Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b1M_odWS1wnODyUT78rlk4E87Yc.roa
File: b1M_odWS1wnODyUT78rlk4E87Yc.roa (raw, json)
Hash identifier: 6UqnlgnQPQ1ggpX9GbaXVjMPsY+R0jYME3HFeb52Eig=
Subject key identifier: 6F:53:3F:A1:D5:92:D7:09:CE:0F:25:13:EF:CA:E5:93:81:3C:ED:87
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0194282511A1BC8E00A7C334CAE1D0E67F77
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b1M_odWS1wnODyUT78rlk4E87Yc.roa
Signing time: Thu 02 Jan 2025 17:51:45 +0000
ROA not before: Thu 02 Jan 2025 17:51:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214639
IP address blocks: 194.87.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:11:a1:bc:8e:00:a7:c3:34:ca:e1:d0:e6:7f:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f533fa1d592d709ce0f2513efcae593813ced87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a5:62:31:6a:c5:48:e1:33:4c:05:c8:d1:bc:
36:25:2f:20:b6:fa:a7:47:e4:8e:e4:70:bd:61:b4:
26:c4:20:b3:ce:57:b0:00:57:7f:27:ad:e6:a5:e5:
1a:a1:da:ff:36:f9:f6:8b:de:9b:9e:15:4a:ef:8d:
f5:39:2b:fb:c3:6e:6f:a5:0e:51:2c:1b:96:b4:a2:
80:b1:73:49:d5:34:b5:69:82:57:31:87:53:cf:a7:
7b:a1:08:e8:23:24:53:d6:6e:26:bd:26:3e:d0:4c:
a8:30:a5:b5:54:7f:d8:6b:13:40:d0:0f:ef:ff:5d:
da:2e:08:e7:e6:34:29:92:1c:d5:7d:1e:bb:06:4f:
b5:49:bd:11:a2:3b:bc:f8:24:86:89:36:b0:7e:5a:
a7:bd:22:9b:e9:ef:7d:ae:fa:03:9a:3e:cb:98:36:
33:2f:3e:9d:58:66:03:f7:f4:5a:90:fd:ea:e2:63:
5a:12:10:ca:d3:48:ec:bf:26:04:4b:28:13:98:10:
88:16:8a:ab:6b:cb:a6:ae:b6:f6:5e:f3:aa:f2:94:
9c:ed:d1:53:92:73:8c:53:2c:da:29:e0:86:fd:32:
e3:a4:93:9c:6f:78:e8:27:6d:ca:01:c2:c1:74:70:
10:d7:26:ad:b6:4d:b4:c6:38:08:13:d1:2c:a1:df:
b8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:53:3F:A1:D5:92:D7:09:CE:0F:25:13:EF:CA:E5:93:81:3C:ED:87
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b1M_odWS1wnODyUT78rlk4E87Yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.2.0/24
Signature Algorithm: sha256WithRSAEncryption
94:9b:09:63:a2:76:ce:1e:c7:70:63:7f:eb:7b:ed:fa:32:f3:
2c:79:9e:13:38:6e:ff:eb:ad:9c:96:82:da:6c:c2:8f:d7:2a:
32:b4:8f:8c:11:2e:0f:3a:9c:54:c4:61:eb:ae:04:ca:73:45:
a7:82:31:ad:5d:a1:dc:63:c2:aa:54:ce:e9:c8:9e:60:57:ed:
11:33:e4:0b:c5:06:78:8f:26:a4:e8:06:08:15:ef:e8:b6:8f:
82:b9:03:76:b2:c9:b7:41:31:6c:98:c5:15:14:d3:35:81:db:
e6:2a:cf:36:b8:55:98:ce:9f:0b:13:5b:96:ab:23:67:ca:db:
3c:83:22:d7:9e:7b:a8:ec:66:f0:13:39:c1:20:23:28:23:de:
23:a0:7a:5c:fc:58:5d:8d:bd:46:e0:ec:be:27:38:23:6e:6c:
65:84:23:e2:ee:fc:b1:8b:0e:6a:5e:bb:71:14:a9:6f:01:74:
8b:5d:f1:e3:38:5c:ec:e1:b8:09:dd:2c:f4:a7:fd:ab:eb:9a:
4a:09:55:f8:82:c5:75:88:7a:01:a2:72:a5:c9:79:3f:11:60:
29:f0:f1:28:e4:01:14:2c:33:7a:61:41:57:2d:39:62:75:a1:
29:5a:53:9c:ef:39:85:45:b0:ce:a0:c5:e7:89:46:a3:66:cf:
94:48:2c:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJRGhvI4Ap8M0yuHQ5n93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjUzM2ZhMWQ1OTJkNzA5Y2UwZjI1MTNlZmNhZTU5MzgxM2NlZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKViMWrFSOEzTAXI0bw2JS8gtvqn
R+SO5HC9YbQmxCCzzlewAFd/J63mpeUaodr/Nvn2i96bnhVK7431OSv7w25vpQ5R
LBuWtKKAsXNJ1TS1aYJXMYdTz6d7oQjoIyRT1m4mvSY+0EyoMKW1VH/YaxNA0A/v
/13aLgjn5jQpkhzVfR67Bk+1Sb0Roju8+CSGiTawflqnvSKb6e99rvoDmj7LmDYz
Lz6dWGYD9/RakP3q4mNaEhDK00jsvyYESygTmBCIFoqra8umrrb2XvOq8pSc7dFT
knOMUyzaKeCG/TLjpJOcb3joJ23KAcLBdHAQ1yattk20xjgIE9Esod+4eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG9TP6HVktcJzg8lE+/K5ZOBPO2HMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYjFNX29kV1Mxd25PRHlVVDc4cmxrNEU4N1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlcCMA0G
CSqGSIb3DQEBCwUAA4IBAQCUmwljonbOHsdwY3/re+36MvMseZ4TOG7/662cloLa
bMKP1yoytI+MES4POpxUxGHrrgTKc0WngjGtXaHcY8KqVM7pyJ5gV+0RM+QLxQZ4
jyak6AYIFe/oto+CuQN2ssm3QTFsmMUVFNM1gdvmKs82uFWYzp8LE1uWqyNnyts8
gyLXnnuo7GbwEznBICMoI94joHpc/Fhdjb1G4Oy+JzgjbmxlhCPi7vyxiw5qXrtx
FKlvAXSLXfHjOFzs4bgJ3Sz0p/2r65pKCVX4gsV1iHoBonKlyXk/EWAp8PEo5AEU
LDN6YUFXLTlidaEpWlOc7zmFRbDOoMXniUajZs+USCwC
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:38:09 2025 by rpki-client