Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/1kgZJmOWN2P6OTtS3KfptwfbwxI.roa
File: 1kgZJmOWN2P6OTtS3KfptwfbwxI.roa (raw, json)
Hash identifier: L+33Z43zlDgg9rBYpRGlb7CFyx86DDFkcpmLnCTr/wg=
Subject key identifier: D6:48:19:26:63:96:37:63:FA:39:3B:52:DC:A7:E9:B7:07:DB:C3:12
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747D6D04F73DA373B180FBC8332E1E9
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/1kgZJmOWN2P6OTtS3KfptwfbwxI.roa
Signing time: Thu 02 Jan 2025 13:50:06 +0000
ROA not before: Thu 02 Jan 2025 13:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56382
IP address blocks: 194.50.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d6:d0:4f:73:da:37:3b:18:0f:bc:83:32:e1:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d648192663963763fa393b52dca7e9b707dbc312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e3:0d:0b:16:84:58:e1:43:06:69:d0:40:76:
7c:cf:16:07:ad:0c:08:3e:1d:bc:51:42:b6:2f:7f:
d3:6c:91:04:67:07:c8:3c:01:d1:fd:ad:e4:21:ae:
19:1b:6d:51:52:17:8c:20:cd:f2:20:11:01:91:22:
3c:fd:5a:09:80:21:9b:62:46:2c:bc:b3:1a:81:15:
bd:48:f2:5a:ba:0b:bb:a5:ad:98:72:39:fc:db:87:
f3:31:2e:45:61:b0:b2:a7:8d:dd:96:f7:04:5d:b3:
aa:4d:61:d6:af:20:1a:48:4e:5d:10:98:d6:2c:10:
b4:12:86:9e:45:0a:69:8b:27:51:6e:64:4f:9f:b1:
87:54:ac:05:90:89:9d:48:d0:c4:36:e2:3f:04:c0:
2b:8e:3e:bc:f9:82:8f:24:48:02:01:5a:c7:32:a2:
c7:02:e1:cd:9d:83:6d:60:99:5f:03:41:c7:f6:5d:
62:d7:b4:98:d0:7a:ad:de:56:a1:27:92:50:56:f8:
25:c8:f4:95:b7:8b:fc:be:5b:a9:9e:88:e0:c4:ab:
d5:69:72:6c:ef:d8:9e:5d:e1:d0:71:56:90:40:d9:
39:75:b0:b5:2d:1f:4d:16:0a:89:d0:67:14:9a:17:
cb:6b:5e:26:2b:aa:e5:33:df:16:6a:26:5a:b3:42:
8f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:48:19:26:63:96:37:63:FA:39:3B:52:DC:A7:E9:B7:07:DB:C3:12
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/1kgZJmOWN2P6OTtS3KfptwfbwxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.19.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:0c:ad:14:80:48:3c:77:17:b8:0a:5c:02:f0:e9:95:88:8a:
0e:d5:74:6a:7d:fa:ee:19:36:79:d5:0b:be:0e:1e:e0:ad:f6:
b8:dc:07:35:32:a7:7e:96:30:c5:5c:f4:2c:5f:5f:10:b1:0b:
c5:f2:d4:82:a9:3d:61:f1:b9:bd:f2:38:64:4c:94:31:81:94:
c2:83:7e:85:6a:38:b2:91:d2:49:28:8b:ef:e4:7d:d0:9d:7a:
0d:c5:a9:97:fd:85:93:ac:26:30:6b:5c:dc:60:a5:87:07:a9:
03:22:8f:bf:9a:7a:7f:1a:5e:12:9f:9f:f9:8a:4f:14:5e:64:
cf:06:10:03:3f:b0:a9:0f:97:2d:cd:1d:12:f0:bf:c3:7a:ee:
b2:46:9b:f4:c6:9c:d5:68:ea:55:b5:2d:56:5e:8d:66:1b:f2:
76:73:5b:2b:28:19:09:65:c2:de:cd:5e:d6:9a:f7:0b:9b:a0:
42:8a:31:a8:0a:11:da:5f:c8:7c:a2:d9:3c:b7:b1:3e:cb:19:
32:3e:4f:db:6d:98:52:c5:4e:9d:2e:76:be:d5:df:43:b2:47:
b4:a2:73:39:26:0e:6b:eb:ee:f6:da:51:87:66:3b:62:ae:26:
80:4e:eb:ce:20:bb:ed:59:b2:35:61:d2:ef:c2:99:1e:07:94:
ad:d4:d9:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR9bQT3PaNzsYD7yDMuHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQ4MTkyNjYzOTYzNzYzZmEzOTNiNTJkY2E3ZTliNzA3ZGJjMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveMNCxaEWOFDBmnQQHZ8zxYHrQwI
Ph28UUK2L3/TbJEEZwfIPAHR/a3kIa4ZG21RUheMIM3yIBEBkSI8/VoJgCGbYkYs
vLMagRW9SPJaugu7pa2Ycjn824fzMS5FYbCyp43dlvcEXbOqTWHWryAaSE5dEJjW
LBC0EoaeRQppiydRbmRPn7GHVKwFkImdSNDENuI/BMArjj68+YKPJEgCAVrHMqLH
AuHNnYNtYJlfA0HH9l1i17SY0Hqt3lahJ5JQVvglyPSVt4v8vlupnojgxKvVaXJs
79ieXeHQcVaQQNk5dbC1LR9NFgqJ0GcUmhfLa14mK6rlM98WaiZas0KPYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZIGSZjljdj+jk7Utyn6bcH28MSMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvMWtnWkptT1dOMlA2T1R0UzNLZnB0d2Zid3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjITMA0G
CSqGSIb3DQEBCwUAA4IBAQDIDK0UgEg8dxe4ClwC8OmViIoO1XRqffruGTZ51Qu+
Dh7grfa43Ac1Mqd+ljDFXPQsX18QsQvF8tSCqT1h8bm98jhkTJQxgZTCg36Fajiy
kdJJKIvv5H3QnXoNxamX/YWTrCYwa1zcYKWHB6kDIo+/mnp/Gl4Sn5/5ik8UXmTP
BhADP7CpD5ctzR0S8L/Deu6yRpv0xpzVaOpVtS1WXo1mG/J2c1srKBkJZcLezV7W
mvcLm6BCijGoChHaX8h8otk8t7E+yxkyPk/bbZhSxU6dLna+1d9Dske0onM5Jg5r
6+722lGHZjtiriaATuvOILvtWbI1YdLvwpkeB5St1Nky
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:01:43 2025 by rpki-client