Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/RGwVDB6feiPeG0fRexcXMTOgpos.roa
File: RGwVDB6feiPeG0fRexcXMTOgpos.roa (raw, json)
Hash identifier: HgamSyVG5PGU9kHa5E83qi0VxkT731LMnleqTemWvDE=
Subject key identifier: 44:6C:15:0C:1E:9F:7A:23:DE:1B:47:D1:7B:17:17:31:33:A0:A6:8B
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 01942747DF7CB6BE57B8632F11C02CD9038C
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/RGwVDB6feiPeG0fRexcXMTOgpos.roa
Signing time: Thu 02 Jan 2025 13:50:09 +0000
ROA not before: Thu 02 Jan 2025 13:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 194.31.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:df:7c:b6:be:57:b8:63:2f:11:c0:2c:d9:03:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jan 2 13:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=446c150c1e9f7a23de1b47d17b17173133a0a68b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cf:0d:b3:bd:c3:46:d5:d6:2e:9c:61:53:89:
5b:44:a9:03:96:0f:b2:1b:52:f3:7c:52:c4:fe:2e:
94:b4:74:b9:d3:31:bd:16:5b:de:76:23:34:02:8d:
ad:73:e3:5b:8f:98:2e:0b:9f:4b:c0:d8:e2:b0:b7:
3d:43:13:d7:d3:10:a1:c8:0f:1e:2d:b1:16:82:9e:
01:42:07:9c:80:e8:bd:4a:79:3b:64:bb:3c:46:d5:
b8:23:ee:14:be:32:46:1d:6b:9b:ab:7d:e3:d9:11:
ca:16:f2:64:81:47:4e:0c:7d:37:aa:3e:7c:6b:1b:
9b:c8:14:9d:22:b5:1b:5a:56:4d:22:bc:39:9e:7c:
d5:1f:af:90:53:90:b2:aa:54:4f:ec:78:ac:c2:a8:
56:b0:4a:9a:10:43:0c:7c:ab:21:aa:22:dd:63:33:
fa:f8:8f:97:7a:9a:77:56:76:a9:93:c7:c8:56:37:
3f:b0:e7:6c:3a:0a:1c:df:d7:f8:73:7a:ff:91:ed:
28:ce:24:3d:66:aa:97:d1:42:95:4f:3c:1f:d9:1c:
6b:22:af:bf:a4:f5:f5:94:c0:5b:af:30:21:0d:a8:
64:bc:6e:e2:fe:79:e1:1a:51:d2:32:e6:a6:55:05:
2b:a5:e9:ea:ea:cf:e8:da:a4:25:0e:6d:74:30:eb:
38:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:6C:15:0C:1E:9F:7A:23:DE:1B:47:D1:7B:17:17:31:33:A0:A6:8B
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/RGwVDB6feiPeG0fRexcXMTOgpos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.157.0/24
Signature Algorithm: sha256WithRSAEncryption
77:b6:1b:10:81:62:d7:37:33:8b:c5:59:94:42:24:f4:9f:60:
86:5b:61:9d:86:9e:9d:2d:29:cf:74:a7:01:28:7f:13:6c:4c:
04:e7:28:47:e1:6e:6d:eb:f2:18:17:03:15:2f:b2:4f:82:f2:
88:aa:86:a8:e6:13:71:2c:a9:76:29:a7:9b:60:d9:63:c6:db:
75:41:81:29:c9:0f:2e:25:c0:79:88:50:d2:39:aa:c7:86:de:
2b:88:2f:1c:d4:29:48:24:dd:9c:e5:99:df:3f:29:4a:da:eb:
52:92:12:40:d9:72:e8:98:b5:2f:54:e1:00:68:01:99:1c:aa:
14:a1:97:81:e1:ca:67:a5:64:27:27:bd:e9:60:11:44:66:41:
89:74:56:32:d5:50:44:17:3d:13:95:03:d8:62:09:8a:a4:d0:
14:f3:ef:02:ca:36:e3:a2:5c:13:80:45:59:f0:ea:d2:cb:1b:
b1:e3:0e:ea:78:b1:dc:68:e2:10:ec:19:c8:74:3d:34:2a:79:
37:23:8f:77:fe:b3:8b:b9:11:bd:4c:bb:49:d1:ff:80:5b:39:
f9:60:a0:59:d3:e5:c1:de:18:37:fc:02:12:48:1e:66:7b:55:
14:2c:fc:fd:91:f0:77:04:d9:df:6a:8c:dd:1a:49:dc:34:c5:
11:29:df:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR998tr5XuGMvEcAs2QOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjUwMTAyMTM1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDZjMTUwYzFlOWY3YTIzZGUxYjQ3ZDE3YjE3MTczMTMzYTBhNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM8Ns73DRtXWLpxhU4lbRKkDlg+y
G1LzfFLE/i6UtHS50zG9FlvediM0Ao2tc+Nbj5guC59LwNjisLc9QxPX0xChyA8e
LbEWgp4BQgecgOi9Snk7ZLs8RtW4I+4UvjJGHWubq33j2RHKFvJkgUdODH03qj58
axubyBSdIrUbWlZNIrw5nnzVH6+QU5CyqlRP7HiswqhWsEqaEEMMfKshqiLdYzP6
+I+Xepp3Vnapk8fIVjc/sOdsOgoc39f4c3r/ke0oziQ9ZqqX0UKVTzwf2RxrIq+/
pPX1lMBbrzAhDahkvG7i/nnhGlHSMuamVQUrpenq6s/o2qQlDm10MOs4FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFERsFQwen3oj3htH0XsXFzEzoKaLMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvUkd3VkRCNmZlaVBlRzBmUmV4Y1hNVE9ncG9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh+dMA0G
CSqGSIb3DQEBCwUAA4IBAQB3thsQgWLXNzOLxVmUQiT0n2CGW2Gdhp6dLSnPdKcB
KH8TbEwE5yhH4W5t6/IYFwMVL7JPgvKIqoao5hNxLKl2KaebYNljxtt1QYEpyQ8u
JcB5iFDSOarHht4riC8c1ClIJN2c5ZnfPylK2utSkhJA2XLomLUvVOEAaAGZHKoU
oZeB4cpnpWQnJ73pYBFEZkGJdFYy1VBEFz0TlQPYYgmKpNAU8+8CyjbjolwTgEVZ
8OrSyxux4w7qeLHcaOIQ7BnIdD00Knk3I493/rOLuRG9TLtJ0f+AWzn5YKBZ0+XB
3hg3/AISSB5me1UULPz9kfB3BNnfaozdGkncNMURKd+J
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:11:21 2025 by rpki-client