Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/61a0a9-c466-469c-afbe-8fed50909770/1/W1ibYg0ozN5f0hkwbRX6gypQu6o.roa
File: W1ibYg0ozN5f0hkwbRX6gypQu6o.roa (raw, json)
Hash identifier: Q9hgjCdv4TipN26ttaTBJrYXDexn3QBOgW7gbPj7Hi8=
Subject key identifier: 5B:58:9B:62:0D:28:CC:DE:5F:D2:19:30:6D:15:FA:83:2A:50:BB:AA
Certificate issuer: /CN=990a80968e4c9603ca2b13dd1d1465965d8f3dbf
Certificate serial: 019423D7F06C39561519E20678D0517C159B
Authority key identifier: 99:0A:80:96:8E:4C:96:03:CA:2B:13:DD:1D:14:65:96:5D:8F:3D:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mQqAlo5MlgPKKxPdHRRlll2PPb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/61a0a9-c466-469c-afbe-8fed50909770/1/W1ibYg0ozN5f0hkwbRX6gypQu6o.roa
Signing time: Wed 01 Jan 2025 21:49:01 +0000
ROA not before: Wed 01 Jan 2025 21:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42659
IP address blocks: 194.110.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:f0:6c:39:56:15:19:e2:06:78:d0:51:7c:15:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=990a80968e4c9603ca2b13dd1d1465965d8f3dbf
Validity
Not Before: Jan 1 21:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b589b620d28ccde5fd219306d15fa832a50bbaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b9:eb:8e:55:77:5e:a6:d7:0b:f0:2a:2f:da:
bf:5a:1c:26:ce:23:b6:42:f4:3c:a2:42:62:4f:ca:
06:e8:3c:6d:cd:4f:6f:0f:94:8e:49:74:ac:19:09:
6e:1c:5c:1e:2f:0a:1e:2d:53:6e:2e:7d:dc:ed:e7:
a3:4a:31:ac:14:b8:ce:98:e5:ef:d7:61:52:c5:c1:
f2:f8:ed:71:a1:b8:7f:a5:e4:3b:3a:bf:69:e1:e0:
32:bc:64:2d:25:42:0c:21:c5:c8:ba:b2:91:37:74:
f1:f1:9c:ea:39:f4:50:8d:83:12:fe:ef:62:0c:f1:
f6:bc:66:90:17:10:00:19:98:c9:17:40:d7:9d:3d:
92:60:5b:80:05:7d:41:e9:48:38:b0:99:df:ea:4f:
a5:80:35:a9:1c:f9:4c:58:1a:16:c9:19:24:65:cc:
25:4b:e1:35:b0:0e:bb:70:8b:cd:ab:23:1a:11:4d:
57:8c:56:50:08:e5:c5:77:95:a5:0b:91:dc:b5:07:
40:6d:7b:13:f7:2f:c5:c4:88:01:96:3a:21:87:87:
d1:34:4a:cc:f9:69:2f:cd:83:eb:63:b3:88:0c:40:
ba:14:85:af:04:4b:25:9e:cb:db:9c:88:53:98:d3:
fd:7a:d8:24:39:35:ec:e1:49:d5:00:35:29:23:ef:
5d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:58:9B:62:0D:28:CC:DE:5F:D2:19:30:6D:15:FA:83:2A:50:BB:AA
X509v3 Authority Key Identifier:
keyid:99:0A:80:96:8E:4C:96:03:CA:2B:13:DD:1D:14:65:96:5D:8F:3D:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mQqAlo5MlgPKKxPdHRRlll2PPb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/61a0a9-c466-469c-afbe-8fed50909770/1/W1ibYg0ozN5f0hkwbRX6gypQu6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/61a0a9-c466-469c-afbe-8fed50909770/1/mQqAlo5MlgPKKxPdHRRlll2PPb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.136.0/24
Signature Algorithm: sha256WithRSAEncryption
01:87:72:83:64:71:d8:56:5a:79:3c:49:31:a2:c3:d2:53:f1:
70:15:91:0e:45:41:72:6e:8c:db:63:b5:7a:5e:cf:39:45:2d:
9b:c5:9a:39:26:dc:3f:82:9a:10:93:09:a3:59:4a:0c:98:59:
85:a4:fd:d3:7e:b7:55:e8:a8:a4:e8:4d:55:ab:e2:27:ea:c3:
d4:79:51:79:c2:d9:40:25:dc:b2:87:78:6c:bc:bd:33:c2:1e:
46:d0:1c:3a:9c:b5:96:a1:25:cf:4d:6f:ba:80:fb:09:bd:a9:
0a:62:7c:f0:42:18:df:03:3c:43:e3:26:a1:7d:10:9f:fb:e8:
79:13:28:fe:b6:01:27:93:b0:23:44:70:9a:2c:fa:00:c2:c0:
9e:ee:91:26:72:1e:a9:a6:68:8d:ab:86:68:e7:e4:30:31:50:
e3:72:26:d3:87:6e:ca:41:89:dd:0f:d5:66:9d:3f:4a:69:c1:
df:fa:49:08:5b:9b:34:7d:9f:25:81:4c:34:48:5c:e5:e0:aa:
fb:d0:75:98:e9:1e:6b:f9:2e:69:66:75:6e:67:43:34:c4:1e:
87:58:84:ba:69:7b:a7:bb:c7:5c:73:90:84:61:58:48:8a:c8:
f0:82:76:52:90:74:df:e5:7f:a1:42:17:bd:03:e8:46:03:d8:
ec:4b:d8:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1/BsOVYVGeIGeNBRfBWbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MGE4MDk2OGU0Yzk2MDNjYTJiMTNkZDFkMTQ2NTk2NWQ4
ZjNkYmYwHhcNMjUwMTAxMjE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjU4OWI2MjBkMjhjY2RlNWZkMjE5MzA2ZDE1ZmE4MzJhNTBiYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLnrjlV3XqbXC/AqL9q/WhwmziO2
QvQ8okJiT8oG6DxtzU9vD5SOSXSsGQluHFweLwoeLVNuLn3c7eejSjGsFLjOmOXv
12FSxcHy+O1xobh/peQ7Or9p4eAyvGQtJUIMIcXIurKRN3Tx8ZzqOfRQjYMS/u9i
DPH2vGaQFxAAGZjJF0DXnT2SYFuABX1B6Ug4sJnf6k+lgDWpHPlMWBoWyRkkZcwl
S+E1sA67cIvNqyMaEU1XjFZQCOXFd5WlC5HctQdAbXsT9y/FxIgBljohh4fRNErM
+WkvzYPrY7OIDEC6FIWvBEslnsvbnIhTmNP9etgkOTXs4UnVADUpI+9d5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFtYm2INKMzeX9IZMG0V+oMqULuqMB8GA1UdIwQY
MBaAFJkKgJaOTJYDyisT3R0UZZZdjz2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVFxQWxvNU1sZ1BLS3hQZEhSUmxsbDJQUGI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82MWEwYTktYzQ2Ni00NjljLWFmYmUt
OGZlZDUwOTA5NzcwLzEvVzFpYllnMG96TjVmMGhrd2JSWDZneXBRdTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82MWEwYTktYzQ2Ni00NjljLWFmYmUtOGZlZDUwOTA5Nzcw
LzEvbVFxQWxvNU1sZ1BLS3hQZEhSUmxsbDJQUGI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwm6IMA0G
CSqGSIb3DQEBCwUAA4IBAQABh3KDZHHYVlp5PEkxosPSU/FwFZEORUFybozbY7V6
Xs85RS2bxZo5Jtw/gpoQkwmjWUoMmFmFpP3TfrdV6Kik6E1Vq+In6sPUeVF5wtlA
Jdyyh3hsvL0zwh5G0Bw6nLWWoSXPTW+6gPsJvakKYnzwQhjfAzxD4yahfRCf++h5
Eyj+tgEnk7AjRHCaLPoAwsCe7pEmch6ppmiNq4Zo5+QwMVDjcibTh27KQYndD9Vm
nT9KacHf+kkIW5s0fZ8lgUw0SFzl4Kr70HWY6R5r+S5pZnVuZ0M0xB6HWIS6aXun
u8dcc5CEYVhIisjwgnZSkHTf5X+hQhe9A+hGA9jsS9j+
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:23 2025 by rpki-client