Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/VJ6MDr9v2VTJjopln-NK2ojxFwc.roa
File: VJ6MDr9v2VTJjopln-NK2ojxFwc.roa (raw, json)
Hash identifier: aCjSF+Bt+cDnTvcdibhV9s05hQuvY9LCYp3eMrgD2Ks=
Subject key identifier: 54:9E:8C:0E:BF:6F:D9:54:C9:8E:8A:65:9F:E3:4A:DA:88:F1:17:07
Certificate issuer: /CN=74e3c336972094b1a8c13d41816857d197a3aae9
Certificate serial: 019422FB6243EB55C2DD853A3AAA932CA5BC
Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/VJ6MDr9v2VTJjopln-NK2ojxFwc.roa
Signing time: Wed 01 Jan 2025 17:48:07 +0000
ROA not before: Wed 01 Jan 2025 17:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210721
IP address blocks: 194.183.161.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:62:43:eb:55:c2:dd:85:3a:3a:aa:93:2c:a5:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9
Validity
Not Before: Jan 1 17:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=549e8c0ebf6fd954c98e8a659fe34ada88f11707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:23:05:5f:e7:85:57:68:db:b6:20:e9:11:e0:
1e:f1:88:aa:86:b9:d8:e1:6f:09:65:27:b0:61:d7:
59:c6:8b:17:93:73:dd:19:73:09:61:62:52:0a:15:
6d:31:59:c2:d0:df:32:48:74:15:6e:dd:bf:4e:6c:
bc:49:eb:69:03:b0:c5:40:94:a0:1e:ac:6c:0f:ee:
7f:32:8d:ff:5c:e4:44:49:1f:fe:c9:76:03:93:cd:
63:40:a4:53:ef:0d:42:83:55:a3:67:54:dc:85:24:
ad:42:94:30:54:cf:6a:e0:ec:75:a1:c5:0a:df:be:
d2:9e:fe:e5:2c:7a:c9:d4:31:09:a5:aa:1f:07:29:
f0:51:7e:ec:1d:27:67:51:00:60:8f:7e:c1:6b:d8:
54:7f:2d:7a:99:a4:8c:52:e2:6d:a8:1c:e7:e3:a1:
76:de:87:f1:6e:80:36:d1:f0:13:d7:91:27:9e:04:
45:cc:1f:56:85:9f:8d:83:2e:ee:e5:8f:79:80:9f:
0d:fd:19:79:16:1d:c3:b7:f9:cc:85:83:10:09:7a:
91:20:f2:d6:22:c9:cc:8a:98:b3:fd:6f:a9:1e:a2:
0a:48:4f:5f:66:8d:17:51:a9:3a:68:9a:cf:ae:41:
a4:87:7b:70:2a:6b:3f:f6:d8:19:1c:a7:fa:84:02:
6b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:9E:8C:0E:BF:6F:D9:54:C9:8E:8A:65:9F:E3:4A:DA:88:F1:17:07
X509v3 Authority Key Identifier:
keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/VJ6MDr9v2VTJjopln-NK2ojxFwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.183.161.0/24
Signature Algorithm: sha256WithRSAEncryption
86:bb:44:4d:c0:56:5a:51:a7:6b:6a:88:cf:42:b8:ff:6a:d6:
4d:0e:fe:d1:7b:b8:01:c0:42:bd:c6:47:f6:22:a4:c4:2d:50:
da:3f:b1:77:fe:05:80:2b:33:e0:2d:5d:a8:f5:ff:64:09:11:
0b:e3:4a:3f:07:23:30:a0:b0:12:0f:89:3c:10:3e:6f:c7:20:
2b:d4:7b:59:d2:1d:0a:68:55:34:a0:ba:56:c5:97:3b:a9:99:
70:df:80:26:c4:80:50:a2:74:c5:51:67:e5:7f:a3:b8:dd:aa:
37:c1:c7:13:07:63:38:b3:8f:f6:ae:f6:60:a3:8b:12:c0:85:
41:6b:60:8d:7e:cb:80:18:f6:29:3a:91:d1:9d:90:ff:b2:49:
34:49:b9:cd:9d:a0:be:f2:5f:06:ff:06:21:cc:77:ba:9b:19:
f2:02:c3:51:8a:65:26:47:99:7a:71:bb:1e:4d:d0:2c:a5:69:
80:db:a4:0c:b5:e4:df:e6:45:7a:17:e0:a7:0a:3f:47:ae:f3:
3a:db:4c:c2:48:7e:64:0d:ee:59:ee:e9:b7:4a:15:54:53:28:
2e:86:93:d7:30:3c:7a:2c:d6:79:14:7f:15:ee:c4:7c:87:fc:
be:1a:f9:5c:d6:ba:b6:1b:d2:98:cf:a2:aa:b9:b0:33:17:36:
fb:43:97:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+2JD61XC3YU6OqqTLKW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTNjMzM2OTcyMDk0YjFhOGMxM2Q0MTgxNjg1N2QxOTdh
M2FhZTkwHhcNMjUwMTAxMTc0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDllOGMwZWJmNmZkOTU0Yzk4ZThhNjU5ZmUzNGFkYTg4ZjExNzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CMFX+eFV2jbtiDpEeAe8YiqhrnY
4W8JZSewYddZxosXk3PdGXMJYWJSChVtMVnC0N8ySHQVbt2/Tmy8SetpA7DFQJSg
HqxsD+5/Mo3/XORESR/+yXYDk81jQKRT7w1Cg1WjZ1TchSStQpQwVM9q4Ox1ocUK
377Snv7lLHrJ1DEJpaofBynwUX7sHSdnUQBgj37Ba9hUfy16maSMUuJtqBzn46F2
3ofxboA20fAT15EnngRFzB9WhZ+Ngy7u5Y95gJ8N/Rl5Fh3Dt/nMhYMQCXqRIPLW
IsnMipiz/W+pHqIKSE9fZo0XUak6aJrPrkGkh3twKms/9tgZHKf6hAJrWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFSejA6/b9lUyY6KZZ/jStqI8RcHMB8GA1UdIwQY
MBaAFHTjwzaXIJSxqME9QYFoV9GXo6rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAt
YTZjNDllYjI4Mjg3LzEvVko2TURyOXYyVlRKam9wbG4tTksyb2p4RndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAtYTZjNDllYjI4Mjg3
LzEvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrehMA0G
CSqGSIb3DQEBCwUAA4IBAQCGu0RNwFZaUadraojPQrj/atZNDv7Re7gBwEK9xkf2
IqTELVDaP7F3/gWAKzPgLV2o9f9kCREL40o/ByMwoLASD4k8ED5vxyAr1HtZ0h0K
aFU0oLpWxZc7qZlw34AmxIBQonTFUWflf6O43ao3wccTB2M4s4/2rvZgo4sSwIVB
a2CNfsuAGPYpOpHRnZD/skk0SbnNnaC+8l8G/wYhzHe6mxnyAsNRimUmR5l6cbse
TdAspWmA26QMteTf5kV6F+CnCj9HrvM620zCSH5kDe5Z7um3ShVUUyguhpPXMDx6
LNZ5FH8V7sR8h/y+Gvlc1rq2G9KYz6KqubAzFzb7Q5cr
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:22:11 2025 by rpki-client