Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/70e678-8495-46ae-96d7-29c5176902c6/1/J2gFJxTXec_tCl5fYmT5ueu90dA.roa
File: J2gFJxTXec_tCl5fYmT5ueu90dA.roa (raw, json)
Hash identifier: eqh0jr48WZnOgc9VcsakSv2fxPv1f923UQBSwi0u554=
Subject key identifier: 27:68:05:27:14:D7:79:CF:ED:0A:5E:5F:62:64:F9:B9:EB:BD:D1:D0
Certificate issuer: /CN=8ae4b93feb71dde2823b70c7dbb79e0f99b56c1b
Certificate serial: 01942068727F8272C6F12AB4706C9556C2D9
Authority key identifier: 8A:E4:B9:3F:EB:71:DD:E2:82:3B:70:C7:DB:B7:9E:0F:99:B5:6C:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iuS5P-tx3eKCO3DH27eeD5m1bBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/70e678-8495-46ae-96d7-29c5176902c6/1/J2gFJxTXec_tCl5fYmT5ueu90dA.roa
Signing time: Wed 01 Jan 2025 05:48:23 +0000
ROA not before: Wed 01 Jan 2025 05:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199162
IP address blocks: 194.180.6.0/23 maxlen: 23
194.180.6.0/24 maxlen: 24
194.180.7.0/24 maxlen: 24
2a13:da80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:72:7f:82:72:c6:f1:2a:b4:70:6c:95:56:c2:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ae4b93feb71dde2823b70c7dbb79e0f99b56c1b
Validity
Not Before: Jan 1 05:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2768052714d779cfed0a5e5f6264f9b9ebbdd1d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:e2:1d:6e:c9:1d:ef:1b:92:78:eb:31:ae:30:
b0:5e:d5:5a:2f:58:8a:b5:14:f7:9c:09:c5:31:74:
43:c2:16:d7:85:e8:db:c5:c7:a3:c7:74:0b:55:0a:
ee:42:7f:f1:2a:ee:9d:62:0a:28:7f:29:2d:7a:fb:
63:44:f5:78:96:19:b1:7f:79:19:d1:bc:72:52:ed:
ed:ed:bc:fa:42:ea:79:29:31:26:f3:04:f3:ad:b6:
a0:8a:f8:94:09:fa:4e:6f:57:36:6a:15:99:7a:cc:
c8:16:75:ee:d7:f4:1f:27:1f:a6:9d:1f:f2:8b:a3:
2c:02:61:86:d9:15:b3:01:92:f2:3c:88:77:f3:cc:
85:f6:0e:31:de:51:31:08:b4:ed:0a:34:3d:44:f4:
c8:4a:5e:fa:89:66:e1:cb:28:dc:a1:93:78:f3:c8:
97:70:50:94:86:d8:b8:7a:b3:57:e2:c7:eb:cb:1c:
cb:b5:8f:ec:22:6c:ab:a9:a8:b5:5c:26:61:fd:ab:
73:7d:a8:42:3d:f1:f8:4e:a0:28:95:52:0d:93:df:
93:ab:77:cc:ab:37:1a:1a:d7:cc:32:ff:2f:84:c3:
f7:85:a4:63:4c:6a:eb:2e:c4:3c:bc:05:d1:88:80:
a6:22:c7:db:6e:8d:95:94:ff:fa:28:7c:44:04:2d:
f5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:68:05:27:14:D7:79:CF:ED:0A:5E:5F:62:64:F9:B9:EB:BD:D1:D0
X509v3 Authority Key Identifier:
keyid:8A:E4:B9:3F:EB:71:DD:E2:82:3B:70:C7:DB:B7:9E:0F:99:B5:6C:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iuS5P-tx3eKCO3DH27eeD5m1bBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/70e678-8495-46ae-96d7-29c5176902c6/1/J2gFJxTXec_tCl5fYmT5ueu90dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/70e678-8495-46ae-96d7-29c5176902c6/1/iuS5P-tx3eKCO3DH27eeD5m1bBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.6.0/23
IPv6:
2a13:da80::/29
Signature Algorithm: sha256WithRSAEncryption
15:f0:3b:15:13:a8:ba:f2:89:c6:92:d7:9e:3a:28:8c:d7:3d:
84:a1:f5:d8:1c:30:bd:32:df:c0:6f:94:32:cf:5c:3d:1d:a9:
54:9d:0d:4b:94:59:2f:af:a7:4f:04:41:07:24:0a:57:9d:a1:
71:a5:19:27:b9:90:4b:90:b4:5a:d5:4d:ea:72:ab:1a:ae:52:
59:0b:2d:e8:af:89:54:93:1c:f3:13:44:f7:3f:11:63:7f:f8:
4c:c7:c5:49:39:9b:9a:86:ce:f3:44:a3:20:55:a0:9f:fc:f4:
c4:fa:e7:f4:f0:9d:06:aa:fa:60:b4:c3:e3:22:25:5e:95:89:
ac:7f:cf:55:9a:15:57:88:45:94:ec:84:44:66:95:f2:b9:60:
2a:93:c2:70:f0:56:e3:64:11:62:d9:6c:a5:2b:90:93:02:f6:
c3:35:4d:fe:e0:24:17:64:1b:29:44:6c:8e:f3:fb:05:dd:d4:
60:41:90:d0:9f:d7:91:23:a5:ca:0a:f9:9f:26:4d:bf:96:a9:
b8:75:a4:8c:be:ce:5c:2b:3c:b0:01:f1:f2:e0:56:a6:50:78:
c8:b6:83:87:10:19:36:11:d1:6e:d3:62:15:3e:34:71:6e:1d:
ae:d0:71:8e:d8:c9:24:f8:9b:48:40:8b:62:9a:27:4e:66:57:
93:2f:a3:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaHJ/gnLG8Sq0cGyVVsLZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZTRiOTNmZWI3MWRkZTI4MjNiNzBjN2RiYjc5ZTBmOTli
NTZjMWIwHhcNMjUwMTAxMDU0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzY4MDUyNzE0ZDc3OWNmZWQwYTVlNWY2MjY0ZjliOWViYmRkMWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9uIdbskd7xuSeOsxrjCwXtVaL1iK
tRT3nAnFMXRDwhbXhejbxcejx3QLVQruQn/xKu6dYgoofyktevtjRPV4lhmxf3kZ
0bxyUu3t7bz6Qup5KTEm8wTzrbagiviUCfpOb1c2ahWZeszIFnXu1/QfJx+mnR/y
i6MsAmGG2RWzAZLyPIh388yF9g4x3lExCLTtCjQ9RPTISl76iWbhyyjcoZN488iX
cFCUhti4erNX4sfryxzLtY/sImyrqai1XCZh/atzfahCPfH4TqAolVINk9+Tq3fM
qzcaGtfMMv8vhMP3haRjTGrrLsQ8vAXRiICmIsfbbo2VlP/6KHxEBC31pQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCdoBScU13nP7QpeX2Jk+bnrvdHQMB8GA1UdIwQY
MBaAFIrkuT/rcd3igjtwx9u3ng+ZtWwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXVTNVAtdHgzZUtDTzNESDI3ZWVENW0xYkJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC83MGU2NzgtODQ5NS00NmFlLTk2ZDct
MjljNTE3NjkwMmM2LzEvSjJnRkp4VFhlY190Q2w1ZlltVDV1ZXU5MGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC83MGU2NzgtODQ5NS00NmFlLTk2ZDctMjljNTE3NjkwMmM2
LzEvaXVTNVAtdHgzZUtDTzNESDI3ZWVENW0xYkJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwrQGMA0E
AgACMAcDBQMqE9qAMA0GCSqGSIb3DQEBCwUAA4IBAQAV8DsVE6i68onGkteeOiiM
1z2EofXYHDC9Mt/Ab5Qyz1w9HalUnQ1LlFkvr6dPBEEHJApXnaFxpRknuZBLkLRa
1U3qcqsarlJZCy3or4lUkxzzE0T3PxFjf/hMx8VJOZuahs7zRKMgVaCf/PTE+uf0
8J0GqvpgtMPjIiVelYmsf89VmhVXiEWU7IREZpXyuWAqk8Jw8FbjZBFi2WylK5CT
AvbDNU3+4CQXZBspRGyO8/sF3dRgQZDQn9eRI6XKCvmfJk2/lqm4daSMvs5cKzyw
AfHy4FamUHjItoOHEBk2EdFu02IVPjRxbh2u0HGO2Mkk+JtIQItimidOZleTL6O9
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:32 2025 by rpki-client