Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/35f1cd-a424-41ef-8b3e-3bd2243b030b/1/tiQe2pvdsfczW5IwtguYSqifePk.roa
File: tiQe2pvdsfczW5IwtguYSqifePk.roa (raw, json)
Hash identifier: 1ekv6zCAFR3p/Ch5PiJRX7eZOTgZgsLY06QRvh5ceFI=
Subject key identifier: B6:24:1E:DA:9B:DD:B1:F7:33:5B:92:30:B6:0B:98:4A:A8:9F:78:F9
Certificate issuer: /CN=4af4671bbfe1e38cccff8c9340039963344f23a3
Certificate serial: 018CC9BCE9CCD5663A6AFB44AB21F548146D
Authority key identifier: 4A:F4:67:1B:BF:E1:E3:8C:CC:FF:8C:93:40:03:99:63:34:4F:23:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SvRnG7_h44zM_4yTQAOZYzRPI6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/35f1cd-a424-41ef-8b3e-3bd2243b030b/1/tiQe2pvdsfczW5IwtguYSqifePk.roa
Signing time: Tue 02 Jan 2024 10:34:10 +0000
ROA not before: Tue 02 Jan 2024 10:34:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208241
IP address blocks: 194.29.52.0/24 maxlen: 24
2a11:87c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e9:cc:d5:66:3a:6a:fb:44:ab:21:f5:48:14:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4af4671bbfe1e38cccff8c9340039963344f23a3
Validity
Not Before: Jan 2 10:34:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6241eda9bddb1f7335b9230b60b984aa89f78f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ca:74:35:d1:1f:b5:42:b6:01:74:a6:35:bf:
b1:4b:82:3a:ec:da:44:55:42:b0:fc:02:f4:d8:2d:
94:72:07:23:c7:c8:ae:37:ac:1f:ce:7c:d0:42:1d:
9a:51:88:6e:bc:c5:cf:f0:1d:f3:10:92:3a:45:cc:
5a:45:93:d2:a4:9b:a7:8b:18:02:3e:4b:6b:36:3b:
2b:a8:7a:10:72:97:c1:42:e9:95:06:a2:6c:61:56:
4a:13:8b:fd:a7:00:9d:5d:85:c7:64:63:25:7f:4a:
e9:ac:7a:0b:7d:65:9f:db:3f:1c:55:20:36:19:ea:
ff:c4:67:e0:77:b0:b7:b1:9d:f3:4d:4a:5c:08:d2:
48:33:2f:f0:9f:7d:37:d5:b7:c8:45:2d:ea:1a:a4:
57:c8:08:98:ff:07:7e:ef:4c:5f:91:5b:8b:d1:0e:
85:13:df:a5:00:88:b3:50:64:dd:95:ff:ae:d0:52:
6c:7a:01:80:e1:b1:14:f4:48:46:77:3c:9e:b9:a3:
49:09:32:33:94:c2:5c:8d:ae:77:a0:ed:85:29:9b:
89:e1:d6:72:1c:63:19:13:8d:1a:a3:82:e0:73:9d:
86:18:56:9f:33:70:24:60:26:35:6a:5f:51:05:a6:
1a:02:9a:76:b3:25:9c:4d:74:07:03:27:65:b4:f7:
0d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:24:1E:DA:9B:DD:B1:F7:33:5B:92:30:B6:0B:98:4A:A8:9F:78:F9
X509v3 Authority Key Identifier:
keyid:4A:F4:67:1B:BF:E1:E3:8C:CC:FF:8C:93:40:03:99:63:34:4F:23:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SvRnG7_h44zM_4yTQAOZYzRPI6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/35f1cd-a424-41ef-8b3e-3bd2243b030b/1/tiQe2pvdsfczW5IwtguYSqifePk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/35f1cd-a424-41ef-8b3e-3bd2243b030b/1/SvRnG7_h44zM_4yTQAOZYzRPI6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.29.52.0/24
IPv6:
2a11:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
44:4e:98:fc:f1:a0:80:04:6d:8b:36:54:de:06:92:fa:60:fe:
d8:27:6b:be:5f:9f:df:89:a3:5c:8c:e5:92:66:0c:79:16:51:
cb:7f:2d:da:f0:10:9e:bf:c2:ed:56:e7:53:96:38:7c:b1:b4:
1b:fa:9d:06:b6:9b:31:cd:77:0a:8a:63:5b:d0:84:89:4f:12:
9a:1d:52:f8:2c:0d:6b:dd:1b:78:ac:c6:d1:6d:35:d8:a5:86:
3d:08:e8:08:3f:38:93:19:02:37:08:0f:6a:1b:29:51:3e:20:
03:11:06:a6:2a:36:a8:a9:9d:92:4b:d1:63:d5:e4:18:3f:a8:
53:db:3a:b7:d4:24:70:89:05:1a:cb:f9:21:26:db:14:78:fd:
69:6c:75:b0:4a:e6:c2:d2:59:80:41:77:87:95:7a:54:f3:82:
54:7b:f3:b4:b0:57:87:85:61:de:02:dc:2c:c2:db:fa:cf:ce:
b9:35:a1:0f:6b:5a:a2:8e:82:22:4d:28:27:2d:03:9e:e6:99:
2d:50:74:31:c2:28:0f:71:c2:91:16:8c:35:72:1b:c0:b5:de:
3c:11:29:08:41:19:bf:7b:51:90:1b:39:62:b2:b1:39:8c:bb:
40:06:c7:88:4c:c5:81:85:22:57:96:be:82:d4:92:2b:93:58:
26:a3:b3:74
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvOnM1WY6avtEqyH1SBRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZjQ2NzFiYmZlMWUzOGNjY2ZmOGM5MzQwMDM5OTYzMzQ0
ZjIzYTMwHhcNMjQwMTAyMTAzNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjI0MWVkYTliZGRiMWY3MzM1YjkyMzBiNjBiOTg0YWE4OWY3OGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscp0NdEftUK2AXSmNb+xS4I67NpE
VUKw/AL02C2Ucgcjx8iuN6wfznzQQh2aUYhuvMXP8B3zEJI6RcxaRZPSpJunixgC
PktrNjsrqHoQcpfBQumVBqJsYVZKE4v9pwCdXYXHZGMlf0rprHoLfWWf2z8cVSA2
Ger/xGfgd7C3sZ3zTUpcCNJIMy/wn3031bfIRS3qGqRXyAiY/wd+70xfkVuL0Q6F
E9+lAIizUGTdlf+u0FJsegGA4bEU9EhGdzyeuaNJCTIzlMJcja53oO2FKZuJ4dZy
HGMZE40ao4Lgc52GGFafM3AkYCY1al9RBaYaApp2syWcTXQHAydltPcNoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLYkHtqb3bH3M1uSMLYLmEqon3j5MB8GA1UdIwQY
MBaAFEr0Zxu/4eOMzP+Mk0ADmWM0TyOjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3ZSbkc3X2g0NHpNXzR5VFFBT1pZelJQSTZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNWYxY2QtYTQyNC00MWVmLThiM2Ut
M2JkMjI0M2IwMzBiLzEvdGlRZTJwdmRzZmN6VzVJd3RndVlTcWlmZVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNWYxY2QtYTQyNC00MWVmLThiM2UtM2JkMjI0M2IwMzBi
LzEvU3ZSbkc3X2g0NHpNXzR5VFFBT1pZelJQSTZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwh00MA0E
AgACMAcDBQMqEYfAMA0GCSqGSIb3DQEBCwUAA4IBAQBETpj88aCABG2LNlTeBpL6
YP7YJ2u+X5/fiaNcjOWSZgx5FlHLfy3a8BCev8LtVudTljh8sbQb+p0GtpsxzXcK
imNb0ISJTxKaHVL4LA1r3Rt4rMbRbTXYpYY9COgIPziTGQI3CA9qGylRPiADEQam
KjaoqZ2SS9Fj1eQYP6hT2zq31CRwiQUay/khJtsUeP1pbHWwSubC0lmAQXeHlXpU
84JUe/O0sFeHhWHeAtwswtv6z865NaEPa1qijoIiTSgnLQOe5pktUHQxwigPccKR
Fow1chvAtd48ESkIQRm/e1GQGzlisrE5jLtABseITMWBhSJXlr6C1JIrk1gmo7N0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:23 2025 by rpki-client