Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/716a90-d295-4903-90f9-d8c7ef15511d/1/duO9LxBTkVs9bWkFXNzc7GNBnLM.roa
File: duO9LxBTkVs9bWkFXNzc7GNBnLM.roa (raw, json)
Hash identifier: qNyvixX6BJstTr21KHWMkBm39t0mtYSLiR/YYgK3594=
Subject key identifier: 76:E3:BD:2F:10:53:91:5B:3D:6D:69:05:5C:DC:DC:EC:63:41:9C:B3
Certificate issuer: /CN=f344a9f3665084f5009921ac52d119750beed4b4
Certificate serial: 019473BBFA90D33E015824FC523E802062ED
Authority key identifier: F3:44:A9:F3:66:50:84:F5:00:99:21:AC:52:D1:19:75:0B:EE:D4:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/80Sp82ZQhPUAmSGsUtEZdQvu1LQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/716a90-d295-4903-90f9-d8c7ef15511d/1/duO9LxBTkVs9bWkFXNzc7GNBnLM.roa
Signing time: Fri 17 Jan 2025 10:08:06 +0000
ROA not before: Fri 17 Jan 2025 10:08:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1103
IP address blocks: 194.13.116.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:73:bb:fa:90:d3:3e:01:58:24:fc:52:3e:80:20:62:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f344a9f3665084f5009921ac52d119750beed4b4
Validity
Not Before: Jan 17 10:08:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76e3bd2f1053915b3d6d69055cdcdcec63419cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:73:63:fa:5e:fe:7d:c9:b8:48:1b:11:26:52:
97:50:c8:99:3e:e0:e4:3d:8f:cf:fc:87:f2:63:da:
2f:57:37:06:34:5c:12:bf:33:cc:b1:8e:7d:77:04:
23:e5:de:a3:18:6b:10:94:97:ec:56:53:b8:a0:07:
0f:59:35:12:f7:73:44:a8:d2:38:9b:ce:3c:ed:1d:
6c:a3:c7:87:a7:3f:52:ce:79:e4:e2:84:fd:a3:54:
01:3d:64:93:a2:0a:9d:03:84:4c:9b:f5:cd:1b:16:
82:ac:59:57:50:96:78:df:24:fe:48:14:ec:2a:cc:
b6:83:24:82:3d:ac:bb:1e:88:98:d0:06:e8:86:0e:
54:1f:44:1d:a4:a3:99:07:dc:04:e9:ea:42:c6:4a:
15:be:aa:2e:f8:67:ec:49:22:35:7d:80:d2:e5:86:
c5:5a:a9:d0:02:16:29:72:ed:8a:96:03:f9:6b:c1:
b0:06:6c:0c:1c:f3:e2:12:a2:f0:c0:e4:ab:ae:c0:
6b:7f:25:1a:73:4c:74:12:d9:5d:7c:9f:cb:87:55:
97:b9:3d:e2:17:50:5a:1a:79:d5:73:32:ca:3e:49:
e7:d6:25:75:b0:40:b2:aa:57:58:6b:e0:b3:6c:15:
c0:e2:f0:d6:c0:0f:ce:64:f9:a1:64:54:7a:e1:62:
1f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E3:BD:2F:10:53:91:5B:3D:6D:69:05:5C:DC:DC:EC:63:41:9C:B3
X509v3 Authority Key Identifier:
keyid:F3:44:A9:F3:66:50:84:F5:00:99:21:AC:52:D1:19:75:0B:EE:D4:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/80Sp82ZQhPUAmSGsUtEZdQvu1LQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/716a90-d295-4903-90f9-d8c7ef15511d/1/duO9LxBTkVs9bWkFXNzc7GNBnLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/716a90-d295-4903-90f9-d8c7ef15511d/1/80Sp82ZQhPUAmSGsUtEZdQvu1LQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.13.116.0/22
Signature Algorithm: sha256WithRSAEncryption
79:3f:5a:ce:11:57:30:be:ff:a3:6a:b6:b4:10:8b:39:f5:bb:
17:c3:11:ee:29:f7:22:cf:50:b0:08:2f:aa:74:ce:83:1d:8d:
44:7c:e3:59:59:f1:7e:02:df:6d:cc:b0:f9:af:cc:84:9a:67:
72:2d:b8:51:f1:ee:c1:c6:1c:ec:ff:14:e0:66:b2:dc:fd:24:
31:e1:a5:74:4b:c7:bc:c2:13:b2:88:c9:1f:28:ff:37:3a:41:
bc:61:08:e9:93:58:63:76:46:df:36:58:79:cb:52:ec:1b:6a:
f2:61:62:d4:9a:60:80:8a:4a:f1:ec:64:c9:28:a4:40:fa:ca:
7c:f3:f7:8b:80:f8:35:24:b8:30:98:f5:f4:c2:40:73:cf:61:
81:7f:47:28:5e:ba:a0:f4:ad:33:49:d5:9b:32:25:a4:95:97:
9f:c1:7f:26:68:47:0f:ed:58:29:d3:05:e8:9e:a6:4c:09:50:
26:c6:34:83:54:b7:34:50:0b:d9:4a:84:04:66:11:2d:58:59:
0c:54:6c:7f:6a:91:ed:37:0f:06:a9:08:cc:38:38:66:d1:6a:
3e:2b:67:87:79:2e:65:bc:85:e3:a1:28:36:c7:a0:e3:d2:e2:
84:c2:61:9f:9c:0e:df:fb:9b:fb:43:de:01:b5:a1:f0:cf:22:
b5:38:f1:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRzu/qQ0z4BWCT8Uj6AIGLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNDRhOWYzNjY1MDg0ZjUwMDk5MjFhYzUyZDExOTc1MGJl
ZWQ0YjQwHhcNMjUwMTE3MTAwODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmUzYmQyZjEwNTM5MTViM2Q2ZDY5MDU1Y2RjZGNlYzYzNDE5Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHNj+l7+fcm4SBsRJlKXUMiZPuDk
PY/P/IfyY9ovVzcGNFwSvzPMsY59dwQj5d6jGGsQlJfsVlO4oAcPWTUS93NEqNI4
m8487R1so8eHpz9Sznnk4oT9o1QBPWSTogqdA4RMm/XNGxaCrFlXUJZ43yT+SBTs
Ksy2gySCPay7HoiY0Abohg5UH0QdpKOZB9wE6epCxkoVvqou+GfsSSI1fYDS5YbF
WqnQAhYpcu2KlgP5a8GwBmwMHPPiEqLwwOSrrsBrfyUac0x0EtldfJ/Lh1WXuT3i
F1BaGnnVczLKPknn1iV1sECyqldYa+CzbBXA4vDWwA/OZPmhZFR64WIfYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHbjvS8QU5FbPW1pBVzc3OxjQZyzMB8GA1UdIwQY
MBaAFPNEqfNmUIT1AJkhrFLRGXUL7tS0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODBTcDgyWlFoUFVBbVNHc1V0RVpkUXZ1MUxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83MTZhOTAtZDI5NS00OTAzLTkwZjkt
ZDhjN2VmMTU1MTFkLzEvZHVPOUx4QlRrVnM5YldrRlhOemM3R05CbkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83MTZhOTAtZDI5NS00OTAzLTkwZjktZDhjN2VmMTU1MTFk
LzEvODBTcDgyWlFoUFVBbVNHc1V0RVpkUXZ1MUxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwg10MA0G
CSqGSIb3DQEBCwUAA4IBAQB5P1rOEVcwvv+jara0EIs59bsXwxHuKfciz1CwCC+q
dM6DHY1EfONZWfF+At9tzLD5r8yEmmdyLbhR8e7Bxhzs/xTgZrLc/SQx4aV0S8e8
whOyiMkfKP83OkG8YQjpk1hjdkbfNlh5y1LsG2ryYWLUmmCAikrx7GTJKKRA+sp8
8/eLgPg1JLgwmPX0wkBzz2GBf0coXrqg9K0zSdWbMiWklZefwX8maEcP7Vgp0wXo
nqZMCVAmxjSDVLc0UAvZSoQEZhEtWFkMVGx/apHtNw8GqQjMODhm0Wo+K2eHeS5l
vIXjoSg2x6Dj0uKEwmGfnA7f+5v7Q94BtaHwzyK1OPEq
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:46:33 2025 by rpki-client