Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/hMdN9H1vjtdOflJOMd75EH-ezRo.roa
File: hMdN9H1vjtdOflJOMd75EH-ezRo.roa (raw, json)
Hash identifier: XEdmZ15MtI8XRJbE8WrDL/ucHxQnqtWDbqZFa0aMy0E=
Subject key identifier: 84:C7:4D:F4:7D:6F:8E:D7:4E:7E:52:4E:31:DE:F9:10:7F:9E:CD:1A
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0194244492C4A4FFCF5EEA1B5553A488C0A2
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/hMdN9H1vjtdOflJOMd75EH-ezRo.roa
Signing time: Wed 01 Jan 2025 23:47:41 +0000
ROA not before: Wed 01 Jan 2025 23:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57695
IP address blocks: 194.114.138.0/23 maxlen: 23
194.114.138.0/24 maxlen: 24
194.114.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:92:c4:a4:ff:cf:5e:ea:1b:55:53:a4:88:c0:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 23:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84c74df47d6f8ed74e7e524e31def9107f9ecd1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7a:39:35:fc:14:fa:b4:aa:6f:76:52:33:93:
8e:48:c2:8b:19:71:9f:cc:8f:9a:84:b3:6b:6f:cf:
b2:60:a8:5c:6e:1c:56:4d:5f:bf:d8:52:f6:45:6f:
91:d9:88:10:6f:49:58:21:00:dd:5b:22:ff:8c:ea:
cd:9d:8a:4b:d2:17:81:b5:17:4f:95:df:5f:f0:1e:
06:cf:6f:73:57:b2:61:49:43:6d:e6:c8:5a:87:bd:
c9:73:07:1d:ea:d4:62:79:4d:56:4b:4a:5a:42:0e:
52:c4:ad:8c:86:0a:b4:fa:72:ed:1c:81:53:64:07:
64:49:27:b8:7e:20:cc:56:57:92:65:c0:d7:d1:f4:
f1:77:c9:62:70:a8:11:ed:03:8d:34:65:58:0d:9b:
e1:98:67:d8:b9:5a:80:a9:ca:14:de:8f:a9:a5:05:
78:a2:77:71:10:a4:c6:af:6e:5b:2b:8f:0f:47:9e:
9d:20:01:00:20:9c:ca:72:9a:fc:54:a6:55:e4:2f:
5e:6d:9c:78:c4:c0:6d:b6:9f:43:93:9f:d4:5a:18:
51:59:4b:7b:e6:53:37:a4:3f:72:0a:33:07:18:f8:
0d:0c:83:b3:15:02:26:51:02:88:94:4b:d3:78:81:
70:34:e2:53:d1:ea:aa:9b:8d:11:33:82:e4:29:e0:
f6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C7:4D:F4:7D:6F:8E:D7:4E:7E:52:4E:31:DE:F9:10:7F:9E:CD:1A
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/hMdN9H1vjtdOflJOMd75EH-ezRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.114.138.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:c8:dc:04:5d:23:59:92:f3:60:25:53:ff:98:6d:67:2a:cd:
2a:08:49:ca:f7:f1:37:35:4b:3c:f4:1d:44:2c:9b:d6:ec:f6:
1f:8a:fc:04:58:7d:05:73:bd:45:db:11:33:de:ec:8a:69:1d:
de:aa:7f:f3:3a:ef:7a:8e:8c:fe:71:28:fa:93:9c:c4:ee:c8:
92:e5:dc:f3:10:01:21:7f:c3:2e:f9:47:11:ec:6d:f5:d8:55:
ac:e9:d3:03:0f:c1:e4:34:08:40:f8:8e:02:c8:40:3a:46:17:
01:f6:e7:60:3f:c0:a4:0f:9e:8d:b4:cf:c4:13:89:0c:dd:ba:
c0:db:cb:c1:b8:10:76:ae:d2:7b:45:c1:06:9b:b8:00:92:9f:
de:ef:71:ba:57:f5:62:d5:fb:8a:51:60:bb:36:5e:db:39:ae:
e1:cf:c4:31:c9:88:c3:b5:1e:48:73:a3:f6:19:0b:7c:e5:9f:
ba:58:7f:ba:e7:d2:b6:53:61:8d:77:1d:15:e5:f8:44:27:a2:
af:bc:ba:da:37:97:6e:9f:7f:94:76:5b:af:69:de:3a:f6:26:
cf:94:a7:53:cc:4a:8e:b9:9a:fe:dc:10:bc:3f:58:20:02:e0:
d9:63:74:94:7a:26:2d:8f:05:2a:6e:50:eb:08:88:fe:12:7a:
d2:aa:69:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRJLEpP/PXuobVVOkiMCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwMTAxMjM0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGM3NGRmNDdkNmY4ZWQ3NGU3ZTUyNGUzMWRlZjkxMDdmOWVjZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXo5NfwU+rSqb3ZSM5OOSMKLGXGf
zI+ahLNrb8+yYKhcbhxWTV+/2FL2RW+R2YgQb0lYIQDdWyL/jOrNnYpL0heBtRdP
ld9f8B4Gz29zV7JhSUNt5shah73Jcwcd6tRieU1WS0paQg5SxK2Mhgq0+nLtHIFT
ZAdkSSe4fiDMVleSZcDX0fTxd8licKgR7QONNGVYDZvhmGfYuVqAqcoU3o+ppQV4
ondxEKTGr25bK48PR56dIAEAIJzKcpr8VKZV5C9ebZx4xMBttp9Dk5/UWhhRWUt7
5lM3pD9yCjMHGPgNDIOzFQImUQKIlEvTeIFwNOJT0eqqm40RM4LkKeD2SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITHTfR9b47XTn5STjHe+RB/ns0aMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvaE1kTjlIMXZqdGRPZmxKT01kNzVFSC1lelJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwnKKMA0G
CSqGSIb3DQEBCwUAA4IBAQChyNwEXSNZkvNgJVP/mG1nKs0qCEnK9/E3NUs89B1E
LJvW7PYfivwEWH0Fc71F2xEz3uyKaR3eqn/zOu96joz+cSj6k5zE7siS5dzzEAEh
f8Mu+UcR7G312FWs6dMDD8HkNAhA+I4CyEA6RhcB9udgP8CkD56NtM/EE4kM3brA
28vBuBB2rtJ7RcEGm7gAkp/e73G6V/Vi1fuKUWC7Nl7bOa7hz8QxyYjDtR5Ic6P2
GQt85Z+6WH+659K2U2GNdx0V5fhEJ6KvvLraN5dun3+Udluvad469ibPlKdTzEqO
uZr+3BC8P1ggAuDZY3SUeiYtjwUqblDrCIj+EnrSqmlS
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:16:41 2025 by rpki-client