Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/2603bd-815c-4fb0-9b9c-553458c90899/1/aC3k6Pc-VbYaZAExCYMf-r0FJik.roa
File: aC3k6Pc-VbYaZAExCYMf-r0FJik.roa (raw, json)
Hash identifier: sjHut+jtNlmiU2BIEntfi+uVsFkRaMGa8qqarc0jF00=
Subject key identifier: 68:2D:E4:E8:F7:3E:55:B6:1A:64:01:31:09:83:1F:FA:BD:05:26:29
Certificate issuer: /CN=5b96221da85f6c8a80703576683ad2c393f23bcc
Certificate serial: 0194282638D07AE8EE34BF9955426BD0D27C
Authority key identifier: 5B:96:22:1D:A8:5F:6C:8A:80:70:35:76:68:3A:D2:C3:93:F2:3B:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W5YiHahfbIqAcDV2aDrSw5PyO8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/2603bd-815c-4fb0-9b9c-553458c90899/1/aC3k6Pc-VbYaZAExCYMf-r0FJik.roa
Signing time: Thu 02 Jan 2025 17:53:01 +0000
ROA not before: Thu 02 Jan 2025 17:53:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49223
IP address blocks: 194.32.136.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:38:d0:7a:e8:ee:34:bf:99:55:42:6b:d0:d2:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b96221da85f6c8a80703576683ad2c393f23bcc
Validity
Not Before: Jan 2 17:53:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=682de4e8f73e55b61a64013109831ffabd052629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:17:83:78:0b:a5:77:5e:95:d3:07:6f:92:a5:
a1:78:ca:eb:71:a7:c2:0c:a3:70:ab:9b:09:d8:5c:
52:26:e4:57:6b:fb:2a:da:3e:66:37:5b:a4:7a:81:
13:2d:ee:30:70:bf:99:67:36:27:69:06:8c:13:87:
89:e4:f4:82:51:3c:cb:22:37:c1:9b:b0:87:ef:24:
21:b7:47:86:09:0e:ec:23:0d:15:5d:83:c2:24:57:
7d:3d:55:d9:48:e3:27:dc:c5:21:e2:f1:cf:82:71:
93:cc:fe:f2:01:53:2a:f1:d8:88:36:72:0c:3f:b5:
6d:6f:79:be:38:cf:96:d0:c5:9f:3c:17:01:b3:63:
22:a6:8e:00:0c:af:f5:a2:69:01:70:1b:65:fe:94:
28:35:ec:7b:ee:90:15:35:14:28:b3:eb:0b:ee:c0:
36:7c:55:25:a8:a8:b4:c5:3d:48:a0:30:39:ba:a2:
20:ce:1d:16:da:ae:ad:27:bf:95:20:50:c4:19:6e:
21:68:8b:a5:b5:43:78:c9:7a:29:ee:9d:27:11:5a:
60:6f:5c:2d:9d:7d:32:3d:ed:95:7c:0c:ff:fc:3e:
06:b2:7c:ca:56:11:e3:94:17:b5:bb:ed:56:37:08:
74:0f:5b:24:9e:7b:37:86:a1:7d:ec:4a:d6:ba:62:
ed:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:2D:E4:E8:F7:3E:55:B6:1A:64:01:31:09:83:1F:FA:BD:05:26:29
X509v3 Authority Key Identifier:
keyid:5B:96:22:1D:A8:5F:6C:8A:80:70:35:76:68:3A:D2:C3:93:F2:3B:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W5YiHahfbIqAcDV2aDrSw5PyO8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/2603bd-815c-4fb0-9b9c-553458c90899/1/aC3k6Pc-VbYaZAExCYMf-r0FJik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/2603bd-815c-4fb0-9b9c-553458c90899/1/W5YiHahfbIqAcDV2aDrSw5PyO8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.136.0/22
Signature Algorithm: sha256WithRSAEncryption
22:01:a0:fa:34:d6:0c:1b:0b:ea:91:16:13:aa:6a:cd:b5:b1:
8a:b6:8a:8a:7f:e8:14:5e:c0:1a:fe:c9:5e:db:e9:4b:07:2d:
3e:ce:5a:3d:4a:78:a9:2c:2b:b9:1e:54:44:ff:39:71:20:33:
35:53:20:cd:35:9d:47:46:17:f0:6b:35:5b:e1:1e:13:b2:8d:
69:2b:62:e3:dc:40:18:eb:a7:12:ea:80:25:ec:93:60:27:c2:
2e:4a:9c:d1:8e:e8:a4:32:de:ca:ce:a5:01:7c:48:40:de:31:
c8:8f:d7:c4:84:37:0b:2e:6e:e1:98:d3:2b:83:7f:22:3d:d2:
d8:8d:ba:40:7b:d8:41:ef:1a:bf:c9:65:30:74:ba:3a:c5:53:
94:24:c0:ba:86:c7:73:da:56:7a:36:5d:36:b2:50:6c:71:79:
54:6b:88:ff:e4:f9:b9:84:0f:db:95:fd:cc:9f:a1:e3:17:27:
83:c0:96:5e:f5:fa:15:f4:89:2a:8f:b6:c3:74:28:af:23:e7:
44:cc:f1:95:79:85:e5:30:62:93:0e:40:38:dc:09:56:22:bc:
cf:59:65:ee:f1:5b:e4:18:79:87:34:ea:7a:be:8a:97:53:20:
85:64:6d:79:f4:14:63:c4:c9:27:fb:09:a5:e2:0b:f6:a8:1a:
1c:28:24:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJjjQeujuNL+ZVUJr0NJ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViOTYyMjFkYTg1ZjZjOGE4MDcwMzU3NjY4M2FkMmMzOTNm
MjNiY2MwHhcNMjUwMTAyMTc1MzAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODJkZTRlOGY3M2U1NWI2MWE2NDAxMzEwOTgzMWZmYWJkMDUyNjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyReDeAuld16V0wdvkqWheMrrcafC
DKNwq5sJ2FxSJuRXa/sq2j5mN1ukeoETLe4wcL+ZZzYnaQaME4eJ5PSCUTzLIjfB
m7CH7yQht0eGCQ7sIw0VXYPCJFd9PVXZSOMn3MUh4vHPgnGTzP7yAVMq8diINnIM
P7Vtb3m+OM+W0MWfPBcBs2Mipo4ADK/1omkBcBtl/pQoNex77pAVNRQos+sL7sA2
fFUlqKi0xT1IoDA5uqIgzh0W2q6tJ7+VIFDEGW4haIultUN4yXop7p0nEVpgb1wt
nX0yPe2VfAz//D4GsnzKVhHjlBe1u+1WNwh0D1sknns3hqF97ErWumLttQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGgt5Oj3PlW2GmQBMQmDH/q9BSYpMB8GA1UdIwQY
MBaAFFuWIh2oX2yKgHA1dmg60sOT8jvMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzVZaUhhaGZiSXFBY0RWMmFEclN3NVB5Tzh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8yNjAzYmQtODE1Yy00ZmIwLTliOWMt
NTUzNDU4YzkwODk5LzEvYUMzazZQYy1WYllhWkFFeENZTWYtcjBGSmlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8yNjAzYmQtODE1Yy00ZmIwLTliOWMtNTUzNDU4YzkwODk5
LzEvVzVZaUhhaGZiSXFBY0RWMmFEclN3NVB5Tzh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiCIMA0G
CSqGSIb3DQEBCwUAA4IBAQAiAaD6NNYMGwvqkRYTqmrNtbGKtoqKf+gUXsAa/sle
2+lLBy0+zlo9SnipLCu5HlRE/zlxIDM1UyDNNZ1HRhfwazVb4R4Tso1pK2Lj3EAY
66cS6oAl7JNgJ8IuSpzRjuikMt7KzqUBfEhA3jHIj9fEhDcLLm7hmNMrg38iPdLY
jbpAe9hB7xq/yWUwdLo6xVOUJMC6hsdz2lZ6Nl02slBscXlUa4j/5Pm5hA/blf3M
n6HjFyeDwJZe9foV9Ikqj7bDdCivI+dEzPGVeYXlMGKTDkA43AlWIrzPWWXu8Vvk
GHmHNOp6voqXUyCFZG159BRjxMkn+wml4gv2qBocKCT2
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:59:59 2025 by rpki-client