Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RMA7OjA5fkGtvlOPWRDS-pabw1U.roa
File: RMA7OjA5fkGtvlOPWRDS-pabw1U.roa (raw, json)
Hash identifier: u19jSzGRUm2/kFL/ocmT3a/wZKSv6o1jPY+9SnrxH4U=
Subject key identifier: 44:C0:3B:3A:30:39:7E:41:AD:BE:53:8F:59:10:D2:FA:96:9B:C3:55
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0194EE0657FCD643C5D5B721D871504E08E8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RMA7OjA5fkGtvlOPWRDS-pabw1U.roa
Signing time: Mon 10 Feb 2025 04:03:00 +0000
ROA not before: Mon 10 Feb 2025 04:03:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63023
IP address blocks: 194.87.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ee:06:57:fc:d6:43:c5:d5:b7:21:d8:71:50:4e:08:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 10 04:03:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44c03b3a30397e41adbe538f5910d2fa969bc355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0e:bd:77:16:eb:b1:bb:ad:9b:50:1c:a5:b2:
60:e5:3c:00:cf:30:94:f6:24:a4:1f:38:a8:37:a3:
45:38:93:03:59:61:9d:ec:23:1e:75:21:2a:31:4a:
6f:63:2d:71:f4:4d:14:ef:49:8b:a3:76:25:ee:82:
6e:2d:c1:92:cf:52:c6:5c:72:94:16:64:86:23:c3:
b9:7c:3f:7f:6b:7b:73:3e:39:06:3e:6b:58:35:cb:
cd:84:37:75:de:65:80:72:9b:f0:5e:a2:fb:c3:3d:
e1:80:27:cf:c5:d2:87:69:d0:05:11:b6:93:e7:20:
de:97:d9:f7:fb:c9:2b:00:37:04:99:fc:b4:e5:2c:
ee:ee:7c:df:6b:04:a9:08:8b:79:9b:f4:ba:e2:b6:
66:68:4b:14:76:b2:89:f9:4d:b4:7c:8d:df:a7:ae:
e1:b0:9c:80:d7:c7:04:7c:93:1e:68:e4:41:9f:bc:
25:07:dd:94:0d:db:42:be:71:cf:5b:f7:3a:26:67:
00:9f:d9:1f:b1:1c:af:78:7a:ec:60:76:35:4f:37:
0f:57:9e:45:43:c6:fc:38:3f:85:67:8a:93:40:b3:
df:0e:c3:42:e5:e8:e0:bc:dd:dd:e6:da:3c:86:54:
0a:ae:d2:45:a2:e3:2a:f8:77:fa:bb:b5:ad:cc:bf:
72:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C0:3B:3A:30:39:7E:41:AD:BE:53:8F:59:10:D2:FA:96:9B:C3:55
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RMA7OjA5fkGtvlOPWRDS-pabw1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.87.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:27:c0:da:9f:c8:01:42:74:dd:4e:19:2e:61:9d:38:da:8e:
c0:8f:f7:57:ff:36:67:aa:27:08:ad:80:01:96:c9:98:e7:86:
6f:7b:17:2e:6f:91:a5:82:70:77:f1:ee:0e:8c:bd:7e:c1:a1:
52:13:df:26:b6:63:91:aa:2c:9c:1a:16:4d:ed:5b:ae:15:e8:
7e:f5:04:01:12:f9:1b:24:2c:04:e7:ec:cd:b6:e3:d4:4a:e0:
9b:bc:92:15:9d:2d:c7:73:5d:f1:cc:05:0e:23:d8:2c:6b:e1:
fb:f7:46:bb:ab:5e:16:97:ca:ab:9f:d3:76:97:9e:58:fb:e5:
c6:f8:05:11:04:30:ed:93:a1:57:51:b3:3a:de:42:00:ae:42:
ff:b3:da:ab:a5:20:aa:69:ab:d5:ed:3a:07:ad:e1:1e:f4:6b:
fd:63:e1:d0:25:f7:c2:77:9c:5d:ad:71:da:16:0c:a7:ba:a4:
03:21:ca:2d:46:7d:ec:5f:48:a5:4b:c5:f1:32:f8:1f:c5:ff:
99:d0:01:5c:4b:d2:6b:57:9f:d1:6f:73:39:c9:41:e8:f1:2b:
fc:1a:a7:4c:53:89:26:03:98:14:54:1e:2d:33:b8:4c:a7:8f:
d5:8e:a3:e1:c9:90:e1:e0:10:46:cc:d4:35:4c:ca:ce:52:0f:
49:d0:0e:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTuBlf81kPF1bch2HFQTgjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMjEwMDQwMzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGMwM2IzYTMwMzk3ZTQxYWRiZTUzOGY1OTEwZDJmYTk2OWJjMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg69dxbrsbutm1AcpbJg5TwAzzCU
9iSkHzioN6NFOJMDWWGd7CMedSEqMUpvYy1x9E0U70mLo3Yl7oJuLcGSz1LGXHKU
FmSGI8O5fD9/a3tzPjkGPmtYNcvNhDd13mWAcpvwXqL7wz3hgCfPxdKHadAFEbaT
5yDel9n3+8krADcEmfy05Szu7nzfawSpCIt5m/S64rZmaEsUdrKJ+U20fI3fp67h
sJyA18cEfJMeaORBn7wlB92UDdtCvnHPW/c6JmcAn9kfsRyveHrsYHY1TzcPV55F
Q8b8OD+FZ4qTQLPfDsNC5ejgvN3d5to8hlQKrtJFouMq+Hf6u7WtzL9yzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFETAOzowOX5Brb5Tj1kQ0vqWm8NVMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUk1BN09qQTVma0d0dmxPUFdSRFMtcGFidzFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwldXMA0G
CSqGSIb3DQEBCwUAA4IBAQAMJ8Dan8gBQnTdThkuYZ042o7Aj/dX/zZnqicIrYAB
lsmY54Zvexcub5GlgnB38e4OjL1+waFSE98mtmORqiycGhZN7VuuFeh+9QQBEvkb
JCwE5+zNtuPUSuCbvJIVnS3Hc13xzAUOI9gsa+H790a7q14Wl8qrn9N2l55Y++XG
+AURBDDtk6FXUbM63kIArkL/s9qrpSCqaavV7ToHreEe9Gv9Y+HQJffCd5xdrXHa
FgynuqQDIcotRn3sX0ilS8XxMvgfxf+Z0AFcS9JrV5/Rb3M5yUHo8Sv8GqdMU4km
A5gUVB4tM7hMp4/VjqPhyZDh4BBGzNQ1TMrOUg9J0A73
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:20:09 2025 by rpki-client