Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/611c7f-b125-4712-9ef7-3c7987c42c16/1/41AytB41hodYM5wYhqpxuiF8N9s.roa
File: 41AytB41hodYM5wYhqpxuiF8N9s.roa (raw, json)
Hash identifier: OnxInRURjXFa44Bu3c4RrKsYyRXWI0CzeYkFHBMxcR8=
Subject key identifier: E3:50:32:B4:1E:35:86:87:58:33:9C:18:86:AA:71:BA:21:7C:37:DB
Certificate issuer: /CN=bdff3d96e8aa141d22c4242aeff78af71ef8b244
Certificate serial: 01941FFA5D522AA1A0181811CE048367C276
Authority key identifier: BD:FF:3D:96:E8:AA:14:1D:22:C4:24:2A:EF:F7:8A:F7:1E:F8:B2:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vf89luiqFB0ixCQq7_eK9x74skQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/611c7f-b125-4712-9ef7-3c7987c42c16/1/41AytB41hodYM5wYhqpxuiF8N9s.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12843
IP address blocks: 194.59.18.0/23 maxlen: 23
194.59.20.0/22 maxlen: 22
2001:67c:12f0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5d:52:2a:a1:a0:18:18:11:ce:04:83:67:c2:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdff3d96e8aa141d22c4242aeff78af71ef8b244
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e35032b41e35868758339c1886aa71ba217c37db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:69:4c:eb:e3:b5:08:e5:02:a4:30:17:9a:b4:
6d:71:35:b3:50:a2:bb:e9:ec:0a:5a:ca:11:b1:7f:
35:1a:cc:50:94:e6:0c:ba:3f:70:e3:3b:75:a0:9d:
83:6a:f6:fc:86:42:b1:b6:dc:01:f8:9d:79:ac:3d:
a3:2f:07:54:eb:58:b6:cf:6d:f9:24:7d:46:84:0f:
29:14:6e:2d:ed:66:56:9a:9e:d1:01:2c:c7:b6:ea:
04:0a:3f:9e:28:d1:44:7e:48:7b:9b:e8:dd:fb:5b:
9d:38:ba:ec:89:ee:1d:59:ab:c0:97:20:d6:21:88:
30:e5:31:89:14:87:6d:4a:a6:71:17:28:be:88:61:
ad:19:08:fe:78:dc:90:7c:20:6a:fe:e2:79:38:1e:
97:06:6e:40:eb:24:09:95:e8:ad:57:f6:d4:d6:c8:
74:c4:7e:21:88:fe:be:00:4a:3f:26:3f:1f:a1:22:
0c:37:4b:35:e4:55:cf:78:f9:15:46:d9:16:f7:b2:
97:42:24:1b:e7:6a:02:86:b1:bc:3c:25:77:90:4d:
2d:7a:bf:61:3d:a6:92:f4:37:b3:10:b1:3d:33:d5:
55:74:a4:d4:cd:12:d2:ec:02:4f:4e:a2:49:10:97:
d1:86:e2:4f:7a:8f:08:a9:98:d4:1d:e0:b5:2f:f4:
fe:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:50:32:B4:1E:35:86:87:58:33:9C:18:86:AA:71:BA:21:7C:37:DB
X509v3 Authority Key Identifier:
keyid:BD:FF:3D:96:E8:AA:14:1D:22:C4:24:2A:EF:F7:8A:F7:1E:F8:B2:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vf89luiqFB0ixCQq7_eK9x74skQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/611c7f-b125-4712-9ef7-3c7987c42c16/1/41AytB41hodYM5wYhqpxuiF8N9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/611c7f-b125-4712-9ef7-3c7987c42c16/1/vf89luiqFB0ixCQq7_eK9x74skQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.18.0-194.59.23.255
IPv6:
2001:67c:12f0::/48
Signature Algorithm: sha256WithRSAEncryption
91:07:c4:17:cb:ac:16:1c:63:de:3e:6b:b9:28:2c:f3:a6:12:
79:d5:a6:a3:88:64:0e:c1:3b:9c:cf:30:fb:6c:c1:c5:0d:7f:
aa:52:cd:63:3b:d9:05:c1:9a:2e:a8:5f:35:31:b1:89:03:68:
d5:4f:e4:fe:6d:15:e5:db:fe:c0:47:b3:36:f7:9d:86:c3:2b:
74:db:b9:5d:4f:40:ce:c6:6b:83:a0:a8:c0:a6:75:92:0f:f2:
78:e2:6c:ee:4e:b9:61:72:39:89:c9:99:a7:ca:a2:f0:de:3c:
82:11:0c:5d:4b:27:2d:a7:6c:c8:17:64:bd:5e:b0:55:cf:e5:
50:64:e9:24:31:ea:ab:58:83:17:e7:2b:65:e6:2f:77:76:97:
69:19:21:80:da:64:c4:a6:54:4a:9d:30:e0:c7:73:9d:19:9b:
a5:6e:de:87:58:22:9d:1f:72:7a:59:b5:52:9e:9e:44:31:98:
54:99:b2:94:d6:32:04:55:c9:c8:a9:fb:65:ba:50:15:11:c2:
bb:c0:2f:71:85:07:c8:1e:d4:c4:12:9a:63:67:4b:fe:21:74:
ab:70:b0:f9:16:25:30:55:bc:21:c3:9d:f4:b1:f2:6d:15:87:
94:a2:c8:b4:20:37:a7:64:33:67:76:59:a5:6a:1f:ff:e5:b6:
c8:74:a2:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQf+l1SKqGgGBgRzgSDZ8J2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmYzZDk2ZThhYTE0MWQyMmM0MjQyYWVmZjc4YWY3MWVm
OGIyNDQwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzUwMzJiNDFlMzU4Njg3NTgzMzljMTg4NmFhNzFiYTIxN2MzN2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGlM6+O1COUCpDAXmrRtcTWzUKK7
6ewKWsoRsX81GsxQlOYMuj9w4zt1oJ2Davb8hkKxttwB+J15rD2jLwdU61i2z235
JH1GhA8pFG4t7WZWmp7RASzHtuoECj+eKNFEfkh7m+jd+1udOLrsie4dWavAlyDW
IYgw5TGJFIdtSqZxFyi+iGGtGQj+eNyQfCBq/uJ5OB6XBm5A6yQJleitV/bU1sh0
xH4hiP6+AEo/Jj8foSIMN0s15FXPePkVRtkW97KXQiQb52oChrG8PCV3kE0ter9h
PaaS9DezELE9M9VVdKTUzRLS7AJPTqJJEJfRhuJPeo8IqZjUHeC1L/T+zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFONQMrQeNYaHWDOcGIaqcbohfDfbMB8GA1UdIwQY
MBaAFL3/PZboqhQdIsQkKu/3ivce+LJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmY4OWx1aXFGQjBpeENRcTdfZUs5eDc0c2tRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82MTFjN2YtYjEyNS00NzEyLTllZjct
M2M3OTg3YzQyYzE2LzEvNDFBeXRCNDFob2RZTTV3WWhxcHh1aUY4TjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82MTFjN2YtYjEyNS00NzEyLTllZjctM2M3OTg3YzQyYzE2
LzEvdmY4OWx1aXFGQjBpeENRcTdfZUs5eDc0c2tRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAHCOxID
BAPCOxAwDwQCAAIwCQMHACABBnwS8DANBgkqhkiG9w0BAQsFAAOCAQEAkQfEF8us
Fhxj3j5ruSgs86YSedWmo4hkDsE7nM8w+2zBxQ1/qlLNYzvZBcGaLqhfNTGxiQNo
1U/k/m0V5dv+wEezNvedhsMrdNu5XU9AzsZrg6CowKZ1kg/yeOJs7k65YXI5icmZ
p8qi8N48ghEMXUsnLadsyBdkvV6wVc/lUGTpJDHqq1iDF+crZeYvd3aXaRkhgNpk
xKZUSp0w4MdznRmbpW7eh1ginR9yelm1Up6eRDGYVJmylNYyBFXJyKn7ZbpQFRHC
u8AvcYUHyB7UxBKaY2dL/iF0q3Cw+RYlMFW8IcOd9LHybRWHlKLItCA3p2QzZ3ZZ
pWof/+W2yHSiqQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:23:16 2025 by rpki-client