Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/5cb473-35a1-4727-8773-a0d6f0eeb5c2/1/s_oUhLMqLfuuuJ5GAra3RGPGuEo.roa
File: s_oUhLMqLfuuuJ5GAra3RGPGuEo.roa (raw, json)
Hash identifier: lMo8tMkOr3gYSijDEd95RyC1UxQ+xYW4gIbbh74Ckwk=
Subject key identifier: B3:FA:14:84:B3:2A:2D:FB:AE:B8:9E:46:02:B6:B7:44:63:C6:B8:4A
Certificate issuer: /CN=43a438813750133e55001bf89670a0db3ae5be1f
Certificate serial: 019421B21281F746A31C8C811FBA8355B2A9
Authority key identifier: 43:A4:38:81:37:50:13:3E:55:00:1B:F8:96:70:A0:DB:3A:E5:BE:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q6Q4gTdQEz5VABv4lnCg2zrlvh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/5cb473-35a1-4727-8773-a0d6f0eeb5c2/1/s_oUhLMqLfuuuJ5GAra3RGPGuEo.roa
Signing time: Wed 01 Jan 2025 11:48:25 +0000
ROA not before: Wed 01 Jan 2025 11:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39923
IP address blocks: 194.50.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:12:81:f7:46:a3:1c:8c:81:1f:ba:83:55:b2:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43a438813750133e55001bf89670a0db3ae5be1f
Validity
Not Before: Jan 1 11:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3fa1484b32a2dfbaeb89e4602b6b74463c6b84a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:96:45:1f:22:e7:26:97:a9:c6:c7:8b:e3:85:
7a:ba:81:b4:da:05:ab:53:ad:42:23:22:15:be:8d:
13:c3:bb:bc:24:4f:93:eb:e4:a6:04:a4:dc:69:3d:
d1:a2:3d:5d:b7:c8:79:84:af:99:8e:59:de:73:1f:
de:74:28:c8:82:ac:69:c1:52:c0:4a:1c:d4:b4:b5:
67:d6:8c:d5:fa:1f:24:68:7c:c5:cb:42:1f:71:46:
d4:23:ad:e8:fa:31:a0:68:79:75:43:78:7c:6b:89:
80:f0:19:ef:25:98:40:a5:8d:ce:cc:09:ab:43:08:
75:93:1a:5b:6d:2d:3b:10:89:8a:98:2e:5a:66:df:
17:28:d7:39:a5:c8:1b:50:f1:bd:d1:96:26:19:72:
22:9f:60:53:f9:91:df:43:5c:13:af:79:d3:07:7e:
8f:bf:0d:6f:0a:1a:c0:bf:1b:4b:38:15:69:7c:06:
b0:9c:d2:b3:22:e0:bf:f3:58:45:5a:d7:7a:d8:0c:
52:77:3a:cb:cb:2e:92:16:cf:b4:e6:0d:5a:b3:fb:
cc:a1:3b:33:89:e2:c2:cb:7f:01:a5:f8:ff:f9:36:
0c:a1:a3:3f:8b:7a:52:dd:d7:bb:d5:94:d8:41:6d:
a3:30:29:87:ad:34:06:b3:59:c9:39:86:02:76:da:
65:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:FA:14:84:B3:2A:2D:FB:AE:B8:9E:46:02:B6:B7:44:63:C6:B8:4A
X509v3 Authority Key Identifier:
keyid:43:A4:38:81:37:50:13:3E:55:00:1B:F8:96:70:A0:DB:3A:E5:BE:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q6Q4gTdQEz5VABv4lnCg2zrlvh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/5cb473-35a1-4727-8773-a0d6f0eeb5c2/1/s_oUhLMqLfuuuJ5GAra3RGPGuEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/5cb473-35a1-4727-8773-a0d6f0eeb5c2/1/Q6Q4gTdQEz5VABv4lnCg2zrlvh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.177.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:7a:1f:83:32:88:0c:be:eb:c4:47:a7:23:7c:40:00:b1:dd:
1b:b8:00:0f:ed:07:15:a4:4d:05:dc:77:5c:d3:31:0a:ea:de:
9c:eb:29:58:b8:e1:86:14:3e:e6:87:bc:36:18:0a:6d:86:d6:
25:21:83:39:c4:fb:5b:0f:1c:ca:20:c8:de:a8:02:03:0a:17:
d7:db:51:13:10:42:12:eb:91:57:47:9d:43:70:01:c0:15:33:
4d:2c:ce:f3:53:55:ff:d5:c0:ff:65:fd:e5:15:e0:81:d9:36:
9b:7c:57:a7:f7:f4:86:41:4c:db:43:a7:9e:58:38:93:94:58:
3c:1d:2f:2d:fb:16:27:6f:c4:bd:3b:3e:0d:2a:38:f0:64:a2:
3a:18:7b:39:c7:23:a5:c9:3a:f4:03:7c:db:d6:79:a0:e6:b4:
51:68:e4:28:8b:e6:ff:f9:49:d6:06:07:53:e4:bd:b5:7b:b3:
2d:5f:d8:aa:a7:2b:5c:32:44:c5:e8:64:2e:90:50:34:ba:66:
f8:8d:78:82:2f:e4:e7:1b:28:2c:d2:50:9d:52:05:3d:24:5a:
5d:04:3f:47:b5:9d:6c:e6:38:1d:71:72:97:19:f7:f7:f3:47:
ad:2e:37:a2:d1:2e:2d:45:c0:35:2c:73:5c:bb:6b:91:11:d9:
8b:0e:bb:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhshKB90ajHIyBH7qDVbKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYTQzODgxMzc1MDEzM2U1NTAwMWJmODk2NzBhMGRiM2Fl
NWJlMWYwHhcNMjUwMTAxMTE0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2ZhMTQ4NGIzMmEyZGZiYWViODllNDYwMmI2Yjc0NDYzYzZiODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpZFHyLnJpepxseL44V6uoG02gWr
U61CIyIVvo0Tw7u8JE+T6+SmBKTcaT3Roj1dt8h5hK+Zjlnecx/edCjIgqxpwVLA
ShzUtLVn1ozV+h8kaHzFy0IfcUbUI63o+jGgaHl1Q3h8a4mA8BnvJZhApY3OzAmr
Qwh1kxpbbS07EImKmC5aZt8XKNc5pcgbUPG90ZYmGXIin2BT+ZHfQ1wTr3nTB36P
vw1vChrAvxtLOBVpfAawnNKzIuC/81hFWtd62AxSdzrLyy6SFs+05g1as/vMoTsz
ieLCy38Bpfj/+TYMoaM/i3pS3de71ZTYQW2jMCmHrTQGs1nJOYYCdtplSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLP6FISzKi37rrieRgK2t0RjxrhKMB8GA1UdIwQY
MBaAFEOkOIE3UBM+VQAb+JZwoNs65b4fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTZRNGdUZFFFejVWQUJ2NGxuQ2cyenJsdmg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81Y2I0NzMtMzVhMS00NzI3LTg3NzMt
YTBkNmYwZWViNWMyLzEvc19vVWhMTXFMZnV1dUo1R0FyYTNSR1BHdUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81Y2I0NzMtMzVhMS00NzI3LTg3NzMtYTBkNmYwZWViNWMy
LzEvUTZRNGdUZFFFejVWQUJ2NGxuQ2cyenJsdmg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjKxMA0G
CSqGSIb3DQEBCwUAA4IBAQAseh+DMogMvuvER6cjfEAAsd0buAAP7QcVpE0F3Hdc
0zEK6t6c6ylYuOGGFD7mh7w2GApthtYlIYM5xPtbDxzKIMjeqAIDChfX21ETEEIS
65FXR51DcAHAFTNNLM7zU1X/1cD/Zf3lFeCB2TabfFen9/SGQUzbQ6eeWDiTlFg8
HS8t+xYnb8S9Oz4NKjjwZKI6GHs5xyOlyTr0A3zb1nmg5rRRaOQoi+b/+UnWBgdT
5L21e7MtX9iqpytcMkTF6GQukFA0umb4jXiCL+TnGygs0lCdUgU9JFpdBD9HtZ1s
5jgdcXKXGff380etLjei0S4tRcA1LHNcu2uREdmLDrva
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:13:36 2025 by rpki-client