Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/14e601-f31a-41bb-93fe-a59e6e9abcc8/1/d1cUGJ6v4aRMFVJ8jR6zf61KUZo.roa
File: d1cUGJ6v4aRMFVJ8jR6zf61KUZo.roa (raw, json)
Hash identifier: w1Q0yU0/JMksdYl+XzfFqraLhxZYw0tN1TBkWQdYmYc=
Subject key identifier: 77:57:14:18:9E:AF:E1:A4:4C:15:52:7C:8D:1E:B3:7F:AD:4A:51:9A
Certificate issuer: /CN=af59d35331c9efe33c9530769325ae8ef550ffda
Certificate serial: 019421445AB779C70FAE67FA806DEBE61DE9
Authority key identifier: AF:59:D3:53:31:C9:EF:E3:3C:95:30:76:93:25:AE:8E:F5:50:FF:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r1nTUzHJ7-M8lTB2kyWujvVQ_9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/14e601-f31a-41bb-93fe-a59e6e9abcc8/1/d1cUGJ6v4aRMFVJ8jR6zf61KUZo.roa
Signing time: Wed 01 Jan 2025 09:48:35 +0000
ROA not before: Wed 01 Jan 2025 09:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208026
IP address blocks: 194.60.112.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:5a:b7:79:c7:0f:ae:67:fa:80:6d:eb:e6:1d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af59d35331c9efe33c9530769325ae8ef550ffda
Validity
Not Before: Jan 1 09:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=775714189eafe1a44c15527c8d1eb37fad4a519a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c0:45:dc:87:0e:04:2f:d7:a0:2d:b5:85:03:
a4:0f:49:14:53:77:04:0e:c5:5c:25:75:9c:1b:f5:
40:01:ca:38:e7:2f:a0:34:61:de:d2:46:32:03:db:
59:01:e0:1b:fd:9f:89:ec:5a:f0:8c:5d:79:24:b9:
6e:97:25:11:2b:27:72:dd:df:2d:ec:c8:8b:9b:67:
13:b0:20:b3:78:b0:b8:2d:90:8d:bd:5b:6b:b0:92:
c4:81:dd:86:49:2d:f5:73:8c:e4:df:b7:6e:f4:aa:
42:05:d8:2b:11:f9:23:7a:d2:c3:e2:79:00:51:b3:
d2:20:23:12:78:fe:51:f5:a5:dc:2b:37:32:74:42:
26:32:dd:57:12:21:bf:29:ed:36:41:e9:03:df:ad:
d3:e9:c9:68:d7:6a:ba:1d:a1:ca:3f:79:8e:c1:fa:
05:7c:02:f9:e3:ad:de:68:ec:01:e2:10:e0:22:60:
5b:01:b5:4c:cc:96:6f:a5:8a:fd:c9:a1:96:27:4f:
07:71:94:2b:7a:d2:c0:b5:df:21:3c:ee:e8:83:39:
2d:f2:4b:ae:25:b0:a6:2f:e1:4f:dc:45:4b:03:46:
f8:f6:31:ea:6b:0c:fd:e9:98:9d:08:c1:e7:75:01:
fb:d0:8f:1a:68:e9:a7:be:2d:81:b4:f0:a6:6e:94:
b0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:57:14:18:9E:AF:E1:A4:4C:15:52:7C:8D:1E:B3:7F:AD:4A:51:9A
X509v3 Authority Key Identifier:
keyid:AF:59:D3:53:31:C9:EF:E3:3C:95:30:76:93:25:AE:8E:F5:50:FF:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r1nTUzHJ7-M8lTB2kyWujvVQ_9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/14e601-f31a-41bb-93fe-a59e6e9abcc8/1/d1cUGJ6v4aRMFVJ8jR6zf61KUZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/14e601-f31a-41bb-93fe-a59e6e9abcc8/1/r1nTUzHJ7-M8lTB2kyWujvVQ_9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.60.112.0/20
Signature Algorithm: sha256WithRSAEncryption
24:87:45:cf:c1:60:14:29:b7:c4:b3:d2:9d:74:82:5f:4a:9c:
8e:7e:e7:32:4f:e1:9b:36:04:c5:a7:3b:ec:fa:25:d2:8b:6a:
2d:59:6a:c6:9b:57:6c:01:82:37:2e:18:27:f1:0e:da:ef:25:
69:65:16:5d:0e:19:f9:56:d2:69:18:69:da:63:ab:d8:69:2c:
74:eb:25:c2:41:5e:3c:1f:47:32:27:60:e9:ac:1f:5a:5e:95:
90:b6:87:a1:45:a2:21:86:b3:19:a9:df:2f:a6:49:09:c9:bb:
cc:14:c6:b5:2d:85:9a:02:df:19:85:56:fa:ac:75:ce:aa:b5:
af:f3:a3:d2:dd:9a:5a:bd:e9:62:59:ee:29:06:aa:e0:7d:e9:
09:88:a8:bc:f5:73:58:f3:bc:c4:8a:19:65:71:1a:c1:c0:63:
8d:15:cf:96:e8:3f:e7:a5:41:30:fc:ca:1d:fb:80:8b:90:b4:
16:60:8d:6b:d2:b9:e5:d5:45:8b:74:f1:f5:43:67:a0:51:81:
81:4d:2c:5f:a7:d7:0e:b2:47:3f:aa:94:13:28:bb:6a:e2:61:
16:66:17:21:53:0c:44:db:5c:6b:7f:0d:11:82:cc:73:3f:a4:
9e:9d:7e:26:94:8f:0c:89:50:dc:47:47:ad:e2:de:35:bf:63:
05:e3:aa:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRFq3eccPrmf6gG3r5h3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNTlkMzUzMzFjOWVmZTMzYzk1MzA3NjkzMjVhZThlZjU1
MGZmZGEwHhcNMjUwMTAxMDk0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzU3MTQxODllYWZlMWE0NGMxNTUyN2M4ZDFlYjM3ZmFkNGE1MTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMBF3IcOBC/XoC21hQOkD0kUU3cE
DsVcJXWcG/VAAco45y+gNGHe0kYyA9tZAeAb/Z+J7FrwjF15JLlulyURKydy3d8t
7MiLm2cTsCCzeLC4LZCNvVtrsJLEgd2GSS31c4zk37du9KpCBdgrEfkjetLD4nkA
UbPSICMSeP5R9aXcKzcydEImMt1XEiG/Ke02QekD363T6clo12q6HaHKP3mOwfoF
fAL5463eaOwB4hDgImBbAbVMzJZvpYr9yaGWJ08HcZQretLAtd8hPO7ogzkt8kuu
JbCmL+FP3EVLA0b49jHqawz96ZidCMHndQH70I8aaOmnvi2BtPCmbpSw5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHdXFBier+GkTBVSfI0es3+tSlGaMB8GA1UdIwQY
MBaAFK9Z01Mxye/jPJUwdpMlro71UP/aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjFuVFV6SEo3LU04bFRCMmt5V3VqdlZRXzlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8xNGU2MDEtZjMxYS00MWJiLTkzZmUt
YTU5ZTZlOWFiY2M4LzEvZDFjVUdKNnY0YVJNRlZKOGpSNnpmNjFLVVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8xNGU2MDEtZjMxYS00MWJiLTkzZmUtYTU5ZTZlOWFiY2M4
LzEvcjFuVFV6SEo3LU04bFRCMmt5V3VqdlZRXzlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwjxwMA0G
CSqGSIb3DQEBCwUAA4IBAQAkh0XPwWAUKbfEs9KddIJfSpyOfucyT+GbNgTFpzvs
+iXSi2otWWrGm1dsAYI3Lhgn8Q7a7yVpZRZdDhn5VtJpGGnaY6vYaSx06yXCQV48
H0cyJ2DprB9aXpWQtoehRaIhhrMZqd8vpkkJybvMFMa1LYWaAt8ZhVb6rHXOqrWv
86PS3ZpaveliWe4pBqrgfekJiKi89XNY87zEihllcRrBwGONFc+W6D/npUEw/Mod
+4CLkLQWYI1r0rnl1UWLdPH1Q2egUYGBTSxfp9cOskc/qpQTKLtq4mEWZhchUwxE
21xrfw0RgsxzP6SenX4mlI8MiVDcR0et4t41v2MF46qF
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:35:34 2025 by rpki-client