Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/12c13e-f675-4882-bbe6-48d3ca161bb0/1/Q47WtOQCnZpCmGtfa6Ew40Gy4MM.roa
File: Q47WtOQCnZpCmGtfa6Ew40Gy4MM.roa (raw, json)
Hash identifier: duMBQWWRYKd9t18S6r0lV3zHXTUBGHlTePHIZBRiz1Q=
Subject key identifier: 43:8E:D6:B4:E4:02:9D:9A:42:98:6B:5F:6B:A1:30:E3:41:B2:E0:C3
Certificate issuer: /CN=65121c3f9207a37345e38702c89d179bf444aa08
Certificate serial: 019420D6223CC349222528D391DE304621B5
Authority key identifier: 65:12:1C:3F:92:07:A3:73:45:E3:87:02:C8:9D:17:9B:F4:44:AA:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRIcP5IHo3NF44cCyJ0Xm_REqgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/12c13e-f675-4882-bbe6-48d3ca161bb0/1/Q47WtOQCnZpCmGtfa6Ew40Gy4MM.roa
Signing time: Wed 01 Jan 2025 07:48:11 +0000
ROA not before: Wed 01 Jan 2025 07:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17621
IP address blocks: 194.138.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:22:3c:c3:49:22:25:28:d3:91:de:30:46:21:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65121c3f9207a37345e38702c89d179bf444aa08
Validity
Not Before: Jan 1 07:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=438ed6b4e4029d9a42986b5f6ba130e341b2e0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bd:5d:ac:ae:02:98:6b:c0:40:6e:80:63:9d:
00:4a:b8:41:05:2a:bf:85:6b:dc:91:fb:50:c3:cb:
dd:de:91:8a:bc:aa:bc:ee:58:3c:17:11:0c:a4:0a:
28:90:bc:77:d5:09:bc:22:87:82:13:b7:83:26:f0:
23:85:bf:e6:46:39:4e:c3:e3:99:24:d3:60:ba:c0:
78:71:c4:eb:25:f3:31:a4:a7:c1:a2:92:b5:39:8a:
6f:7b:0b:4e:15:92:c6:2b:2e:59:4b:4b:e0:3d:8f:
e5:fd:c0:4e:38:55:a4:4d:81:77:29:ef:dd:2d:8c:
72:6b:07:cf:b3:f9:7d:36:7d:39:65:c2:f5:16:b0:
90:86:c3:dc:e8:14:57:4d:7c:4f:bf:b9:ca:96:d6:
58:16:fe:0d:3c:70:80:ce:16:b9:35:da:01:3c:04:
42:0f:ae:e5:ba:d7:a5:68:b9:e0:7e:67:57:79:97:
1e:74:15:83:7a:e1:a7:2e:57:a7:c7:e6:d8:09:f1:
a3:40:a1:44:b1:f8:89:33:c8:ba:18:bf:23:db:ef:
ff:98:62:b3:4a:9f:b4:e7:1a:46:06:33:40:bb:9f:
1b:4b:5f:da:5a:22:e7:fa:8d:71:5a:47:8c:0a:5d:
21:89:98:46:a0:21:da:42:57:07:bc:f5:76:9b:25:
77:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8E:D6:B4:E4:02:9D:9A:42:98:6B:5F:6B:A1:30:E3:41:B2:E0:C3
X509v3 Authority Key Identifier:
keyid:65:12:1C:3F:92:07:A3:73:45:E3:87:02:C8:9D:17:9B:F4:44:AA:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRIcP5IHo3NF44cCyJ0Xm_REqgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/12c13e-f675-4882-bbe6-48d3ca161bb0/1/Q47WtOQCnZpCmGtfa6Ew40Gy4MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/12c13e-f675-4882-bbe6-48d3ca161bb0/1/ZRIcP5IHo3NF44cCyJ0Xm_REqgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.138.203.0/24
Signature Algorithm: sha256WithRSAEncryption
01:f1:2b:af:c3:35:37:e4:9d:c6:e5:31:60:bc:43:e8:76:5e:
78:78:80:39:ad:84:fb:ac:c7:37:cb:da:4d:69:21:2a:92:9c:
c0:32:06:7b:4a:a1:32:a3:44:cd:b3:64:9c:54:24:b5:b5:f1:
58:84:3b:81:ee:0e:f4:08:73:26:63:71:f6:83:20:46:3c:4a:
07:13:5d:ba:67:4e:dc:8c:55:28:38:af:b3:f4:16:21:52:5e:
c7:8e:f2:2f:6a:3d:37:d9:a0:da:2a:24:7d:3f:46:6a:e3:c7:
6e:00:80:4d:ae:cc:56:13:2d:b8:0d:5e:4c:5a:34:bc:45:0a:
b8:d1:c0:33:24:38:e9:58:88:7d:8e:95:07:52:b2:fa:da:94:
64:84:04:e8:50:06:8e:c3:68:bf:a2:d5:6b:b1:14:19:39:bf:
58:18:2f:bb:39:2c:74:60:59:c9:2f:0a:fe:21:ee:0b:94:4c:
7c:e8:7b:15:8d:96:b3:df:3c:a4:d7:d8:e1:d6:f6:79:4c:31:
6d:df:c6:55:f3:86:af:33:f0:2b:0a:c7:0f:a1:60:00:f2:92:
4f:3b:95:65:b5:1f:58:99:bb:c1:7c:f9:4d:ce:a2:6d:36:7d:
7a:f9:ad:a3:4f:a0:79:71:70:89:a6:fa:05:d5:c2:e9:b7:f0:
d5:b4:0e:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1iI8w0kiJSjTkd4wRiG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTIxYzNmOTIwN2EzNzM0NWUzODcwMmM4OWQxNzliZjQ0
NGFhMDgwHhcNMjUwMTAxMDc0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzhlZDZiNGU0MDI5ZDlhNDI5ODZiNWY2YmExMzBlMzQxYjJlMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApL1drK4CmGvAQG6AY50ASrhBBSq/
hWvckftQw8vd3pGKvKq87lg8FxEMpAookLx31Qm8IoeCE7eDJvAjhb/mRjlOw+OZ
JNNgusB4ccTrJfMxpKfBopK1OYpvewtOFZLGKy5ZS0vgPY/l/cBOOFWkTYF3Ke/d
LYxyawfPs/l9Nn05ZcL1FrCQhsPc6BRXTXxPv7nKltZYFv4NPHCAzha5NdoBPARC
D67lutelaLngfmdXeZcedBWDeuGnLlenx+bYCfGjQKFEsfiJM8i6GL8j2+//mGKz
Sp+05xpGBjNAu58bS1/aWiLn+o1xWkeMCl0hiZhGoCHaQlcHvPV2myV3QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOO1rTkAp2aQphrX2uhMONBsuDDMB8GA1UdIwQY
MBaAFGUSHD+SB6NzReOHAsidF5v0RKoIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJJY1A1SUhvM05GNDRjQ3lKMFhtX1JFcWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xMmMxM2UtZjY3NS00ODgyLWJiZTYt
NDhkM2NhMTYxYmIwLzEvUTQ3V3RPUUNuWnBDbUd0ZmE2RXc0MEd5NE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xMmMxM2UtZjY3NS00ODgyLWJiZTYtNDhkM2NhMTYxYmIw
LzEvWlJJY1A1SUhvM05GNDRjQ3lKMFhtX1JFcWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAworLMA0G
CSqGSIb3DQEBCwUAA4IBAQAB8SuvwzU35J3G5TFgvEPodl54eIA5rYT7rMc3y9pN
aSEqkpzAMgZ7SqEyo0TNs2ScVCS1tfFYhDuB7g70CHMmY3H2gyBGPEoHE126Z07c
jFUoOK+z9BYhUl7HjvIvaj032aDaKiR9P0Zq48duAIBNrsxWEy24DV5MWjS8RQq4
0cAzJDjpWIh9jpUHUrL62pRkhAToUAaOw2i/otVrsRQZOb9YGC+7OSx0YFnJLwr+
Ie4LlEx86HsVjZaz3zyk19jh1vZ5TDFt38ZV84avM/ArCscPoWAA8pJPO5VltR9Y
mbvBfPlNzqJtNn16+a2jT6B5cXCJpvoF1cLpt/DVtA5t
-----END CERTIFICATE-----
Generated at Thu Apr 10 02:00:35 2025 by rpki-client