Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/ad563e-5cbe-4e15-824d-e3d286d20e52/1/jtTgOvbCDl5pHHYwdtzWehbpOW4.roa
File: jtTgOvbCDl5pHHYwdtzWehbpOW4.roa (raw, json)
Hash identifier: JDaZtuKzg04dO4qGDBxTTkPz4qMFiZdAuP8puNSxSpM=
Subject key identifier: 8E:D4:E0:3A:F6:C2:0E:5E:69:1C:76:30:76:DC:D6:7A:16:E9:39:6E
Certificate issuer: /CN=c7a8246f70ae18e736e4e53981480d58616af2e8
Certificate serial: 01942747A4A0DE68C036316B3711D9D2503B
Authority key identifier: C7:A8:24:6F:70:AE:18:E7:36:E4:E5:39:81:48:0D:58:61:6A:F2:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x6gkb3CuGOc25OU5gUgNWGFq8ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/ad563e-5cbe-4e15-824d-e3d286d20e52/1/jtTgOvbCDl5pHHYwdtzWehbpOW4.roa
Signing time: Thu 02 Jan 2025 13:49:54 +0000
ROA not before: Thu 02 Jan 2025 13:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41960
IP address blocks: 194.32.206.0/24 maxlen: 24
194.32.220.0/24 maxlen: 24
194.33.10.0/24 maxlen: 24
194.33.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:a4:a0:de:68:c0:36:31:6b:37:11:d9:d2:50:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7a8246f70ae18e736e4e53981480d58616af2e8
Validity
Not Before: Jan 2 13:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ed4e03af6c20e5e691c763076dcd67a16e9396e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e9:1b:30:a0:e2:aa:27:6c:b4:49:00:d8:17:
33:5e:1b:bd:bc:72:cd:6e:d0:34:e5:84:59:2f:fb:
d2:fe:3c:c8:76:d7:e1:86:c2:6b:85:b3:9f:b0:e8:
a9:1a:8c:3f:f6:43:8e:2c:46:ea:11:0a:9a:41:e6:
62:ef:41:2d:c7:60:21:56:13:39:73:49:e8:78:52:
29:a1:b1:77:c5:8c:c2:d2:5a:b9:34:f7:ec:5c:a2:
99:b6:45:86:8f:c7:78:1a:44:a6:8e:7d:dc:80:47:
c1:fa:3e:64:70:1e:81:15:bb:27:01:93:15:e6:61:
a0:98:e7:3f:58:14:ce:57:85:ad:a7:5b:93:b9:9d:
a1:12:27:11:95:49:13:94:ce:f2:b8:ab:18:0d:3a:
e3:0c:83:8f:5f:ec:d6:38:ca:a4:8f:75:d8:b0:92:
30:4a:08:dd:8f:ec:c2:b5:76:05:06:dc:47:59:84:
d9:9f:25:9a:6c:48:70:4c:0c:81:a7:0e:3b:03:5e:
c7:82:84:b2:4a:fc:fe:7b:55:ef:ac:ca:ea:b9:a0:
b2:5e:ad:c4:52:58:1b:86:2b:41:4c:b9:d1:79:8d:
dc:36:e2:72:f0:5b:50:0f:36:b2:20:84:c2:19:75:
8f:2f:e6:08:e9:67:90:bf:da:24:2d:de:12:23:ca:
d8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:D4:E0:3A:F6:C2:0E:5E:69:1C:76:30:76:DC:D6:7A:16:E9:39:6E
X509v3 Authority Key Identifier:
keyid:C7:A8:24:6F:70:AE:18:E7:36:E4:E5:39:81:48:0D:58:61:6A:F2:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x6gkb3CuGOc25OU5gUgNWGFq8ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ad563e-5cbe-4e15-824d-e3d286d20e52/1/jtTgOvbCDl5pHHYwdtzWehbpOW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ad563e-5cbe-4e15-824d-e3d286d20e52/1/x6gkb3CuGOc25OU5gUgNWGFq8ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.206.0/24
194.32.220.0/24
194.33.10.0/24
194.33.16.0/24
Signature Algorithm: sha256WithRSAEncryption
01:68:88:ec:95:88:d4:60:83:4e:bc:0a:54:b0:28:73:d9:5b:
f4:fa:5e:ac:61:28:04:3d:11:0b:9a:15:65:11:e9:bb:22:1c:
4c:95:22:39:32:6e:77:c8:12:a1:b6:57:5a:79:84:68:8a:d9:
53:b8:f0:83:46:24:39:c9:7b:3f:28:17:16:66:1d:fa:f9:7b:
56:79:76:37:fa:06:bd:06:c6:50:7d:8c:61:32:e3:f0:fd:4a:
24:27:1f:9f:1d:08:f1:d0:5a:1a:05:ba:88:a2:95:9c:e8:50:
ef:db:43:63:bc:9b:2d:b7:cf:cb:cb:6c:65:50:80:16:0f:ec:
1c:a5:92:76:78:86:82:e1:5c:8f:ea:b8:7e:a9:b8:cf:04:79:
98:62:c2:12:fb:cb:02:80:ea:e6:74:9f:c9:dd:01:8f:02:c3:
ab:db:71:26:30:d1:89:20:53:53:83:c2:e1:8c:a2:c3:a3:f6:
b5:19:4d:51:82:ff:1b:0e:98:10:f0:54:4e:77:ff:96:0f:a3:
67:bf:09:e2:82:51:a8:3e:08:1d:65:ed:bd:b1:98:2e:25:e1:
d8:bd:46:c5:42:ee:16:31:0f:80:47:69:f8:f5:f1:9f:6d:82:
26:94:30:39:ae:03:39:c4:5a:ea:56:df:7e:9b:c7:3b:21:fb:
eb:dd:d0:3f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnR6Sg3mjANjFrNxHZ0lA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YTgyNDZmNzBhZTE4ZTczNmU0ZTUzOTgxNDgwZDU4NjE2
YWYyZTgwHhcNMjUwMTAyMTM0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWQ0ZTAzYWY2YzIwZTVlNjkxYzc2MzA3NmRjZDY3YTE2ZTkzOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+kbMKDiqidstEkA2BczXhu9vHLN
btA05YRZL/vS/jzIdtfhhsJrhbOfsOipGow/9kOOLEbqEQqaQeZi70Etx2AhVhM5
c0noeFIpobF3xYzC0lq5NPfsXKKZtkWGj8d4GkSmjn3cgEfB+j5kcB6BFbsnAZMV
5mGgmOc/WBTOV4Wtp1uTuZ2hEicRlUkTlM7yuKsYDTrjDIOPX+zWOMqkj3XYsJIw
Sgjdj+zCtXYFBtxHWYTZnyWabEhwTAyBpw47A17HgoSySvz+e1XvrMrquaCyXq3E
UlgbhitBTLnReY3cNuJy8FtQDzayIITCGXWPL+YI6WeQv9okLd4SI8rYFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI7U4Dr2wg5eaRx2MHbc1noW6TluMB8GA1UdIwQY
MBaAFMeoJG9wrhjnNuTlOYFIDVhhavLoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDZna2IzQ3VHT2MyNU9VNWdVZ05XR0ZxOHVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hZDU2M2UtNWNiZS00ZTE1LTgyNGQt
ZTNkMjg2ZDIwZTUyLzEvanRUZ092YkNEbDVwSEhZd2R0eldlaGJwT1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9hZDU2M2UtNWNiZS00ZTE1LTgyNGQtZTNkMjg2ZDIwZTUy
LzEveDZna2IzQ3VHT2MyNU9VNWdVZ05XR0ZxOHVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwiDOAwQA
wiDcAwQAwiEKAwQAwiEQMA0GCSqGSIb3DQEBCwUAA4IBAQABaIjslYjUYINOvApU
sChz2Vv0+l6sYSgEPRELmhVlEem7IhxMlSI5Mm53yBKhtldaeYRoitlTuPCDRiQ5
yXs/KBcWZh36+XtWeXY3+ga9BsZQfYxhMuPw/UokJx+fHQjx0FoaBbqIopWc6FDv
20NjvJstt8/Ly2xlUIAWD+wcpZJ2eIaC4VyP6rh+qbjPBHmYYsIS+8sCgOrmdJ/J
3QGPAsOr23EmMNGJIFNTg8LhjKLDo/a1GU1Rgv8bDpgQ8FROd/+WD6NnvwniglGo
PggdZe29sZguJeHYvUbFQu4WMQ+AR2n49fGfbYImlDA5rgM5xFrqVt9+m8c7Ifvr
3dA/
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:09:52 2025 by rpki-client