Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/be10af-d67c-47e9-938a-4af1fa36cdb9/1/QEhnuw8ud1j9n62qQluLx43WHjQ.roa
File: QEhnuw8ud1j9n62qQluLx43WHjQ.roa (raw, json)
Hash identifier: 1M0hr4yzSJjpoSUF2lAkNTs362XypkDSGbasmLEH2gU=
Subject key identifier: 40:48:67:BB:0F:2E:77:58:FD:9F:AD:AA:42:5B:8B:C7:8D:D6:1E:34
Certificate issuer: /CN=08cb89a11114efbe0e1e2550ecda336fd792ec5f
Certificate serial: 0194228E3C26EAE1FBE068454CEFF272E1B6
Authority key identifier: 08:CB:89:A1:11:14:EF:BE:0E:1E:25:50:EC:DA:33:6F:D7:92:EC:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CMuJoREU774OHiVQ7Nozb9eS7F8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/be10af-d67c-47e9-938a-4af1fa36cdb9/1/QEhnuw8ud1j9n62qQluLx43WHjQ.roa
Signing time: Wed 01 Jan 2025 15:48:54 +0000
ROA not before: Wed 01 Jan 2025 15:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8220
IP address blocks: 194.127.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3c:26:ea:e1:fb:e0:68:45:4c:ef:f2:72:e1:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08cb89a11114efbe0e1e2550ecda336fd792ec5f
Validity
Not Before: Jan 1 15:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=404867bb0f2e7758fd9fadaa425b8bc78dd61e34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0f:a0:ea:8c:c1:b1:5b:55:85:78:8e:ea:ba:
59:df:97:e9:f8:72:fc:4c:7e:ab:0f:43:ac:ae:64:
5a:7f:69:49:bd:6f:35:6a:66:b0:df:e7:17:1d:f1:
0c:8e:bb:78:d7:70:aa:3a:38:df:1e:50:5c:4a:2b:
9d:97:54:9c:02:ec:18:bd:80:b3:a8:d2:19:89:f5:
75:a4:e9:a9:d8:03:2c:4d:48:5e:be:f3:1a:7f:1d:
94:d6:20:62:1f:99:8e:db:d5:f5:00:9f:ab:09:c9:
20:2f:aa:81:d3:39:58:2f:be:6c:f2:8f:f2:b0:ff:
72:8a:ad:0f:29:57:9c:1e:05:c6:63:d4:8d:e7:02:
d1:af:3d:82:bd:25:44:58:ef:fa:94:fe:7c:38:68:
36:a1:56:87:83:1a:ef:a1:d7:e2:7e:8c:7b:e6:73:
b3:78:27:f9:5a:ae:03:e2:25:8a:ea:3e:43:d3:24:
e8:8f:e6:1d:3d:41:7d:95:db:dc:3c:fa:66:ba:4a:
68:b4:d5:16:a3:a0:e6:0f:5c:29:c4:e2:c5:50:19:
c0:18:0d:e3:90:d4:09:a2:97:f0:93:22:e2:7a:8f:
50:f3:9a:ae:f9:0f:70:c7:9c:82:b5:78:f9:99:b2:
1a:cf:34:30:87:4e:be:38:a1:3c:58:40:85:c5:c8:
e1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:48:67:BB:0F:2E:77:58:FD:9F:AD:AA:42:5B:8B:C7:8D:D6:1E:34
X509v3 Authority Key Identifier:
keyid:08:CB:89:A1:11:14:EF:BE:0E:1E:25:50:EC:DA:33:6F:D7:92:EC:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CMuJoREU774OHiVQ7Nozb9eS7F8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/be10af-d67c-47e9-938a-4af1fa36cdb9/1/QEhnuw8ud1j9n62qQluLx43WHjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/be10af-d67c-47e9-938a-4af1fa36cdb9/1/CMuJoREU774OHiVQ7Nozb9eS7F8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.228.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:0c:93:55:da:9e:5d:d8:0a:c1:01:dc:00:c4:b9:29:d3:a8:
02:93:2a:d6:b7:44:01:bf:7d:76:8f:e9:a5:7d:24:32:8c:25:
1e:0b:45:b3:c4:e6:c6:43:2c:33:d9:f3:3a:9e:2d:2e:cc:47:
64:dc:df:ea:eb:d6:1a:1e:12:96:06:e9:46:73:8d:56:ea:c9:
15:84:79:aa:af:05:56:fe:21:a3:b4:01:19:62:ef:43:7f:c4:
0b:83:e7:20:61:89:2a:d8:1c:eb:a0:a3:b8:53:75:45:97:80:
4f:16:95:25:a7:cd:76:b1:ce:33:73:bb:8b:9a:77:a3:a1:13:
92:35:d3:67:5a:ee:09:5d:fb:89:6d:40:65:c8:8d:35:3c:9d:
60:58:58:0f:2a:5d:c5:20:58:1c:9f:1a:74:13:72:83:66:fc:
9a:ec:3b:76:43:5c:33:12:59:6f:83:43:ce:33:b1:c9:c5:e8:
17:db:a9:3f:db:1c:78:e9:1a:07:a5:66:27:3b:60:2a:e5:e1:
5b:85:2b:28:b5:75:50:f9:a6:54:3e:68:cd:05:cf:2c:7c:53:
72:8a:e6:66:74:0c:7c:0b:2a:d9:4a:61:cb:9e:a1:f4:44:e0:
fc:a4:49:2a:6e:84:04:55:6e:7f:99:3f:25:76:79:f0:4b:8d:
c4:55:a5:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijjwm6uH74GhFTO/ycuG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4Y2I4OWExMTExNGVmYmUwZTFlMjU1MGVjZGEzMzZmZDc5
MmVjNWYwHhcNMjUwMTAxMTU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDQ4NjdiYjBmMmU3NzU4ZmQ5ZmFkYWE0MjViOGJjNzhkZDYxZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg+g6ozBsVtVhXiO6rpZ35fp+HL8
TH6rD0OsrmRaf2lJvW81amaw3+cXHfEMjrt413CqOjjfHlBcSiudl1ScAuwYvYCz
qNIZifV1pOmp2AMsTUhevvMafx2U1iBiH5mO29X1AJ+rCckgL6qB0zlYL75s8o/y
sP9yiq0PKVecHgXGY9SN5wLRrz2CvSVEWO/6lP58OGg2oVaHgxrvodfifox75nOz
eCf5Wq4D4iWK6j5D0yToj+YdPUF9ldvcPPpmukpotNUWo6DmD1wpxOLFUBnAGA3j
kNQJopfwkyLieo9Q85qu+Q9wx5yCtXj5mbIazzQwh06+OKE8WECFxcjhYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBIZ7sPLndY/Z+tqkJbi8eN1h40MB8GA1UdIwQY
MBaAFAjLiaERFO++Dh4lUOzaM2/XkuxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ011Sm9SRVU3NzRPSGlWUTdOb3piOWVTN0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iZTEwYWYtZDY3Yy00N2U5LTkzOGEt
NGFmMWZhMzZjZGI5LzEvUUVobnV3OHVkMWo5bjYycVFsdUx4NDNXSGpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iZTEwYWYtZDY3Yy00N2U5LTkzOGEtNGFmMWZhMzZjZGI5
LzEvQ011Sm9SRVU3NzRPSGlWUTdOb3piOWVTN0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn/kMA0G
CSqGSIb3DQEBCwUAA4IBAQC1DJNV2p5d2ArBAdwAxLkp06gCkyrWt0QBv312j+ml
fSQyjCUeC0WzxObGQywz2fM6ni0uzEdk3N/q69YaHhKWBulGc41W6skVhHmqrwVW
/iGjtAEZYu9Df8QLg+cgYYkq2BzroKO4U3VFl4BPFpUlp812sc4zc7uLmnejoROS
NdNnWu4JXfuJbUBlyI01PJ1gWFgPKl3FIFgcnxp0E3KDZvya7Dt2Q1wzEllvg0PO
M7HJxegX26k/2xx46RoHpWYnO2Aq5eFbhSsotXVQ+aZUPmjNBc8sfFNyiuZmdAx8
CyrZSmHLnqH0ROD8pEkqboQEVW5/mT8ldnnwS43EVaXP
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:40:26 2025 by rpki-client