Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/CthVydCvJcgvoxZGK3DfvMcHpBU.roa
File: CthVydCvJcgvoxZGK3DfvMcHpBU.roa (raw, json)
Hash identifier: ULfJonQi+PMgFJYE1fjT4gb+kdmVkNVY1D28/QPtJ0s=
Subject key identifier: 0A:D8:55:C9:D0:AF:25:C8:2F:A3:16:46:2B:70:DF:BC:C7:07:A4:15
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B00F7B5FC36A4FB990B42AE6635DA
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/CthVydCvJcgvoxZGK3DfvMcHpBU.roa
Signing time: Sun 01 Jan 2023 13:35:04 +0000
ROA not before: Sun 01 Jan 2023 13:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29058
IP address blocks: 194.209.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:00:f7:b5:fc:36:a4:fb:99:0b:42:ae:66:35:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ad855c9d0af25c82fa316462b70dfbcc707a415
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bf:17:0c:f4:17:f3:58:4b:86:b1:ed:a9:dd:
93:ba:04:92:03:b8:9a:71:7b:4c:32:07:81:89:50:
12:ba:7c:11:fd:d1:ca:99:c0:fc:fa:2c:c1:c6:a2:
7f:20:93:d0:61:67:19:f0:ac:0c:56:8c:dd:58:b4:
be:dd:b8:e4:06:8f:47:43:6b:2f:fc:56:5a:ca:30:
c9:f4:69:87:63:67:c8:5d:2a:96:1d:09:34:c6:51:
2e:80:70:49:4b:17:2f:dc:25:a4:cd:7f:d1:0c:45:
0c:3a:67:a0:38:9f:25:1a:26:b8:5f:2b:15:62:39:
a3:b6:46:85:7a:7f:f3:d4:02:9f:5c:46:7f:07:7b:
5f:1c:7c:eb:95:71:aa:a4:5a:c9:c2:03:7e:37:e4:
0e:e3:b2:1b:1c:2e:a1:7d:af:ca:12:f3:88:e7:ca:
ee:3f:b9:5b:04:31:ab:0a:59:03:c0:4d:0e:e6:9a:
13:ed:bc:aa:c4:39:99:17:5c:e5:7a:2d:cb:30:0f:
db:26:c6:a9:26:97:a6:44:62:c2:ba:d3:8f:06:08:
77:37:41:53:b9:99:cc:38:25:0a:af:fb:a8:08:80:
62:bf:b4:e6:e7:ff:16:72:0f:55:0e:4c:ba:62:dc:
57:f6:cf:7d:85:f0:e1:27:c2:66:12:6a:a9:a3:37:
be:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D8:55:C9:D0:AF:25:C8:2F:A3:16:46:2B:70:DF:BC:C7:07:A4:15
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/CthVydCvJcgvoxZGK3DfvMcHpBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.3.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:b0:36:53:a5:80:f5:15:bd:81:8d:0c:f2:01:f9:a7:b6:a7:
29:67:b8:45:a4:a8:b2:a3:bd:53:6d:2f:00:7b:ac:e2:20:8c:
f2:6e:4e:b3:d9:04:99:a4:68:65:9a:48:58:0d:98:c8:82:8c:
2c:c9:f1:98:b6:1c:ea:87:4f:01:f9:23:50:41:7a:1c:61:65:
0e:2a:45:70:5f:9e:fd:74:07:76:6f:14:73:73:49:93:72:cd:
b7:2d:87:2b:f2:c7:a8:b4:91:8a:e1:ac:a1:ce:d8:91:09:d8:
17:9e:62:08:bb:b2:05:10:c0:13:f5:1a:e3:d0:4f:76:34:9e:
d6:f2:13:48:98:43:01:e2:08:21:c0:d2:47:bb:70:13:a9:92:
be:2d:ee:d7:6e:8b:ec:c7:eb:91:0c:83:5b:c0:45:f6:38:9b:
06:92:b6:50:b5:49:3e:7f:5c:8d:00:57:dc:c5:a7:49:8d:95:
f0:98:a8:12:b9:d9:3e:3c:dd:3b:ad:4b:0d:86:35:56:c4:a6:
75:5d:6a:03:55:1c:fc:00:55:b2:30:04:ba:3f:15:cb:f8:f7:
c1:2c:68:58:4e:1c:20:96:ef:45:96:3c:a5:7b:61:5a:f8:34:
ef:7c:e4:5a:dd:39:c4:28:ae:0f:50:da:0d:26:0c:47:25:50:
41:5b:2a:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtiwD3tfw2pPuZC0KuZjXaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWQ4NTVjOWQwYWYyNWM4MmZhMzE2NDYyYjcwZGZiY2M3MDdhNDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmb8XDPQX81hLhrHtqd2TugSSA7ia
cXtMMgeBiVASunwR/dHKmcD8+izBxqJ/IJPQYWcZ8KwMVozdWLS+3bjkBo9HQ2sv
/FZayjDJ9GmHY2fIXSqWHQk0xlEugHBJSxcv3CWkzX/RDEUMOmegOJ8lGia4XysV
YjmjtkaFen/z1AKfXEZ/B3tfHHzrlXGqpFrJwgN+N+QO47IbHC6hfa/KEvOI58ru
P7lbBDGrClkDwE0O5poT7byqxDmZF1zlei3LMA/bJsapJpemRGLCutOPBgh3N0FT
uZnMOCUKr/uoCIBiv7Tm5/8Wcg9VDky6YtxX9s99hfDhJ8JmEmqpoze+5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArYVcnQryXIL6MWRitw37zHB6QVMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvQ3RoVnlkQ3ZKY2d2b3haR0szRGZ2TWNIcEJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwtEDMA0G
CSqGSIb3DQEBCwUAA4IBAQBKsDZTpYD1Fb2BjQzyAfmntqcpZ7hFpKiyo71TbS8A
e6ziIIzybk6z2QSZpGhlmkhYDZjIgowsyfGYthzqh08B+SNQQXocYWUOKkVwX579
dAd2bxRzc0mTcs23LYcr8seotJGK4ayhztiRCdgXnmIIu7IFEMAT9Rrj0E92NJ7W
8hNImEMB4gghwNJHu3ATqZK+Le7Xbovsx+uRDINbwEX2OJsGkrZQtUk+f1yNAFfc
xadJjZXwmKgSudk+PN07rUsNhjVWxKZ1XWoDVRz8AFWyMAS6PxXL+PfBLGhYThwg
lu9Fljyle2Fa+DTvfORa3TnEKK4PUNoNJgxHJVBBWyoQ
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:36:38 2025 by rpki-client