Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/1-kPKOvQCPOGcaDvzI4n2xbICq2w.roa
File: 1-kPKOvQCPOGcaDvzI4n2xbICq2w.roa (raw, json)
Hash identifier: wyhLwaZ1DSV8XhajOxoj56iss2XGIexrfzEQAhExfKA=
Subject key identifier: FA:43:CA:3A:F4:02:3C:E1:9C:68:3B:F3:23:89:F6:C5:B2:02:AB:6C
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 0194266BD239B7D12D225A69A9934D0C6C97
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/1-kPKOvQCPOGcaDvzI4n2xbICq2w.roa
Signing time: Thu 02 Jan 2025 09:49:47 +0000
ROA not before: Thu 02 Jan 2025 09:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21010
IP address blocks: 62.87.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:d2:39:b7:d1:2d:22:5a:69:a9:93:4d:0c:6c:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 2 09:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa43ca3af4023ce19c683bf32389f6c5b202ab6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6d:7a:96:63:45:92:a8:8c:ef:9b:0e:d1:f7:
af:cd:a5:1e:1f:36:c5:da:3f:61:af:73:05:d2:ab:
f6:23:91:c5:1b:8a:df:d8:f7:b9:c0:46:17:20:27:
46:e6:c8:4c:32:96:49:38:95:97:0f:4b:d3:49:32:
87:bc:52:0c:b7:04:88:f6:64:16:17:39:ca:7e:d3:
53:d4:51:d6:62:23:f4:98:d4:4f:45:30:d2:48:ae:
96:5e:19:81:1e:62:05:3b:39:f0:a1:43:f3:8d:5b:
a5:86:6d:04:59:35:b4:89:fd:67:dc:18:14:29:fc:
cc:fa:f3:50:89:87:ad:07:bf:a2:c4:b9:3d:8a:00:
53:c4:0b:40:13:92:20:4a:65:ec:57:21:2d:82:db:
eb:31:27:92:36:d5:a2:fc:3b:ee:6c:d0:1f:be:9b:
60:27:85:31:7d:2e:21:dd:7d:8b:66:74:e1:0e:da:
b0:25:c7:2b:dd:fc:99:91:9f:40:b4:3e:23:e3:01:
33:60:60:96:25:d9:fc:2c:f7:41:10:78:b8:05:38:
66:a8:9a:5b:b4:b7:9e:22:d2:75:98:19:89:d5:23:
7c:52:37:fa:c7:44:91:b5:16:81:6d:a2:8a:6d:13:
95:7d:cd:4f:a8:da:a0:71:8a:83:aa:03:99:47:07:
79:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:43:CA:3A:F4:02:3C:E1:9C:68:3B:F3:23:89:F6:C5:B2:02:AB:6C
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/1-kPKOvQCPOGcaDvzI4n2xbICq2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.87.254.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:4e:b9:2d:ef:b7:f1:17:ad:d1:b0:2f:dc:12:08:06:ca:ec:
d9:75:59:c9:07:53:e9:8e:c9:21:7e:d1:54:8a:52:03:c7:e9:
05:2b:76:37:8d:82:1c:91:0f:2c:e5:83:c9:6d:0a:bb:2e:f6:
2c:3e:46:c5:59:6e:dc:d0:99:94:77:10:bf:c4:ef:1f:dc:67:
85:ce:89:b8:c9:c5:51:9b:ab:55:03:4a:df:45:22:5a:b4:55:
03:6e:c5:e4:4c:30:df:ca:0b:0f:91:7c:25:57:2f:d8:29:89:
94:f5:c0:19:ce:ed:60:97:d5:94:15:19:ad:9b:b1:4b:3f:ce:
ef:f0:77:f4:7a:ac:ce:b6:af:c7:e6:62:70:79:63:25:99:b9:
ae:52:0c:fe:1e:20:cb:a3:d7:ad:ce:da:ab:cd:86:72:9d:37:
d6:a7:b9:18:56:57:09:6f:48:2d:35:87:f0:95:1d:ea:96:14:
77:8a:fd:c4:e2:b4:ab:ea:e6:3e:44:4e:d0:8e:9b:b6:7c:4a:
31:8d:21:c2:63:c4:58:02:14:14:40:19:c5:2e:84:7e:ec:72:
32:bf:37:c3:cb:95:65:d4:48:c4:15:6c:75:06:51:62:b2:00:
fe:8e:f6:6f:0b:3a:65:11:a1:4a:ad:cc:25:68:ef:9e:25:72:
25:db:2e:53
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQma9I5t9EtIlppqZNNDGyXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjUwMTAyMDk0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQzY2EzYWY0MDIzY2UxOWM2ODNiZjMyMzg5ZjZjNWIyMDJhYjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmW16lmNFkqiM75sO0fevzaUeHzbF
2j9hr3MF0qv2I5HFG4rf2Pe5wEYXICdG5shMMpZJOJWXD0vTSTKHvFIMtwSI9mQW
FznKftNT1FHWYiP0mNRPRTDSSK6WXhmBHmIFOznwoUPzjVulhm0EWTW0if1n3BgU
KfzM+vNQiYetB7+ixLk9igBTxAtAE5IgSmXsVyEtgtvrMSeSNtWi/DvubNAfvptg
J4UxfS4h3X2LZnThDtqwJccr3fyZkZ9AtD4j4wEzYGCWJdn8LPdBEHi4BThmqJpb
tLeeItJ1mBmJ1SN8Ujf6x0SRtRaBbaKKbROVfc1PqNqgcYqDqgOZRwd5nwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpDyjr0AjzhnGg78yOJ9sWyAqtsMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvMS1rUEtPdlFDUE9HY2FEdnpJNG4yeGJJQ3Eydy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0
Ny8xL3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD5X/jAN
BgkqhkiG9w0BAQsFAAOCAQEAj065Le+38Ret0bAv3BIIBsrs2XVZyQdT6Y7JIX7R
VIpSA8fpBSt2N42CHJEPLOWDyW0Kuy72LD5GxVlu3NCZlHcQv8TvH9xnhc6JuMnF
UZurVQNK30UiWrRVA27F5Eww38oLD5F8JVcv2CmJlPXAGc7tYJfVlBUZrZuxSz/O
7/B39Hqszravx+ZicHljJZm5rlIM/h4gy6PXrc7aq82Gcp031qe5GFZXCW9ILTWH
8JUd6pYUd4r9xOK0q+rmPkRO0I6btnxKMY0hwmPEWAIUFEAZxS6EfuxyMr83w8uV
ZdRIxBVsdQZRYrIA/o72bws6ZRGhSq3MJWjvniVyJdsuUw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:15:11 2025 by rpki-client