Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/GopMrpyToOz7hTEn02tSlWTChNc.roa
File: GopMrpyToOz7hTEn02tSlWTChNc.roa (raw, json)
Hash identifier: PWyNZm9NNDQb4vDrYexwTILfoeBvuqO0/ZesnD+rBMg=
Subject key identifier: 1A:8A:4C:AE:9C:93:A0:EC:FB:85:31:27:D3:6B:52:95:64:C2:84:D7
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 019422FB5A53B90EBAEBDF5355219ABA2E1D
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/GopMrpyToOz7hTEn02tSlWTChNc.roa
Signing time: Wed 01 Jan 2025 17:48:05 +0000
ROA not before: Wed 01 Jan 2025 17:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198229
IP address blocks: 194.31.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:5a:53:b9:0e:ba:eb:df:53:55:21:9a:ba:2e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Jan 1 17:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a8a4cae9c93a0ecfb853127d36b529564c284d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:bb:f5:84:65:7d:3c:62:4d:d3:53:ad:ec:7b:
d5:ba:a2:5f:8d:72:2e:f2:ba:31:33:c2:e8:dc:7d:
a6:10:7d:b5:5f:db:5c:8b:eb:07:e6:35:7a:9d:01:
1e:59:ac:70:a4:ba:70:fc:e2:5f:45:33:ec:82:41:
fd:e6:e9:79:ba:99:69:f5:a5:3d:cf:70:47:85:c8:
f0:2f:b7:2e:ae:cd:b1:c7:d5:11:50:b7:72:64:6e:
73:96:98:4e:bd:50:fd:d1:00:b5:52:c5:1a:bd:ac:
7f:6a:5a:ba:10:b9:59:58:d8:b4:0a:08:65:c3:64:
ac:31:0e:24:a4:86:40:20:cc:be:72:b4:48:cf:2f:
86:e7:09:cf:f7:6b:5b:90:d8:bd:c5:a6:64:64:f2:
2f:2a:dd:27:39:e5:9a:e3:4d:44:b6:8d:8a:4c:2b:
76:d8:8d:79:be:3c:71:80:72:52:a2:ed:a7:3e:77:
6c:31:39:89:31:fd:05:e7:d9:1d:75:eb:6d:6f:e1:
d8:ca:09:6d:31:5e:31:cf:c9:87:b1:10:5b:b0:f3:
ba:49:95:19:9b:30:61:36:8e:c1:64:3a:1c:ca:18:
8c:28:3a:b6:63:f1:62:59:9b:c1:fb:7d:e0:95:d2:
4c:6d:ae:5c:7b:dc:bf:7f:27:8c:94:d7:01:40:27:
b5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:8A:4C:AE:9C:93:A0:EC:FB:85:31:27:D3:6B:52:95:64:C2:84:D7
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/GopMrpyToOz7hTEn02tSlWTChNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.132.0/24
Signature Algorithm: sha256WithRSAEncryption
09:c7:0b:4e:37:a5:ce:cb:d4:c5:67:a3:4c:0b:19:14:93:0f:
e3:fa:b5:d4:45:e0:cf:ae:bd:01:d4:84:72:f0:36:af:c1:b8:
ff:7f:55:59:f8:95:be:9f:95:23:b6:40:d7:22:eb:f0:46:49:
36:0e:31:85:96:23:b2:10:89:3c:e0:fa:36:a3:69:ee:79:45:
18:e6:61:29:15:1b:e7:38:e2:51:64:70:0b:16:af:0c:1e:5a:
10:11:8e:59:94:52:50:c1:35:a0:29:7e:75:d4:ac:54:75:3e:
33:33:0b:53:b7:62:14:34:67:1d:80:4b:72:bc:0c:c5:0d:d4:
66:5d:21:2c:fb:82:36:bc:2a:00:84:75:2a:dd:3c:1f:97:61:
80:e9:d3:6e:06:85:2f:0c:12:c1:40:14:3a:3b:a3:7e:8b:07:
0c:c9:1f:99:b8:8a:ef:81:dd:f9:b0:8f:03:bb:cd:76:bf:6e:
db:2b:f7:80:c3:12:de:c2:97:85:17:ba:c3:8e:07:26:2b:3c:
02:e0:87:ee:53:07:5f:03:e6:57:f4:d9:dd:53:d7:d3:20:77:
f5:31:ec:95:24:75:b6:cf:61:f0:f5:04:da:de:4e:77:86:97:
1a:d4:c0:3a:ec:5f:bf:c9:bf:19:1c:81:a4:83:c6:f9:ed:01:
2f:08:03:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+1pTuQ66699TVSGaui4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjUwMTAxMTc0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYThhNGNhZTljOTNhMGVjZmI4NTMxMjdkMzZiNTI5NTY0YzI4NGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57v1hGV9PGJN01Ot7HvVuqJfjXIu
8roxM8Lo3H2mEH21X9tci+sH5jV6nQEeWaxwpLpw/OJfRTPsgkH95ul5uplp9aU9
z3BHhcjwL7curs2xx9URULdyZG5zlphOvVD90QC1UsUavax/alq6ELlZWNi0Cghl
w2SsMQ4kpIZAIMy+crRIzy+G5wnP92tbkNi9xaZkZPIvKt0nOeWa401Eto2KTCt2
2I15vjxxgHJSou2nPndsMTmJMf0F59kddettb+HYygltMV4xz8mHsRBbsPO6SZUZ
mzBhNo7BZDocyhiMKDq2Y/FiWZvB+33gldJMba5ce9y/fyeMlNcBQCe1VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBqKTK6ck6Ds+4UxJ9NrUpVkwoTXMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvR29wTXJweVRvT3o3aFRFbjAydFNsV1RDaE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh+EMA0G
CSqGSIb3DQEBCwUAA4IBAQAJxwtON6XOy9TFZ6NMCxkUkw/j+rXUReDPrr0B1IRy
8Davwbj/f1VZ+JW+n5UjtkDXIuvwRkk2DjGFliOyEIk84Po2o2nueUUY5mEpFRvn
OOJRZHALFq8MHloQEY5ZlFJQwTWgKX511KxUdT4zMwtTt2IUNGcdgEtyvAzFDdRm
XSEs+4I2vCoAhHUq3Twfl2GA6dNuBoUvDBLBQBQ6O6N+iwcMyR+ZuIrvgd35sI8D
u812v27bK/eAwxLewpeFF7rDjgcmKzwC4IfuUwdfA+ZX9NndU9fTIHf1MeyVJHW2
z2Hw9QTa3k53hpca1MA67F+/yb8ZHIGkg8b57QEvCAPd
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:16:48 2025 by rpki-client