Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/87d48a-fa27-4b93-b4e8-b539d6cea6e1/1/hoEO8bI4_PQXnv3luwEAaFGc0JU.roa
File: hoEO8bI4_PQXnv3luwEAaFGc0JU.roa (raw, json)
Hash identifier: bcr7JWWwUvc7qdiUDI1oNsEA+fH4+6yxoDEjsKx/8Wg=
Subject key identifier: 86:81:0E:F1:B2:38:FC:F4:17:9E:FD:E5:BB:01:00:68:51:9C:D0:95
Certificate issuer: /CN=bf7a0258a521e99d213fb30e79667e584e37c7db
Certificate serial: 019423D6DDF404716FD083FC97D5064D21DD
Authority key identifier: BF:7A:02:58:A5:21:E9:9D:21:3F:B3:0E:79:66:7E:58:4E:37:C7:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v3oCWKUh6Z0hP7MOeWZ-WE43x9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/87d48a-fa27-4b93-b4e8-b539d6cea6e1/1/hoEO8bI4_PQXnv3luwEAaFGc0JU.roa
Signing time: Wed 01 Jan 2025 21:47:51 +0000
ROA not before: Wed 01 Jan 2025 21:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 194.172.58.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:dd:f4:04:71:6f:d0:83:fc:97:d5:06:4d:21:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf7a0258a521e99d213fb30e79667e584e37c7db
Validity
Not Before: Jan 1 21:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86810ef1b238fcf4179efde5bb010068519cd095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8a:57:e5:44:a1:8f:6d:c9:b7:63:34:8b:03:
0f:66:29:83:8c:e2:2d:a0:ba:16:72:ce:2a:7a:83:
18:f6:97:ce:fa:0d:8d:d4:26:21:9b:7f:0d:08:34:
80:56:63:c4:fb:e6:24:9b:54:aa:1a:5a:6c:25:69:
2f:c8:4e:7a:c6:2b:14:bc:9d:44:28:aa:63:3c:30:
0b:ab:2f:b6:bf:3e:5d:f1:6f:c9:03:b3:3e:76:04:
cd:2f:ad:db:41:a5:96:be:c4:5d:0e:6b:30:09:34:
dc:54:58:72:48:c0:e3:db:58:97:36:f1:0b:ae:0b:
87:c2:86:5a:05:b6:35:2e:48:6e:69:0a:40:8f:f4:
a1:e7:fe:54:3f:43:59:3f:63:5b:85:38:92:e7:c4:
0d:b8:fa:8b:b3:4c:35:72:02:16:15:fb:ee:2c:7b:
0d:2f:98:63:18:d5:7d:3c:6b:a0:24:64:58:e5:72:
58:8b:4e:cf:f4:21:de:9a:99:42:1f:05:7a:3d:55:
f5:99:2d:12:34:28:ae:7f:72:79:b4:28:7b:bc:35:
6d:a5:64:94:97:b0:f1:0c:2d:43:33:de:68:4e:84:
ed:c7:30:14:1e:59:e5:f6:1a:81:3b:ea:e9:23:8f:
df:6e:31:5a:ea:1a:d3:97:ec:21:3d:af:66:1f:0d:
10:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:81:0E:F1:B2:38:FC:F4:17:9E:FD:E5:BB:01:00:68:51:9C:D0:95
X509v3 Authority Key Identifier:
keyid:BF:7A:02:58:A5:21:E9:9D:21:3F:B3:0E:79:66:7E:58:4E:37:C7:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v3oCWKUh6Z0hP7MOeWZ-WE43x9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/87d48a-fa27-4b93-b4e8-b539d6cea6e1/1/hoEO8bI4_PQXnv3luwEAaFGc0JU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/87d48a-fa27-4b93-b4e8-b539d6cea6e1/1/v3oCWKUh6Z0hP7MOeWZ-WE43x9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.172.58.0/24
Signature Algorithm: sha256WithRSAEncryption
48:f5:89:8d:9a:04:c4:1d:f6:c0:09:0a:71:54:05:94:c2:06:
8a:d8:53:f5:26:6c:b2:d5:b5:5f:14:7e:70:d8:6c:24:71:94:
ee:e2:53:51:13:aa:64:77:e7:3c:b9:56:40:94:45:22:e3:d0:
ef:c7:3c:e0:58:8c:31:59:c8:20:af:0c:6c:8d:ca:d9:0a:86:
4a:d6:e6:27:8a:35:24:ac:98:c0:b4:51:56:ef:8a:88:eb:7e:
27:a6:ef:6b:ea:7d:d2:bc:db:4f:e4:79:86:8c:41:26:55:6b:
24:f9:4d:af:0c:03:76:07:44:26:2a:2d:06:79:91:9f:1f:de:
62:af:c3:9e:46:b7:ea:b1:b6:22:75:cd:b5:86:3b:72:ec:b9:
aa:db:94:92:3e:c3:06:d1:80:f7:a6:e5:32:9b:44:38:39:0e:
c9:3f:94:a6:4f:39:12:a4:d0:cf:ee:61:60:ce:fb:fd:1c:1e:
84:14:83:d5:33:6b:0f:b9:d6:d9:24:68:b7:78:58:e0:6e:b5:
be:a0:24:27:51:d2:37:28:d5:30:ac:a3:bb:ba:25:5d:e4:65:
89:6a:8b:2a:6a:a0:09:fa:00:24:e5:93:c6:49:8f:21:62:5b:
a0:80:78:0e:c1:01:64:7f:8f:94:df:e0:40:9d:b2:88:70:84:
2b:83:3c:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1t30BHFv0IP8l9UGTSHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmN2EwMjU4YTUyMWU5OWQyMTNmYjMwZTc5NjY3ZTU4NGUz
N2M3ZGIwHhcNMjUwMTAxMjE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjgxMGVmMWIyMzhmY2Y0MTc5ZWZkZTViYjAxMDA2ODUxOWNkMDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4pX5UShj23Jt2M0iwMPZimDjOIt
oLoWcs4qeoMY9pfO+g2N1CYhm38NCDSAVmPE++Ykm1SqGlpsJWkvyE56xisUvJ1E
KKpjPDALqy+2vz5d8W/JA7M+dgTNL63bQaWWvsRdDmswCTTcVFhySMDj21iXNvEL
rguHwoZaBbY1LkhuaQpAj/Sh5/5UP0NZP2NbhTiS58QNuPqLs0w1cgIWFfvuLHsN
L5hjGNV9PGugJGRY5XJYi07P9CHemplCHwV6PVX1mS0SNCiuf3J5tCh7vDVtpWSU
l7DxDC1DM95oToTtxzAUHlnl9hqBO+rpI4/fbjFa6hrTl+whPa9mHw0Q9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIaBDvGyOPz0F5795bsBAGhRnNCVMB8GA1UdIwQY
MBaAFL96AlilIemdIT+zDnlmflhON8fbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjNvQ1dLVWg2WjBoUDdNT2VXWi1XRTQzeDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84N2Q0OGEtZmEyNy00YjkzLWI0ZTgt
YjUzOWQ2Y2VhNmUxLzEvaG9FTzhiSTRfUFFYbnYzbHV3RUFhRkdjMEpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84N2Q0OGEtZmEyNy00YjkzLWI0ZTgtYjUzOWQ2Y2VhNmUx
LzEvdjNvQ1dLVWg2WjBoUDdNT2VXWi1XRTQzeDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqw6MA0G
CSqGSIb3DQEBCwUAA4IBAQBI9YmNmgTEHfbACQpxVAWUwgaK2FP1Jmyy1bVfFH5w
2GwkcZTu4lNRE6pkd+c8uVZAlEUi49DvxzzgWIwxWcggrwxsjcrZCoZK1uYnijUk
rJjAtFFW74qI634npu9r6n3SvNtP5HmGjEEmVWsk+U2vDAN2B0QmKi0GeZGfH95i
r8OeRrfqsbYidc21hjty7Lmq25SSPsMG0YD3puUym0Q4OQ7JP5SmTzkSpNDP7mFg
zvv9HB6EFIPVM2sPudbZJGi3eFjgbrW+oCQnUdI3KNUwrKO7uiVd5GWJaosqaqAJ
+gAk5ZPGSY8hYluggHgOwQFkf4+U3+BAnbKIcIQrgzzm
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:04:19 2025 by rpki-client