Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/bDOy4M4R57nj8_Sff5gfBKz-LP0.roa
File: bDOy4M4R57nj8_Sff5gfBKz-LP0.roa (raw, json)
Hash identifier: vm1SQ0etoIa7LbOonRtmj5Ah0LoPLSlL7NdxQSQ76i0=
Subject key identifier: 6C:33:B2:E0:CE:11:E7:B9:E3:F3:F4:9F:7F:98:1F:04:AC:FE:2C:FD
Certificate issuer: /CN=1c2ac1246a2e0ea97a0c2295b73ddbe006d0ed2c
Certificate serial: 01941F8C9B2357E6FB7FC5D1BB7BAF7009BA
Authority key identifier: 1C:2A:C1:24:6A:2E:0E:A9:7A:0C:22:95:B7:3D:DB:E0:06:D0:ED:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCrBJGouDql6DCKVtz3b4AbQ7Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/bDOy4M4R57nj8_Sff5gfBKz-LP0.roa
Signing time: Wed 01 Jan 2025 01:48:15 +0000
ROA not before: Wed 01 Jan 2025 01:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48769
IP address blocks: 194.153.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:9b:23:57:e6:fb:7f:c5:d1:bb:7b:af:70:09:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c2ac1246a2e0ea97a0c2295b73ddbe006d0ed2c
Validity
Not Before: Jan 1 01:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c33b2e0ce11e7b9e3f3f49f7f981f04acfe2cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4e:4b:a9:7b:92:4d:27:b2:18:6a:8e:c8:69:
bc:2b:c2:8e:7f:6b:14:fd:6b:0f:0c:73:3c:cc:80:
fb:8e:32:67:ad:ac:41:63:29:5c:42:4d:12:60:b6:
21:9b:b3:c4:ae:3b:6c:c0:a2:11:11:99:4d:06:6c:
b0:5e:8a:b4:22:b8:e9:63:e7:3d:fb:cc:d7:5d:f9:
b5:b2:bb:a4:80:55:18:4d:d9:42:5a:d5:83:d0:51:
f4:ed:7d:16:f6:4f:d8:d0:66:33:66:6e:fb:8b:01:
56:27:32:08:9f:66:f3:98:37:70:96:34:5f:01:fd:
dd:cc:80:db:c9:fb:47:2d:73:61:4f:d7:e2:76:3a:
0c:05:89:ac:49:b9:78:8e:92:45:37:b8:bf:b7:9c:
d7:f7:4e:b5:8a:45:bc:91:3c:41:e5:10:11:f9:04:
b5:78:9a:8d:f2:79:6d:a0:7a:8d:8f:60:31:9a:d6:
c1:ea:a5:80:dd:28:f0:a6:5d:ce:6f:6d:14:81:23:
7a:b7:55:85:09:b3:14:8c:98:1c:c9:22:77:73:49:
64:b1:44:c7:b8:9c:b6:1e:b8:4b:b2:fc:09:ea:ef:
84:3a:2d:bf:89:cd:2f:80:51:33:1e:78:5f:7b:80:
26:9a:1d:51:80:b0:fc:c2:0f:94:8b:b4:78:bd:bd:
86:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:33:B2:E0:CE:11:E7:B9:E3:F3:F4:9F:7F:98:1F:04:AC:FE:2C:FD
X509v3 Authority Key Identifier:
keyid:1C:2A:C1:24:6A:2E:0E:A9:7A:0C:22:95:B7:3D:DB:E0:06:D0:ED:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCrBJGouDql6DCKVtz3b4AbQ7Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/bDOy4M4R57nj8_Sff5gfBKz-LP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/HCrBJGouDql6DCKVtz3b4AbQ7Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.187.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:48:72:be:7e:e6:85:ed:f7:87:6f:4a:45:30:87:0b:86:f3:
3a:9c:e8:30:51:1d:47:3a:b1:dd:7a:3e:53:da:de:5b:53:a1:
45:aa:fc:26:56:f0:40:9f:7d:8d:2b:d7:34:82:60:34:35:4a:
d0:22:31:9b:bb:fd:da:27:20:af:b6:85:3c:e4:96:a6:66:f9:
37:20:a0:db:40:45:27:db:fa:14:fd:65:f0:c3:16:27:ac:5e:
09:b1:e3:65:29:f8:c4:3a:4f:0b:f5:05:a7:9d:4f:a4:49:a0:
f4:9a:84:77:8d:85:d0:91:94:3f:ce:14:e3:68:d4:d8:ca:8a:
aa:f4:d3:6a:42:93:b4:91:ed:3e:95:0d:e0:0c:e1:de:49:e8:
98:34:73:8d:aa:92:58:0c:42:9b:66:9b:c5:63:f0:98:e7:8d:
c5:d2:ab:a2:1c:8a:42:70:f8:2d:02:9e:ff:80:f3:64:2c:b7:
a1:69:a2:a5:ea:eb:05:e1:fa:bd:40:4c:12:17:53:8b:62:55:
67:09:44:b0:5d:5f:09:26:6f:ba:93:51:c1:84:20:d6:70:12:
6a:2c:07:3e:d5:9a:32:ae:5a:63:0f:2b:17:9e:b1:b5:a7:70:
45:0e:59:69:4c:53:f4:48:c7:0d:a2:36:f3:02:2d:f7:6b:b7:
aa:32:84:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJsjV+b7f8XRu3uvcAm6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMmFjMTI0NmEyZTBlYTk3YTBjMjI5NWI3M2RkYmUwMDZk
MGVkMmMwHhcNMjUwMTAxMDE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzMzYjJlMGNlMTFlN2I5ZTNmM2Y0OWY3Zjk4MWYwNGFjZmUyY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxU5LqXuSTSeyGGqOyGm8K8KOf2sU
/WsPDHM8zID7jjJnraxBYylcQk0SYLYhm7PErjtswKIREZlNBmywXoq0IrjpY+c9
+8zXXfm1srukgFUYTdlCWtWD0FH07X0W9k/Y0GYzZm77iwFWJzIIn2bzmDdwljRf
Af3dzIDbyftHLXNhT9fidjoMBYmsSbl4jpJFN7i/t5zX9061ikW8kTxB5RAR+QS1
eJqN8nltoHqNj2AxmtbB6qWA3Sjwpl3Ob20UgSN6t1WFCbMUjJgcySJ3c0lksUTH
uJy2HrhLsvwJ6u+EOi2/ic0vgFEzHnhfe4Ammh1RgLD8wg+Ui7R4vb2GKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGwzsuDOEee54/P0n3+YHwSs/iz9MB8GA1UdIwQY
MBaAFBwqwSRqLg6pegwilbc92+AG0O0sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENyQkpHb3VEcWw2RENLVnR6M2I0QWJRN1N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wZGU3ZTEtYmY3Zi00MzRmLTk1OTEt
OGQ0NmUwOWRmOWYzLzEvYkRPeTRNNFI1N25qOF9TZmY1Z2ZCS3otTFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wZGU3ZTEtYmY3Zi00MzRmLTk1OTEtOGQ0NmUwOWRmOWYz
LzEvSENyQkpHb3VEcWw2RENLVnR6M2I0QWJRN1N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpm7MA0G
CSqGSIb3DQEBCwUAA4IBAQDNSHK+fuaF7feHb0pFMIcLhvM6nOgwUR1HOrHdej5T
2t5bU6FFqvwmVvBAn32NK9c0gmA0NUrQIjGbu/3aJyCvtoU85JamZvk3IKDbQEUn
2/oU/WXwwxYnrF4JseNlKfjEOk8L9QWnnU+kSaD0moR3jYXQkZQ/zhTjaNTYyoqq
9NNqQpO0ke0+lQ3gDOHeSeiYNHONqpJYDEKbZpvFY/CY543F0quiHIpCcPgtAp7/
gPNkLLehaaKl6usF4fq9QEwSF1OLYlVnCUSwXV8JJm+6k1HBhCDWcBJqLAc+1Zoy
rlpjDysXnrG1p3BFDllpTFP0SMcNojbzAi33a7eqMoTl
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:30:52 2025 by rpki-client