Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/shuB_C4LkSlqcOa9sbrz-kg4IL8.roa
File: shuB_C4LkSlqcOa9sbrz-kg4IL8.roa (raw, json)
Hash identifier: 7PhaGPimF68NWyA4IO29W8QrZVKFS7qmrUs2JEilRqs=
Subject key identifier: B2:1B:81:FC:2E:0B:91:29:6A:70:E6:BD:B1:BA:F3:FA:48:38:20:BF
Certificate issuer: /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Certificate serial: 019421B23FF654FD699DA666437194A3E92B
Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/shuB_C4LkSlqcOa9sbrz-kg4IL8.roa
Signing time: Wed 01 Jan 2025 11:48:37 +0000
ROA not before: Wed 01 Jan 2025 11:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206683
IP address blocks: 194.8.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3f:f6:54:fd:69:9d:a6:66:43:71:94:a3:e9:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Validity
Not Before: Jan 1 11:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b21b81fc2e0b91296a70e6bdb1baf3fa483820bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:97:93:09:a2:44:ae:75:c8:32:41:85:32:2e:
35:ca:be:7a:48:25:a1:96:bd:6b:8f:b1:fd:90:ee:
da:bd:ac:34:3a:1d:f1:04:23:c5:97:97:81:8c:da:
bc:c4:f6:d3:d5:8b:69:9e:b9:65:0a:c6:fa:88:2b:
5f:ee:e9:b6:9b:77:4e:fc:7a:83:97:50:74:57:b6:
7e:70:35:30:6a:cd:85:87:9e:67:92:51:15:dd:0b:
c2:55:cf:65:54:e9:44:ea:94:f2:3a:ec:a1:4c:75:
8c:e4:fd:cf:8c:db:8f:60:d3:45:21:43:0e:85:61:
97:06:65:98:a5:73:1b:93:77:fe:d3:3b:78:d1:90:
94:91:79:9d:c1:79:ca:fb:99:80:37:6f:75:a9:f7:
3f:8b:ab:0e:ca:75:61:94:95:d4:6b:67:4d:13:53:
4d:c7:be:06:df:c1:77:64:6d:de:09:e9:b4:7d:5e:
dd:81:6f:de:2a:d7:82:74:96:31:67:16:f8:80:20:
75:f4:76:64:57:a9:a1:3c:2e:12:ec:2b:0d:50:c5:
2c:b2:1e:fa:7c:21:bf:a2:aa:43:0a:b6:0a:3c:39:
ac:0b:20:37:8a:6e:53:31:41:00:84:41:52:ca:a0:
21:7b:a7:90:c4:83:38:09:83:ae:ef:42:18:fc:2f:
c1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:1B:81:FC:2E:0B:91:29:6A:70:E6:BD:B1:BA:F3:FA:48:38:20:BF
X509v3 Authority Key Identifier:
keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/shuB_C4LkSlqcOa9sbrz-kg4IL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.238.0/24
Signature Algorithm: sha256WithRSAEncryption
81:88:06:a3:d6:45:1f:97:65:55:1e:ce:8a:e6:05:51:43:96:
f5:b6:fa:0f:f5:a4:b6:2f:db:eb:93:2c:db:b2:38:c0:86:89:
15:7b:3a:80:c3:61:58:cb:31:17:c2:51:b8:fa:c9:fb:a4:6b:
9f:e9:1f:e3:81:93:35:3d:96:83:28:cc:09:5e:c7:42:6e:c8:
1a:f5:a9:59:d4:2f:fd:2e:10:29:db:da:e6:de:de:37:a9:b6:
ec:4e:b0:1e:8a:c9:ef:7f:d1:77:f8:23:bd:11:e5:26:bc:c5:
26:ce:cc:ae:d5:3a:1d:e5:db:79:aa:50:bc:e3:e4:b0:d0:24:
89:d0:9a:90:44:98:5a:6e:87:a1:e8:50:29:07:a7:e0:f0:8a:
b3:8f:9a:79:d3:d2:68:e1:c3:05:a4:04:f2:df:74:57:60:ca:
52:be:7c:47:d3:c9:0e:f2:57:f4:b4:8b:b9:45:5c:c1:de:82:
d2:6b:b8:d1:b9:fe:1a:d1:cb:e4:60:c3:7a:52:0a:81:bc:11:
2f:72:fc:25:d3:90:4e:37:3b:d2:69:0e:fb:60:56:72:48:20:
bb:bd:ef:9a:e8:a6:24:52:0b:4e:b9:ad:96:e1:af:e8:bf:3e:
37:93:3b:22:a4:18:76:ec:59:6b:0f:5b:7e:77:a4:d3:b3:41:
bc:c3:b3:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsj/2VP1pnaZmQ3GUo+krMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh
ODBlOWUwHhcNMjUwMTAxMTE0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjFiODFmYzJlMGI5MTI5NmE3MGU2YmRiMWJhZjNmYTQ4MzgyMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZeTCaJErnXIMkGFMi41yr56SCWh
lr1rj7H9kO7avaw0Oh3xBCPFl5eBjNq8xPbT1YtpnrllCsb6iCtf7um2m3dO/HqD
l1B0V7Z+cDUwas2Fh55nklEV3QvCVc9lVOlE6pTyOuyhTHWM5P3PjNuPYNNFIUMO
hWGXBmWYpXMbk3f+0zt40ZCUkXmdwXnK+5mAN291qfc/i6sOynVhlJXUa2dNE1NN
x74G38F3ZG3eCem0fV7dgW/eKteCdJYxZxb4gCB19HZkV6mhPC4S7CsNUMUssh76
fCG/oqpDCrYKPDmsCyA3im5TMUEAhEFSyqAhe6eQxIM4CYOu70IY/C/BwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIbgfwuC5EpanDmvbG68/pIOCC/MB8GA1UdIwQY
MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt
OWU3MWRjMjRhNjgzLzEvc2h1Ql9DNExrU2xxY09hOXNicnota2c0SUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUtOWU3MWRjMjRhNjgz
LzEvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgjuMA0G
CSqGSIb3DQEBCwUAA4IBAQCBiAaj1kUfl2VVHs6K5gVRQ5b1tvoP9aS2L9vrkyzb
sjjAhokVezqAw2FYyzEXwlG4+sn7pGuf6R/jgZM1PZaDKMwJXsdCbsga9alZ1C/9
LhAp29rm3t43qbbsTrAeisnvf9F3+CO9EeUmvMUmzsyu1Tod5dt5qlC84+Sw0CSJ
0JqQRJhaboeh6FApB6fg8Iqzj5p509Jo4cMFpATy33RXYMpSvnxH08kO8lf0tIu5
RVzB3oLSa7jRuf4a0cvkYMN6UgqBvBEvcvwl05BONzvSaQ77YFZySCC7ve+a6KYk
UgtOua2W4a/ovz43kzsipBh27FlrD1t+d6TTs0G8w7Mi
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:30:04 2025 by rpki-client