Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a6f506-6948-4cef-8548-c93c1ee898be/1/yOI7tiSRDXgdskD_bs5AhIY61n8.roa
File: yOI7tiSRDXgdskD_bs5AhIY61n8.roa (raw, json)
Hash identifier: jCxGB8CWsOl2EvkB0hTjOgeBy34atnE5kB7r6h+CCmI=
Subject key identifier: C8:E2:3B:B6:24:91:0D:78:1D:B2:40:FF:6E:CE:40:84:86:3A:D6:7F
Certificate issuer: /CN=ddfd94ebb8cb98a1dbdf50bdcd69dcc29144889e
Certificate serial: 0194266BBF55DEE9C6EA434C535F9DB5882E
Authority key identifier: DD:FD:94:EB:B8:CB:98:A1:DB:DF:50:BD:CD:69:DC:C2:91:44:88:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3f2U67jLmKHb31C9zWncwpFEiJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/a6f506-6948-4cef-8548-c93c1ee898be/1/yOI7tiSRDXgdskD_bs5AhIY61n8.roa
Signing time: Thu 02 Jan 2025 09:49:43 +0000
ROA not before: Thu 02 Jan 2025 09:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 194.56.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:bf:55:de:e9:c6:ea:43:4c:53:5f:9d:b5:88:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddfd94ebb8cb98a1dbdf50bdcd69dcc29144889e
Validity
Not Before: Jan 2 09:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8e23bb624910d781db240ff6ece4084863ad67f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:46:08:7a:b7:f2:04:5d:fe:52:a4:a5:e9:dd:
e1:d4:0f:c9:22:8c:94:2b:35:a5:fb:0e:5e:58:fb:
b1:45:b9:7d:81:2f:aa:7c:fb:46:88:2e:dd:e9:ac:
8c:0c:8c:35:c7:a5:51:53:60:9e:0b:69:fe:98:3c:
ec:50:69:54:89:29:14:e0:b7:bd:a6:4d:5a:4f:9e:
af:79:33:55:fa:78:fb:ca:c9:37:5b:4b:55:b0:71:
b5:b4:e4:48:5c:05:39:7a:00:40:14:c7:9e:a7:9d:
da:c0:4e:52:8a:80:32:e9:a3:2b:9a:d7:23:f8:80:
46:0b:55:ee:7c:83:0d:14:8b:97:22:02:dd:fb:a3:
ab:2e:cc:8f:5d:27:ae:1b:1e:18:12:1d:af:ad:a1:
97:71:ac:a5:47:35:21:95:71:c1:b7:c6:4a:ce:13:
16:b7:c8:ad:0c:a8:fe:11:75:ad:e2:07:21:c9:19:
84:bc:96:ec:cf:e7:c9:95:fa:9f:a9:ae:1b:42:ea:
c1:34:0a:e0:aa:75:6d:07:7a:c4:7a:5d:89:4d:e9:
6d:3c:5f:89:77:1c:e1:17:e6:17:ea:7e:bc:aa:93:
42:0d:5a:6f:c7:15:19:fe:ad:e8:cc:4f:e4:1d:77:
cb:97:28:d4:cf:a6:fb:7e:86:56:8a:26:3d:73:7a:
0f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E2:3B:B6:24:91:0D:78:1D:B2:40:FF:6E:CE:40:84:86:3A:D6:7F
X509v3 Authority Key Identifier:
keyid:DD:FD:94:EB:B8:CB:98:A1:DB:DF:50:BD:CD:69:DC:C2:91:44:88:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f2U67jLmKHb31C9zWncwpFEiJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a6f506-6948-4cef-8548-c93c1ee898be/1/yOI7tiSRDXgdskD_bs5AhIY61n8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a6f506-6948-4cef-8548-c93c1ee898be/1/3f2U67jLmKHb31C9zWncwpFEiJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.127.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:f5:7d:5c:5b:b8:c9:f2:9d:7d:b4:52:38:3a:ed:f1:8a:f5:
90:56:19:0b:8a:d0:27:f1:17:93:a9:84:da:f0:29:f8:a2:dc:
6f:88:ff:b4:1e:4b:d0:84:20:fb:c8:56:32:e5:ee:f4:fa:50:
58:1c:14:bb:8b:68:48:05:1b:d8:c8:b3:f7:91:01:a3:b3:1c:
12:50:d8:a4:2f:aa:b1:be:d5:24:2e:7b:b8:57:9c:b9:69:9e:
69:74:e3:8e:81:cd:63:70:e5:8c:9c:4d:23:b9:c6:ba:2f:12:
43:21:bd:67:dd:f8:cc:31:6f:86:b1:34:05:46:39:eb:24:d3:
36:df:15:b3:b4:c2:2e:08:c9:d7:dd:3b:ba:ea:97:88:d1:6b:
7f:45:9b:d7:6b:e5:27:e4:11:f5:10:25:d0:36:3e:cf:de:8c:
7d:e2:ed:e2:69:13:89:af:5c:b0:31:45:45:26:b6:b3:2f:bb:
f5:f6:43:44:4a:12:e4:63:55:b5:3b:13:f7:1f:72:b1:17:e7:
fd:59:e0:f0:3a:e9:10:08:10:bd:56:3d:ff:35:fc:6d:24:83:
90:bb:db:ee:ac:e8:a0:bd:06:3a:29:c6:2a:82:38:80:15:ce:
24:df:d2:fe:95:69:2d:eb:2e:76:94:3c:4f:9c:f9:54:ad:eb:
8c:2e:6d:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma79V3unG6kNMU1+dtYguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZmQ5NGViYjhjYjk4YTFkYmRmNTBiZGNkNjlkY2MyOTE0
NDg4OWUwHhcNMjUwMTAyMDk0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGUyM2JiNjI0OTEwZDc4MWRiMjQwZmY2ZWNlNDA4NDg2M2FkNjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUYIerfyBF3+UqSl6d3h1A/JIoyU
KzWl+w5eWPuxRbl9gS+qfPtGiC7d6ayMDIw1x6VRU2CeC2n+mDzsUGlUiSkU4Le9
pk1aT56veTNV+nj7ysk3W0tVsHG1tORIXAU5egBAFMeep53awE5SioAy6aMrmtcj
+IBGC1XufIMNFIuXIgLd+6OrLsyPXSeuGx4YEh2vraGXcaylRzUhlXHBt8ZKzhMW
t8itDKj+EXWt4gchyRmEvJbsz+fJlfqfqa4bQurBNArgqnVtB3rEel2JTeltPF+J
dxzhF+YX6n68qpNCDVpvxxUZ/q3ozE/kHXfLlyjUz6b7foZWiiY9c3oPIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjiO7YkkQ14HbJA/27OQISGOtZ/MB8GA1UdIwQY
MBaAFN39lOu4y5ih299Qvc1p3MKRRIieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2YyVTY3akxtS0hiMzFDOXpXbmN3cEZFaUo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNmY1MDYtNjk0OC00Y2VmLTg1NDgt
YzkzYzFlZTg5OGJlLzEveU9JN3RpU1JEWGdkc2tEX2JzNUFoSVk2MW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hNmY1MDYtNjk0OC00Y2VmLTg1NDgtYzkzYzFlZTg5OGJl
LzEvM2YyVTY3akxtS0hiMzFDOXpXbmN3cEZFaUo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjh/MA0G
CSqGSIb3DQEBCwUAA4IBAQCh9X1cW7jJ8p19tFI4Ou3xivWQVhkLitAn8ReTqYTa
8Cn4otxviP+0HkvQhCD7yFYy5e70+lBYHBS7i2hIBRvYyLP3kQGjsxwSUNikL6qx
vtUkLnu4V5y5aZ5pdOOOgc1jcOWMnE0juca6LxJDIb1n3fjMMW+GsTQFRjnrJNM2
3xWztMIuCMnX3Tu66peI0Wt/RZvXa+Un5BH1ECXQNj7P3ox94u3iaROJr1ywMUVF
JrazL7v19kNEShLkY1W1OxP3H3KxF+f9WeDwOukQCBC9Vj3/NfxtJIOQu9vurOig
vQY6KcYqgjiAFc4k39L+lWkt6y52lDxPnPlUreuMLm1O
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:33:20 2025 by rpki-client