Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/VehV-DaGpdPd27h7BeCPuf7XgGU.roa
File: VehV-DaGpdPd27h7BeCPuf7XgGU.roa (raw, json)
Hash identifier: sAalVTrnmg6yf8SFv/nnSyHMnXSPLWE6BdkaiXIz7ts=
Subject key identifier: 55:E8:55:F8:36:86:A5:D3:DD:DB:B8:7B:05:E0:8F:B9:FE:D7:80:65
Certificate issuer: /CN=dfc2603437ef74117fa12272ec42c2527da800c7
Certificate serial: 019424455306A2975C08EF47564AD6E27AC1
Authority key identifier: DF:C2:60:34:37:EF:74:11:7F:A1:22:72:EC:42:C2:52:7D:A8:00:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/38JgNDfvdBF_oSJy7ELCUn2oAMc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/VehV-DaGpdPd27h7BeCPuf7XgGU.roa
Signing time: Wed 01 Jan 2025 23:48:30 +0000
ROA not before: Wed 01 Jan 2025 23:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198175
IP address blocks: 193.134.8.0/21 maxlen: 21
2a10:8240::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:53:06:a2:97:5c:08:ef:47:56:4a:d6:e2:7a:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfc2603437ef74117fa12272ec42c2527da800c7
Validity
Not Before: Jan 1 23:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55e855f83686a5d3dddbb87b05e08fb9fed78065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ad:44:47:83:6f:ee:4e:a3:ee:89:d3:ad:cd:
38:22:e7:84:7d:cb:37:18:29:30:20:b4:4b:90:f3:
2d:38:75:1d:4a:19:56:20:51:a4:d0:ad:ee:e4:99:
5b:61:f2:25:6b:47:82:c3:18:c8:96:16:7d:85:27:
e4:2b:0b:25:7d:77:16:24:af:9f:c9:8a:4d:73:7f:
5c:ef:ad:b3:1f:5a:bd:ed:9b:a5:ff:9e:30:8a:ad:
ac:3e:19:21:08:93:74:e9:ed:ba:b1:2b:fc:08:ed:
63:83:79:22:c7:48:23:e8:24:01:7c:13:c0:09:7a:
d0:58:46:4c:72:5f:f2:76:77:97:05:70:84:91:2a:
d2:9e:f4:8f:13:0d:c2:d8:61:3d:ac:1d:d3:93:83:
fa:81:c1:f4:81:9d:ad:4d:aa:f2:e5:45:4c:91:f6:
95:bf:f1:06:15:e3:bd:12:fe:c4:c5:e2:99:2b:c2:
b7:21:3d:a6:08:3e:44:4e:c9:02:85:ee:97:e1:72:
7d:a2:c1:df:52:b7:be:45:86:01:ab:05:ee:8d:7a:
56:a8:c6:36:1d:2a:5c:03:88:69:62:11:e0:78:aa:
1b:a4:f0:14:1b:f1:16:cd:86:0f:1b:e0:10:b0:b8:
05:78:5a:2b:e4:0d:54:05:9b:80:62:6c:a5:87:a6:
35:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:E8:55:F8:36:86:A5:D3:DD:DB:B8:7B:05:E0:8F:B9:FE:D7:80:65
X509v3 Authority Key Identifier:
keyid:DF:C2:60:34:37:EF:74:11:7F:A1:22:72:EC:42:C2:52:7D:A8:00:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/38JgNDfvdBF_oSJy7ELCUn2oAMc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/VehV-DaGpdPd27h7BeCPuf7XgGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/38JgNDfvdBF_oSJy7ELCUn2oAMc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.8.0/21
IPv6:
2a10:8240::/32
Signature Algorithm: sha256WithRSAEncryption
3a:ff:fa:18:54:4d:42:98:59:8d:63:54:80:a1:55:fd:cc:c7:
2b:87:bb:5c:bd:97:8c:eb:4c:1a:12:46:3f:8d:e2:d5:8f:5b:
e5:b7:e9:5b:43:d3:f9:f1:42:83:2f:86:0e:de:d0:14:51:8a:
0f:e3:8f:1b:77:04:d6:64:49:cf:1a:c1:b0:a4:c9:ea:46:bd:
52:85:62:26:42:6f:84:28:7f:13:ff:25:ac:2f:31:7e:34:58:
59:dd:03:8d:d6:3c:dd:19:05:c1:17:dd:b1:e0:64:3f:89:88:
9c:67:00:4f:13:df:79:97:03:7f:ba:58:f1:8b:3a:9a:42:67:
9d:a0:b1:19:63:6b:87:82:d6:6c:b6:8f:ea:18:ed:66:fb:77:
2d:a7:58:e6:70:f6:90:25:f3:dc:72:c8:39:2a:3d:7a:23:cd:
09:f3:41:41:b9:e7:e2:58:d3:8f:e9:b2:c0:ff:98:af:ef:ff:
df:a0:52:84:71:45:3c:1a:b7:ca:06:9c:31:63:a6:cf:07:dd:
25:f1:b1:53:bf:23:26:cc:0d:5a:b5:ef:89:d6:25:7e:46:f5:
59:75:a3:95:1e:fc:14:f2:99:fb:fe:76:b4:c8:1f:b3:ba:b2:
3c:86:11:1f:3c:d7:9f:1d:0c:4e:35:1e:88:e5:29:12:26:20:
e6:c9:d8:f9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRVMGopdcCO9HVkrW4nrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYzI2MDM0MzdlZjc0MTE3ZmExMjI3MmVjNDJjMjUyN2Rh
ODAwYzcwHhcNMjUwMTAxMjM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWU4NTVmODM2ODZhNWQzZGRkYmI4N2IwNWUwOGZiOWZlZDc4MDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5K1ER4Nv7k6j7onTrc04IueEfcs3
GCkwILRLkPMtOHUdShlWIFGk0K3u5JlbYfIla0eCwxjIlhZ9hSfkKwslfXcWJK+f
yYpNc39c762zH1q97Zul/54wiq2sPhkhCJN06e26sSv8CO1jg3kix0gj6CQBfBPA
CXrQWEZMcl/ydneXBXCEkSrSnvSPEw3C2GE9rB3Tk4P6gcH0gZ2tTary5UVMkfaV
v/EGFeO9Ev7ExeKZK8K3IT2mCD5ETskChe6X4XJ9osHfUre+RYYBqwXujXpWqMY2
HSpcA4hpYhHgeKobpPAUG/EWzYYPG+AQsLgFeFor5A1UBZuAYmylh6Y1HwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFXoVfg2hqXT3du4ewXgj7n+14BlMB8GA1UdIwQY
MBaAFN/CYDQ373QRf6EicuxCwlJ9qADHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzhKZ05EZnZkQkZfb1NKeTdFTENVbjJvQU1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9iNTVlNDAtZDhiZS00OGQ5LWJkNTUt
YzgzMDA3MzI3NDQ5LzEvVmVoVi1EYUdwZFBkMjdoN0JlQ1B1ZjdYZ0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9iNTVlNDAtZDhiZS00OGQ5LWJkNTUtYzgzMDA3MzI3NDQ5
LzEvMzhKZ05EZnZkQkZfb1NKeTdFTENVbjJvQU1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDwYYIMA0E
AgACMAcDBQAqEIJAMA0GCSqGSIb3DQEBCwUAA4IBAQA6//oYVE1CmFmNY1SAoVX9
zMcrh7tcvZeM60waEkY/jeLVj1vlt+lbQ9P58UKDL4YO3tAUUYoP448bdwTWZEnP
GsGwpMnqRr1ShWImQm+EKH8T/yWsLzF+NFhZ3QON1jzdGQXBF92x4GQ/iYicZwBP
E995lwN/uljxizqaQmedoLEZY2uHgtZsto/qGO1m+3ctp1jmcPaQJfPccsg5Kj16
I80J80FBuefiWNOP6bLA/5iv7//foFKEcUU8GrfKBpwxY6bPB90l8bFTvyMmzA1a
te+J1iV+RvVZdaOVHvwU8pn7/na0yB+zurI8hhEfPNefHQxONR6I5SkSJiDmydj5
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:27 2025 by rpki-client