Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/lZXduURQIAy8fdzIUaz-JWRizD4.roa
File: lZXduURQIAy8fdzIUaz-JWRizD4.roa (raw, json)
Hash identifier: vA2TeloqgyuxxL+VT++WEALS/lCOLQ2+y5IcVHn+2Aw=
Subject key identifier: 95:95:DD:B9:44:50:20:0C:BC:7D:DC:C8:51:AC:FE:25:64:62:CC:3E
Certificate issuer: /CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
Certificate serial: 01942444F29CAD6280CC6A9C71F21DB665D7
Authority key identifier: 5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/lZXduURQIAy8fdzIUaz-JWRizD4.roa
Signing time: Wed 01 Jan 2025 23:48:05 +0000
ROA not before: Wed 01 Jan 2025 23:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2484
IP address blocks: 194.0.9.0/24 maxlen: 24
2001:678:c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:f2:9c:ad:62:80:cc:6a:9c:71:f2:1d:b6:65:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
Validity
Not Before: Jan 1 23:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9595ddb94450200cbc7ddcc851acfe256462cc3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3c:af:2d:30:97:30:57:9f:b5:1f:96:4d:ca:
7b:fe:a6:c8:6a:2f:73:90:84:71:df:5e:b1:74:4c:
ea:01:08:63:47:39:3d:c7:fe:27:2c:65:39:81:54:
db:06:b3:e9:f3:57:45:bc:95:36:88:d4:c5:1a:11:
0a:c7:89:62:db:ea:28:2a:48:86:fa:af:d4:9d:47:
58:b8:22:86:fd:78:e9:df:e6:ed:3e:6c:5b:24:ee:
ce:49:72:fd:7e:dc:ca:89:18:a5:1f:7b:35:53:fd:
37:34:4b:95:ca:bc:fe:17:2c:54:22:af:2a:2a:89:
b8:b5:d9:87:d4:e1:87:5c:a0:bc:6c:04:10:0e:4d:
80:7e:ed:93:71:1b:b1:61:61:7b:70:30:c2:32:e5:
f5:65:fa:c0:0d:f3:1e:c5:ff:72:ac:94:04:9c:e7:
07:5a:cd:ea:52:63:38:ca:37:d1:1b:d2:51:74:21:
53:36:d8:89:cd:94:95:b9:bd:0a:a1:af:0b:57:12:
9e:e0:90:6c:09:03:2a:28:1d:76:af:dc:cb:85:97:
e6:4d:41:ce:3c:db:95:5c:98:44:eb:20:93:0c:34:
e7:16:43:00:dd:71:4e:0f:9f:3a:3a:a3:be:8f:5a:
f5:ed:42:63:11:40:48:ca:6e:56:4e:9d:83:78:a6:
0f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:95:DD:B9:44:50:20:0C:BC:7D:DC:C8:51:AC:FE:25:64:62:CC:3E
X509v3 Authority Key Identifier:
keyid:5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/lZXduURQIAy8fdzIUaz-JWRizD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/Xo08C2QUychuPJSnFN-yactekWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.9.0/24
IPv6:
2001:678:c::/48
Signature Algorithm: sha256WithRSAEncryption
0b:26:ea:57:cd:e2:43:94:36:20:b6:c4:f5:c4:76:e1:14:03:
0a:0e:ca:eb:94:5f:0d:fa:fd:bb:4e:c0:06:15:8f:96:2f:17:
54:72:21:fb:5b:aa:c8:f2:1a:cb:4a:60:d9:d2:23:d2:42:40:
39:54:27:7a:81:ac:7d:16:e6:57:f9:30:56:b1:0a:e7:26:5c:
27:20:60:ab:2c:ba:30:87:aa:a2:49:2b:e3:c5:ed:a5:bf:f2:
79:4e:3c:d9:5e:9a:ed:52:bc:ce:98:1b:7f:eb:da:06:e9:1e:
ae:75:56:0e:ad:78:88:2b:c9:e6:1e:2f:e2:e3:cf:9c:e3:97:
13:39:ae:df:0d:05:0f:59:c8:0f:ff:61:9a:66:ff:68:0d:a7:
f6:52:20:69:a7:de:23:00:35:6d:c6:9d:4b:aa:cb:82:1c:42:
05:d8:08:ce:2b:b9:82:97:19:2d:51:be:e8:9b:98:9f:40:42:
60:8c:52:b2:59:00:9c:83:b9:c2:c5:e5:76:89:46:49:d7:fa:
ed:3d:a2:df:da:c3:e7:22:63:ca:86:f8:9a:f2:3c:27:67:ed:
14:80:35:b7:d2:10:68:07:8b:30:76:66:fc:36:23:0b:1f:ce:
c9:9e:1c:53:21:9f:00:05:33:83:ed:bc:6c:c6:11:85:82:0f:
23:3c:07:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQkRPKcrWKAzGqccfIdtmXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGQzYzBiNjQxNGM5Yzg2ZTNjOTRhNzE0ZGZiMjY5Y2I1
ZTkxNjkwHhcNMjUwMTAxMjM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTk1ZGRiOTQ0NTAyMDBjYmM3ZGRjYzg1MWFjZmUyNTY0NjJjYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjyvLTCXMFeftR+WTcp7/qbIai9z
kIRx316xdEzqAQhjRzk9x/4nLGU5gVTbBrPp81dFvJU2iNTFGhEKx4li2+ooKkiG
+q/UnUdYuCKG/Xjp3+btPmxbJO7OSXL9ftzKiRilH3s1U/03NEuVyrz+FyxUIq8q
Kom4tdmH1OGHXKC8bAQQDk2Afu2TcRuxYWF7cDDCMuX1ZfrADfMexf9yrJQEnOcH
Ws3qUmM4yjfRG9JRdCFTNtiJzZSVub0Koa8LVxKe4JBsCQMqKB12r9zLhZfmTUHO
PNuVXJhE6yCTDDTnFkMA3XFOD586OqO+j1r17UJjEUBIym5WTp2DeKYPKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJWV3blEUCAMvH3cyFGs/iVkYsw+MB8GA1UdIwQY
MBaAFF6NPAtkFMnIbjyUpxTfsmnLXpFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG8wOEMyUVV5Y2h1UEpTbkZOLXlhY3Rla1drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9lYzM1MzEtODJmOC00YjRkLWI1OTAt
MjM0MzA5NTA2MDljLzEvbFpYZHVVUlFJQXk4ZmR6SVVhei1KV1JpekQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9lYzM1MzEtODJmOC00YjRkLWI1OTAtMjM0MzA5NTA2MDlj
LzEvWG8wOEMyUVV5Y2h1UEpTbkZOLXlhY3Rla1drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgAJMA8E
AgACMAkDBwAgAQZ4AAwwDQYJKoZIhvcNAQELBQADggEBAAsm6lfN4kOUNiC2xPXE
duEUAwoOyuuUXw36/btOwAYVj5YvF1RyIftbqsjyGstKYNnSI9JCQDlUJ3qBrH0W
5lf5MFaxCucmXCcgYKssujCHqqJJK+PF7aW/8nlOPNlemu1SvM6YG3/r2gbpHq51
Vg6teIgryeYeL+Ljz5zjlxM5rt8NBQ9ZyA//YZpm/2gNp/ZSIGmn3iMANW3GnUuq
y4IcQgXYCM4ruYKXGS1RvuibmJ9AQmCMUrJZAJyDucLF5XaJRknX+u09ot/aw+ci
Y8qG+JryPCdn7RSANbfSEGgHizB2Zvw2IwsfzsmeHFMhnwAFM4PtvGzGEYWCDyM8
B9o=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:32:43 2025 by rpki-client