Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/488Qk5K_zcU34uRLaYoKwXIwxJ4.roa
File: 488Qk5K_zcU34uRLaYoKwXIwxJ4.roa (raw, json)
Hash identifier: sEL2CPSz4U47VxtQdqd40IdriMnhXYxHCyQu23pvrO0=
Subject key identifier: E3:CF:10:93:92:BF:CD:C5:37:E2:E4:4B:69:8A:0A:C1:72:30:C4:9E
Certificate issuer: /CN=894928a39627cd5ee5f975bd897c2d775ab29940
Certificate serial: 01941FFA1D4C34259AD5FE038D0B8FCEAC8E
Authority key identifier: 89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/488Qk5K_zcU34uRLaYoKwXIwxJ4.roa
Signing time: Wed 01 Jan 2025 03:47:52 +0000
ROA not before: Wed 01 Jan 2025 03:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133466
IP address blocks: 149.226.192.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:1d:4c:34:25:9a:d5:fe:03:8d:0b:8f:ce:ac:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=894928a39627cd5ee5f975bd897c2d775ab29940
Validity
Not Before: Jan 1 03:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3cf109392bfcdc537e2e44b698a0ac17230c49e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:98:21:62:3f:69:c7:41:46:ec:e8:f4:ab:ce:
1e:74:68:49:a2:2a:14:a2:d7:71:66:45:5f:c6:5f:
81:37:fd:ef:11:62:7b:9e:76:81:ea:ea:aa:d7:a7:
10:89:27:1c:25:dd:d8:87:ab:fc:11:a7:ca:19:7d:
6f:b8:47:83:21:a7:a4:86:ac:94:0e:15:27:f3:de:
64:39:25:d7:63:f2:68:4d:23:43:cc:00:9f:dd:87:
61:6e:7f:3c:a8:7f:94:bb:cb:6d:e3:ef:53:cc:14:
87:42:e4:2e:e0:1f:2e:3b:e4:25:3f:74:fa:37:b6:
f1:8a:db:f0:28:b5:a8:3e:60:9e:9e:aa:e2:54:b4:
e9:72:7c:f4:30:4f:64:42:fa:e2:88:ab:70:ce:9c:
b2:8e:8a:29:f5:74:fa:22:98:c6:d8:40:06:12:a4:
bc:4c:97:88:35:c9:e8:1e:55:7c:cf:7a:17:18:af:
f4:07:b2:53:25:0d:34:de:47:a0:5c:95:7f:21:48:
5c:49:74:61:4d:fa:aa:08:a8:75:2a:dd:58:6d:94:
8b:d6:b5:4f:aa:26:68:7c:27:e7:6d:56:ad:92:df:
d4:22:24:48:1c:8e:43:ee:cf:3d:13:f6:0e:5a:87:
b4:dd:b2:0d:5d:5f:05:18:13:25:e0:dc:8a:7e:6e:
f9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:CF:10:93:92:BF:CD:C5:37:E2:E4:4B:69:8A:0A:C1:72:30:C4:9E
X509v3 Authority Key Identifier:
keyid:89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/488Qk5K_zcU34uRLaYoKwXIwxJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.226.192.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:d3:26:87:09:fb:4c:b5:b3:4d:6e:a2:03:50:43:dc:5e:69:
9d:9a:28:38:14:01:fa:c8:f2:ab:9f:81:b9:71:f1:f5:f8:c4:
4d:48:b9:29:76:fe:a2:fc:9c:b5:d0:64:7d:03:98:bf:b0:a7:
f8:1a:13:05:b3:2c:a0:94:04:b9:59:74:9e:d6:21:6d:84:18:
c4:0d:6b:e9:fa:12:d9:f4:c5:00:da:ca:b5:1e:fc:78:55:22:
5b:29:b4:c0:ea:52:2a:7a:2f:fa:eb:10:fb:43:3b:f4:6c:66:
4d:b4:f1:45:bb:f7:65:c1:a4:53:5d:86:51:41:9f:d3:3a:e4:
92:7c:c9:73:55:05:67:11:52:f9:03:e9:09:e2:12:05:95:37:
5e:e2:4b:59:6d:15:0f:f8:c6:9e:92:f5:e8:10:f4:e0:c5:76:
f3:69:19:02:3b:89:1f:05:49:f8:16:41:fc:ac:a0:0f:7d:31:
85:e3:2d:f7:4f:cd:83:b0:36:ad:ef:a2:0e:04:0b:f5:3f:54:
13:ac:b6:25:59:6e:be:33:04:36:3d:96:15:16:26:65:c4:f1:
ba:f0:cb:be:da:a9:02:64:e9:72:46:09:7d:33:09:10:14:bb:
ba:13:8c:45:4b:e6:40:4d:40:a4:c2:5e:9c:48:c2:72:2d:80:
fd:e0:4e:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+h1MNCWa1f4DjQuPzqyOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NDkyOGEzOTYyN2NkNWVlNWY5NzViZDg5N2MyZDc3NWFi
Mjk5NDAwHhcNMjUwMTAxMDM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2NmMTA5MzkyYmZjZGM1MzdlMmU0NGI2OThhMGFjMTcyMzBjNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpghYj9px0FG7Oj0q84edGhJoioU
otdxZkVfxl+BN/3vEWJ7nnaB6uqq16cQiSccJd3Yh6v8EafKGX1vuEeDIaekhqyU
DhUn895kOSXXY/JoTSNDzACf3Ydhbn88qH+Uu8tt4+9TzBSHQuQu4B8uO+QlP3T6
N7bxitvwKLWoPmCenqriVLTpcnz0ME9kQvriiKtwzpyyjoop9XT6IpjG2EAGEqS8
TJeINcnoHlV8z3oXGK/0B7JTJQ003kegXJV/IUhcSXRhTfqqCKh1Kt1YbZSL1rVP
qiZofCfnbVatkt/UIiRIHI5D7s89E/YOWoe03bINXV8FGBMl4NyKfm75uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOPPEJOSv83FN+LkS2mKCsFyMMSeMB8GA1UdIwQY
MBaAFIlJKKOWJ81e5fl1vYl8LXdasplAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEt
MTU5M2Q0MDQ1Y2JjLzEvNDg4UWs1S196Y1UzNHVSTGFZb0t3WEl3eEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEtMTU5M2Q0MDQ1Y2Jj
LzEvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDleLAMA0G
CSqGSIb3DQEBCwUAA4IBAQCK0yaHCftMtbNNbqIDUEPcXmmdmig4FAH6yPKrn4G5
cfH1+MRNSLkpdv6i/Jy10GR9A5i/sKf4GhMFsyyglAS5WXSe1iFthBjEDWvp+hLZ
9MUA2sq1Hvx4VSJbKbTA6lIqei/66xD7Qzv0bGZNtPFFu/dlwaRTXYZRQZ/TOuSS
fMlzVQVnEVL5A+kJ4hIFlTde4ktZbRUP+MaekvXoEPTgxXbzaRkCO4kfBUn4FkH8
rKAPfTGF4y33T82DsDat76IOBAv1P1QTrLYlWW6+MwQ2PZYVFiZlxPG68Mu+2qkC
ZOlyRgl9MwkQFLu6E4xFS+ZATUCkwl6cSMJyLYD94E7i
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:44:13 2025 by rpki-client