Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/gCeEg2-aKNA4NJwCq_wet9ZUHSo.roa
File: gCeEg2-aKNA4NJwCq_wet9ZUHSo.roa (raw, json)
Hash identifier: c1XqtEHbwnDz4EEYbDLzjNU+kaoA7BLTobxYu0vC/Ec=
Subject key identifier: 80:27:84:83:6F:9A:28:D0:38:34:9C:02:AB:FC:1E:B7:D6:54:1D:2A
Certificate issuer: /CN=c5de32bb9cc99e115ddbaf6b7fa23051789f2f61
Certificate serial: 019427B6950EEF27B29EF87FE4E155E6FD3C
Authority key identifier: C5:DE:32:BB:9C:C9:9E:11:5D:DB:AF:6B:7F:A2:30:51:78:9F:2F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xd4yu5zJnhFd269rf6IwUXifL2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/gCeEg2-aKNA4NJwCq_wet9ZUHSo.roa
Signing time: Thu 02 Jan 2025 15:51:04 +0000
ROA not before: Thu 02 Jan 2025 15:51:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 194.29.56.0/24 maxlen: 24
194.29.57.0/24 maxlen: 24
194.29.58.0/24 maxlen: 24
194.29.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:95:0e:ef:27:b2:9e:f8:7f:e4:e1:55:e6:fd:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5de32bb9cc99e115ddbaf6b7fa23051789f2f61
Validity
Not Before: Jan 2 15:51:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=802784836f9a28d038349c02abfc1eb7d6541d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a4:7a:d8:76:71:d0:2d:9c:7e:29:4b:1b:b8:
e7:5e:0f:26:c9:1c:e8:fd:61:58:0d:c4:f0:af:e9:
33:3b:e9:1b:0c:c5:e6:55:02:c4:d3:bf:5b:54:46:
f6:67:93:af:ec:c0:a6:91:38:d6:a4:ad:bc:e9:89:
9a:45:d3:62:31:ef:7f:94:b8:36:c4:e6:bf:10:e5:
e7:c7:c6:c7:d0:92:8e:8e:ae:98:23:31:a0:c3:20:
bd:26:63:21:7f:1e:0f:cd:67:66:b5:06:13:ee:bc:
2a:50:ef:8a:d6:e4:ff:6f:94:63:78:5a:2e:32:13:
9a:dd:79:62:82:1f:18:bd:d7:8e:27:87:7a:21:f8:
cb:5c:75:a1:57:70:82:7c:f6:6e:aa:cd:c2:85:39:
b4:59:e0:9f:dd:86:dc:16:05:42:3f:5e:8e:11:ad:
76:5b:9a:d2:10:d6:13:4b:c7:18:3a:b0:7f:9e:1a:
3b:51:17:ed:7b:52:a4:b9:d5:30:f1:59:fc:a3:98:
0c:0d:1c:57:80:35:17:c6:37:ce:08:5b:1d:09:d3:
d5:85:3b:3b:e9:74:c0:c4:ba:1e:a2:6e:05:e7:0a:
42:c0:05:73:a6:ea:74:3c:43:82:02:91:8f:bb:3d:
6b:02:c7:7f:44:11:07:2b:ba:7d:96:38:54:49:a4:
3d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:27:84:83:6F:9A:28:D0:38:34:9C:02:AB:FC:1E:B7:D6:54:1D:2A
X509v3 Authority Key Identifier:
keyid:C5:DE:32:BB:9C:C9:9E:11:5D:DB:AF:6B:7F:A2:30:51:78:9F:2F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xd4yu5zJnhFd269rf6IwUXifL2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/gCeEg2-aKNA4NJwCq_wet9ZUHSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/xd4yu5zJnhFd269rf6IwUXifL2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.29.56.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:d0:4e:7e:ee:5b:c4:0b:6a:01:06:81:87:b1:84:f5:f9:0b:
18:90:de:d4:31:bf:f5:84:d1:4d:76:40:eb:35:0b:cf:38:fa:
d9:a8:fa:04:6d:03:43:9d:69:38:77:5c:a7:8f:fc:2e:26:5b:
e9:aa:e4:fb:b3:c2:e3:9f:1a:e9:dd:2b:ff:aa:73:de:f7:2f:
4c:6c:dd:0d:0a:8f:cd:c8:2e:41:a3:1d:0d:4e:95:0e:fc:a7:
2c:c4:28:c1:ef:d7:15:59:11:e7:9e:c4:8d:65:a0:7f:42:32:
af:75:33:f6:e2:83:86:35:86:47:12:20:f5:d6:be:65:c3:b8:
3a:11:bc:6c:91:72:0c:57:57:be:3a:d7:26:65:4c:3c:f0:ff:
d7:cb:a2:39:4a:b4:14:ff:ae:f2:c2:ec:4e:e2:79:55:7a:a9:
25:76:0f:02:ad:ea:51:42:f6:e8:f2:f2:42:34:05:ad:fc:53:
5e:94:44:36:73:81:99:c2:25:c3:84:e1:21:25:8a:7b:d8:a8:
01:3e:f3:86:e5:0f:1c:59:e4:c1:e7:38:3a:df:4e:3c:38:29:
47:74:bf:0a:8a:ae:3d:f5:fe:07:4b:ec:78:0b:a1:80:31:e2:
74:26:1a:6a:d3:97:ae:5c:cc:10:d9:75:ff:07:35:cb:6e:b7:
56:4f:45:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntpUO7yeynvh/5OFV5v08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZGUzMmJiOWNjOTllMTE1ZGRiYWY2YjdmYTIzMDUxNzg5
ZjJmNjEwHhcNMjUwMTAyMTU1MTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDI3ODQ4MzZmOWEyOGQwMzgzNDljMDJhYmZjMWViN2Q2NTQxZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6R62HZx0C2cfilLG7jnXg8myRzo
/WFYDcTwr+kzO+kbDMXmVQLE079bVEb2Z5Ov7MCmkTjWpK286YmaRdNiMe9/lLg2
xOa/EOXnx8bH0JKOjq6YIzGgwyC9JmMhfx4PzWdmtQYT7rwqUO+K1uT/b5RjeFou
MhOa3Xligh8YvdeOJ4d6IfjLXHWhV3CCfPZuqs3ChTm0WeCf3YbcFgVCP16OEa12
W5rSENYTS8cYOrB/nho7URfte1KkudUw8Vn8o5gMDRxXgDUXxjfOCFsdCdPVhTs7
6XTAxLoeom4F5wpCwAVzpup0PEOCApGPuz1rAsd/RBEHK7p9ljhUSaQ9mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAnhINvmijQODScAqv8HrfWVB0qMB8GA1UdIwQY
MBaAFMXeMrucyZ4RXduva3+iMFF4ny9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGQ0eXU1ekpuaEZkMjY5cmY2SXdVWGlmTDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9iZDA5ZTctYzQwYi00N2E2LThhMmUt
MDYzNjc1MzY3OWI2LzEvZ0NlRWcyLWFLTkE0Tkp3Q3Ffd2V0OVpVSFNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9iZDA5ZTctYzQwYi00N2E2LThhMmUtMDYzNjc1MzY3OWI2
LzEveGQ0eXU1ekpuaEZkMjY5cmY2SXdVWGlmTDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwh04MA0G
CSqGSIb3DQEBCwUAA4IBAQAK0E5+7lvEC2oBBoGHsYT1+QsYkN7UMb/1hNFNdkDr
NQvPOPrZqPoEbQNDnWk4d1ynj/wuJlvpquT7s8Ljnxrp3Sv/qnPe9y9MbN0NCo/N
yC5Box0NTpUO/KcsxCjB79cVWRHnnsSNZaB/QjKvdTP24oOGNYZHEiD11r5lw7g6
EbxskXIMV1e+OtcmZUw88P/Xy6I5SrQU/67ywuxO4nlVeqkldg8CrepRQvbo8vJC
NAWt/FNelEQ2c4GZwiXDhOEhJYp72KgBPvOG5Q8cWeTB5zg63048OClHdL8Kiq49
9f4HS+x4C6GAMeJ0Jhpq05euXMwQ2XX/BzXLbrdWT0VI
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:24 2025 by rpki-client