Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d77168-133f-4553-b19d-56c94f326dc2/1/BrNhX11GN3gzWV-434wlzWriATQ.roa
File: BrNhX11GN3gzWV-434wlzWriATQ.roa (raw, json)
Hash identifier: e/gkiYTr4M+ZdV4GBEAw4FBFr5Cgb0NfH0gUAD5dMJY=
Subject key identifier: 06:B3:61:5F:5D:46:37:78:33:59:5F:B8:DF:8C:25:CD:6A:E2:01:34
Certificate issuer: /CN=fd0ef040fba45bce7b07163495cdf5e85077919d
Certificate serial: 019426D94B654111C05C6EF3A69D8C1176AD
Authority key identifier: FD:0E:F0:40:FB:A4:5B:CE:7B:07:16:34:95:CD:F5:E8:50:77:91:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Q7wQPukW857BxY0lc316FB3kZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/d77168-133f-4553-b19d-56c94f326dc2/1/BrNhX11GN3gzWV-434wlzWriATQ.roa
Signing time: Thu 02 Jan 2025 11:49:22 +0000
ROA not before: Thu 02 Jan 2025 11:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8708
IP address blocks: 194.0.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:4b:65:41:11:c0:5c:6e:f3:a6:9d:8c:11:76:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd0ef040fba45bce7b07163495cdf5e85077919d
Validity
Not Before: Jan 2 11:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06b3615f5d46377833595fb8df8c25cd6ae20134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2e:73:d8:58:42:fe:00:e0:22:49:8d:98:9a:
89:d5:53:05:60:3a:a6:ad:36:af:50:e4:4a:84:9f:
50:8b:5e:77:71:28:95:55:68:b8:b4:f5:e1:04:4a:
82:7f:47:bf:a2:41:44:f3:67:e3:4b:95:e5:40:d1:
25:72:f8:cb:97:3f:02:b5:e4:24:0d:83:3a:e7:a7:
6a:ae:b1:44:31:8c:9b:0e:36:c7:8f:f3:ca:55:56:
2a:2e:f0:39:a5:a0:cb:49:3d:35:51:4f:47:f1:5f:
17:7c:24:0e:34:a1:d3:8c:98:51:2d:f7:ca:77:9a:
ec:af:15:87:35:8a:36:13:d0:67:72:0a:17:4d:10:
65:2d:50:c5:d9:6e:b2:2c:61:bf:9a:92:f7:7b:19:
e9:3c:11:bb:8f:fe:b7:dd:55:5e:ca:bc:80:fb:06:
70:44:2e:b8:21:7a:fe:ba:ef:c6:70:10:6f:50:73:
a8:a4:15:77:05:35:5c:6d:13:0d:e4:1c:d8:6d:3a:
4c:b2:34:04:2a:bf:bd:6a:c8:70:83:2c:83:72:cf:
7e:f6:8e:40:b1:11:13:1d:94:5d:db:45:11:4c:da:
96:d7:dc:45:5e:72:9b:49:06:1b:b5:e4:42:e4:e8:
52:62:07:a9:74:a7:b6:09:58:e1:55:2a:2d:80:bc:
d1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B3:61:5F:5D:46:37:78:33:59:5F:B8:DF:8C:25:CD:6A:E2:01:34
X509v3 Authority Key Identifier:
keyid:FD:0E:F0:40:FB:A4:5B:CE:7B:07:16:34:95:CD:F5:E8:50:77:91:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Q7wQPukW857BxY0lc316FB3kZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d77168-133f-4553-b19d-56c94f326dc2/1/BrNhX11GN3gzWV-434wlzWriATQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d77168-133f-4553-b19d-56c94f326dc2/1/_Q7wQPukW857BxY0lc316FB3kZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.173.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:b1:09:f9:b3:3a:20:c1:63:72:2a:53:b3:75:72:46:fa:4a:
bd:c3:08:df:d0:80:87:bd:2e:04:12:f3:f7:85:57:fc:17:a1:
8f:9e:8c:7e:4e:a5:b4:c9:5c:e7:0c:8f:a4:33:59:51:21:e9:
6f:66:05:3d:42:28:04:6a:a7:26:42:9b:9d:f2:36:4d:5e:5a:
31:0e:ee:a3:b5:86:8b:1b:5d:54:7e:45:5c:3e:7b:95:8b:de:
f9:5b:90:74:dd:fe:c5:7f:0c:15:4c:78:fc:d4:49:5c:45:53:
05:41:4e:9f:21:99:68:64:30:de:0b:12:df:84:10:9f:61:bf:
f7:47:95:31:52:32:d0:c4:26:fd:b6:2e:3c:c3:46:5e:52:0f:
43:ce:aa:6f:54:dc:47:79:e0:86:ad:de:91:f5:03:45:4f:5e:
cf:ec:a9:0e:cb:b2:de:fa:fd:83:80:76:c8:71:2a:4d:e2:d3:
a7:33:05:cf:ef:fd:81:f6:f9:43:05:58:a9:0c:2a:49:b8:cb:
30:7d:7b:68:9b:91:02:dc:d6:23:80:8a:c9:ef:da:06:cf:0c:
6f:6f:23:bf:cd:8a:eb:a2:e9:0b:6d:0d:eb:9b:8c:ae:94:8e:
c0:73:f9:8a:fd:e4:b6:8d:5a:13:16:bc:26:b4:4c:e6:da:f3:
b5:cf:76:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2UtlQRHAXG7zpp2MEXatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMGVmMDQwZmJhNDViY2U3YjA3MTYzNDk1Y2RmNWU4NTA3
NzkxOWQwHhcNMjUwMTAyMTE0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmIzNjE1ZjVkNDYzNzc4MzM1OTVmYjhkZjhjMjVjZDZhZTIwMTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5S5z2FhC/gDgIkmNmJqJ1VMFYDqm
rTavUORKhJ9Qi153cSiVVWi4tPXhBEqCf0e/okFE82fjS5XlQNElcvjLlz8CteQk
DYM656dqrrFEMYybDjbHj/PKVVYqLvA5paDLST01UU9H8V8XfCQONKHTjJhRLffK
d5rsrxWHNYo2E9BncgoXTRBlLVDF2W6yLGG/mpL3exnpPBG7j/633VVeyryA+wZw
RC64IXr+uu/GcBBvUHOopBV3BTVcbRMN5BzYbTpMsjQEKr+9ashwgyyDcs9+9o5A
sRETHZRd20URTNqW19xFXnKbSQYbteRC5OhSYgepdKe2CVjhVSotgLzRSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAazYV9dRjd4M1lfuN+MJc1q4gE0MB8GA1UdIwQY
MBaAFP0O8ED7pFvOewcWNJXN9ehQd5GdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1E3d1FQdWtXODU3QnhZMGxjMzE2RkIza1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kNzcxNjgtMTMzZi00NTUzLWIxOWQt
NTZjOTRmMzI2ZGMyLzEvQnJOaFgxMUdOM2d6V1YtNDM0d2x6V3JpQVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9kNzcxNjgtMTMzZi00NTUzLWIxOWQtNTZjOTRmMzI2ZGMy
LzEvX1E3d1FQdWtXODU3QnhZMGxjMzE2RkIza1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgCtMA0G
CSqGSIb3DQEBCwUAA4IBAQCjsQn5szogwWNyKlOzdXJG+kq9wwjf0ICHvS4EEvP3
hVf8F6GPnox+TqW0yVznDI+kM1lRIelvZgU9QigEaqcmQpud8jZNXloxDu6jtYaL
G11UfkVcPnuVi975W5B03f7FfwwVTHj81ElcRVMFQU6fIZloZDDeCxLfhBCfYb/3
R5UxUjLQxCb9ti48w0ZeUg9DzqpvVNxHeeCGrd6R9QNFT17P7KkOy7Le+v2DgHbI
cSpN4tOnMwXP7/2B9vlDBVipDCpJuMswfXtom5EC3NYjgIrJ79oGzwxvbyO/zYrr
oukLbQ3rm4yulI7Ac/mK/eS2jVoTFrwmtEzm2vO1z3Y8
-----END CERTIFICATE-----
Generated at Fri Apr 11 12:34:13 2025 by rpki-client