Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/leLN7dUwqNQXTkicjPodaPNaHrA.roa
File: leLN7dUwqNQXTkicjPodaPNaHrA.roa (raw, json)
Hash identifier: /TZBYmyqPdbIBcWc+Ubi8mL2e3Sg1zgKUo/8XZMZsK8=
Subject key identifier: 95:E2:CD:ED:D5:30:A8:D4:17:4E:48:9C:8C:FA:1D:68:F3:5A:1E:B0
Certificate issuer: /CN=74e3c336972094b1a8c13d41816857d197a3aae9
Certificate serial: 019422FB5F99119096D209783E730F7B18CE
Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/leLN7dUwqNQXTkicjPodaPNaHrA.roa
Signing time: Wed 01 Jan 2025 17:48:06 +0000
ROA not before: Wed 01 Jan 2025 17:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57202
IP address blocks: 194.183.180.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:5f:99:11:90:96:d2:09:78:3e:73:0f:7b:18:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9
Validity
Not Before: Jan 1 17:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95e2cdedd530a8d4174e489c8cfa1d68f35a1eb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:23:6d:df:3a:5c:fd:34:bf:64:c2:fd:10:68:
b8:ed:5d:1a:ad:43:5d:06:13:fa:69:c6:c2:6f:2a:
ce:9a:6c:1e:ea:30:8d:b1:2f:33:8b:76:b6:7b:22:
ae:4a:f2:f0:fb:7c:0b:04:20:92:4d:cd:1a:79:5b:
e7:48:52:4b:29:2e:12:13:82:c6:32:c2:1c:2d:df:
ed:90:da:9b:31:7b:b3:aa:b8:ea:05:24:4e:40:c9:
72:3c:00:f6:33:9e:1f:f3:1b:13:0b:a1:48:0a:0a:
1b:a0:90:de:01:9e:9a:63:1a:0d:56:ef:e9:c0:fa:
90:03:5b:96:8c:8f:d1:02:11:32:5f:a6:d8:ce:16:
3f:0c:93:64:dd:a3:52:a0:1c:36:e4:a6:e2:9c:38:
a1:a7:9a:b4:28:ca:c9:8d:33:31:14:38:b3:60:63:
fa:f1:79:c6:c0:56:16:45:5d:7d:2c:10:a6:c1:e6:
4e:71:5d:5b:66:ce:1b:54:69:73:1c:cc:20:e6:fc:
3a:72:43:a8:2b:6c:05:d1:72:41:18:f2:a9:0d:73:
67:5c:22:2b:b9:aa:b2:34:7a:78:4b:e7:93:ab:30:
d8:24:63:11:10:17:40:06:af:53:d8:d0:b8:d5:57:
f8:10:42:2f:63:f7:ba:84:ad:c4:12:95:8d:7d:10:
bb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E2:CD:ED:D5:30:A8:D4:17:4E:48:9C:8C:FA:1D:68:F3:5A:1E:B0
X509v3 Authority Key Identifier:
keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/leLN7dUwqNQXTkicjPodaPNaHrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.183.180.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:ca:8c:b3:2e:5a:4c:c2:31:64:6e:be:26:e8:65:76:e2:1d:
bd:cf:4e:e0:c8:b3:39:5d:d5:b5:93:80:1e:4d:7a:c0:a0:9a:
f1:6a:48:d7:2a:b5:8c:ec:7d:01:c7:27:19:bb:d3:80:c5:04:
53:a5:68:58:26:2c:3d:36:81:5d:34:09:7f:dd:ac:69:e7:e2:
35:4c:f8:b0:2b:84:19:24:6f:36:0e:85:58:66:f6:c5:97:5d:
8c:1e:59:27:93:6f:db:3a:92:74:df:dc:e2:6f:77:10:d4:85:
c1:df:3c:4a:e6:f7:dc:45:18:60:62:f8:e0:93:60:48:f2:af:
18:00:a3:bb:ef:2b:e8:d2:00:04:d3:6b:31:b5:44:78:28:f6:
52:68:b1:8c:b5:e7:72:17:ff:62:de:3f:32:0b:45:81:3b:79:
fc:1a:a6:9c:c4:08:a7:70:77:3a:c4:ba:d1:eb:01:4f:26:56:
3d:b9:55:31:ca:82:7f:5d:f6:03:3f:f9:4b:d2:ea:37:f0:69:
f6:3f:5d:6f:8b:e4:07:5b:b5:92:c6:e9:8e:ba:8c:40:bf:33:
5b:3d:28:1a:14:b6:68:fb:c2:6a:79:03:bb:8e:7d:61:10:21:
2b:8e:75:47:61:c1:3f:f2:0d:e6:68:26:f7:91:3f:7f:ec:8b:
7d:98:56:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+1+ZEZCW0gl4PnMPexjOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTNjMzM2OTcyMDk0YjFhOGMxM2Q0MTgxNjg1N2QxOTdh
M2FhZTkwHhcNMjUwMTAxMTc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWUyY2RlZGQ1MzBhOGQ0MTc0ZTQ4OWM4Y2ZhMWQ2OGYzNWExZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyNt3zpc/TS/ZML9EGi47V0arUNd
BhP6acbCbyrOmmwe6jCNsS8zi3a2eyKuSvLw+3wLBCCSTc0aeVvnSFJLKS4SE4LG
MsIcLd/tkNqbMXuzqrjqBSROQMlyPAD2M54f8xsTC6FICgoboJDeAZ6aYxoNVu/p
wPqQA1uWjI/RAhEyX6bYzhY/DJNk3aNSoBw25KbinDihp5q0KMrJjTMxFDizYGP6
8XnGwFYWRV19LBCmweZOcV1bZs4bVGlzHMwg5vw6ckOoK2wF0XJBGPKpDXNnXCIr
uaqyNHp4S+eTqzDYJGMREBdABq9T2NC41Vf4EEIvY/e6hK3EEpWNfRC74QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXize3VMKjUF05InIz6HWjzWh6wMB8GA1UdIwQY
MBaAFHTjwzaXIJSxqME9QYFoV9GXo6rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAt
YTZjNDllYjI4Mjg3LzEvbGVMTjdkVXdxTlFYVGtpY2pQb2RhUE5hSHJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAtYTZjNDllYjI4Mjg3
LzEvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwre0MA0G
CSqGSIb3DQEBCwUAA4IBAQCpyoyzLlpMwjFkbr4m6GV24h29z07gyLM5XdW1k4Ae
TXrAoJrxakjXKrWM7H0BxycZu9OAxQRTpWhYJiw9NoFdNAl/3axp5+I1TPiwK4QZ
JG82DoVYZvbFl12MHlknk2/bOpJ039zib3cQ1IXB3zxK5vfcRRhgYvjgk2BI8q8Y
AKO77yvo0gAE02sxtUR4KPZSaLGMtedyF/9i3j8yC0WBO3n8GqacxAincHc6xLrR
6wFPJlY9uVUxyoJ/XfYDP/lL0uo38Gn2P11vi+QHW7WSxumOuoxAvzNbPSgaFLZo
+8JqeQO7jn1hECErjnVHYcE/8g3maCb3kT9/7It9mFb/
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:41:17 2025 by rpki-client