Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/dRZw3Usb2yz3p3d9m-6XMO158wI.roa
File: dRZw3Usb2yz3p3d9m-6XMO158wI.roa (raw, json)
Hash identifier: JliEihs4bCSiKbM0gL/JHcl4AanPExI+3YUAO/UsNWk=
Subject key identifier: 75:16:70:DD:4B:1B:DB:2C:F7:A7:77:7D:9B:EE:97:30:ED:79:F3:02
Certificate issuer: /CN=c58afa22f98a37f6d8d0293a9b319416ec94d386
Certificate serial: 01941F8C0BDB1DB114BF3BC53F01CC58ECF3
Authority key identifier: C5:8A:FA:22:F9:8A:37:F6:D8:D0:29:3A:9B:31:94:16:EC:94:D3:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/dRZw3Usb2yz3p3d9m-6XMO158wI.roa
Signing time: Wed 01 Jan 2025 01:47:39 +0000
ROA not before: Wed 01 Jan 2025 01:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15542
IP address blocks: 194.13.240.0/20 maxlen: 24
2001:67c:2b0c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:0b:db:1d:b1:14:bf:3b:c5:3f:01:cc:58:ec:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c58afa22f98a37f6d8d0293a9b319416ec94d386
Validity
Not Before: Jan 1 01:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=751670dd4b1bdb2cf7a7777d9bee9730ed79f302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c9:c0:cb:df:22:c9:bf:44:d2:71:13:36:97:
7d:4e:b0:1c:71:a6:92:04:1c:8a:40:16:de:bd:d5:
6b:e0:be:7f:dc:41:70:a9:76:d7:58:5e:76:5c:52:
aa:32:57:dd:59:55:c0:8e:6a:e1:2c:75:70:03:d4:
11:dd:9e:d3:ea:50:8e:ff:ee:ff:35:c5:03:3d:13:
9c:12:ee:66:02:df:37:76:35:be:ae:b4:09:c5:c9:
b1:c0:71:dd:5a:f0:b0:46:07:f0:d4:c2:86:60:51:
27:2d:36:97:b5:23:dc:29:98:c6:63:27:ba:ca:3a:
7d:d1:dc:e6:90:b2:de:82:78:67:19:2c:b9:c7:48:
88:72:da:78:c1:4f:34:8f:fb:b6:a2:fe:43:ce:df:
e6:13:9a:aa:5a:ae:ad:71:6d:1c:fa:41:94:d2:18:
fa:2d:d7:84:9d:df:34:fa:3e:20:bb:e5:f5:64:a9:
bf:65:0d:21:a7:b0:6a:41:74:6b:c2:ed:bf:dd:e0:
e1:c4:ed:59:27:0a:a4:0a:6d:4e:ea:2a:6a:9b:69:
f1:b0:99:12:26:67:0b:17:82:3e:12:43:82:75:d0:
86:7b:e5:38:cc:3f:ad:84:51:37:19:9b:af:b6:e1:
17:53:b0:30:ba:6c:67:6e:b8:7c:65:77:4b:ef:04:
08:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:16:70:DD:4B:1B:DB:2C:F7:A7:77:7D:9B:EE:97:30:ED:79:F3:02
X509v3 Authority Key Identifier:
keyid:C5:8A:FA:22:F9:8A:37:F6:D8:D0:29:3A:9B:31:94:16:EC:94:D3:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/dRZw3Usb2yz3p3d9m-6XMO158wI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.13.240.0/20
IPv6:
2001:67c:2b0c::/48
Signature Algorithm: sha256WithRSAEncryption
24:fc:d5:77:4f:33:19:19:ee:30:a3:05:af:73:f5:76:b3:25:
a4:88:9a:aa:19:30:a2:f4:ff:d9:6a:0d:4a:2e:1a:ca:be:2b:
60:00:ff:ce:fd:41:52:e8:54:d3:15:28:9d:c8:cf:61:df:36:
be:4d:64:6f:5f:68:81:6b:4d:cc:1a:97:d8:96:d2:fe:c5:5d:
f6:f6:c3:9e:2e:19:ad:11:f0:c5:c2:5e:2b:df:8d:d4:46:53:
1e:c4:96:6b:5a:96:be:6b:63:c4:34:c2:c0:6b:c6:8f:da:84:
8c:05:24:c1:a1:a3:0e:17:5b:dc:de:ee:ba:0e:89:62:e4:85:
21:75:12:0b:11:76:e4:15:f7:61:d2:27:87:bf:47:cf:ae:23:
eb:4c:12:57:10:c8:af:07:24:99:a0:21:95:ce:ea:e0:fa:84:
e6:28:2d:d1:88:44:1c:ed:a6:32:46:99:b0:6b:9a:fd:c8:d8:
e1:93:8c:7b:cb:48:8c:72:13:54:a8:fa:94:3e:4f:54:50:2e:
67:3c:dc:83:a0:06:03:e7:1d:44:4e:fd:b7:30:8e:5d:27:98:
87:c0:4d:c5:dd:d9:a8:64:f6:2b:13:1d:3a:ed:f1:bb:9f:f8:
ad:ee:26:2a:99:95:2b:be:4a:1b:a9:87:87:e6:14:39:6c:29:
dd:f3:d2:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQfjAvbHbEUvzvFPwHMWOzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OGFmYTIyZjk4YTM3ZjZkOGQwMjkzYTliMzE5NDE2ZWM5
NGQzODYwHhcNMjUwMTAxMDE0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTE2NzBkZDRiMWJkYjJjZjdhNzc3N2Q5YmVlOTczMGVkNzlmMzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MnAy98iyb9E0nETNpd9TrAccaaS
BByKQBbevdVr4L5/3EFwqXbXWF52XFKqMlfdWVXAjmrhLHVwA9QR3Z7T6lCO/+7/
NcUDPROcEu5mAt83djW+rrQJxcmxwHHdWvCwRgfw1MKGYFEnLTaXtSPcKZjGYye6
yjp90dzmkLLegnhnGSy5x0iIctp4wU80j/u2ov5Dzt/mE5qqWq6tcW0c+kGU0hj6
LdeEnd80+j4gu+X1ZKm/ZQ0hp7BqQXRrwu2/3eDhxO1ZJwqkCm1O6ipqm2nxsJkS
JmcLF4I+EkOCddCGe+U4zD+thFE3GZuvtuEXU7Awumxnbrh8ZXdL7wQIZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHUWcN1LG9ss96d3fZvulzDtefMCMB8GA1UdIwQY
MBaAFMWK+iL5ijf22NApOpsxlBbslNOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFlyNkl2bUtOX2JZMENrNm16R1VGdXlVMDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NThjOGEtNjEzZS00ZTJhLThmZTEt
OTEyMjg2MjA1NzBlLzEvZFJadzNVc2IyeXozcDNkOW0tNlhNTzE1OHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NThjOGEtNjEzZS00ZTJhLThmZTEtOTEyMjg2MjA1NzBl
LzEveFlyNkl2bUtOX2JZMENrNm16R1VGdXlVMDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEwg3wMA8E
AgACMAkDBwAgAQZ8KwwwDQYJKoZIhvcNAQELBQADggEBACT81XdPMxkZ7jCjBa9z
9XazJaSImqoZMKL0/9lqDUouGsq+K2AA/879QVLoVNMVKJ3Iz2HfNr5NZG9faIFr
Tcwal9iW0v7FXfb2w54uGa0R8MXCXivfjdRGUx7Elmtalr5rY8Q0wsBrxo/ahIwF
JMGhow4XW9ze7roOiWLkhSF1EgsRduQV92HSJ4e/R8+uI+tMElcQyK8HJJmgIZXO
6uD6hOYoLdGIRBztpjJGmbBrmv3I2OGTjHvLSIxyE1So+pQ+T1RQLmc83IOgBgPn
HURO/bcwjl0nmIfATcXd2ahk9isTHTrt8buf+K3uJiqZlSu+Shuph4fmFDlsKd3z
0uY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:08:02 2025 by rpki-client