Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/STZWLPkBhU0SwVRp3efzqmKSPYg.roa
File: STZWLPkBhU0SwVRp3efzqmKSPYg.roa (raw, json)
Hash identifier: A2fH9M7CbQpcrEP2LRcWOMvaz90FSmRxEGV9tzVG9jU=
Subject key identifier: 49:36:56:2C:F9:01:85:4D:12:C1:54:69:DD:E7:F3:AA:62:92:3D:88
Certificate issuer: /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial: 01856C5C9DEF2A7405D78E7559909540AACF
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/STZWLPkBhU0SwVRp3efzqmKSPYg.roa
Signing time: Sun 01 Jan 2023 08:04:47 +0000
ROA not before: Sun 01 Jan 2023 08:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 194.107.161.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:9d:ef:2a:74:05:d7:8e:75:59:90:95:40:aa:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Validity
Not Before: Jan 1 08:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4936562cf901854d12c15469dde7f3aa62923d88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:20:22:88:51:47:5e:64:b5:ef:f3:1b:ee:3f:
e1:8e:68:71:3b:a6:d6:31:f7:19:1b:e2:4c:63:98:
12:25:f6:52:d7:60:e7:35:94:76:04:95:7a:3e:40:
27:8a:55:85:e5:09:fc:c8:61:f0:f5:4f:46:f5:0b:
50:f4:43:05:b8:77:6f:d5:e4:38:22:d2:83:56:de:
f3:48:b0:69:38:99:28:8f:5a:c6:73:70:da:99:89:
08:c8:09:b8:1c:55:1a:24:d0:0b:7d:a3:9d:7e:80:
29:9e:63:51:33:0f:ac:e3:23:34:70:b4:ba:62:b5:
c4:fd:f9:d2:71:63:15:61:d6:44:11:fb:ba:3d:22:
29:8e:96:d7:8f:77:bb:0f:c5:9f:61:e4:35:fd:41:
f7:14:30:5e:6c:a0:15:b9:f5:72:ff:08:3a:29:7f:
60:12:66:14:eb:50:e7:8e:3e:94:78:bb:a4:89:5a:
a7:ff:6e:4b:75:a4:fc:7a:0c:a0:d4:d1:97:2e:7e:
ce:94:c3:1b:42:50:9a:4a:e8:a9:95:6b:21:6e:bd:
a2:c3:bd:99:5d:dd:14:16:00:ff:3c:d2:69:53:9e:
a2:3d:17:76:29:d0:68:aa:4d:88:3b:f0:5d:28:23:
54:4c:c3:14:1f:fa:1e:04:05:ad:fc:9c:4d:04:f7:
49:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:36:56:2C:F9:01:85:4D:12:C1:54:69:DD:E7:F3:AA:62:92:3D:88
X509v3 Authority Key Identifier:
keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/STZWLPkBhU0SwVRp3efzqmKSPYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.161.0/24
Signature Algorithm: sha256WithRSAEncryption
78:01:85:c6:67:6a:03:ff:f1:4b:52:eb:65:3f:60:d7:ac:42:
5a:b8:e7:cf:9f:b6:3a:83:bd:9e:39:6e:ba:01:de:a6:72:20:
01:bb:00:92:b9:18:3a:ee:e0:61:ee:dc:12:ec:73:9e:b4:5f:
83:d1:b5:3d:46:c6:83:ba:68:08:47:a1:9c:41:d8:6e:7e:07:
4b:2b:37:58:cd:75:23:01:03:38:f3:88:91:f5:65:56:f2:15:
84:75:5f:e2:ac:66:63:d5:69:4d:a9:59:10:fc:f4:56:81:dc:
da:fe:73:17:a5:97:23:91:56:08:9b:84:3f:76:bd:85:3a:07:
1e:97:9e:53:e3:30:03:6b:4d:0c:49:99:d2:66:df:3d:1e:01:
27:45:1f:d9:1e:7b:ab:3c:4f:ba:59:92:7a:e4:09:26:83:91:
79:57:26:27:74:14:7a:7e:30:e4:32:e4:84:60:2a:d3:af:03:
4e:14:ef:ab:d0:8c:b0:59:e4:29:31:31:9c:86:c7:0d:05:c8:
64:11:37:46:90:3c:4b:22:f1:c6:83:60:5d:87:23:b1:f1:09:
ad:3a:1c:25:00:de:32:3d:f4:98:6d:c8:4b:be:28:95:a5:cf:
b2:1c:e6:52:ae:73:5f:f4:0f:3f:2b:e0:10:54:bf:24:72:26:
d9:d6:01:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsXJ3vKnQF1451WZCVQKrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjMwMTAxMDgwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTM2NTYyY2Y5MDE4NTRkMTJjMTU0NjlkZGU3ZjNhYTYyOTIzZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCAiiFFHXmS17/Mb7j/hjmhxO6bW
MfcZG+JMY5gSJfZS12DnNZR2BJV6PkAnilWF5Qn8yGHw9U9G9QtQ9EMFuHdv1eQ4
ItKDVt7zSLBpOJkoj1rGc3DamYkIyAm4HFUaJNALfaOdfoApnmNRMw+s4yM0cLS6
YrXE/fnScWMVYdZEEfu6PSIpjpbXj3e7D8WfYeQ1/UH3FDBebKAVufVy/wg6KX9g
EmYU61Dnjj6UeLukiVqn/25LdaT8egyg1NGXLn7OlMMbQlCaSuiplWshbr2iw72Z
Xd0UFgD/PNJpU56iPRd2KdBoqk2IO/BdKCNUTMMUH/oeBAWt/JxNBPdJYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEk2Viz5AYVNEsFUad3n86pikj2IMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvU1RaV0xQa0JoVTBTd1ZScDNlZnpxbUtTUFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmuhMA0G
CSqGSIb3DQEBCwUAA4IBAQB4AYXGZ2oD//FLUutlP2DXrEJauOfPn7Y6g72eOW66
Ad6mciABuwCSuRg67uBh7twS7HOetF+D0bU9RsaDumgIR6GcQdhufgdLKzdYzXUj
AQM484iR9WVW8hWEdV/irGZj1WlNqVkQ/PRWgdza/nMXpZcjkVYIm4Q/dr2FOgce
l55T4zADa00MSZnSZt89HgEnRR/ZHnurPE+6WZJ65Akmg5F5VyYndBR6fjDkMuSE
YCrTrwNOFO+r0IywWeQpMTGchscNBchkETdGkDxLIvHGg2BdhyOx8QmtOhwlAN4y
PfSYbchLviiVpc+yHOZSrnNf9A8/K+AQVL8kcibZ1gH9
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:16 2025 by rpki-client