Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RwOqmUUzDR-0bW7w3J_9pRgqQ4k.roa
File: RwOqmUUzDR-0bW7w3J_9pRgqQ4k.roa (raw, json)
Hash identifier: Q0zdB/reJNBNIAcyvlZjsOkSRDMFODVN2j5E9LA2HmY=
Subject key identifier: 47:03:AA:99:45:33:0D:1F:B4:6D:6E:F0:DC:9F:FD:A5:18:2A:43:89
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019576047B922B1F60453479BFDC3F031F7F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RwOqmUUzDR-0bW7w3J_9pRgqQ4k.roa
Signing time: Sat 08 Mar 2025 13:49:20 +0000
ROA not before: Sat 08 Mar 2025 13:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202656
IP address blocks: 194.105.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:76:04:7b:92:2b:1f:60:45:34:79:bf:dc:3f:03:1f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 8 13:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4703aa9945330d1fb46d6ef0dc9ffda5182a4389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:dc:13:cc:e9:ea:57:91:56:62:56:ae:7f:db:
e6:66:fd:1a:b7:a2:ea:1f:95:5f:45:4b:8e:f7:a4:
92:2d:f9:91:5e:35:88:15:06:9c:98:13:75:c0:69:
d9:04:6b:ba:99:51:1e:b6:f9:fc:70:dd:73:6b:de:
ef:1a:8c:bf:7c:fe:94:54:e8:78:14:a0:f8:00:f8:
73:c1:62:c7:f1:03:aa:85:eb:fe:9e:c1:46:73:71:
02:59:58:3e:e4:d1:66:f1:67:fc:b6:9b:5c:25:c0:
e2:ea:56:a5:b0:a5:e4:86:53:86:2c:35:d7:62:3b:
92:03:1a:85:29:20:67:88:62:62:94:ac:44:71:39:
b1:8f:22:cd:2d:42:04:13:94:d8:c6:70:32:b1:04:
66:cc:ca:0a:6b:05:bc:1b:8a:8a:fb:99:e1:ae:d0:
29:06:c4:ad:f0:1b:f7:56:9f:a8:01:5c:f1:0c:7a:
b9:00:92:27:68:b5:23:31:52:e8:af:58:c9:f0:9a:
70:17:9f:13:04:b2:d3:ec:9a:2e:9e:c1:89:ba:4b:
e5:5a:90:15:61:7d:3e:a3:cd:14:c6:9d:30:57:2b:
0f:aa:71:64:ed:6a:2c:4f:de:08:0e:d7:4e:14:60:
af:3f:d9:f6:64:6e:ef:c6:e5:17:78:8b:b9:ba:14:
6b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:03:AA:99:45:33:0D:1F:B4:6D:6E:F0:DC:9F:FD:A5:18:2A:43:89
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RwOqmUUzDR-0bW7w3J_9pRgqQ4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.105.88.0/24
Signature Algorithm: sha256WithRSAEncryption
72:57:c1:56:e9:fd:83:2a:86:ad:7c:71:b0:51:20:d2:65:8a:
4e:4a:b7:3b:5e:e3:1a:16:21:f9:77:1d:ee:c5:07:c1:0e:42:
6f:b0:d9:bd:60:88:e1:c7:75:b2:19:74:25:e6:01:c9:69:54:
3e:c2:3f:39:13:a9:5e:0c:43:8f:00:26:14:d2:f4:4d:b3:cc:
99:27:2c:a8:8d:2f:03:a4:e6:cc:52:37:ee:dc:31:83:e0:c7:
91:f3:5c:32:7b:2d:15:93:bc:6b:21:3d:a9:fd:fa:44:bd:83:
e9:f8:19:ec:66:95:fc:ba:91:38:de:34:33:37:38:40:32:20:
10:b4:8c:97:e6:94:26:4d:ad:16:c3:94:81:dc:fc:8a:01:e1:
21:01:f4:d5:1f:a2:a9:20:b7:7e:d6:c3:34:ae:31:2c:62:c5:
cf:17:b9:eb:17:9a:86:a7:f5:84:aa:d9:7a:d0:cd:16:69:ea:
e9:73:57:c3:04:f3:a8:c9:c8:27:79:5f:39:cb:be:87:80:f7:
23:5f:03:67:5e:a3:fc:11:b5:8d:4b:eb:ca:77:95:0e:e1:5e:
c1:b5:51:b4:47:79:1a:fa:27:b5:05:60:71:9a:47:1f:6d:f9:
15:67:79:75:a8:1c:f1:ab:b5:29:77:59:f6:86:59:ea:ee:af:
6a:99:16:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZV2BHuSKx9gRTR5v9w/Ax9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzA4MTM0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzAzYWE5OTQ1MzMwZDFmYjQ2ZDZlZjBkYzlmZmRhNTE4MmE0Mzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtwTzOnqV5FWYlauf9vmZv0at6Lq
H5VfRUuO96SSLfmRXjWIFQacmBN1wGnZBGu6mVEetvn8cN1za97vGoy/fP6UVOh4
FKD4APhzwWLH8QOqhev+nsFGc3ECWVg+5NFm8Wf8tptcJcDi6lalsKXkhlOGLDXX
YjuSAxqFKSBniGJilKxEcTmxjyLNLUIEE5TYxnAysQRmzMoKawW8G4qK+5nhrtAp
BsSt8Bv3Vp+oAVzxDHq5AJInaLUjMVLor1jJ8JpwF58TBLLT7JounsGJukvlWpAV
YX0+o80Uxp0wVysPqnFk7WosT94IDtdOFGCvP9n2ZG7vxuUXeIu5uhRrEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEcDqplFMw0ftG1u8Nyf/aUYKkOJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUndPcW1VVXpEUi0wYlc3dzNKXzlwUmdxUTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmlYMA0G
CSqGSIb3DQEBCwUAA4IBAQByV8FW6f2DKoatfHGwUSDSZYpOSrc7XuMaFiH5dx3u
xQfBDkJvsNm9YIjhx3WyGXQl5gHJaVQ+wj85E6leDEOPACYU0vRNs8yZJyyojS8D
pObMUjfu3DGD4MeR81wyey0Vk7xrIT2p/fpEvYPp+BnsZpX8upE43jQzNzhAMiAQ
tIyX5pQmTa0Ww5SB3PyKAeEhAfTVH6KpILd+1sM0rjEsYsXPF7nrF5qGp/WEqtl6
0M0Waerpc1fDBPOoycgneV85y76HgPcjXwNnXqP8EbWNS+vKd5UO4V7BtVG0R3ka
+ie1BWBxmkcfbfkVZ3l1qBzxq7Upd1n2hlnq7q9qmRYi
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:24:48 2025 by rpki-client