Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/chfeQmrFPHmpcxbglabCBzQj1pQ.roa
File: chfeQmrFPHmpcxbglabCBzQj1pQ.roa (raw, json)
Hash identifier: LhELwvIs/XgqR3ECQtIvHf7tApjuqKUvX11bY/ZmRFo=
Subject key identifier: 72:17:DE:42:6A:C5:3C:79:A9:73:16:E0:95:A6:C2:07:34:23:D6:94
Certificate issuer: /CN=9042e83976e35fe29a01d3c43a9bc5964b37b443
Certificate serial: 01959054786CE448BA70F2E71B1D18D6D13B
Authority key identifier: 90:42:E8:39:76:E3:5F:E2:9A:01:D3:C4:3A:9B:C5:96:4B:37:B4:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kELoOXbjX-KaAdPEOpvFlks3tEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/chfeQmrFPHmpcxbglabCBzQj1pQ.roa
Signing time: Thu 13 Mar 2025 16:26:49 +0000
ROA not before: Thu 13 Mar 2025 16:26:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 194.124.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:54:78:6c:e4:48:ba:70:f2:e7:1b:1d:18:d6:d1:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9042e83976e35fe29a01d3c43a9bc5964b37b443
Validity
Not Before: Mar 13 16:26:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7217de426ac53c79a97316e095a6c2073423d694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:57:5c:96:b8:66:b5:10:e1:ce:06:b9:81:d0:
8a:52:00:8a:5b:92:d0:c8:09:f6:79:a8:3e:86:04:
5c:b4:5f:eb:97:ba:40:18:0e:40:bd:ff:22:b0:19:
1a:de:5e:d7:52:c4:a6:1e:97:6d:6e:94:bb:b4:dc:
c5:70:60:12:c1:68:a9:65:0e:78:09:88:38:c0:e9:
f8:00:49:ac:4b:32:90:39:6c:11:a5:6a:32:3a:ce:
67:80:df:57:20:11:85:ad:2a:c9:a5:00:e5:b1:73:
9d:52:cf:b4:dd:26:36:e0:3a:87:34:48:a2:f2:bb:
ae:86:ec:e5:36:86:8a:10:44:66:2c:fb:5b:ab:a9:
8b:c1:6a:98:02:89:87:6c:d5:9d:97:79:4c:83:dd:
14:e1:a9:6c:28:67:8b:2e:b1:45:5a:84:39:89:9c:
cf:19:13:90:30:85:e4:1f:38:59:4c:24:02:07:f8:
ee:d2:41:c9:1f:66:66:2c:52:4c:a3:01:eb:dd:7a:
ba:b1:8a:ec:a6:84:4e:a7:ff:94:ad:ee:0d:0d:b7:
c8:a5:e3:cc:c2:7d:f3:d4:e4:47:fb:f1:ca:a1:71:
c3:c5:f0:25:dc:d2:ca:d9:3a:49:21:98:81:9d:8b:
dd:43:44:4f:27:6b:08:34:41:3f:e4:7c:59:e5:5a:
b5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:17:DE:42:6A:C5:3C:79:A9:73:16:E0:95:A6:C2:07:34:23:D6:94
X509v3 Authority Key Identifier:
keyid:90:42:E8:39:76:E3:5F:E2:9A:01:D3:C4:3A:9B:C5:96:4B:37:B4:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kELoOXbjX-KaAdPEOpvFlks3tEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/chfeQmrFPHmpcxbglabCBzQj1pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/kELoOXbjX-KaAdPEOpvFlks3tEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.234.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:b1:1d:90:af:14:1b:1a:73:25:a8:6b:64:da:76:13:88:70:
8a:9e:05:41:f2:a6:9d:df:ab:62:81:30:99:96:25:a6:76:fa:
c6:1c:19:3b:c0:fe:f4:70:66:a7:cd:be:bc:e5:cd:b0:09:98:
9b:44:ec:1f:eb:17:23:d0:5c:ac:81:02:12:37:e2:86:2c:ab:
cd:ed:f5:19:bd:73:68:e2:e8:d5:55:74:3d:69:21:e8:e8:ed:
f5:7b:b2:a1:8c:f4:7c:da:c0:3a:cd:f3:20:00:f6:17:77:b4:
77:66:6c:c8:e9:cb:c6:81:c0:29:e9:db:ab:6b:2e:b7:80:ac:
16:a4:fd:9c:8e:9d:b7:1d:8f:3f:98:c8:33:d6:8d:a0:14:7e:
e1:cc:79:6b:a4:49:01:f4:fa:6f:c7:e0:5f:98:ad:89:f1:be:
6e:90:7b:a3:09:80:94:03:1f:6f:33:76:0b:1a:41:5d:4a:f0:
4b:aa:47:52:9a:87:5b:7e:45:aa:74:ab:4c:18:14:76:25:81:
d4:9f:89:a1:eb:59:68:ce:73:96:89:14:cc:30:6d:f5:fd:69:
ce:b9:98:49:df:8b:f3:e7:0f:55:3c:c7:10:3a:93:ee:54:6f:
42:30:6f:6c:f0:dc:4f:d9:5a:55:12:e6:dc:fb:d3:47:d3:d5:
8e:1c:82:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWQVHhs5Ei6cPLnGx0Y1tE7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNDJlODM5NzZlMzVmZTI5YTAxZDNjNDNhOWJjNTk2NGIz
N2I0NDMwHhcNMjUwMzEzMTYyNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE3ZGU0MjZhYzUzYzc5YTk3MzE2ZTA5NWE2YzIwNzM0MjNkNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArldclrhmtRDhzga5gdCKUgCKW5LQ
yAn2eag+hgRctF/rl7pAGA5Avf8isBka3l7XUsSmHpdtbpS7tNzFcGASwWipZQ54
CYg4wOn4AEmsSzKQOWwRpWoyOs5ngN9XIBGFrSrJpQDlsXOdUs+03SY24DqHNEii
8ruuhuzlNoaKEERmLPtbq6mLwWqYAomHbNWdl3lMg90U4alsKGeLLrFFWoQ5iZzP
GROQMIXkHzhZTCQCB/ju0kHJH2ZmLFJMowHr3Xq6sYrspoROp/+Ure4NDbfIpePM
wn3z1ORH+/HKoXHDxfAl3NLK2TpJIZiBnYvdQ0RPJ2sINEE/5HxZ5Vq1kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHIX3kJqxTx5qXMW4JWmwgc0I9aUMB8GA1UdIwQY
MBaAFJBC6Dl241/imgHTxDqbxZZLN7RDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0VMb09YYmpYLUthQWRQRU9wdkZsa3MzdEVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hODdiNmUtZDg0Mi00YzBjLTg4MWIt
MjEwOTQwZGExNzdiLzEvY2hmZVFtckZQSG1wY3hiZ2xhYkNCelFqMXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hODdiNmUtZDg0Mi00YzBjLTg4MWItMjEwOTQwZGExNzdi
LzEva0VMb09YYmpYLUthQWRQRU9wdkZsa3MzdEVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnzqMA0G
CSqGSIb3DQEBCwUAA4IBAQBusR2QrxQbGnMlqGtk2nYTiHCKngVB8qad36tigTCZ
liWmdvrGHBk7wP70cGanzb685c2wCZibROwf6xcj0FysgQISN+KGLKvN7fUZvXNo
4ujVVXQ9aSHo6O31e7KhjPR82sA6zfMgAPYXd7R3ZmzI6cvGgcAp6duray63gKwW
pP2cjp23HY8/mMgz1o2gFH7hzHlrpEkB9Ppvx+BfmK2J8b5ukHujCYCUAx9vM3YL
GkFdSvBLqkdSmodbfkWqdKtMGBR2JYHUn4mh61loznOWiRTMMG31/WnOuZhJ34vz
5w9VPMcQOpPuVG9CMG9s8NxP2VpVEubc+9NH09WOHIIe
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:05:37 2025 by rpki-client