Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3e0e9a-51f3-49de-9d1b-00cd86af849d/1/dXm9nDAbHEfPr8e0rvdta5vcQCQ.roa
File: dXm9nDAbHEfPr8e0rvdta5vcQCQ.roa (raw, json)
Hash identifier: ZAX5/DrLWdB1icFKrgXw3Y2Wbffkldc6zIYnws0ruBM=
Subject key identifier: 75:79:BD:9C:30:1B:1C:47:CF:AF:C7:B4:AE:F7:6D:6B:9B:DC:40:24
Certificate issuer: /CN=9ca8a132519a242949497363b8caa33e72c673f8
Certificate serial: 019421B24E3477A108B6521AA0A5746379B0
Authority key identifier: 9C:A8:A1:32:51:9A:24:29:49:49:73:63:B8:CA:A3:3E:72:C6:73:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nKihMlGaJClJSXNjuMqjPnLGc_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/3e0e9a-51f3-49de-9d1b-00cd86af849d/1/dXm9nDAbHEfPr8e0rvdta5vcQCQ.roa
Signing time: Wed 01 Jan 2025 11:48:41 +0000
ROA not before: Wed 01 Jan 2025 11:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15943
IP address blocks: 194.45.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:4e:34:77:a1:08:b6:52:1a:a0:a5:74:63:79:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ca8a132519a242949497363b8caa33e72c673f8
Validity
Not Before: Jan 1 11:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7579bd9c301b1c47cfafc7b4aef76d6b9bdc4024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:99:b6:92:74:73:29:86:01:dd:5f:26:4c:69:
f8:52:c1:41:2c:e0:01:d6:26:05:87:3e:ba:ca:58:
92:37:57:66:aa:fc:5f:8f:4d:78:be:cf:8b:61:7b:
f3:76:f9:65:6c:71:d6:7c:c9:2a:09:95:86:6c:fc:
fe:63:b7:76:ad:e3:c1:3d:11:07:ee:22:2d:78:e5:
37:11:ab:f4:5b:72:9d:3e:6d:e8:58:56:30:6b:a2:
6d:7f:7d:9b:5e:bc:f1:95:19:1e:9e:e0:3f:03:11:
b6:c8:cc:fd:00:5b:77:a7:74:3c:8b:9a:58:58:2e:
63:9c:be:50:1a:20:43:13:51:cc:f7:27:2b:9b:95:
ab:69:a4:ea:98:e7:97:21:3e:3d:fd:b5:91:b6:96:
50:c8:a6:01:a3:02:64:1b:d2:d6:f3:02:31:4e:8c:
88:f2:75:1b:a2:e2:0d:c2:98:b8:bd:24:3e:fd:0e:
06:53:9f:1e:d9:7f:cb:b3:77:d8:2c:34:cb:e3:2b:
9f:8b:3b:8c:3a:e9:1a:16:44:a5:db:cf:17:95:84:
a8:86:35:6a:8e:8c:46:62:d9:78:1f:ee:8e:02:4e:
b9:b8:36:bf:33:54:90:7d:ef:c2:03:41:81:54:08:
3a:67:7f:1b:00:6e:54:ab:c7:90:a0:a8:e5:40:40:
e3:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:79:BD:9C:30:1B:1C:47:CF:AF:C7:B4:AE:F7:6D:6B:9B:DC:40:24
X509v3 Authority Key Identifier:
keyid:9C:A8:A1:32:51:9A:24:29:49:49:73:63:B8:CA:A3:3E:72:C6:73:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nKihMlGaJClJSXNjuMqjPnLGc_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3e0e9a-51f3-49de-9d1b-00cd86af849d/1/dXm9nDAbHEfPr8e0rvdta5vcQCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3e0e9a-51f3-49de-9d1b-00cd86af849d/1/nKihMlGaJClJSXNjuMqjPnLGc_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.45.20.0/24
Signature Algorithm: sha256WithRSAEncryption
62:6a:f1:44:2d:b1:8a:4a:82:3f:ef:ad:04:3a:22:89:44:25:
5d:90:d1:4d:83:4b:66:b0:ed:3d:e1:cd:3e:85:62:96:f7:ac:
c4:51:38:cc:bc:22:fe:95:f4:df:2d:58:62:90:72:ec:55:02:
3e:4f:a4:60:11:b0:6d:e4:1b:9f:5a:63:2c:47:ea:90:4b:c1:
65:fa:9f:e4:b6:d5:8c:e1:32:88:5b:48:68:fa:6f:92:38:2c:
dc:b5:2a:d3:31:e0:0c:3f:59:fe:62:04:b9:ea:55:2f:f5:6e:
e8:c8:d8:cb:41:c9:7a:c5:61:2e:69:3e:fb:88:27:92:5c:3a:
41:5f:37:c1:f9:0a:23:0b:33:67:d7:1d:d9:fc:48:05:08:b7:
2c:8f:a6:8e:f7:1c:c6:dd:8f:cb:b4:b3:a2:14:78:10:2a:01:
ba:89:98:a7:f4:16:4c:a1:76:d2:79:99:2a:e6:14:b1:cf:86:
13:77:9e:47:b6:e1:09:b4:8c:2c:ee:64:7c:0b:6e:f5:b1:44:
03:9f:5c:a3:5a:6c:8e:d7:e0:9b:e1:54:da:56:ee:98:27:69:
c6:75:82:b6:a7:93:11:34:98:50:21:d2:01:df:de:c6:ed:bd:
25:99:df:f2:60:64:aa:f2:31:c4:4a:6d:55:54:72:0d:6b:ae:
6a:38:99:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsk40d6EItlIaoKV0Y3mwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYThhMTMyNTE5YTI0Mjk0OTQ5NzM2M2I4Y2FhMzNlNzJj
NjczZjgwHhcNMjUwMTAxMTE0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTc5YmQ5YzMwMWIxYzQ3Y2ZhZmM3YjRhZWY3NmQ2YjliZGM0MDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpm2knRzKYYB3V8mTGn4UsFBLOAB
1iYFhz66yliSN1dmqvxfj014vs+LYXvzdvllbHHWfMkqCZWGbPz+Y7d2rePBPREH
7iIteOU3Eav0W3KdPm3oWFYwa6Jtf32bXrzxlRkenuA/AxG2yMz9AFt3p3Q8i5pY
WC5jnL5QGiBDE1HM9ycrm5WraaTqmOeXIT49/bWRtpZQyKYBowJkG9LW8wIxToyI
8nUbouINwpi4vSQ+/Q4GU58e2X/Ls3fYLDTL4yufizuMOukaFkSl288XlYSohjVq
joxGYtl4H+6OAk65uDa/M1SQfe/CA0GBVAg6Z38bAG5Uq8eQoKjlQEDjIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHV5vZwwGxxHz6/HtK73bWub3EAkMB8GA1UdIwQY
MBaAFJyooTJRmiQpSUlzY7jKoz5yxnP4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbktpaE1sR2FKQ2xKU1hOanVNcWpQbkxHY19nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8zZTBlOWEtNTFmMy00OWRlLTlkMWIt
MDBjZDg2YWY4NDlkLzEvZFhtOW5EQWJIRWZQcjhlMHJ2ZHRhNXZjUUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8zZTBlOWEtNTFmMy00OWRlLTlkMWItMDBjZDg2YWY4NDlk
LzEvbktpaE1sR2FKQ2xKU1hOanVNcWpQbkxHY19nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwi0UMA0G
CSqGSIb3DQEBCwUAA4IBAQBiavFELbGKSoI/760EOiKJRCVdkNFNg0tmsO094c0+
hWKW96zEUTjMvCL+lfTfLVhikHLsVQI+T6RgEbBt5BufWmMsR+qQS8Fl+p/kttWM
4TKIW0ho+m+SOCzctSrTMeAMP1n+YgS56lUv9W7oyNjLQcl6xWEuaT77iCeSXDpB
XzfB+QojCzNn1x3Z/EgFCLcsj6aO9xzG3Y/LtLOiFHgQKgG6iZin9BZMoXbSeZkq
5hSxz4YTd55HtuEJtIws7mR8C271sUQDn1yjWmyO1+Cb4VTaVu6YJ2nGdYK2p5MR
NJhQIdIB397G7b0lmd/yYGSq8jHESm1VVHINa65qOJk+
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:59:19 2025 by rpki-client