Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/yB29tJZko-Lc7mgNtW4aJqy2OH4.roa
File: yB29tJZko-Lc7mgNtW4aJqy2OH4.roa (raw, json)
Hash identifier: RwdgfwiMJl9oKJ48eg67JXX6tD33MmjSlDjkuGNeD5k=
Subject key identifier: C8:1D:BD:B4:96:64:A3:E2:DC:EE:68:0D:B5:6E:1A:26:AC:B6:38:7E
Certificate issuer: /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial: 01943760D0A4869BDA4CC63CB827E0B1964F
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/yB29tJZko-Lc7mgNtW4aJqy2OH4.roa
Signing time: Sun 05 Jan 2025 16:51:18 +0000
ROA not before: Sun 05 Jan 2025 16:51:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133210
IP address blocks: 194.15.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:37:60:d0:a4:86:9b:da:4c:c6:3c:b8:27:e0:b1:96:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Validity
Not Before: Jan 5 16:51:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c81dbdb49664a3e2dcee680db56e1a26acb6387e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:1a:97:61:50:56:cb:d4:19:5f:c1:b5:e9:1d:
a6:da:3b:f5:34:37:a4:dc:35:eb:fe:11:00:78:c9:
e0:97:f6:a2:f9:ca:ea:1c:9d:b4:b6:af:35:f2:f9:
55:20:f0:4d:62:58:c7:76:ee:45:d1:be:dc:b5:d3:
4a:83:2a:5e:e9:56:54:1e:bf:45:b7:4d:8a:42:c0:
cf:86:3f:e1:c6:6a:e7:65:84:68:3f:4d:19:15:2d:
68:5c:14:aa:64:a2:81:b7:ac:7a:c9:00:5a:77:8a:
f6:9d:e6:5e:07:69:07:aa:43:eb:e6:c9:5d:5e:74:
70:0a:a8:8c:bc:b2:77:99:0a:5e:56:ed:ee:e4:90:
11:a7:d9:a6:96:e0:83:da:46:7d:c4:11:48:9e:d7:
67:57:28:a7:10:5b:d9:e2:44:9a:f9:f7:7f:52:90:
b0:3e:bf:9c:e3:31:18:e2:56:05:df:d4:fd:a8:ab:
98:8a:b2:00:45:50:55:f0:16:3d:76:c2:26:11:f2:
f9:47:4e:15:e1:3c:2d:0e:2a:43:82:da:f3:0e:5c:
69:1d:38:cc:e5:b5:b7:ad:31:37:9d:32:43:78:d8:
c1:97:75:76:25:85:6b:33:74:bc:2b:fb:b5:d4:5b:
16:6b:e3:c0:ee:86:09:9f:35:b0:fe:97:cb:b1:c1:
6a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:1D:BD:B4:96:64:A3:E2:DC:EE:68:0D:B5:6E:1A:26:AC:B6:38:7E
X509v3 Authority Key Identifier:
keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/yB29tJZko-Lc7mgNtW4aJqy2OH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.115.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:94:08:c7:6e:ee:13:93:8a:63:18:e4:22:2f:67:41:50:01:
cd:a8:4c:48:10:32:53:92:86:43:f7:04:8d:14:cf:b1:0b:df:
63:90:eb:17:f2:15:f1:64:19:ae:74:04:f1:ce:13:2a:e3:5c:
3c:86:29:1c:e7:d5:1e:2c:2f:d8:1a:8f:11:1a:f1:ba:01:6a:
a1:60:05:dc:e2:ba:5e:64:bc:b9:04:54:6a:20:e2:a3:15:c8:
e8:8e:55:a3:b9:50:6b:db:f5:b0:73:24:92:80:fc:4b:3b:6c:
e5:b1:97:f1:9f:4b:01:74:59:ae:52:b0:9d:96:bc:cf:29:68:
61:3d:fb:ab:d3:dc:8d:d4:f3:7f:9d:d7:44:b3:30:cc:c7:1e:
3b:3a:63:f8:58:14:19:39:d0:e5:8f:51:e2:55:d8:22:75:50:
23:a6:f2:4c:b6:3c:31:42:bc:61:be:9f:97:81:c6:e0:8c:69:
a5:3c:c4:e9:52:e2:34:e8:7d:3c:66:f8:b6:dc:df:da:8e:08:
09:a6:80:23:09:39:25:48:61:f4:e9:5b:5f:aa:81:ce:32:bf:
1b:f8:a7:1c:4e:38:20:37:95:a0:2f:a1:36:59:ef:dd:24:14:
20:9e:d0:86:f1:1d:e9:de:c5:af:7d:0b:10:c2:f4:e5:0e:43:
68:aa:7f:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQ3YNCkhpvaTMY8uCfgsZZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjUwMTA1MTY1MTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODFkYmRiNDk2NjRhM2UyZGNlZTY4MGRiNTZlMWEyNmFjYjYzODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RqXYVBWy9QZX8G16R2m2jv1NDek
3DXr/hEAeMngl/ai+crqHJ20tq818vlVIPBNYljHdu5F0b7ctdNKgype6VZUHr9F
t02KQsDPhj/hxmrnZYRoP00ZFS1oXBSqZKKBt6x6yQBad4r2neZeB2kHqkPr5sld
XnRwCqiMvLJ3mQpeVu3u5JARp9mmluCD2kZ9xBFIntdnVyinEFvZ4kSa+fd/UpCw
Pr+c4zEY4lYF39T9qKuYirIARVBV8BY9dsImEfL5R04V4TwtDipDgtrzDlxpHTjM
5bW3rTE3nTJDeNjBl3V2JYVrM3S8K/u11FsWa+PA7oYJnzWw/pfLscFqBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMgdvbSWZKPi3O5oDbVuGiastjh+MB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEveUIyOXRKWmtvLUxjN21nTnRXNGFKcXkyT0g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg9zMA0G
CSqGSIb3DQEBCwUAA4IBAQDPlAjHbu4Tk4pjGOQiL2dBUAHNqExIEDJTkoZD9wSN
FM+xC99jkOsX8hXxZBmudATxzhMq41w8hikc59UeLC/YGo8RGvG6AWqhYAXc4rpe
ZLy5BFRqIOKjFcjojlWjuVBr2/WwcySSgPxLO2zlsZfxn0sBdFmuUrCdlrzPKWhh
Pfur09yN1PN/nddEszDMxx47OmP4WBQZOdDlj1HiVdgidVAjpvJMtjwxQrxhvp+X
gcbgjGmlPMTpUuI06H08Zvi23N/ajggJpoAjCTklSGH06VtfqoHOMr8b+KccTjgg
N5WgL6E2We/dJBQgntCG8R3p3sWvfQsQwvTlDkNoqn/L
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:40:18 2025 by rpki-client