Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/RS5heur6Cn3t-3NSKUpCkvrpLSg.roa
File: RS5heur6Cn3t-3NSKUpCkvrpLSg.roa (raw, json)
Hash identifier: TdAX1fGTzy2GwxRzSlF7GAvHIAjv8je9eFZvPOiAzfs=
Subject key identifier: 45:2E:61:7A:EA:FA:0A:7D:ED:FB:73:52:29:4A:42:92:FA:E9:2D:28
Certificate issuer: /CN=1651d3ddc6add483b761ac0476269533fe7ea717
Certificate serial: 019423D6EB314A238E0A8BB0DA982CB0206C
Authority key identifier: 16:51:D3:DD:C6:AD:D4:83:B7:61:AC:04:76:26:95:33:FE:7E:A7:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FlHT3cat1IO3YawEdiaVM_5-pxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/RS5heur6Cn3t-3NSKUpCkvrpLSg.roa
Signing time: Wed 01 Jan 2025 21:47:55 +0000
ROA not before: Wed 01 Jan 2025 21:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206104
IP address blocks: 194.126.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:eb:31:4a:23:8e:0a:8b:b0:da:98:2c:b0:20:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1651d3ddc6add483b761ac0476269533fe7ea717
Validity
Not Before: Jan 1 21:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=452e617aeafa0a7dedfb7352294a4292fae92d28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4b:cf:29:61:7f:b2:49:ca:f4:7d:0e:88:66:
89:36:81:38:14:e9:cf:49:1e:29:4a:8e:35:85:d1:
f3:56:34:13:78:0b:09:15:b3:f8:dc:60:14:8a:ed:
c9:c3:f3:5c:37:29:f1:c4:f6:8b:23:1f:b7:32:6a:
f9:44:a6:07:31:03:7b:c6:e6:e4:9a:e1:0a:9c:92:
90:8b:08:33:79:6f:c0:42:de:e3:bc:43:d8:56:cf:
75:1c:2c:7a:17:a9:a9:9e:74:b3:1a:e5:51:ed:54:
6e:41:6f:9e:83:3c:34:8d:3e:fe:05:ef:00:bc:cb:
60:25:77:f1:59:e0:f0:86:17:a8:5e:64:ff:4d:48:
60:88:02:d3:40:b8:76:dd:37:89:37:63:48:04:65:
b3:7d:5e:f2:a0:27:51:84:0a:df:39:f3:25:ed:8c:
95:ff:51:cf:15:fa:9a:5e:f5:19:c2:8b:0e:17:fd:
ad:6e:6c:f0:58:ed:6c:2b:69:89:99:87:ab:5a:69:
f7:69:0d:f0:26:5c:90:a5:34:ec:6c:b4:15:03:86:
61:06:89:d5:97:cb:56:d6:99:37:72:ae:7f:06:c6:
3e:fa:33:90:3e:51:a3:0a:53:e0:4c:37:e5:0a:e2:
57:47:61:39:30:45:5e:81:a7:09:68:0c:ff:33:65:
70:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:2E:61:7A:EA:FA:0A:7D:ED:FB:73:52:29:4A:42:92:FA:E9:2D:28
X509v3 Authority Key Identifier:
keyid:16:51:D3:DD:C6:AD:D4:83:B7:61:AC:04:76:26:95:33:FE:7E:A7:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlHT3cat1IO3YawEdiaVM_5-pxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/RS5heur6Cn3t-3NSKUpCkvrpLSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/FlHT3cat1IO3YawEdiaVM_5-pxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.249.0/24
Signature Algorithm: sha256WithRSAEncryption
42:2b:36:ad:fa:f1:54:91:46:3a:95:32:72:99:09:4e:0c:0e:
a5:a3:d7:ff:f3:35:e5:d1:bd:93:c2:5b:5d:8a:90:38:18:00:
ae:de:53:ce:a1:e2:4f:8e:95:ce:2d:14:7d:86:8f:ee:8d:c5:
db:cc:68:47:a1:41:6b:7b:3f:e8:90:6b:c8:5b:c6:b0:5e:7b:
fa:c5:db:02:26:95:15:ce:77:58:10:ea:de:7b:50:68:46:3d:
dd:44:cc:a6:fb:81:27:ed:2b:0b:c6:0e:6d:ab:84:e3:d5:8f:
4f:3c:0a:a4:43:3a:af:81:a5:fb:6e:3f:e0:6b:6a:b0:e3:87:
ca:64:bd:b8:02:97:8d:11:b4:fa:82:da:bc:fb:8d:23:8c:b3:
6e:3a:b2:f5:10:8a:f5:27:3c:50:0b:fd:b5:cb:04:62:5e:18:
fe:99:88:f2:8a:04:49:a8:e9:4d:bb:a3:cb:4d:56:e0:6d:bf:
e2:5d:2a:c4:f3:05:71:4f:fb:d3:2b:64:ca:75:ad:5a:30:62:
cb:a2:68:5e:54:03:29:fc:58:46:e9:49:21:d2:2d:33:72:be:
7e:2a:8b:8c:81:30:ef:50:e6:7d:ac:e5:78:f7:07:3c:21:33:
61:7a:ea:39:81:b5:03:b8:98:11:43:f1:27:35:00:71:56:4b:
bc:cc:c5:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1usxSiOOCouw2pgssCBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTFkM2RkYzZhZGQ0ODNiNzYxYWMwNDc2MjY5NTMzZmU3
ZWE3MTcwHhcNMjUwMTAxMjE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTJlNjE3YWVhZmEwYTdkZWRmYjczNTIyOTRhNDI5MmZhZTkyZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0vPKWF/sknK9H0OiGaJNoE4FOnP
SR4pSo41hdHzVjQTeAsJFbP43GAUiu3Jw/NcNynxxPaLIx+3Mmr5RKYHMQN7xubk
muEKnJKQiwgzeW/AQt7jvEPYVs91HCx6F6mpnnSzGuVR7VRuQW+egzw0jT7+Be8A
vMtgJXfxWeDwhheoXmT/TUhgiALTQLh23TeJN2NIBGWzfV7yoCdRhArfOfMl7YyV
/1HPFfqaXvUZwosOF/2tbmzwWO1sK2mJmYerWmn3aQ3wJlyQpTTsbLQVA4ZhBonV
l8tW1pk3cq5/BsY++jOQPlGjClPgTDflCuJXR2E5MEVegacJaAz/M2VwEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEUuYXrq+gp97ftzUilKQpL66S0oMB8GA1UdIwQY
MBaAFBZR093GrdSDt2GsBHYmlTP+fqcXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxIVDNjYXQxSU8zWWF3RWRpYVZNXzUtcHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMjFmNzQtMDkyZC00ZGZmLWIzMzUt
MjA1NGY2ZTYxOTIyLzEvUlM1aGV1cjZDbjN0LTNOU0tVcENrdnJwTFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMjFmNzQtMDkyZC00ZGZmLWIzMzUtMjA1NGY2ZTYxOTIy
LzEvRmxIVDNjYXQxSU8zWWF3RWRpYVZNXzUtcHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn75MA0G
CSqGSIb3DQEBCwUAA4IBAQBCKzat+vFUkUY6lTJymQlODA6lo9f/8zXl0b2Twltd
ipA4GACu3lPOoeJPjpXOLRR9ho/ujcXbzGhHoUFrez/okGvIW8awXnv6xdsCJpUV
zndYEOree1BoRj3dRMym+4En7SsLxg5tq4Tj1Y9PPAqkQzqvgaX7bj/ga2qw44fK
ZL24ApeNEbT6gtq8+40jjLNuOrL1EIr1JzxQC/21ywRiXhj+mYjyigRJqOlNu6PL
TVbgbb/iXSrE8wVxT/vTK2TKda1aMGLLomheVAMp/FhG6Ukh0i0zcr5+KouMgTDv
UOZ9rOV49wc8ITNheuo5gbUDuJgRQ/EnNQBxVku8zMVa
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:38:34 2025 by rpki-client