Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/iIDxyZI7f69mJkZ2Wv7XkahzbJk.roa
File: iIDxyZI7f69mJkZ2Wv7XkahzbJk.roa (raw, json)
Hash identifier: +LiZiCI3CHohIXxSoLr49Tx7ntAiVnERXS5bwyYZ1ps=
Subject key identifier: 88:80:F1:C9:92:3B:7F:AF:66:26:46:76:5A:FE:D7:91:A8:73:6C:99
Certificate issuer: /CN=42ce759320195b9cc18ccfcb1b532aea949258f1
Certificate serial: 019427B6112A212ED0990F3E5F4F5B36AA4D
Authority key identifier: 42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/iIDxyZI7f69mJkZ2Wv7XkahzbJk.roa
Signing time: Thu 02 Jan 2025 15:50:30 +0000
ROA not before: Thu 02 Jan 2025 15:50:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136796
IP address blocks: 194.61.236.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:11:2a:21:2e:d0:99:0f:3e:5f:4f:5b:36:aa:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42ce759320195b9cc18ccfcb1b532aea949258f1
Validity
Not Before: Jan 2 15:50:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8880f1c9923b7faf662646765afed791a8736c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:68:7f:ab:ee:64:bf:28:30:47:58:e0:22:7e:
08:53:3f:2e:bb:b4:6a:c1:a0:ef:9f:72:0b:99:bc:
c3:82:7d:e1:dc:d6:4c:f1:f3:84:ec:77:51:a1:f4:
9f:c2:26:e5:2a:ea:bb:df:d2:43:39:bf:2a:65:c0:
42:1d:83:a9:e2:2b:f4:06:e5:22:7b:1f:2a:cf:e0:
aa:80:26:31:fd:f6:79:f4:30:75:c9:90:96:15:c4:
01:6d:a2:ad:40:e9:8d:f7:e2:e0:91:24:13:1b:df:
d9:97:98:07:d6:e9:11:4a:c2:74:e7:32:a7:aa:b0:
83:27:59:4a:b9:28:9f:df:55:fa:dc:c3:48:9b:c7:
f5:e5:92:25:bb:46:8e:92:fb:bf:41:68:39:2e:7b:
7b:4a:a9:e9:13:63:f6:b1:87:e6:7f:71:9e:94:27:
37:f2:19:4f:fc:e3:4d:26:e0:89:42:19:5e:3e:71:
6d:8d:4e:5c:22:41:0e:7c:a8:ca:46:2d:eb:09:9a:
81:e1:88:5a:06:d4:05:90:aa:e3:71:15:53:9e:0f:
20:88:a2:ae:6b:98:68:cb:0b:d2:a5:48:98:2c:e0:
f1:48:5e:d2:c7:97:c4:b2:99:99:37:b0:ae:cf:4f:
af:9a:a1:6a:e5:e9:42:43:f0:b2:d5:97:b3:e4:89:
ea:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:80:F1:C9:92:3B:7F:AF:66:26:46:76:5A:FE:D7:91:A8:73:6C:99
X509v3 Authority Key Identifier:
keyid:42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/iIDxyZI7f69mJkZ2Wv7XkahzbJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.61.236.0/23
Signature Algorithm: sha256WithRSAEncryption
27:22:0a:51:19:8a:10:44:6f:41:1e:a6:ba:13:d2:c6:22:06:
96:3b:ae:bf:cd:a9:27:4c:17:ff:61:0f:5b:ed:a5:d8:a1:51:
d6:8f:c7:a2:72:9e:06:f4:fd:1d:77:e6:7b:0c:f3:63:96:b3:
81:cb:6a:cc:e9:33:48:ab:29:ec:dc:b9:aa:77:85:7b:4b:97:
bb:c1:07:6a:2b:56:ee:45:3d:1b:53:7d:e1:1d:0f:25:4f:c4:
1c:db:3f:0b:3b:92:57:18:6e:ec:57:42:55:4d:3d:04:aa:62:
8b:a0:86:bb:7d:29:51:e1:02:39:1e:02:37:35:59:11:da:4a:
5d:46:43:78:df:14:d5:b6:bc:cb:70:d1:01:42:ff:d3:f0:59:
10:bc:8a:66:f5:74:b3:d2:d9:40:17:b2:22:aa:b4:4e:fa:af:
2d:37:7a:f2:d2:95:6e:79:a6:3f:75:ce:74:51:1c:07:39:e6:
74:06:0c:21:02:11:e5:2d:2d:c2:7e:02:66:d0:c7:de:0f:25:
52:14:d1:f4:13:c2:bf:c3:ee:0d:89:7c:b4:bf:fe:04:01:4f:
97:86:0a:24:b4:ae:53:c4:e7:eb:7f:9d:2a:de:f1:50:22:34:
18:ea:27:28:b8:2f:6b:45:7a:7c:eb:4b:89:f5:85:2b:dc:b4:
e0:01:fe:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnthEqIS7QmQ8+X09bNqpNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2U3NTkzMjAxOTViOWNjMThjY2ZjYjFiNTMyYWVhOTQ5
MjU4ZjEwHhcNMjUwMTAyMTU1MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODgwZjFjOTkyM2I3ZmFmNjYyNjQ2NzY1YWZlZDc5MWE4NzM2Yzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWh/q+5kvygwR1jgIn4IUz8uu7Rq
waDvn3ILmbzDgn3h3NZM8fOE7HdRofSfwiblKuq739JDOb8qZcBCHYOp4iv0BuUi
ex8qz+CqgCYx/fZ59DB1yZCWFcQBbaKtQOmN9+LgkSQTG9/Zl5gH1ukRSsJ05zKn
qrCDJ1lKuSif31X63MNIm8f15ZIlu0aOkvu/QWg5Lnt7SqnpE2P2sYfmf3GelCc3
8hlP/ONNJuCJQhlePnFtjU5cIkEOfKjKRi3rCZqB4YhaBtQFkKrjcRVTng8giKKu
a5hoywvSpUiYLODxSF7Sx5fEspmZN7Cuz0+vmqFq5elCQ/Cy1Zez5InqXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIiA8cmSO3+vZiZGdlr+15Goc2yZMB8GA1UdIwQY
MBaAFELOdZMgGVucwYzPyxtTKuqUkljxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXM1MWt5QVpXNXpCak1fTEcxTXE2cFNTV1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hNTIwNDgtMTJjYS00YTAzLTk1YmUt
Njk3OTQ4ZWE3MWY1LzEvaUlEeHlaSTdmNjltSmtaMld2N1hrYWh6YkprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hNTIwNDgtMTJjYS00YTAzLTk1YmUtNjk3OTQ4ZWE3MWY1
LzEvUXM1MWt5QVpXNXpCak1fTEcxTXE2cFNTV1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwj3sMA0G
CSqGSIb3DQEBCwUAA4IBAQAnIgpRGYoQRG9BHqa6E9LGIgaWO66/zaknTBf/YQ9b
7aXYoVHWj8eicp4G9P0dd+Z7DPNjlrOBy2rM6TNIqyns3Lmqd4V7S5e7wQdqK1bu
RT0bU33hHQ8lT8Qc2z8LO5JXGG7sV0JVTT0EqmKLoIa7fSlR4QI5HgI3NVkR2kpd
RkN43xTVtrzLcNEBQv/T8FkQvIpm9XSz0tlAF7IiqrRO+q8tN3ry0pVueaY/dc50
URwHOeZ0BgwhAhHlLS3CfgJm0MfeDyVSFNH0E8K/w+4NiXy0v/4EAU+XhgoktK5T
xOfrf50q3vFQIjQY6icouC9rRXp860uJ9YUr3LTgAf7N
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:58:15 2025 by rpki-client