Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/sEY4t-bPe6btAR7wv3UJWwU-X2E.roa
File: sEY4t-bPe6btAR7wv3UJWwU-X2E.roa (raw, json)
Hash identifier: aU4yEzDR1E1BJAYcSFYYldSWQZ2ELBxfjYhJldcUrMM=
Subject key identifier: B0:46:38:B7:E6:CF:7B:A6:ED:01:1E:F0:BF:75:09:5B:05:3E:5F:61
Certificate issuer: /CN=24a9d84c6d16c083093c3371b4575d36ef448fe4
Certificate serial: 0194221FE8F015D3CB59B9D471CF4E049C0F
Authority key identifier: 24:A9:D8:4C:6D:16:C0:83:09:3C:33:71:B4:57:5D:36:EF:44:8F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/sEY4t-bPe6btAR7wv3UJWwU-X2E.roa
Signing time: Wed 01 Jan 2025 13:48:24 +0000
ROA not before: Wed 01 Jan 2025 13:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41514
IP address blocks: 194.156.152.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e8:f0:15:d3:cb:59:b9:d4:71:cf:4e:04:9c:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24a9d84c6d16c083093c3371b4575d36ef448fe4
Validity
Not Before: Jan 1 13:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b04638b7e6cf7ba6ed011ef0bf75095b053e5f61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4b:05:b8:f3:31:0a:5d:7b:62:34:90:fb:5c:
ba:d5:6c:71:ed:93:64:32:2c:95:3a:0f:db:62:c0:
07:1f:8d:d3:32:04:88:2f:43:f8:8b:2e:c6:84:bd:
22:3e:82:67:f3:2c:d6:9a:80:9f:e7:05:d3:76:7f:
ab:e4:34:5b:d5:74:e4:fd:a5:64:27:8c:07:e3:5c:
02:27:35:e1:78:2e:77:23:b3:4e:04:78:58:23:4b:
62:5b:d6:ea:d2:6b:92:e8:94:1e:6c:1d:24:a2:31:
00:de:0a:36:22:a4:d4:34:86:ef:f4:ad:98:30:51:
aa:bc:9e:f0:5f:c6:81:ef:8b:5e:74:f5:cc:82:3a:
1c:99:27:5f:c7:6f:92:3d:80:54:21:c7:bd:be:36:
2a:db:22:f7:01:87:4c:33:11:83:97:6a:83:ce:67:
c8:80:35:77:8d:de:73:86:c8:94:5f:6b:42:b4:f3:
2a:63:ee:c7:7a:7a:98:35:64:25:29:76:07:02:c9:
6e:7f:02:59:4a:b0:e1:7d:c1:79:b4:c0:45:16:73:
97:02:de:38:fb:7a:af:31:20:44:25:70:9d:41:d9:
8a:62:9d:51:8b:5f:01:89:8f:28:bb:41:1c:6f:dc:
54:94:94:71:ca:90:50:fc:6f:94:93:5b:88:79:8d:
46:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:46:38:B7:E6:CF:7B:A6:ED:01:1E:F0:BF:75:09:5B:05:3E:5F:61
X509v3 Authority Key Identifier:
keyid:24:A9:D8:4C:6D:16:C0:83:09:3C:33:71:B4:57:5D:36:EF:44:8F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/sEY4t-bPe6btAR7wv3UJWwU-X2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.152.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:94:92:d3:31:a2:95:ea:41:31:3b:bf:97:59:7c:01:30:f4:
f7:b2:e1:1f:88:b8:38:b3:10:20:35:40:05:05:45:c4:27:f8:
9e:4f:72:6d:40:b6:23:3f:fb:c5:28:78:54:4c:fa:6a:15:3d:
40:be:40:d3:11:cd:3e:6a:fa:68:2f:b2:c1:05:a1:99:6a:c5:
10:6c:3f:0d:7b:35:02:19:80:1d:84:f0:62:18:8f:9f:99:71:
b8:23:8e:92:f0:71:84:60:0b:95:73:71:74:f8:80:2f:2b:84:
3d:d6:68:f3:bb:c0:15:50:33:10:05:75:c5:39:74:24:ae:28:
b6:a1:4a:c6:5f:c1:c8:5a:d9:c0:67:e6:2e:39:2e:67:61:98:
1e:b6:50:bf:47:ed:a4:c4:9a:94:a4:dc:c2:a8:bf:96:5d:7f:
6d:ae:c6:46:b7:b4:77:e5:9e:fc:f3:d2:92:ba:b3:1d:e0:41:
1c:36:57:da:9d:6c:ae:f4:73:c3:88:96:63:0c:aa:ac:a6:c2:
23:38:a4:5d:b0:d2:ac:53:63:1f:1f:38:32:14:fe:9c:0b:02:
4f:f2:ca:3d:93:c5:73:17:6c:da:17:48:28:a3:93:6d:39:bc:
c6:e9:29:64:03:ed:3e:4e:53:c3:80:29:88:a0:25:63:65:af:
bc:46:e3:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH+jwFdPLWbnUcc9OBJwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YTlkODRjNmQxNmMwODMwOTNjMzM3MWI0NTc1ZDM2ZWY0
NDhmZTQwHhcNMjUwMTAxMTM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDQ2MzhiN2U2Y2Y3YmE2ZWQwMTFlZjBiZjc1MDk1YjA1M2U1ZjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEsFuPMxCl17YjSQ+1y61Wxx7ZNk
MiyVOg/bYsAHH43TMgSIL0P4iy7GhL0iPoJn8yzWmoCf5wXTdn+r5DRb1XTk/aVk
J4wH41wCJzXheC53I7NOBHhYI0tiW9bq0muS6JQebB0kojEA3go2IqTUNIbv9K2Y
MFGqvJ7wX8aB74tedPXMgjocmSdfx2+SPYBUIce9vjYq2yL3AYdMMxGDl2qDzmfI
gDV3jd5zhsiUX2tCtPMqY+7HenqYNWQlKXYHAslufwJZSrDhfcF5tMBFFnOXAt44
+3qvMSBEJXCdQdmKYp1Ri18BiY8ou0Ecb9xUlJRxypBQ/G+Uk1uIeY1GlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLBGOLfmz3um7QEe8L91CVsFPl9hMB8GA1UdIwQY
MBaAFCSp2ExtFsCDCTwzcbRXXTbvRI/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8wNWNhMWQtYzM1Ny00OGJjLTk2MDkt
NDVhNTM0ZjIyMmY0LzEvc0VZNHQtYlBlNmJ0QVI3d3YzVUpXd1UtWDJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8wNWNhMWQtYzM1Ny00OGJjLTk2MDktNDVhNTM0ZjIyMmY0
LzEvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpyYMA0G
CSqGSIb3DQEBCwUAA4IBAQB9lJLTMaKV6kExO7+XWXwBMPT3suEfiLg4sxAgNUAF
BUXEJ/ieT3JtQLYjP/vFKHhUTPpqFT1AvkDTEc0+avpoL7LBBaGZasUQbD8NezUC
GYAdhPBiGI+fmXG4I46S8HGEYAuVc3F0+IAvK4Q91mjzu8AVUDMQBXXFOXQkrii2
oUrGX8HIWtnAZ+YuOS5nYZgetlC/R+2kxJqUpNzCqL+WXX9trsZGt7R35Z7889KS
urMd4EEcNlfanWyu9HPDiJZjDKqspsIjOKRdsNKsU2MfHzgyFP6cCwJP8so9k8Vz
F2zaF0goo5NtObzG6SlkA+0+TlPDgCmIoCVjZa+8RuPn
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:32:01 2025 by rpki-client