Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DkQXfc6628zvvKaGCWe5qdrR9ZQ.roa
File: DkQXfc6628zvvKaGCWe5qdrR9ZQ.roa (raw, json)
Hash identifier: UnWR0olGHs++7JW0dK+AZHzsGYMfH5bx4yhy4uSTefc=
Subject key identifier: 0E:44:17:7D:CE:BA:DB:CC:EF:BC:A6:86:09:67:B9:A9:DA:D1:F5:94
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019422FC19A4848E35E9013E658B4CAF7E6B
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DkQXfc6628zvvKaGCWe5qdrR9ZQ.roa
Signing time: Wed 01 Jan 2025 17:48:54 +0000
ROA not before: Wed 01 Jan 2025 17:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205301
IP address blocks: 194.242.22.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:19:a4:84:8e:35:e9:01:3e:65:8b:4c:af:7e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 17:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e44177dcebadbccefbca6860967b9a9dad1f594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:eb:26:5e:4d:cc:6b:d9:88:ad:33:f9:f5:86:
3c:b0:f2:bf:b8:36:c7:fe:4c:c0:db:94:4f:9e:94:
0e:71:e1:64:9a:91:79:d0:85:49:10:3b:ec:43:f2:
45:dc:ea:b5:f0:2e:ba:be:fc:3b:cb:34:39:59:29:
1a:0d:17:b4:de:40:7a:a7:b1:3d:c8:0c:d6:ef:16:
38:7b:cf:37:4d:06:bf:f1:b6:95:13:d0:c6:8b:f0:
5a:21:cc:33:09:f4:8e:8c:1e:e7:d2:2b:1c:40:24:
e9:59:c0:3b:11:ec:5e:f5:49:0d:56:22:0c:2d:89:
97:a4:a8:e6:86:4f:f4:58:7a:f1:5d:80:17:da:c4:
cd:a3:30:d2:69:c8:73:9e:b2:57:ea:94:30:39:72:
f6:b6:bc:e0:2e:f7:b1:82:82:2d:11:c4:ca:55:2d:
44:3a:3b:9d:e2:b3:22:4a:18:c6:3b:4f:c5:5b:4c:
ba:3f:5b:05:96:e5:98:30:17:bd:e7:e5:2b:df:39:
77:46:b0:bd:28:a8:a8:eb:1e:a6:b3:70:f5:ba:9f:
d8:c1:bd:28:87:03:49:a7:5a:86:d8:98:dc:67:84:
a8:eb:43:70:c9:c4:03:d3:7d:f7:0f:1d:44:99:97:
9f:63:7e:f5:49:3c:f2:b6:ec:f2:13:a3:60:9e:45:
b1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:44:17:7D:CE:BA:DB:CC:EF:BC:A6:86:09:67:B9:A9:DA:D1:F5:94
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DkQXfc6628zvvKaGCWe5qdrR9ZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.242.22.0/23
Signature Algorithm: sha256WithRSAEncryption
54:49:4f:fa:cc:7f:a9:9f:a1:cf:43:8f:c8:7a:9c:2e:82:4b:
4d:12:f3:65:24:1b:ed:ab:7d:ac:db:4e:f8:7d:92:3c:19:83:
1f:78:70:a5:8a:53:30:5b:5d:c2:9a:94:01:c1:c9:23:df:89:
3c:40:72:4d:e3:c9:09:86:5c:8f:66:4e:54:37:d3:c9:ed:fe:
7e:7d:27:cb:8f:b1:87:fb:6b:fe:60:4d:63:cd:49:bd:d6:99:
97:97:84:78:af:21:9a:b4:b7:6a:d5:58:f8:06:67:40:46:1b:
5c:77:91:21:a6:74:94:32:7a:24:fa:4d:0f:87:3b:d2:58:22:
a2:80:79:f9:cf:ef:98:00:3c:40:ab:28:bc:3c:b8:42:2c:39:
b8:9f:2e:26:3c:1a:2d:95:c1:0f:0b:27:25:43:d4:00:67:ae:
1e:cb:b8:23:89:e1:ac:bb:07:48:8c:1f:5b:ea:2c:15:69:53:
c1:ee:68:cd:49:95:56:dc:d1:3b:0d:20:df:6d:27:24:4b:9f:
81:80:e1:62:c7:c7:20:f9:00:f6:3d:48:ab:de:e0:53:a9:af:
14:6a:f1:8c:80:08:2b:0a:27:c9:99:70:1a:f3:77:eb:0c:37:
d9:4a:00:84:e6:86:44:2d:20:48:8a:af:39:13:54:c2:d0:08:
5c:30:82:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/BmkhI416QE+ZYtMr35rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwMTAxMTc0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTQ0MTc3ZGNlYmFkYmNjZWZiY2E2ODYwOTY3YjlhOWRhZDFmNTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OsmXk3Ma9mIrTP59YY8sPK/uDbH
/kzA25RPnpQOceFkmpF50IVJEDvsQ/JF3Oq18C66vvw7yzQ5WSkaDRe03kB6p7E9
yAzW7xY4e883TQa/8baVE9DGi/BaIcwzCfSOjB7n0iscQCTpWcA7Eexe9UkNViIM
LYmXpKjmhk/0WHrxXYAX2sTNozDSachznrJX6pQwOXL2trzgLvexgoItEcTKVS1E
Ojud4rMiShjGO0/FW0y6P1sFluWYMBe95+Ur3zl3RrC9KKio6x6ms3D1up/Ywb0o
hwNJp1qG2JjcZ4So60NwycQD0333Dx1EmZefY371STzytuzyE6NgnkWxpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA5EF33OutvM77ymhglnuana0fWUMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvRGtRWGZjNjYyOHp2dkthR0NXZTVxZHJSOVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwvIWMA0G
CSqGSIb3DQEBCwUAA4IBAQBUSU/6zH+pn6HPQ4/IepwugktNEvNlJBvtq32s2074
fZI8GYMfeHClilMwW13CmpQBwckj34k8QHJN48kJhlyPZk5UN9PJ7f5+fSfLj7GH
+2v+YE1jzUm91pmXl4R4ryGatLdq1Vj4BmdARhtcd5EhpnSUMnok+k0PhzvSWCKi
gHn5z++YADxAqyi8PLhCLDm4ny4mPBotlcEPCyclQ9QAZ64ey7gjieGsuwdIjB9b
6iwVaVPB7mjNSZVW3NE7DSDfbSckS5+BgOFix8cg+QD2PUir3uBTqa8UavGMgAgr
CifJmXAa83frDDfZSgCE5oZELSBIiq85E1TC0AhcMII8
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:46:44 2025 by rpki-client