Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AUOOcFhyXUPXj5wSiVW2GNM1Oz8.roa
File: AUOOcFhyXUPXj5wSiVW2GNM1Oz8.roa (raw, json)
Hash identifier: QW4v/LT2ayG1jmkiB/upLCgk7jLuEB9Ayvwtg+rkKRk=
Subject key identifier: 01:43:8E:70:58:72:5D:43:D7:8F:9C:12:89:55:B6:18:D3:35:3B:3F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0194ACDA4F94FF284C6448421B420C7EFF0A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AUOOcFhyXUPXj5wSiVW2GNM1Oz8.roa
Signing time: Tue 28 Jan 2025 12:19:35 +0000
ROA not before: Tue 28 Jan 2025 12:19:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 193.124.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:da:4f:94:ff:28:4c:64:48:42:1b:42:0c:7e:ff:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 28 12:19:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01438e7058725d43d78f9c128955b618d3353b3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d8:31:f0:c1:34:69:aa:95:26:a1:9e:95:4c:
72:f2:0c:8c:5d:5f:a7:54:30:8e:7a:b8:24:96:1e:
b8:38:60:ed:90:f7:3a:bb:57:e2:7a:0c:02:f1:2b:
ba:c9:62:a2:5d:27:38:53:8c:e4:cb:02:9a:9a:3c:
8a:44:03:05:21:42:e2:0e:4d:c4:83:b9:e6:4f:a7:
49:08:79:fe:41:87:07:a5:0c:ec:65:57:6e:b6:ee:
a5:60:e5:85:f8:82:6f:76:b3:f2:3d:4f:b3:fa:b7:
b1:93:7a:f1:fd:de:21:2c:6e:fd:28:6e:41:8b:a7:
42:09:14:5e:56:fb:46:e5:8e:1d:3a:fd:31:8b:9c:
cb:71:91:4e:ff:4b:dc:d7:33:35:56:5f:db:2e:d8:
10:8f:d4:12:9b:1d:74:bd:19:9a:fb:db:69:01:0d:
0d:63:84:0a:ff:17:f7:86:b0:83:a9:2f:90:97:c4:
10:fb:1c:46:23:ec:39:5c:a2:6d:d7:74:3f:f2:ee:
04:81:14:4b:bc:f5:1c:da:c9:e1:8a:22:a6:b9:dd:
1a:25:ab:0f:f9:fc:8b:a1:33:d3:a4:9b:37:c4:77:
e5:be:8e:1f:bb:9b:ba:e5:e2:a7:f6:66:b0:d3:99:
50:ba:8e:49:2d:3a:45:fc:18:d8:49:b6:1e:7e:75:
41:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:43:8E:70:58:72:5D:43:D7:8F:9C:12:89:55:B6:18:D3:35:3B:3F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AUOOcFhyXUPXj5wSiVW2GNM1Oz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.18.0/24
Signature Algorithm: sha256WithRSAEncryption
80:d3:06:7e:df:42:c4:95:29:bf:32:46:ad:76:5d:10:8f:cd:
79:c8:91:d5:54:75:c8:a7:b1:14:1e:3d:e2:0f:14:7c:9f:70:
b7:cb:62:f6:61:5d:dc:92:66:67:7f:c8:28:7c:59:3e:a9:fb:
0c:ff:25:ed:f4:fb:63:56:50:a4:28:5a:14:dc:bf:58:59:aa:
5f:b4:af:d4:8c:99:04:b6:10:0e:96:fa:38:80:81:d5:f7:b0:
12:49:36:b0:e3:40:ef:3e:c1:8c:6d:b6:49:6b:bd:16:4e:d8:
c7:88:99:28:bf:c8:00:e4:7c:72:54:bd:20:e4:30:9e:76:fb:
28:6c:39:64:9c:d5:36:20:12:c9:bd:2d:b7:81:22:86:0f:cc:
92:5f:b6:96:1a:bb:bb:b7:ae:f0:bb:bf:90:4a:2a:d7:21:92:
e7:22:0f:8c:db:73:e9:85:93:0e:f0:07:a6:ee:a8:81:c4:a3:
31:46:63:be:e7:d9:e6:26:a6:f4:7b:e5:ea:ae:ce:10:2f:1a:
a6:2d:db:69:c7:e4:f8:f1:e4:96:40:83:e3:42:d4:9d:ba:b1:
75:e8:f1:d7:7f:dd:83:07:42:31:f0:3b:8e:a0:a2:16:12:4a:
1c:d4:e8:d3:68:d5:6a:75:1c:df:d6:81:3d:9d:43:cf:73:ac:
0d:62:12:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSs2k+U/yhMZEhCG0IMfv8KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTI4MTIxOTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTQzOGU3MDU4NzI1ZDQzZDc4ZjljMTI4OTU1YjYxOGQzMzUzYjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNgx8ME0aaqVJqGelUxy8gyMXV+n
VDCOergklh64OGDtkPc6u1fiegwC8Su6yWKiXSc4U4zkywKamjyKRAMFIULiDk3E
g7nmT6dJCHn+QYcHpQzsZVdutu6lYOWF+IJvdrPyPU+z+rexk3rx/d4hLG79KG5B
i6dCCRReVvtG5Y4dOv0xi5zLcZFO/0vc1zM1Vl/bLtgQj9QSmx10vRma+9tpAQ0N
Y4QK/xf3hrCDqS+Ql8QQ+xxGI+w5XKJt13Q/8u4EgRRLvPUc2snhiiKmud0aJasP
+fyLoTPTpJs3xHflvo4fu5u65eKn9maw05lQuo5JLTpF/BjYSbYefnVB3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAFDjnBYcl1D14+cEolVthjTNTs/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQVVPT2NGaHlYVVBYajV3U2lWVzJHTk0xT3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwXwSMA0G
CSqGSIb3DQEBCwUAA4IBAQCA0wZ+30LElSm/Mkatdl0Qj815yJHVVHXIp7EUHj3i
DxR8n3C3y2L2YV3ckmZnf8gofFk+qfsM/yXt9PtjVlCkKFoU3L9YWapftK/UjJkE
thAOlvo4gIHV97ASSTaw40DvPsGMbbZJa70WTtjHiJkov8gA5HxyVL0g5DCedvso
bDlknNU2IBLJvS23gSKGD8ySX7aWGru7t67wu7+QSirXIZLnIg+M23PphZMO8Aem
7qiBxKMxRmO+59nmJqb0e+Xqrs4QLxqmLdtpx+T48eSWQIPjQtSdurF16PHXf92D
B0Ix8DuOoKIWEkoc1OjTaNVqdRzf1oE9nUPPc6wNYhLN
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:48:50 2025 by rpki-client