Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/dT4eKxKuiMlejujStpkeBlqhlOM.roa
File: dT4eKxKuiMlejujStpkeBlqhlOM.roa (raw, json)
Hash identifier: jTmPsaj5YAbHSTlj3nB1Krnj3ip2XzfaIfy6VeLkbfc=
Subject key identifier: 75:3E:1E:2B:12:AE:88:C9:5E:8E:E8:D2:B6:99:1E:06:5A:A1:94:E3
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 01942746F12B864F02422684F2ECFE7A3388
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/dT4eKxKuiMlejujStpkeBlqhlOM.roa
Signing time: Thu 02 Jan 2025 13:49:08 +0000
ROA not before: Thu 02 Jan 2025 13:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53356
IP address blocks: 194.64.164.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:f1:2b:86:4f:02:42:26:84:f2:ec:fe:7a:33:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 2 13:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=753e1e2b12ae88c95e8ee8d2b6991e065aa194e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b8:ee:b2:f7:7b:75:ab:59:f5:a3:00:75:20:
a8:c3:a3:e8:b5:34:ab:42:dc:4b:46:d6:6e:d6:bb:
0c:3b:99:f6:5d:69:70:9d:96:34:42:5b:a7:f8:e5:
a6:82:a2:ee:f6:4c:58:7a:ea:1c:db:bd:04:ae:99:
46:2b:28:7a:1e:a6:9a:0b:f5:0f:e8:82:37:be:ba:
4f:e6:8f:17:19:47:9c:95:d1:72:a0:2e:30:df:00:
38:8b:7b:06:c7:3b:be:76:e7:28:74:df:f8:f4:3c:
d7:6d:62:5d:a2:a5:ef:c6:1a:f3:aa:17:62:aa:63:
10:29:d6:c9:17:a5:7e:72:68:d5:7e:65:7c:48:23:
ae:29:60:72:71:6f:13:66:08:aa:e4:7e:4a:64:9d:
c7:26:5d:34:d0:43:52:fc:e0:39:7e:4d:f2:d7:6d:
b7:eb:c8:4b:68:85:4f:a1:20:90:6a:63:69:b6:b6:
39:1f:03:21:de:8a:d5:04:36:b7:16:e0:e5:7e:a2:
68:57:b5:49:3d:45:1d:b3:4c:8b:87:f2:6c:32:53:
51:8f:3c:e1:9c:4b:72:f6:c3:f3:b2:2e:99:84:e1:
e8:1a:b3:52:42:8f:cf:ca:ca:25:2d:88:5b:94:09:
53:39:3a:84:d5:60:5b:6d:d5:e5:46:a2:94:2a:28:
10:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:3E:1E:2B:12:AE:88:C9:5E:8E:E8:D2:B6:99:1E:06:5A:A1:94:E3
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/dT4eKxKuiMlejujStpkeBlqhlOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.164.0/22
Signature Algorithm: sha256WithRSAEncryption
00:38:72:7c:16:0e:64:10:f4:8b:5a:30:ef:b5:dd:09:88:0d:
88:ef:43:ee:50:3a:23:b6:51:57:ab:d9:b7:6f:c3:2a:cf:ce:
49:00:7d:7a:9e:02:c1:92:b5:69:0b:cc:a4:c8:e1:2e:5b:b1:
e1:73:87:9c:07:fd:59:8a:05:89:a7:c8:40:b6:fa:3f:9c:ca:
01:7e:20:71:4b:86:f4:78:8e:4b:cc:44:fd:4e:96:62:d1:10:
08:c2:4c:a1:22:b6:78:5e:17:fa:7d:cf:7a:c2:f0:cd:26:b7:
8d:a9:f7:e3:47:a1:fc:71:ed:25:b8:84:41:16:12:91:8c:1b:
4b:95:90:42:8f:d3:f4:41:32:02:2b:08:ca:51:16:7b:f6:aa:
31:be:a3:d7:f0:0e:d6:6f:f8:a2:6e:d7:06:3c:bc:a2:60:02:
bf:79:61:b8:dc:c7:4f:e9:e6:b3:19:98:88:dd:af:6c:bf:6e:
b3:c6:27:89:6d:ec:52:b1:bb:a1:ce:b4:9c:2b:99:cc:aa:11:
3b:e9:30:0d:2f:dd:ca:98:55:24:f6:96:00:e6:53:cd:cd:73:
cf:94:99:cd:ad:13:24:39:c0:c7:6b:58:31:6c:e5:c0:b6:c4:
67:83:b8:17:7f:09:e7:d2:a8:5b:37:4f:60:c3:f7:8d:37:78:
03:d7:63:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRvErhk8CQiaE8uz+ejOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjUwMTAyMTM0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTNlMWUyYjEyYWU4OGM5NWU4ZWU4ZDJiNjk5MWUwNjVhYTE5NGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbjusvd7datZ9aMAdSCow6PotTSr
QtxLRtZu1rsMO5n2XWlwnZY0Qlun+OWmgqLu9kxYeuoc270ErplGKyh6HqaaC/UP
6II3vrpP5o8XGUecldFyoC4w3wA4i3sGxzu+ducodN/49DzXbWJdoqXvxhrzqhdi
qmMQKdbJF6V+cmjVfmV8SCOuKWBycW8TZgiq5H5KZJ3HJl000ENS/OA5fk3y1223
68hLaIVPoSCQamNptrY5HwMh3orVBDa3FuDlfqJoV7VJPUUds0yLh/JsMlNRjzzh
nEty9sPzsi6ZhOHoGrNSQo/PysolLYhblAlTOTqE1WBbbdXlRqKUKigQHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHU+HisSrojJXo7o0raZHgZaoZTjMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvZFQ0ZUt4S3VpTWxlanVqU3Rwa2VCbHFobE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwkCkMA0G
CSqGSIb3DQEBCwUAA4IBAQAAOHJ8Fg5kEPSLWjDvtd0JiA2I70PuUDojtlFXq9m3
b8Mqz85JAH16ngLBkrVpC8ykyOEuW7Hhc4ecB/1ZigWJp8hAtvo/nMoBfiBxS4b0
eI5LzET9TpZi0RAIwkyhIrZ4Xhf6fc96wvDNJreNqffjR6H8ce0luIRBFhKRjBtL
lZBCj9P0QTICKwjKURZ79qoxvqPX8A7Wb/iibtcGPLyiYAK/eWG43MdP6eazGZiI
3a9sv26zxieJbexSsbuhzrScK5nMqhE76TANL93KmFUk9pYA5lPNzXPPlJnNrRMk
OcDHa1gxbOXAtsRng7gXfwnn0qhbN09gw/eNN3gD12N6
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:35 2025 by rpki-client