Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/DQkU_5Lfgi8qUWoPgv2Cn3GEXio.roa
File: DQkU_5Lfgi8qUWoPgv2Cn3GEXio.roa (raw, json)
Hash identifier: THhK7PGdNRtMTUSYIy/y/0RHHgln+Ah2uI91/WHBSYc=
Subject key identifier: 0D:09:14:FF:92:DF:82:2F:2A:51:6A:0F:82:FD:82:9F:71:84:5E:2A
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194274885F41A6B363E19089BD0491F5D0D
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/DQkU_5Lfgi8qUWoPgv2Cn3GEXio.roa
Signing time: Thu 02 Jan 2025 13:50:51 +0000
ROA not before: Thu 02 Jan 2025 13:50:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214980
IP address blocks: 192.165.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:85:f4:1a:6b:36:3e:19:08:9b:d0:49:1f:5d:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d0914ff92df822f2a516a0f82fd829f71845e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:03:a8:5e:2b:11:67:0f:92:4c:75:1b:e4:5b:
13:cc:6b:fd:6f:39:42:2c:55:fb:ac:03:48:4b:5f:
1a:3f:91:d3:b1:1f:cf:c5:4e:3d:ef:56:40:d3:c1:
5d:c7:3c:4d:5a:cd:c1:ed:f7:03:c5:df:88:b9:f6:
3e:90:7d:08:29:bf:d5:71:4d:28:ab:37:cd:a7:0f:
68:22:61:a9:88:b4:2d:ef:cd:70:4f:1f:db:e9:59:
59:84:f9:81:77:97:22:5f:b1:6b:8e:7e:fc:2a:43:
bf:e9:a5:47:37:93:95:26:46:84:17:7d:1c:5d:01:
1f:a5:6b:0a:65:cf:7a:cb:50:31:eb:c2:5f:c8:b3:
ce:f1:fc:cf:fc:22:d7:b6:83:00:44:af:fb:02:64:
91:77:fb:af:ab:e7:06:4a:44:ac:19:22:83:9f:c9:
8a:85:b3:d2:9f:97:15:82:4f:58:07:d9:72:90:e0:
63:43:44:26:be:f6:1f:2e:5e:6b:1b:77:b5:1b:0a:
0d:dd:85:f1:4b:ab:6e:83:44:a4:a3:6b:1e:c4:6a:
bf:2a:04:1a:07:ef:53:80:d3:0d:5f:79:2b:b0:2a:
5e:64:45:5e:4f:63:a6:36:93:e6:2d:c5:e4:f0:2b:
bc:c6:81:0d:27:a0:3b:71:c2:84:0f:5d:5f:20:ea:
73:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:09:14:FF:92:DF:82:2F:2A:51:6A:0F:82:FD:82:9F:71:84:5E:2A
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/DQkU_5Lfgi8qUWoPgv2Cn3GEXio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.250.0/24
Signature Algorithm: sha256WithRSAEncryption
14:2a:8e:d2:cf:3e:9e:0b:2b:1f:ea:09:97:77:57:bd:74:d3:
07:5a:b2:ce:9e:d8:52:bc:f1:b9:8c:cc:98:97:81:d7:5c:e7:
d9:d7:e3:04:6f:fc:f5:4a:67:85:e2:49:ce:b1:fb:ba:21:b3:
22:61:8a:b3:87:d4:6e:79:e3:c6:c1:77:5c:02:e4:c0:47:47:
55:6c:a5:f0:68:c8:97:47:60:25:1d:39:57:61:03:f0:e1:b5:
a9:d7:c5:c7:33:da:8e:0a:78:ea:a9:4b:d6:d3:ca:50:4e:a9:
87:b9:48:9d:1e:f3:3e:a4:2e:9c:55:24:83:35:54:d6:ab:96:
10:5c:3b:e0:b6:32:fe:93:25:db:35:e4:b6:95:1d:de:cf:7a:
15:23:41:c2:5d:6d:76:89:72:1a:75:a3:0a:78:af:ca:aa:4c:
b2:e1:dc:6f:05:17:e4:9a:04:96:38:c3:6f:72:2c:da:04:2d:
f5:05:ec:ac:e6:21:24:4d:f9:b4:c2:a4:57:08:41:7f:58:c7:
94:06:4a:29:79:63:21:d1:99:6f:19:7a:e7:3d:7e:97:cf:63:
fb:7a:4d:e9:11:41:b7:05:e0:ae:fc:cc:be:f6:4a:18:fb:a2:
bf:bb:67:81:26:67:e6:0d:53:09:35:33:8b:e3:41:4e:0b:85:
2e:02:7f:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSIX0Gms2PhkIm9BJH10NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDA5MTRmZjkyZGY4MjJmMmE1MTZhMGY4MmZkODI5ZjcxODQ1ZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAOoXisRZw+STHUb5FsTzGv9bzlC
LFX7rANIS18aP5HTsR/PxU4971ZA08FdxzxNWs3B7fcDxd+IufY+kH0IKb/VcU0o
qzfNpw9oImGpiLQt781wTx/b6VlZhPmBd5ciX7Frjn78KkO/6aVHN5OVJkaEF30c
XQEfpWsKZc96y1Ax68JfyLPO8fzP/CLXtoMARK/7AmSRd/uvq+cGSkSsGSKDn8mK
hbPSn5cVgk9YB9lykOBjQ0QmvvYfLl5rG3e1GwoN3YXxS6tug0Sko2sexGq/KgQa
B+9TgNMNX3krsCpeZEVeT2OmNpPmLcXk8Cu8xoENJ6A7ccKED11fIOpzdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0JFP+S34IvKlFqD4L9gp9xhF4qMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvRFFrVV81TGZnaThxVVdvUGd2MkNuM0dFWGlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKX6MA0G
CSqGSIb3DQEBCwUAA4IBAQAUKo7Szz6eCysf6gmXd1e9dNMHWrLOnthSvPG5jMyY
l4HXXOfZ1+MEb/z1SmeF4knOsfu6IbMiYYqzh9RueePGwXdcAuTAR0dVbKXwaMiX
R2AlHTlXYQPw4bWp18XHM9qOCnjqqUvW08pQTqmHuUidHvM+pC6cVSSDNVTWq5YQ
XDvgtjL+kyXbNeS2lR3ez3oVI0HCXW12iXIadaMKeK/Kqkyy4dxvBRfkmgSWOMNv
cizaBC31Beys5iEkTfm0wqRXCEF/WMeUBkopeWMh0ZlvGXrnPX6Xz2P7ek3pEUG3
BeCu/My+9koY+6K/u2eBJmfmDVMJNTOL40FOC4UuAn8p
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:09:22 2025 by rpki-client