Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/c4210e-90de-4eca-8206-5537d85d2bd0/1/3AKmduEBocJ2JnN0jXYWS-8GbOY.roa
File: 3AKmduEBocJ2JnN0jXYWS-8GbOY.roa (raw, json)
Hash identifier: iBJD1wTxS+O8/2QNKHhH8F14y6hfViRbWeFBsKe3/pI=
Subject key identifier: DC:02:A6:76:E1:01:A1:C2:76:26:73:74:8D:76:16:4B:EF:06:6C:E6
Certificate issuer: /CN=a0bb1718963ddd9128b76fd3d8213a1565ef856d
Certificate serial: 0194282661EA300A75A1DD3C8D34520406AD
Authority key identifier: A0:BB:17:18:96:3D:DD:91:28:B7:6F:D3:D8:21:3A:15:65:EF:85:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oLsXGJY93ZEot2_T2CE6FWXvhW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/c4210e-90de-4eca-8206-5537d85d2bd0/1/3AKmduEBocJ2JnN0jXYWS-8GbOY.roa
Signing time: Thu 02 Jan 2025 17:53:11 +0000
ROA not before: Thu 02 Jan 2025 17:53:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58131
IP address blocks: 194.8.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:61:ea:30:0a:75:a1:dd:3c:8d:34:52:04:06:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0bb1718963ddd9128b76fd3d8213a1565ef856d
Validity
Not Before: Jan 2 17:53:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc02a676e101a1c2762673748d76164bef066ce6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b8:c7:61:2a:d9:58:b1:e6:2d:35:7d:bf:f8:
7d:48:c6:e5:72:45:b0:93:b9:75:df:e1:1c:ba:94:
90:71:b9:f8:56:c0:4a:17:45:d5:69:17:64:73:bf:
ed:01:e9:14:a4:ee:bb:39:7f:9a:fb:04:c2:2d:3f:
4d:fd:bf:55:99:16:5e:f4:1d:78:07:0b:48:14:f9:
dd:7a:67:7b:67:ed:21:b1:92:ae:8c:a0:70:d1:82:
6e:f9:34:36:ac:48:4a:21:7c:fc:03:be:12:69:c3:
83:cd:5b:a9:97:3a:4e:4b:4c:c8:15:f8:fb:cf:84:
06:63:4c:4f:d3:6d:94:c1:ac:ee:c2:e6:5d:99:58:
f9:97:de:f7:ed:06:78:ac:83:18:5b:d1:68:14:22:
71:d5:ae:d6:c7:08:57:da:19:e5:3c:5f:15:1a:c3:
5e:c4:ac:5d:b3:d5:8e:ec:1e:e2:41:94:99:37:c1:
b6:f7:85:0c:c4:c9:8f:e5:5d:37:62:0a:a7:48:95:
d8:29:d0:90:5e:46:c4:13:83:8c:6e:6e:b3:d3:05:
4b:c3:67:5a:ec:71:2e:b2:68:04:51:d7:76:54:60:
da:a5:59:df:2a:c3:61:97:ce:e4:07:53:c7:ea:78:
54:64:87:1b:a0:09:47:33:0d:d2:53:0c:9c:ff:db:
aa:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:02:A6:76:E1:01:A1:C2:76:26:73:74:8D:76:16:4B:EF:06:6C:E6
X509v3 Authority Key Identifier:
keyid:A0:BB:17:18:96:3D:DD:91:28:B7:6F:D3:D8:21:3A:15:65:EF:85:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oLsXGJY93ZEot2_T2CE6FWXvhW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c4210e-90de-4eca-8206-5537d85d2bd0/1/3AKmduEBocJ2JnN0jXYWS-8GbOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c4210e-90de-4eca-8206-5537d85d2bd0/1/oLsXGJY93ZEot2_T2CE6FWXvhW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.63.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:80:eb:ef:ad:cc:b7:4b:07:21:8c:30:5b:b7:c8:cf:02:9c:
b1:ff:66:91:fb:0d:02:62:95:e9:6e:1b:8d:f0:30:dc:69:23:
a5:33:cd:0d:c6:c6:45:c2:06:1e:00:b5:20:0a:db:ed:03:c4:
4c:90:62:ea:7c:ac:b7:95:8b:5c:da:1f:89:90:e7:a0:55:9f:
15:09:4c:9c:6d:c7:86:77:76:0d:5c:d8:41:c9:10:48:9a:38:
74:90:6c:84:94:c8:7b:36:17:3b:c0:1d:7e:ec:9f:c3:ba:d3:
01:a5:bb:2b:55:5f:20:d3:59:e7:30:f2:72:19:b2:5c:a8:d5:
54:96:d8:0d:b8:f6:56:0b:47:e1:a0:62:a4:ee:90:49:61:bd:
f6:4a:74:86:d7:70:1c:80:32:87:29:57:f9:48:4a:53:cd:55:
cd:75:07:21:e5:6e:a1:2b:4b:a6:dc:fe:4b:01:fd:23:43:6b:
b9:cd:13:a1:d9:3d:d7:9e:96:62:b6:e8:d8:9f:9b:2a:7f:2c:
dc:e6:61:f2:bc:eb:86:67:84:6b:00:06:2c:12:91:16:ed:51:
91:a9:35:72:ee:8b:1d:eb:41:03:06:68:b2:91:47:f2:21:5d:
b0:13:ca:cc:7d:23:34:e9:6b:17:59:b7:f8:92:78:2c:7b:0b:
1a:cc:a7:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJmHqMAp1od08jTRSBAatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYmIxNzE4OTYzZGRkOTEyOGI3NmZkM2Q4MjEzYTE1NjVl
Zjg1NmQwHhcNMjUwMTAyMTc1MzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzAyYTY3NmUxMDFhMWMyNzYyNjczNzQ4ZDc2MTY0YmVmMDY2Y2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLjHYSrZWLHmLTV9v/h9SMblckWw
k7l13+EcupSQcbn4VsBKF0XVaRdkc7/tAekUpO67OX+a+wTCLT9N/b9VmRZe9B14
BwtIFPndemd7Z+0hsZKujKBw0YJu+TQ2rEhKIXz8A74SacODzVuplzpOS0zIFfj7
z4QGY0xP022UwazuwuZdmVj5l9737QZ4rIMYW9FoFCJx1a7WxwhX2hnlPF8VGsNe
xKxds9WO7B7iQZSZN8G294UMxMmP5V03YgqnSJXYKdCQXkbEE4OMbm6z0wVLw2da
7HEusmgEUdd2VGDapVnfKsNhl87kB1PH6nhUZIcboAlHMw3SUwyc/9uqsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNwCpnbhAaHCdiZzdI12FkvvBmzmMB8GA1UdIwQY
MBaAFKC7FxiWPd2RKLdv09ghOhVl74VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0xzWEdKWTkzWkVvdDJfVDJDRTZGV1h2aFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jNDIxMGUtOTBkZS00ZWNhLTgyMDYt
NTUzN2Q4NWQyYmQwLzEvM0FLbWR1RUJvY0oySm5OMGpYWVdTLThHYk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jNDIxMGUtOTBkZS00ZWNhLTgyMDYtNTUzN2Q4NWQyYmQw
LzEvb0xzWEdKWTkzWkVvdDJfVDJDRTZGV1h2aFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgg/MA0G
CSqGSIb3DQEBCwUAA4IBAQCagOvvrcy3SwchjDBbt8jPApyx/2aR+w0CYpXpbhuN
8DDcaSOlM80NxsZFwgYeALUgCtvtA8RMkGLqfKy3lYtc2h+JkOegVZ8VCUycbceG
d3YNXNhByRBImjh0kGyElMh7Nhc7wB1+7J/DutMBpbsrVV8g01nnMPJyGbJcqNVU
ltgNuPZWC0fhoGKk7pBJYb32SnSG13AcgDKHKVf5SEpTzVXNdQch5W6hK0um3P5L
Af0jQ2u5zROh2T3XnpZitujYn5sqfyzc5mHyvOuGZ4RrAAYsEpEW7VGRqTVy7osd
60EDBmiykUfyIV2wE8rMfSM06WsXWbf4kngsewsazKea
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:14 2025 by rpki-client