Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/o4UdTzK11yn9790w6aFya-CRsYk.roa
File: o4UdTzK11yn9790w6aFya-CRsYk.roa (raw, json)
Hash identifier: 5gJHsN2PGfagg0XX4Yhkkp3hRI4hmN+LCY9ILQ0xCTc=
Subject key identifier: A3:85:1D:4F:32:B5:D7:29:FD:EF:DD:30:E9:A1:72:6B:E0:91:B1:89
Certificate issuer: /CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Certificate serial: 019425FC54F547FFC680A18A551B47B36D32
Authority key identifier: DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/o4UdTzK11yn9790w6aFya-CRsYk.roa
Signing time: Thu 02 Jan 2025 07:48:01 +0000
ROA not before: Thu 02 Jan 2025 07:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17916
IP address blocks: 194.169.22.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:54:f5:47:ff:c6:80:a1:8a:55:1b:47:b3:6d:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Validity
Not Before: Jan 2 07:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3851d4f32b5d729fdefdd30e9a1726be091b189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f4:30:bc:c6:d7:08:ba:94:46:3c:d4:73:eb:
5b:76:0f:45:3f:f3:73:55:63:12:17:56:8b:61:a0:
6e:08:9d:e0:78:23:c9:85:24:26:89:46:d8:b4:2a:
f1:0a:bf:fa:6a:e2:32:7a:fc:1e:d7:ed:e0:02:9a:
42:35:98:29:96:6f:02:f3:82:c0:a0:f4:ca:34:83:
88:67:ac:f4:2a:07:88:6b:71:06:40:8a:9c:2e:93:
ad:28:80:68:d6:e8:e2:c6:e3:0e:35:7c:0e:d3:b7:
d9:52:50:ec:fb:f6:69:a7:21:52:d0:91:71:87:b7:
00:4a:32:59:4c:de:ba:6a:73:c2:75:15:e1:40:d3:
41:18:f6:79:6e:ca:aa:ce:6c:4c:bf:e8:5b:ae:ec:
31:00:8e:23:ed:99:c9:78:6b:5c:00:0c:80:4d:52:
f9:c7:df:75:b9:e9:5a:18:84:08:66:08:69:85:ec:
7d:19:4f:07:dc:08:dd:06:f6:ec:fb:76:bf:86:a3:
40:09:eb:a0:5c:62:4f:4b:fe:39:b6:43:ec:31:13:
87:11:80:37:d4:71:d1:0e:8b:aa:98:51:60:ff:80:
8a:d4:81:30:a9:58:62:ba:c4:14:49:a9:6c:b9:e9:
17:21:0d:fb:f0:62:11:fd:e0:d8:99:13:f0:37:44:
5d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:85:1D:4F:32:B5:D7:29:FD:EF:DD:30:E9:A1:72:6B:E0:91:B1:89
X509v3 Authority Key Identifier:
keyid:DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/o4UdTzK11yn9790w6aFya-CRsYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/3mZANXrkrhD8Cz6dmPKgywEYkDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.22.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:9c:4f:c3:36:7b:1c:f6:c1:ba:2a:44:40:8a:c8:16:bd:25:
d3:f0:31:0d:cf:b4:8d:f9:6e:45:d4:59:7f:40:d2:96:62:cf:
06:05:7c:36:dc:9e:07:5d:72:30:e3:8a:e4:e3:5d:d2:26:3b:
17:77:af:b1:9d:f4:9d:80:fa:6e:c4:a9:b9:72:3d:21:94:13:
e2:48:bf:88:c5:e6:82:1a:36:1a:9f:7a:a9:6a:eb:b9:b4:3b:
ab:e7:b3:a9:2e:47:2c:1c:af:c5:a4:e5:04:3d:09:8b:d2:ed:
f7:66:cb:a6:64:12:9f:fd:6d:79:7b:83:2d:ad:28:df:9b:cd:
3c:66:fc:30:25:9c:f0:50:90:82:45:3f:14:f6:4f:48:d9:3e:
cb:3a:a0:0f:ff:5f:c5:54:36:9f:2a:2d:9a:89:8c:f7:0f:90:
c6:c9:ec:ac:f6:38:63:f5:09:b8:94:91:96:dc:86:d2:7b:bd:
89:98:c3:19:55:48:55:51:be:e3:6e:b5:6c:61:c6:bc:55:2f:
9e:6e:4e:b7:2e:f6:1c:f8:64:75:5f:0a:bf:a4:3f:b9:70:73:
1c:e0:75:5c:f9:6c:d0:e7:6b:43:e2:a5:d7:00:19:2d:fa:81:
3c:c0:b7:19:c3:9e:9f:ee:ba:89:ec:9b:23:e9:ac:2a:b0:16:
41:66:77:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/FT1R//GgKGKVRtHs20yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNjY0MDM1N2FlNGFlMTBmYzBiM2U5ZDk4ZjJhMGNiMDEx
ODkwM2MwHhcNMjUwMTAyMDc0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzg1MWQ0ZjMyYjVkNzI5ZmRlZmRkMzBlOWExNzI2YmUwOTFiMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/QwvMbXCLqURjzUc+tbdg9FP/Nz
VWMSF1aLYaBuCJ3geCPJhSQmiUbYtCrxCr/6auIyevwe1+3gAppCNZgplm8C84LA
oPTKNIOIZ6z0KgeIa3EGQIqcLpOtKIBo1ujixuMONXwO07fZUlDs+/ZppyFS0JFx
h7cASjJZTN66anPCdRXhQNNBGPZ5bsqqzmxMv+hbruwxAI4j7ZnJeGtcAAyATVL5
x991uelaGIQIZghphex9GU8H3AjdBvbs+3a/hqNACeugXGJPS/45tkPsMROHEYA3
1HHRDouqmFFg/4CK1IEwqVhiusQUSalsuekXIQ378GIR/eDYmRPwN0RdiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOFHU8ytdcp/e/dMOmhcmvgkbGJMB8GA1UdIwQY
MBaAFN5mQDV65K4Q/As+nZjyoMsBGJA8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAt
ZmY5N2Y2MmEwOTQ1LzEvbzRVZFR6SzExeW45NzkwdzZhRnlhLUNSc1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAtZmY5N2Y2MmEwOTQ1
LzEvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqkWMA0G
CSqGSIb3DQEBCwUAA4IBAQAfnE/DNnsc9sG6KkRAisgWvSXT8DENz7SN+W5F1Fl/
QNKWYs8GBXw23J4HXXIw44rk413SJjsXd6+xnfSdgPpuxKm5cj0hlBPiSL+IxeaC
GjYan3qpauu5tDur57OpLkcsHK/FpOUEPQmL0u33ZsumZBKf/W15e4MtrSjfm808
ZvwwJZzwUJCCRT8U9k9I2T7LOqAP/1/FVDafKi2aiYz3D5DGyeys9jhj9Qm4lJGW
3IbSe72JmMMZVUhVUb7jbrVsYca8VS+ebk63LvYc+GR1Xwq/pD+5cHMc4HVc+WzQ
52tD4qXXABkt+oE8wLcZw56f7rqJ7Jsj6awqsBZBZnfc
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:23:11 2025 by rpki-client