Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/9Ht1WS_vqd6PGFgJgGHqYQxnzds.roa
File: 9Ht1WS_vqd6PGFgJgGHqYQxnzds.roa (raw, json)
Hash identifier: jy6H59LUS5waYqQP6Dhp+2VxxeHkS9j62qw0M1cdA/g=
Subject key identifier: F4:7B:75:59:2F:EF:A9:DE:8F:18:58:09:80:61:EA:61:0C:67:CD:DB
Certificate issuer: /CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Certificate serial: 019425FC534722B0D0D141CADDD32B46DD4E
Authority key identifier: DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/9Ht1WS_vqd6PGFgJgGHqYQxnzds.roa
Signing time: Thu 02 Jan 2025 07:48:00 +0000
ROA not before: Thu 02 Jan 2025 07:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 703
IP address blocks: 194.169.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:53:47:22:b0:d0:d1:41:ca:dd:d3:2b:46:dd:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Validity
Not Before: Jan 2 07:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f47b75592fefa9de8f1858098061ea610c67cddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e2:2d:08:ab:92:a2:fd:53:ab:00:5f:05:e4:
46:24:4b:48:2a:ab:94:e7:c7:a2:60:66:78:99:6e:
04:76:43:de:e3:93:37:05:5c:4c:11:ea:70:4c:32:
e0:02:fa:b6:ee:8e:5d:c7:63:87:e0:71:1a:47:4e:
3c:20:cf:c1:00:62:28:9e:23:e1:d0:96:7d:3a:ea:
9f:61:e1:4a:b1:85:74:2a:1e:38:16:42:74:83:6f:
03:08:87:06:05:42:e1:1d:7d:ae:73:44:4b:d1:ae:
96:bc:a7:b8:4a:21:bc:2f:e4:7c:32:34:f8:af:0f:
c6:ca:3a:74:8f:0c:e0:6b:1e:d7:1c:ae:f8:97:5a:
ab:46:e3:17:05:71:8f:df:f8:cb:0e:50:de:48:0e:
e6:e4:0b:8b:aa:57:b7:36:be:7d:c2:5b:61:b0:63:
79:00:4a:3c:98:ce:f3:b6:37:5a:70:95:95:9d:62:
f0:8f:db:79:d5:b0:b9:49:01:e4:d3:3d:04:0b:b1:
de:1c:f0:1a:39:c6:c0:1a:34:f2:39:5f:62:20:9f:
66:a3:bc:13:63:8b:92:54:05:88:e7:85:88:63:cd:
04:5e:9d:1e:47:91:db:52:5c:99:e2:15:1a:b0:88:
29:b8:58:3c:d0:38:7a:d2:3b:c0:53:fd:e5:01:36:
4f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:7B:75:59:2F:EF:A9:DE:8F:18:58:09:80:61:EA:61:0C:67:CD:DB
X509v3 Authority Key Identifier:
keyid:DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/9Ht1WS_vqd6PGFgJgGHqYQxnzds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/3mZANXrkrhD8Cz6dmPKgywEYkDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.18.0/24
Signature Algorithm: sha256WithRSAEncryption
91:79:70:c6:bb:0e:40:67:ac:8b:d6:fc:63:f4:0a:75:66:be:
d7:47:9c:31:3b:62:42:64:41:6e:56:26:e8:1f:26:5b:02:28:
75:c9:96:34:ea:b9:7a:34:b5:3e:d4:24:ac:69:21:70:e4:69:
d6:7e:34:bd:99:5e:ab:be:18:90:5f:38:ad:60:ca:8b:4b:31:
02:08:e6:74:60:c0:1a:68:b0:c4:88:ca:29:d9:e4:5f:89:6a:
d5:9e:22:00:e6:aa:83:c0:dd:3c:1a:55:ca:be:8d:d9:cb:8f:
40:99:39:fe:c1:e0:00:c7:e7:92:45:c8:6a:88:51:eb:50:f0:
14:36:75:4e:b3:62:c7:16:4c:ef:7e:57:b2:4c:21:e6:4a:25:
d1:f1:32:31:96:79:30:21:c7:00:7b:b5:49:82:c5:d1:b8:3a:
be:17:98:45:96:67:e4:14:aa:d6:55:f3:d0:4b:b8:52:2b:ab:
32:9f:41:82:42:f5:38:01:54:c9:ba:93:d1:ef:f3:dd:b6:8b:
10:88:05:54:2c:0f:7c:4e:a9:a8:f0:1a:ea:01:84:ab:f9:df:
f6:29:63:1e:b2:7d:b2:a2:a4:2d:16:5c:03:be:88:ce:0b:5b:
c5:1a:25:da:63:26:42:81:f7:74:24:94:84:d3:c5:2d:3a:57:
96:30:19:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/FNHIrDQ0UHK3dMrRt1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNjY0MDM1N2FlNGFlMTBmYzBiM2U5ZDk4ZjJhMGNiMDEx
ODkwM2MwHhcNMjUwMTAyMDc0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDdiNzU1OTJmZWZhOWRlOGYxODU4MDk4MDYxZWE2MTBjNjdjZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOItCKuSov1TqwBfBeRGJEtIKquU
58eiYGZ4mW4EdkPe45M3BVxMEepwTDLgAvq27o5dx2OH4HEaR048IM/BAGIoniPh
0JZ9OuqfYeFKsYV0Kh44FkJ0g28DCIcGBULhHX2uc0RL0a6WvKe4SiG8L+R8MjT4
rw/Gyjp0jwzgax7XHK74l1qrRuMXBXGP3/jLDlDeSA7m5AuLqle3Nr59wlthsGN5
AEo8mM7ztjdacJWVnWLwj9t51bC5SQHk0z0EC7HeHPAaOcbAGjTyOV9iIJ9mo7wT
Y4uSVAWI54WIY80EXp0eR5HbUlyZ4hUasIgpuFg80Dh60jvAU/3lATZPzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPR7dVkv76nejxhYCYBh6mEMZ83bMB8GA1UdIwQY
MBaAFN5mQDV65K4Q/As+nZjyoMsBGJA8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAt
ZmY5N2Y2MmEwOTQ1LzEvOUh0MVdTX3ZxZDZQR0ZnSmdHSHFZUXhuemRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAtZmY5N2Y2MmEwOTQ1
LzEvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqkSMA0G
CSqGSIb3DQEBCwUAA4IBAQCReXDGuw5AZ6yL1vxj9Ap1Zr7XR5wxO2JCZEFuVibo
HyZbAih1yZY06rl6NLU+1CSsaSFw5GnWfjS9mV6rvhiQXzitYMqLSzECCOZ0YMAa
aLDEiMop2eRfiWrVniIA5qqDwN08GlXKvo3Zy49AmTn+weAAx+eSRchqiFHrUPAU
NnVOs2LHFkzvfleyTCHmSiXR8TIxlnkwIccAe7VJgsXRuDq+F5hFlmfkFKrWVfPQ
S7hSK6syn0GCQvU4AVTJupPR7/PdtosQiAVULA98Tqmo8BrqAYSr+d/2KWMesn2y
oqQtFlwDvojOC1vFGiXaYyZCgfd0JJSE08UtOleWMBk4
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:07:03 2025 by rpki-client