Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/CHrue45DLIyJD4ONNTGJ0TL9VsA.roa
File: CHrue45DLIyJD4ONNTGJ0TL9VsA.roa (raw, json)
Hash identifier: u/OfuNsymZa5oGvy4EyVltbtk9eDJK5E1jdXxm1UcXE=
Subject key identifier: 08:7A:EE:7B:8E:43:2C:8C:89:0F:83:8D:35:31:89:D1:32:FD:56:C0
Certificate issuer: /CN=a023766c62deb51297155708eccb421c8b04780a
Certificate serial: 01942444DF6A80A679EF4FB3474A9965714B
Authority key identifier: A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/CHrue45DLIyJD4ONNTGJ0TL9VsA.roa
Signing time: Wed 01 Jan 2025 23:48:00 +0000
ROA not before: Wed 01 Jan 2025 23:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207784
IP address blocks: 195.144.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:df:6a:80:a6:79:ef:4f:b3:47:4a:99:65:71:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a023766c62deb51297155708eccb421c8b04780a
Validity
Not Before: Jan 1 23:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=087aee7b8e432c8c890f838d353189d132fd56c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:24:8d:ec:d1:95:79:06:b2:83:e2:95:98:db:
39:66:5e:09:2d:51:6b:9b:56:6f:ea:e4:49:42:c2:
16:da:78:8f:3f:76:21:e0:60:70:93:56:37:39:f9:
12:fd:9a:f7:f6:8f:88:27:48:d8:a4:ff:a4:96:88:
d2:41:e5:75:d6:13:86:25:5c:13:05:4e:3c:d2:67:
fa:0e:17:85:71:2d:37:3a:a3:a5:76:08:a4:5b:5e:
bb:26:13:b1:bc:ad:16:18:a0:01:d5:3f:92:ba:47:
c6:87:59:04:ad:1f:05:fe:7d:60:8d:4f:37:32:97:
3e:c9:36:b6:29:28:17:76:80:54:54:98:db:b4:d1:
bd:4a:c7:9a:f9:f0:0f:f9:7b:45:cd:4f:55:a9:27:
a4:c5:d6:4d:e2:4b:7b:3f:a2:3c:e3:64:7e:44:8e:
7f:86:cf:9d:52:f0:0c:5e:71:1f:b9:8c:52:fc:59:
2e:12:fa:d9:71:95:95:98:39:90:98:73:7e:2e:1c:
b6:49:1c:79:b2:1c:33:71:bf:88:9e:67:21:69:a6:
75:57:c5:74:cc:85:c4:3c:b5:50:ab:b3:32:9c:5b:
f4:c1:e1:12:30:d5:a6:f0:72:49:87:7c:da:28:9e:
75:7c:11:bd:bb:e8:d8:77:ed:41:7f:e8:d5:1e:98:
41:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7A:EE:7B:8E:43:2C:8C:89:0F:83:8D:35:31:89:D1:32:FD:56:C0
X509v3 Authority Key Identifier:
keyid:A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/CHrue45DLIyJD4ONNTGJ0TL9VsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.144.27.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:05:30:ad:3a:92:6f:e4:b7:d9:f3:e6:32:5c:77:95:aa:80:
44:a3:41:90:3c:ee:79:5f:5d:8b:e5:72:d8:45:06:e1:06:e7:
68:4b:5f:84:d1:08:5a:c5:c8:85:49:0d:a7:66:7d:61:01:bf:
e3:36:4d:97:b6:19:5f:08:0d:d6:e4:a9:eb:33:5a:5c:b9:84:
b2:ea:05:ad:09:51:66:e3:7a:9f:98:1d:f4:fb:e2:94:bf:55:
9a:ff:77:ae:f3:76:13:28:68:fb:46:37:ef:3e:25:31:1e:ff:
4c:a3:28:4f:2d:5a:26:ae:90:7b:d1:4d:4a:ad:8a:c3:0a:b1:
88:90:54:b6:69:e5:b5:f5:9a:bc:ad:21:cd:10:66:6e:c9:7e:
54:e1:29:80:74:73:aa:82:cb:f7:7e:87:d5:c7:69:05:a6:8f:
b0:a4:a2:1e:0d:27:a5:0c:a5:4f:d0:e6:a2:3d:23:a6:c4:89:
6b:ca:72:92:cb:ad:61:66:72:77:2c:2a:98:84:66:3c:db:dc:
29:17:7e:41:96:d4:c5:e7:9f:b6:df:07:63:69:e0:25:85:d7:
dc:dd:29:92:79:5d:6a:48:c4:4c:50:e3:1c:71:1f:47:b9:3f:
b3:79:cf:dd:ec:07:d5:31:f3:fb:23:c1:ca:9c:31:ec:a1:ab:
38:4d:21:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRN9qgKZ570+zR0qZZXFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjM3NjZjNjJkZWI1MTI5NzE1NTcwOGVjY2I0MjFjOGIw
NDc4MGEwHhcNMjUwMTAxMjM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODdhZWU3YjhlNDMyYzhjODkwZjgzOGQzNTMxODlkMTMyZmQ1NmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniSN7NGVeQayg+KVmNs5Zl4JLVFr
m1Zv6uRJQsIW2niPP3Yh4GBwk1Y3OfkS/Zr39o+IJ0jYpP+klojSQeV11hOGJVwT
BU480mf6DheFcS03OqOldgikW167JhOxvK0WGKAB1T+SukfGh1kErR8F/n1gjU83
Mpc+yTa2KSgXdoBUVJjbtNG9Ssea+fAP+XtFzU9VqSekxdZN4kt7P6I842R+RI5/
hs+dUvAMXnEfuYxS/FkuEvrZcZWVmDmQmHN+Lhy2SRx5shwzcb+InmchaaZ1V8V0
zIXEPLVQq7MynFv0weESMNWm8HJJh3zaKJ51fBG9u+jYd+1Bf+jVHphBMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAh67nuOQyyMiQ+DjTUxidEy/VbAMB8GA1UdIwQY
MBaAFKAjdmxi3rUSlxVXCOzLQhyLBHgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAt
YTNhMTAwZWY4NmRlLzEvQ0hydWU0NURMSXlKRDRPTk5UR0owVEw5VnNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAtYTNhMTAwZWY4NmRl
LzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5AbMA0G
CSqGSIb3DQEBCwUAA4IBAQAuBTCtOpJv5LfZ8+YyXHeVqoBEo0GQPO55X12L5XLY
RQbhBudoS1+E0QhaxciFSQ2nZn1hAb/jNk2XthlfCA3W5KnrM1pcuYSy6gWtCVFm
43qfmB30++KUv1Wa/3eu83YTKGj7RjfvPiUxHv9MoyhPLVomrpB70U1KrYrDCrGI
kFS2aeW19Zq8rSHNEGZuyX5U4SmAdHOqgsv3fofVx2kFpo+wpKIeDSelDKVP0Oai
PSOmxIlrynKSy61hZnJ3LCqYhGY829wpF35BltTF55+23wdjaeAlhdfc3SmSeV1q
SMRMUOMccR9HuT+zec/d7AfVMfP7I8HKnDHsoas4TSFr
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:24:34 2025 by rpki-client