Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/5fa681-2566-40ee-9f04-5df44295b4c9/1/75qkVCY5XXIcFQQiW3dyFVzW6eQ.roa
File: 75qkVCY5XXIcFQQiW3dyFVzW6eQ.roa (raw, json)
Hash identifier: dXFNWNpycxDfWS4F1kZ68a/+XDX33UqEzrugZvo8DVg=
Subject key identifier: EF:9A:A4:54:26:39:5D:72:1C:15:04:22:5B:77:72:15:5C:D6:E9:E4
Certificate issuer: /CN=91045c57996c9a3c9e6277a4326b1183215d5b6a
Certificate serial: 0194258F3EE070BCA6061DD6111EE3170465
Authority key identifier: 91:04:5C:57:99:6C:9A:3C:9E:62:77:A4:32:6B:11:83:21:5D:5B:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kQRcV5lsmjyeYnekMmsRgyFdW2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/5fa681-2566-40ee-9f04-5df44295b4c9/1/75qkVCY5XXIcFQQiW3dyFVzW6eQ.roa
Signing time: Thu 02 Jan 2025 05:48:52 +0000
ROA not before: Thu 02 Jan 2025 05:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15822
IP address blocks: 194.176.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:3e:e0:70:bc:a6:06:1d:d6:11:1e:e3:17:04:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91045c57996c9a3c9e6277a4326b1183215d5b6a
Validity
Not Before: Jan 2 05:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef9aa45426395d721c1504225b7772155cd6e9e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bf:2f:07:8f:e3:52:5d:a7:24:59:44:67:ab:
34:0a:3f:14:6a:be:ea:be:91:3c:6d:44:0f:39:a6:
57:b1:74:f2:62:48:25:d4:48:9c:61:ab:a0:21:85:
c3:6f:73:ba:29:9f:37:bf:d1:6e:f3:95:50:72:51:
42:8b:3a:9e:87:ad:f4:ea:8f:38:99:bd:15:09:e1:
64:36:66:6a:9e:22:77:5d:83:03:af:d2:85:31:c6:
f1:fe:c5:b8:19:aa:01:7f:5b:91:b4:00:ae:05:d8:
8d:92:15:e8:06:41:55:f5:ed:d5:7b:d4:a1:05:37:
92:1e:3f:f4:6e:b0:95:2f:2c:ec:15:3b:84:3e:76:
83:da:de:07:93:84:02:f1:59:76:f1:28:f3:b0:5e:
fa:34:c1:0a:a1:c5:01:15:3f:ab:b9:10:66:a3:f6:
15:ed:30:fc:91:0a:8f:5d:fd:85:d4:1d:e3:79:16:
bd:46:64:a7:19:ac:08:f3:a4:4b:e3:94:6d:d1:db:
e9:46:dc:00:07:d1:22:43:46:c2:22:d7:52:3a:77:
a4:bc:a4:60:7a:05:ee:31:45:7f:2d:50:47:4d:b8:
ee:ad:1e:da:06:a7:b6:ff:38:ee:bf:45:6b:bf:12:
76:07:96:47:4f:24:0b:ad:39:3a:df:9b:9f:b7:9d:
3c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:9A:A4:54:26:39:5D:72:1C:15:04:22:5B:77:72:15:5C:D6:E9:E4
X509v3 Authority Key Identifier:
keyid:91:04:5C:57:99:6C:9A:3C:9E:62:77:A4:32:6B:11:83:21:5D:5B:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kQRcV5lsmjyeYnekMmsRgyFdW2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa681-2566-40ee-9f04-5df44295b4c9/1/75qkVCY5XXIcFQQiW3dyFVzW6eQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa681-2566-40ee-9f04-5df44295b4c9/1/kQRcV5lsmjyeYnekMmsRgyFdW2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.176.112.0/24
Signature Algorithm: sha256WithRSAEncryption
85:29:39:0c:02:7b:b3:75:6a:d8:48:4b:57:5b:16:53:4b:6e:
cc:a8:99:b1:81:2f:14:45:7d:9b:f4:a8:93:c8:af:b5:1b:59:
6e:a9:57:63:1b:7d:d8:1f:c7:18:50:fc:4f:cf:4b:81:ea:49:
d5:a1:65:43:8e:1c:19:21:f8:e6:55:1e:62:ac:a9:97:7a:7d:
55:a3:c0:5b:c1:e4:cb:2a:c1:3e:42:27:1d:eb:01:91:17:d2:
08:88:78:23:3d:61:59:cd:2a:db:7a:50:66:1c:70:b4:5d:28:
9c:db:e1:4c:0d:cf:b8:dc:31:d9:ce:fd:5a:bc:56:7c:40:46:
0c:c1:93:e1:63:5e:13:0d:0d:9e:56:07:76:3b:b6:26:2e:f0:
2c:82:cc:e5:63:ef:42:fb:96:9e:09:b5:60:fd:96:ce:db:6a:
b9:d7:29:b7:70:31:a3:48:dc:a1:04:7f:49:f1:01:ce:aa:a1:
d0:bc:8e:90:7a:5e:95:f2:2d:fb:1e:e7:b5:e1:d2:8d:f0:9a:
7b:d4:21:21:7e:9e:40:07:02:f8:2c:9b:79:06:d1:ba:64:9f:
06:b7:4d:ad:6d:76:24:43:15:49:d5:99:bf:5c:ba:cb:a5:43:
46:0d:35:a3:9e:6c:8c:2b:58:37:d7:ed:a1:f4:35:44:04:c2:
dd:bb:b3:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljz7gcLymBh3WER7jFwRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMDQ1YzU3OTk2YzlhM2M5ZTYyNzdhNDMyNmIxMTgzMjE1
ZDViNmEwHhcNMjUwMTAyMDU0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjlhYTQ1NDI2Mzk1ZDcyMWMxNTA0MjI1Yjc3NzIxNTVjZDZlOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj78vB4/jUl2nJFlEZ6s0Cj8Uar7q
vpE8bUQPOaZXsXTyYkgl1EicYaugIYXDb3O6KZ83v9Fu85VQclFCizqeh6306o84
mb0VCeFkNmZqniJ3XYMDr9KFMcbx/sW4GaoBf1uRtACuBdiNkhXoBkFV9e3Ve9Sh
BTeSHj/0brCVLyzsFTuEPnaD2t4Hk4QC8Vl28SjzsF76NMEKocUBFT+ruRBmo/YV
7TD8kQqPXf2F1B3jeRa9RmSnGawI86RL45Rt0dvpRtwAB9EiQ0bCItdSOnekvKRg
egXuMUV/LVBHTbjurR7aBqe2/zjuv0VrvxJ2B5ZHTyQLrTk635uft5084QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO+apFQmOV1yHBUEIlt3chVc1unkMB8GA1UdIwQY
MBaAFJEEXFeZbJo8nmJ3pDJrEYMhXVtqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1FSY1Y1bHNtanllWW5la01tc1JneUZkVzJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81ZmE2ODEtMjU2Ni00MGVlLTlmMDQt
NWRmNDQyOTViNGM5LzEvNzVxa1ZDWTVYWEljRlFRaVczZHlGVnpXNmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81ZmE2ODEtMjU2Ni00MGVlLTlmMDQtNWRmNDQyOTViNGM5
LzEva1FSY1Y1bHNtanllWW5la01tc1JneUZkVzJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrBwMA0G
CSqGSIb3DQEBCwUAA4IBAQCFKTkMAnuzdWrYSEtXWxZTS27MqJmxgS8URX2b9KiT
yK+1G1luqVdjG33YH8cYUPxPz0uB6knVoWVDjhwZIfjmVR5irKmXen1Vo8BbweTL
KsE+Qicd6wGRF9IIiHgjPWFZzSrbelBmHHC0XSic2+FMDc+43DHZzv1avFZ8QEYM
wZPhY14TDQ2eVgd2O7YmLvAsgszlY+9C+5aeCbVg/ZbO22q51ym3cDGjSNyhBH9J
8QHOqqHQvI6Qel6V8i37Hue14dKN8Jp71CEhfp5ABwL4LJt5BtG6ZJ8Gt02tbXYk
QxVJ1Zm/XLrLpUNGDTWjnmyMK1g31+2h9DVEBMLdu7Mc
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:58:32 2025 by rpki-client