Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/vY6-PZtgV1pXAS2FXL2hIb4TwXc.roa
File: vY6-PZtgV1pXAS2FXL2hIb4TwXc.roa (raw, json)
Hash identifier: jw/NcQ3xtodg7LuogHRIHUBjgep3SFnUF4bVow6tSsU=
Subject key identifier: BD:8E:BE:3D:9B:60:57:5A:57:01:2D:85:5C:BD:A1:21:BE:13:C1:77
Certificate issuer: /CN=406f014a2bc76ae04e6d304d06aacbfc8e85d514
Certificate serial: 019421B22FD2938D961779A58247074DDF50
Authority key identifier: 40:6F:01:4A:2B:C7:6A:E0:4E:6D:30:4D:06:AA:CB:FC:8E:85:D5:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/vY6-PZtgV1pXAS2FXL2hIb4TwXc.roa
Signing time: Wed 01 Jan 2025 11:48:33 +0000
ROA not before: Wed 01 Jan 2025 11:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41540
IP address blocks: 194.246.120.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:2f:d2:93:8d:96:17:79:a5:82:47:07:4d:df:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406f014a2bc76ae04e6d304d06aacbfc8e85d514
Validity
Not Before: Jan 1 11:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd8ebe3d9b60575a57012d855cbda121be13c177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:31:5e:e3:16:f0:8e:b3:af:d0:ff:3f:ca:fb:
6a:65:89:2a:d9:21:d6:d8:88:e0:0f:a3:d7:b4:10:
7f:84:2d:e0:26:44:01:b7:a2:c4:f7:59:36:ac:78:
55:1b:24:c9:09:89:f1:ca:1a:7d:4f:f6:2e:47:ee:
d7:f4:af:15:41:33:a0:14:92:e3:f9:8d:bf:5a:1f:
5a:04:11:60:2f:06:3d:9f:d0:fe:30:85:b7:fa:b8:
6b:85:93:fe:06:0e:03:e2:3d:23:6b:df:91:78:d8:
f3:b5:c1:d3:25:fb:b3:0b:a3:43:91:87:01:74:09:
b2:67:18:1c:98:0b:84:6f:ec:cb:79:d8:b6:3b:c5:
42:09:15:5f:be:10:03:f6:28:85:ce:05:f9:e3:4e:
a3:93:c0:f0:14:df:04:22:9c:0b:73:30:49:77:39:
32:9e:a3:d7:bd:cc:ff:92:ce:65:dd:37:6a:d8:b7:
1f:82:46:6f:21:30:83:ab:79:dd:c2:4a:bb:fb:13:
4b:23:7b:b1:50:37:36:13:f3:95:8f:c2:ff:90:63:
ee:1c:2a:5f:c3:05:99:f2:ef:11:fa:84:17:86:02:
66:fe:2b:f4:91:6b:82:75:23:02:da:71:f1:ee:be:
7b:d0:81:ed:f6:3e:68:b1:0b:b0:e3:0c:3a:25:58:
50:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:8E:BE:3D:9B:60:57:5A:57:01:2D:85:5C:BD:A1:21:BE:13:C1:77
X509v3 Authority Key Identifier:
keyid:40:6F:01:4A:2B:C7:6A:E0:4E:6D:30:4D:06:AA:CB:FC:8E:85:D5:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/vY6-PZtgV1pXAS2FXL2hIb4TwXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/QG8BSivHauBObTBNBqrL_I6F1RQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.120.0/24
Signature Algorithm: sha256WithRSAEncryption
46:5a:4b:96:90:0d:96:c3:a7:0a:68:0d:5a:5f:f0:e5:de:9c:
72:a4:06:49:31:8d:03:3d:3e:3e:71:cf:7d:15:e8:0c:93:51:
56:0d:66:e2:aa:b6:f5:42:d2:14:43:25:62:8b:04:d8:8d:dd:
9b:7d:7a:b0:b9:08:02:3f:a6:b1:a5:49:40:a1:1c:14:16:80:
53:2a:98:1c:96:a8:3f:1e:e3:c0:4f:0f:e9:af:f5:f5:e2:22:
12:aa:59:87:d9:0e:43:a6:d0:d1:0a:c0:8b:8c:35:19:d9:3e:
29:15:2a:85:e2:4c:98:af:a8:af:69:17:78:55:7c:22:ad:b3:
41:b6:4b:9c:a8:ea:13:1f:ad:a2:b7:07:a5:ec:36:8e:11:ff:
27:eb:28:e3:79:61:c0:39:8a:2a:44:3b:70:3c:34:1d:90:f5:
76:6b:02:20:45:2d:4e:d3:f0:2f:32:1d:d3:23:4b:0d:85:6e:
80:88:b0:13:f6:74:5c:3e:f4:7d:fa:b4:ce:8d:a4:4f:51:b1:
05:b5:59:66:4e:ca:5f:96:06:89:f1:4c:40:a4:b1:23:56:9e:
f5:1c:0c:e7:59:93:57:03:04:b1:1a:de:2c:66:11:af:0a:2d:
89:f9:45:da:f2:3d:9a:13:4b:e9:a7:d1:21:fd:f5:9f:02:5c:
f4:46:3d:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsi/Sk42WF3mlgkcHTd9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNmYwMTRhMmJjNzZhZTA0ZTZkMzA0ZDA2YWFjYmZjOGU4
NWQ1MTQwHhcNMjUwMTAxMTE0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDhlYmUzZDliNjA1NzVhNTcwMTJkODU1Y2JkYTEyMWJlMTNjMTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDFe4xbwjrOv0P8/yvtqZYkq2SHW
2IjgD6PXtBB/hC3gJkQBt6LE91k2rHhVGyTJCYnxyhp9T/YuR+7X9K8VQTOgFJLj
+Y2/Wh9aBBFgLwY9n9D+MIW3+rhrhZP+Bg4D4j0ja9+ReNjztcHTJfuzC6NDkYcB
dAmyZxgcmAuEb+zLedi2O8VCCRVfvhAD9iiFzgX5406jk8DwFN8EIpwLczBJdzky
nqPXvcz/ks5l3Tdq2LcfgkZvITCDq3ndwkq7+xNLI3uxUDc2E/OVj8L/kGPuHCpf
wwWZ8u8R+oQXhgJm/iv0kWuCdSMC2nHx7r570IHt9j5osQuw4ww6JVhQ7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL2Ovj2bYFdaVwEthVy9oSG+E8F3MB8GA1UdIwQY
MBaAFEBvAUorx2rgTm0wTQaqy/yOhdUUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUc4QlNpdkhhdUJPYlRCTkJxckxfSTZGMVJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjNjYWEtMzEzZS00NjgzLTg0ZGIt
OWVlNWE3OGVjNTdiLzEvdlk2LVBadGdWMXBYQVMyRlhMMmhJYjRUd1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjNjYWEtMzEzZS00NjgzLTg0ZGItOWVlNWE3OGVjNTdi
LzEvUUc4QlNpdkhhdUJPYlRCTkJxckxfSTZGMVJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwvZ4MA0G
CSqGSIb3DQEBCwUAA4IBAQBGWkuWkA2Ww6cKaA1aX/Dl3pxypAZJMY0DPT4+cc99
FegMk1FWDWbiqrb1QtIUQyViiwTYjd2bfXqwuQgCP6axpUlAoRwUFoBTKpgclqg/
HuPATw/pr/X14iISqlmH2Q5DptDRCsCLjDUZ2T4pFSqF4kyYr6ivaRd4VXwirbNB
tkucqOoTH62itwel7DaOEf8n6yjjeWHAOYoqRDtwPDQdkPV2awIgRS1O0/AvMh3T
I0sNhW6AiLAT9nRcPvR9+rTOjaRPUbEFtVlmTspflgaJ8UxApLEjVp71HAznWZNX
AwSxGt4sZhGvCi2J+UXa8j2aE0vpp9Eh/fWfAlz0Rj2r
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:46:03 2025 by rpki-client