57:f8:20:95:05:7c:1c:22:7f:07:bc:46:bf:ac:5f:f8:63:
b2:1d:46:bf:7c:f1:36:8d:04:21:77:48:99:56:fc:8a:65:54:
0a:78:f8:5c:3b:f7:d2:af:47:6c:74:a5:28:b4:b9:fa:c1:9e:
7f:03:83:c6:81:99:2e:21:40:12:e8:99:ce:9d:4d:fd:b1:91:
10:75:89:02:8a:77:63:06:57:84:ae:09:89:2c:de:71:6c:09:
7e:7b:36:8a:9c:1d:9d:f7:67:3b:43:26:97:76:f3:33:12:6f:
6f:fb:cc:0e:35:e3:d2:f2:c7:e7:f6:64:ba:e1:c5:b2:5e:e3:
a7:a6:82:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjKihbqMll88Ww/FxsoW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNjdmMzBhMGQ5MGQyZDE3Mjk5MmU5YWVhNmY3MzlkMDFi
Mjg3OTIwHhcNMjUwMTAxMDE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTg3YjFiMTA3NTBmOWJjMzJmMTI0MzVlODIyNTMwOGE2NGYwOTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yO++KQNlVe0YG/Gdy1OWGpobjD1
sViMClOOgbZzkMLIo+GSqF2r+k/Ffjcv+5G1I6NeW4rFpqa2Am1NBar3fXytf9XS
BOFo2JRSJ2ZuMg/hqd+WyGxxz8UHDv00aqPUbO3fmH7k6o643kRvaCaLC6xJzX4a
ZgPFKcjDa1g5d3eh4MecCdX4VmI8OE0WFAJPDTGCVrFYULWKriccBoCgVNt/WO78
a6UyrfUI19T1OVGxe76i1+FyZY2Qg3SCHlJHisCUMCRV0y5yKl8A9G0xr/HAOXxL
zVCPUsJ7gwHDOe5PaUu6DhLzMftjof3QoU1P/IB3IqvIr/UF2vMv6O6hRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLWHsbEHUPm8MvEkNegiUwimTwl/MB8GA1UdIwQY
MBaAFCBn8woNkNLRcpkumupvc50BsoeSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUdmekNnMlEwdEZ5bVM2YTZtOXpuUUd5aDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mNDViZGEtNzg2ZS00MWU5LTgzMjMt
YmE0OTI2ZTk2NWU4LzEvdFlleHNRZFEtYnd5OFNRMTZDSlRDS1pQQ1g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mNDViZGEtNzg2ZS00MWU5LTgzMjMtYmE0OTI2ZTk2NWU4
LzEvSUdmekNnMlEwdEZ5bVM2YTZtOXpuUUd5aDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwggEMA0G
CSqGSIb3DQEBCwUAA4IBAQChe76DbKIjIoO+TTyiMlTA1AJeQdGaRDapfj14BnSg
kxRIKn3dHnq0K0kSc/4jvfOXLXP1yC81ryzSlx8t/6hUYxNbN7aYn7x08+1HDYwY
YCpja+Kf0pctZyaWju8NvRvQLFd/wh4bRb4jjkmZ+QFl3c43k1p+7RmLHHarmjvS
V/gglQV8HCJ/B7xGv6xf+GOyHUa/fPE2jQQhd0iZVvyKZVQKePhcO/fSr0dsdKUo
tLn6wZ5/A4PGgZkuIUAS6JnOnU39sZEQdYkCindjBleErgmJLN5xbAl+ezaKnB2d
92c7QyaXdvMzEm9v+8wONePS8sfn9mS64cWyXuOnpoJ7
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:48:50 2025 by rpki-client