Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d9db98-4010-4328-8445-eecfe7fcf1c0/1/dtRhkrrPSJQXLxdge4ROTUVkWDI.roa
File: dtRhkrrPSJQXLxdge4ROTUVkWDI.roa (raw, json)
Hash identifier: LG59mLDEL6OnHYs5spoH7ylFHPQpE2H4qHB7zS4ODlE=
Subject key identifier: 76:D4:61:92:BA:CF:48:94:17:2F:17:60:7B:84:4E:4D:45:64:58:32
Certificate issuer: /CN=f970877985b0c5cf69167c91e837424c47d9a425
Certificate serial: 019423693113BD2C9DEF6DF443FD1471C34A
Authority key identifier: F9:70:87:79:85:B0:C5:CF:69:16:7C:91:E8:37:42:4C:47:D9:A4:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XCHeYWwxc9pFnyR6DdCTEfZpCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/d9db98-4010-4328-8445-eecfe7fcf1c0/1/dtRhkrrPSJQXLxdge4ROTUVkWDI.roa
Signing time: Wed 01 Jan 2025 19:48:03 +0000
ROA not before: Wed 01 Jan 2025 19:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35800
IP address blocks: 194.88.152.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:31:13:bd:2c:9d:ef:6d:f4:43:fd:14:71:c3:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f970877985b0c5cf69167c91e837424c47d9a425
Validity
Not Before: Jan 1 19:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76d46192bacf4894172f17607b844e4d45645832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:89:e8:d1:6c:9b:a7:2c:f9:9f:36:b9:89:3a:
2d:c5:22:4d:3a:b2:e5:ea:c7:d0:df:85:4f:94:f5:
b9:91:20:e4:a0:2a:6a:cf:89:5c:b3:80:93:c5:e7:
a9:a7:79:05:82:47:22:bc:00:55:ec:9e:fa:c5:dc:
92:03:87:dd:6f:6c:45:7e:3c:49:5f:3d:d1:e0:91:
89:04:08:05:94:db:6c:3e:1e:a0:b2:7b:73:2e:68:
8d:62:a4:5a:5b:5e:d1:a3:d3:5b:19:42:71:f4:5e:
e0:2a:18:26:2b:04:1b:ae:62:4e:5b:a2:ec:11:00:
5b:f6:f7:82:c8:22:0b:ce:ed:30:c0:60:f5:37:63:
53:1d:52:a5:02:60:d0:f8:9e:33:69:a1:3a:17:e5:
6d:11:59:3e:ae:6a:18:e8:06:cd:25:da:50:e3:73:
67:12:e0:fd:87:0a:09:a2:3a:31:f8:82:60:aa:16:
99:cf:98:81:e4:b2:48:d5:09:48:de:41:01:ee:f5:
b6:bb:f7:72:82:a1:f6:04:b9:41:45:c9:b6:13:50:
af:a6:3b:cf:85:ef:3b:6c:b4:23:f9:51:8a:38:d2:
87:00:7d:d6:5b:e8:81:14:e3:85:6d:43:0f:f5:f5:
2b:0a:d7:81:db:00:9b:fc:a3:b3:3b:ef:15:34:87:
52:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D4:61:92:BA:CF:48:94:17:2F:17:60:7B:84:4E:4D:45:64:58:32
X509v3 Authority Key Identifier:
keyid:F9:70:87:79:85:B0:C5:CF:69:16:7C:91:E8:37:42:4C:47:D9:A4:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XCHeYWwxc9pFnyR6DdCTEfZpCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d9db98-4010-4328-8445-eecfe7fcf1c0/1/dtRhkrrPSJQXLxdge4ROTUVkWDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d9db98-4010-4328-8445-eecfe7fcf1c0/1/1-XCHeYWwxc9pFnyR6DdCTEfZpCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.88.152.0/23
Signature Algorithm: sha256WithRSAEncryption
96:93:f9:bc:d7:82:ea:86:3c:54:44:78:aa:f7:a3:81:41:8b:
37:18:2e:30:8b:5a:3c:c9:c7:f3:b5:32:57:5f:ae:13:43:b5:
79:88:0c:93:8e:ca:3a:cb:f7:2c:57:e3:71:fd:1d:e1:b5:8e:
43:9e:0c:a0:6d:14:55:27:4b:1a:fc:37:3c:2e:21:09:47:df:
f0:16:b8:e2:ca:62:97:bf:d3:d7:b9:cd:9c:fe:1f:ec:69:bf:
df:46:ff:58:7b:69:a5:22:97:af:f3:52:61:14:4d:6d:2f:9a:
29:f4:ce:99:03:5d:04:83:24:29:34:04:80:30:57:c4:21:4c:
02:9c:78:5a:02:a7:3b:39:88:ee:10:1c:7f:dd:ce:5b:46:cd:
25:9c:75:30:9d:0e:c8:74:1f:1d:7e:ac:86:c0:62:60:e5:52:
c2:3e:2d:75:1a:31:87:d2:ed:e5:1a:45:ae:2b:fd:04:71:f6:
83:71:60:b1:ba:d8:53:f0:94:d9:c9:07:bb:7d:ba:46:60:5f:
4e:29:48:43:0d:30:04:90:26:6a:11:25:c8:84:a6:59:0d:9d:
e2:7b:e4:d2:de:54:39:58:8b:b2:83:bc:ae:68:04:c7:78:3d:
d8:56:49:9b:79:2e:f4:76:e5:e9:33:c9:03:38:c9:d3:fb:b5:
b9:5b:9e:6d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjaTETvSyd7230Q/0UccNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NzA4Nzc5ODViMGM1Y2Y2OTE2N2M5MWU4Mzc0MjRjNDdk
OWE0MjUwHhcNMjUwMTAxMTk0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmQ0NjE5MmJhY2Y0ODk0MTcyZjE3NjA3Yjg0NGU0ZDQ1NjQ1ODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4no0Wybpyz5nza5iTotxSJNOrLl
6sfQ34VPlPW5kSDkoCpqz4lcs4CTxeepp3kFgkcivABV7J76xdySA4fdb2xFfjxJ
Xz3R4JGJBAgFlNtsPh6gsntzLmiNYqRaW17Ro9NbGUJx9F7gKhgmKwQbrmJOW6Ls
EQBb9veCyCILzu0wwGD1N2NTHVKlAmDQ+J4zaaE6F+VtEVk+rmoY6AbNJdpQ43Nn
EuD9hwoJojox+IJgqhaZz5iB5LJI1QlI3kEB7vW2u/dygqH2BLlBRcm2E1CvpjvP
he87bLQj+VGKONKHAH3WW+iBFOOFbUMP9fUrCteB2wCb/KOzO+8VNIdSxQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHbUYZK6z0iUFy8XYHuETk1FZFgyMB8GA1UdIwQY
MBaAFPlwh3mFsMXPaRZ8keg3QkxH2aQlMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YQ0hlWVd3eGM5cEZueVI2RGRDVEVmWnBDVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQvZDlkYjk4LTQwMTAtNDMyOC04NDQ1
LWVlY2ZlN2ZjZjFjMC8xL2R0UmhrcnJQU0pRWEx4ZGdlNFJPVFVWa1dESS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjQvZDlkYjk4LTQwMTAtNDMyOC04NDQ1LWVlY2ZlN2ZjZjFj
MC8xLzEtWENIZVlXd3hjOXBGbnlSNkRkQ1RFZlpwQ1UuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHCWJgw
DQYJKoZIhvcNAQELBQADggEBAJaT+bzXguqGPFREeKr3o4FBizcYLjCLWjzJx/O1
MldfrhNDtXmIDJOOyjrL9yxX43H9HeG1jkOeDKBtFFUnSxr8NzwuIQlH3/AWuOLK
Ype/09e5zZz+H+xpv99G/1h7aaUil6/zUmEUTW0vmin0zpkDXQSDJCk0BIAwV8Qh
TAKceFoCpzs5iO4QHH/dzltGzSWcdTCdDsh0Hx1+rIbAYmDlUsI+LXUaMYfS7eUa
Ra4r/QRx9oNxYLG62FPwlNnJB7t9ukZgX04pSEMNMASQJmoRJciEplkNneJ75NLe
VDlYi7KDvK5oBMd4PdhWSZt5LvR25ekzyQM4ydP7tblbnm0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:14:55 2025 by rpki-client