Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/d80877-7f1e-4a50-9957-070a1f71885e/1/4YgTCDr1c5g3jVQHEpRMEOptksE.roa
File: 4YgTCDr1c5g3jVQHEpRMEOptksE.roa (raw, json)
Hash identifier: M/7AjuESzQHGAA4OkIywfGz3Bl0/7ZHRB4vt9CwoaKo=
Subject key identifier: E1:88:13:08:3A:F5:73:98:37:8D:54:07:12:94:4C:10:EA:6D:92:C1
Certificate issuer: /CN=b85874095c4c9422b935975a71564f0771cd292e
Certificate serial: 019426D9A9E00F002CF6013FF13514A4A3C6
Authority key identifier: B8:58:74:09:5C:4C:94:22:B9:35:97:5A:71:56:4F:07:71:CD:29:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uFh0CVxMlCK5NZdacVZPB3HNKS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/d80877-7f1e-4a50-9957-070a1f71885e/1/4YgTCDr1c5g3jVQHEpRMEOptksE.roa
Signing time: Thu 02 Jan 2025 11:49:46 +0000
ROA not before: Thu 02 Jan 2025 11:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 192.160.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:a9:e0:0f:00:2c:f6:01:3f:f1:35:14:a4:a3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b85874095c4c9422b935975a71564f0771cd292e
Validity
Not Before: Jan 2 11:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e18813083af57398378d540712944c10ea6d92c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b0:42:59:92:57:ef:ba:ee:de:27:75:ee:fa:
39:03:6c:73:b3:b7:d2:56:b0:1a:ae:f7:60:1b:cb:
27:fd:41:db:c6:20:c4:bb:b2:29:74:9f:ee:cb:1c:
4c:2c:cb:b7:33:0e:eb:37:0a:2b:b4:10:7c:72:7c:
50:23:00:a1:d7:36:df:0f:fe:03:84:9c:ff:26:1e:
5f:cf:6e:25:22:41:19:37:6e:54:9f:19:d1:a2:31:
ab:d1:37:f1:92:54:0f:65:6d:d9:46:3f:18:09:eb:
0d:37:5a:eb:c2:54:95:99:dd:8a:bd:fe:8f:7f:1d:
09:c1:44:ef:a9:e5:68:b3:53:e5:26:6d:b4:24:9c:
dc:0d:87:2b:c0:30:11:ba:d2:b4:ef:60:24:cc:6a:
55:fb:06:66:7e:75:10:e6:6c:43:b2:cc:dd:2e:a7:
5b:95:91:19:b5:0c:54:dc:76:13:9c:87:d0:e6:f2:
8d:da:49:3c:3e:1d:14:84:41:77:f3:cd:ba:58:a4:
ca:00:24:6c:ab:56:60:d0:d0:9e:d0:67:99:ff:b6:
bc:ae:95:ac:8f:54:f2:8f:f0:1a:f7:31:15:0a:31:
ff:0e:fe:96:75:45:59:dd:73:94:c0:74:41:f6:86:
f9:d3:ea:77:d5:d2:d3:1b:ce:80:9b:75:a6:49:26:
79:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:88:13:08:3A:F5:73:98:37:8D:54:07:12:94:4C:10:EA:6D:92:C1
X509v3 Authority Key Identifier:
keyid:B8:58:74:09:5C:4C:94:22:B9:35:97:5A:71:56:4F:07:71:CD:29:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFh0CVxMlCK5NZdacVZPB3HNKS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d80877-7f1e-4a50-9957-070a1f71885e/1/4YgTCDr1c5g3jVQHEpRMEOptksE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d80877-7f1e-4a50-9957-070a1f71885e/1/uFh0CVxMlCK5NZdacVZPB3HNKS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.160.194.0/24
Signature Algorithm: sha256WithRSAEncryption
49:83:41:c2:69:51:fc:4a:56:8d:e5:1a:fc:24:f3:4a:2b:40:
c6:ea:ca:b4:7e:31:2c:fe:a3:c3:5e:a8:bf:be:6e:50:4e:2a:
17:e5:59:e6:8b:3a:cc:f7:18:55:89:8d:47:1a:c7:0a:bb:7a:
9f:61:d7:e5:7a:82:54:d7:f5:59:53:f5:77:ed:6d:18:53:77:
4a:26:78:e3:4e:c1:43:ec:45:36:9a:d5:33:d4:2d:78:c1:8f:
c1:7d:66:d8:2c:9e:83:f7:05:3f:72:54:2c:8b:26:5d:09:72:
0f:bf:23:3f:17:18:10:73:d0:e2:97:39:06:69:f3:5b:e6:35:
b8:c8:c2:6e:49:1c:a8:26:e0:6c:e9:94:f9:69:30:eb:fa:0c:
cf:d8:c0:96:e4:27:85:82:c2:8c:b5:ed:d9:bf:6c:b6:92:66:
9d:a4:dd:23:76:fc:b2:b8:0e:ca:2b:5a:a2:89:47:6b:fd:63:
6c:65:94:c4:4f:b9:9e:89:aa:97:30:fa:4e:b0:e4:42:67:99:
3a:4e:f1:67:aa:6b:70:5b:3e:1f:61:a2:d6:ac:df:fe:bb:3e:
c9:b9:33:7e:60:05:39:e8:42:0f:c3:33:d0:19:03:94:b0:cd:
ec:7e:f8:89:f5:8f:f3:11:09:8b:52:f2:9d:bc:23:bf:58:80:
21:f5:7b:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2angDwAs9gE/8TUUpKPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NTg3NDA5NWM0Yzk0MjJiOTM1OTc1YTcxNTY0ZjA3NzFj
ZDI5MmUwHhcNMjUwMTAyMTE0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTg4MTMwODNhZjU3Mzk4Mzc4ZDU0MDcxMjk0NGMxMGVhNmQ5MmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17BCWZJX77ru3id17vo5A2xzs7fS
VrAarvdgG8sn/UHbxiDEu7IpdJ/uyxxMLMu3Mw7rNwortBB8cnxQIwCh1zbfD/4D
hJz/Jh5fz24lIkEZN25UnxnRojGr0TfxklQPZW3ZRj8YCesNN1rrwlSVmd2Kvf6P
fx0JwUTvqeVos1PlJm20JJzcDYcrwDARutK072AkzGpV+wZmfnUQ5mxDsszdLqdb
lZEZtQxU3HYTnIfQ5vKN2kk8Ph0UhEF38826WKTKACRsq1Zg0NCe0GeZ/7a8rpWs
j1Tyj/Aa9zEVCjH/Dv6WdUVZ3XOUwHRB9ob50+p31dLTG86Am3WmSSZ5xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOGIEwg69XOYN41UBxKUTBDqbZLBMB8GA1UdIwQY
MBaAFLhYdAlcTJQiuTWXWnFWTwdxzSkuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZoMENWeE1sQ0s1TlpkYWNWWlBCM0hOS1M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9kODA4NzctN2YxZS00YTUwLTk5NTct
MDcwYTFmNzE4ODVlLzEvNFlnVENEcjFjNWczalZRSEVwUk1FT3B0a3NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9kODA4NzctN2YxZS00YTUwLTk5NTctMDcwYTFmNzE4ODVl
LzEvdUZoMENWeE1sQ0s1TlpkYWNWWlBCM0hOS1M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKDCMA0G
CSqGSIb3DQEBCwUAA4IBAQBJg0HCaVH8SlaN5Rr8JPNKK0DG6sq0fjEs/qPDXqi/
vm5QTioX5VnmizrM9xhViY1HGscKu3qfYdfleoJU1/VZU/V37W0YU3dKJnjjTsFD
7EU2mtUz1C14wY/BfWbYLJ6D9wU/clQsiyZdCXIPvyM/FxgQc9DilzkGafNb5jW4
yMJuSRyoJuBs6ZT5aTDr+gzP2MCW5CeFgsKMte3Zv2y2kmadpN0jdvyyuA7KK1qi
iUdr/WNsZZTET7meiaqXMPpOsORCZ5k6TvFnqmtwWz4fYaLWrN/+uz7JuTN+YAU5
6EIPwzPQGQOUsM3sfviJ9Y/zEQmLUvKdvCO/WIAh9XsA
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:37:00 2025 by rpki-client