Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/9OZxkpid54x2rsU5VRKfjY_gB2A.roa
File: 9OZxkpid54x2rsU5VRKfjY_gB2A.roa (raw, json)
Hash identifier: 38cpSiAtwD6roS3bP5O86nTXrnPOD+5Jin9ozETV8sI=
Subject key identifier: F4:E6:71:92:98:9D:E7:8C:76:AE:C5:39:55:12:9F:8D:8F:E0:07:60
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01941FFA4BEBA46F969817B9825CF3BCE590
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/9OZxkpid54x2rsU5VRKfjY_gB2A.roa
Signing time: Wed 01 Jan 2025 03:48:04 +0000
ROA not before: Wed 01 Jan 2025 03:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46436
IP address blocks: 83.126.54.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:4b:eb:a4:6f:96:98:17:b9:82:5c:f3:bc:e5:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 03:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4e67192989de78c76aec53955129f8d8fe00760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d4:25:e6:fd:06:f7:de:6f:8a:58:5d:f3:26:
16:cd:4e:53:f2:ba:51:4a:0a:c0:5a:ae:6a:0c:b6:
93:9f:58:85:c9:a3:1a:82:9f:5f:0f:04:13:f5:bc:
ed:15:b9:f7:c9:d1:2c:d5:ca:d5:1a:4c:1d:6c:4e:
af:e2:89:62:b5:5a:84:90:dc:2b:f5:17:11:b8:7d:
14:e2:a3:06:f3:ca:3d:05:7a:39:5b:12:45:9c:95:
67:60:cf:a1:5f:1c:f1:73:b2:ba:3e:6c:9a:d9:38:
6e:a6:b9:db:17:30:18:2c:2f:e8:1e:ab:48:6d:14:
a7:ec:9a:d0:43:91:18:07:4d:f0:24:b7:0d:75:18:
3b:c9:91:79:20:76:fb:78:8a:ed:d9:dc:1b:09:e7:
11:90:0d:28:fc:b5:cb:63:4b:14:cf:5c:16:b3:f5:
34:87:fc:05:9f:1b:69:15:00:cb:e1:fb:5d:82:d3:
f3:5e:cb:7a:33:36:29:76:f1:87:9e:79:5c:26:c9:
a1:f0:72:d1:3c:dc:ae:08:bf:d9:b4:b5:ed:85:93:
52:5f:8c:46:1f:5e:a6:23:2c:7f:83:11:3d:d0:0b:
69:0c:69:1a:ab:1b:7d:e4:c6:cc:d4:11:1d:34:e9:
f9:67:f9:27:ac:48:a6:29:9a:1c:b9:89:5b:a9:95:
53:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:E6:71:92:98:9D:E7:8C:76:AE:C5:39:55:12:9F:8D:8F:E0:07:60
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/9OZxkpid54x2rsU5VRKfjY_gB2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.126.54.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:56:c4:41:64:83:89:b4:e6:9d:f1:ab:a3:02:9f:46:70:ee:
5e:8f:0a:b4:f3:82:51:19:51:18:1d:bd:5a:cf:53:88:5a:5a:
34:5d:43:8c:54:b0:cc:34:ac:47:29:8d:2d:35:cf:b5:be:c3:
b6:95:c4:53:99:67:24:1c:03:73:49:3d:0f:0b:01:ba:9a:30:
25:92:46:27:be:8b:ad:f6:ff:85:61:4f:0d:7f:f0:08:1e:34:
00:36:65:55:e7:46:57:9e:de:be:bc:4a:ce:13:c6:00:b2:56:
70:59:80:35:cc:91:5e:71:38:cb:68:85:0b:03:47:0c:3f:84:
f4:96:8d:a9:44:2c:33:e0:48:bd:5b:cc:9b:93:d4:1b:9a:bc:
04:48:b8:a0:95:8b:51:d5:99:22:27:ab:51:94:1b:9e:ae:6e:
6c:27:c6:66:51:a7:bb:95:5a:2b:f9:0b:53:67:a8:e5:dd:62:
20:f5:23:f4:a1:20:09:73:d0:b7:14:ed:e1:3b:10:43:76:1d:
2e:69:59:c0:4a:de:6b:4a:09:b3:45:67:10:1a:27:33:1b:b4:
8e:80:87:d0:96:2f:09:f9:0c:30:ac:fd:5f:87:8b:ea:4e:74:
44:6e:bb:82:06:08:49:17:86:6e:4b:d0:1e:cc:da:8b:6a:49:
44:10:3e:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+kvrpG+WmBe5glzzvOWQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjUwMTAxMDM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGU2NzE5Mjk4OWRlNzhjNzZhZWM1Mzk1NTEyOWY4ZDhmZTAwNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdQl5v0G995vilhd8yYWzU5T8rpR
SgrAWq5qDLaTn1iFyaMagp9fDwQT9bztFbn3ydEs1crVGkwdbE6v4olitVqEkNwr
9RcRuH0U4qMG88o9BXo5WxJFnJVnYM+hXxzxc7K6Pmya2ThuprnbFzAYLC/oHqtI
bRSn7JrQQ5EYB03wJLcNdRg7yZF5IHb7eIrt2dwbCecRkA0o/LXLY0sUz1wWs/U0
h/wFnxtpFQDL4ftdgtPzXst6MzYpdvGHnnlcJsmh8HLRPNyuCL/ZtLXthZNSX4xG
H16mIyx/gxE90AtpDGkaqxt95MbM1BEdNOn5Z/knrEimKZocuYlbqZVT7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPTmcZKYneeMdq7FOVUSn42P4AdgMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvOU9aeGtwaWQ1NHgycnNVNVZSS2ZqWV9nQjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU342MA0G
CSqGSIb3DQEBCwUAA4IBAQB8VsRBZIOJtOad8aujAp9GcO5ejwq084JRGVEYHb1a
z1OIWlo0XUOMVLDMNKxHKY0tNc+1vsO2lcRTmWckHANzST0PCwG6mjAlkkYnvout
9v+FYU8Nf/AIHjQANmVV50ZXnt6+vErOE8YAslZwWYA1zJFecTjLaIULA0cMP4T0
lo2pRCwz4Ei9W8ybk9QbmrwESLiglYtR1ZkiJ6tRlBuerm5sJ8ZmUae7lVor+QtT
Z6jl3WIg9SP0oSAJc9C3FO3hOxBDdh0uaVnASt5rSgmzRWcQGiczG7SOgIfQli8J
+QwwrP1fh4vqTnREbruCBghJF4ZuS9AezNqLaklEED4i
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:08:52 2025 by rpki-client