Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/s_gtffJAdOdCOTF8JrwlspZV70Q.roa
File: s_gtffJAdOdCOTF8JrwlspZV70Q.roa (raw, json)
Hash identifier: EE3zvO+17D2lS+ma9Jbmozdr5I2JwhR0u6QEkn1ojIA=
Subject key identifier: B3:F8:2D:7D:F2:40:74:E7:42:39:31:7C:26:BC:25:B2:96:55:EF:44
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019421B1CE7967AD35A7BBBFC41FDFE7FBC4
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/s_gtffJAdOdCOTF8JrwlspZV70Q.roa
Signing time: Wed 01 Jan 2025 11:48:08 +0000
ROA not before: Wed 01 Jan 2025 11:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12589
IP address blocks: 194.88.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ce:79:67:ad:35:a7:bb:bf:c4:1f:df:e7:fb:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 11:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3f82d7df24074e74239317c26bc25b29655ef44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2c:66:d5:ca:4b:87:b7:6f:99:d3:39:9a:bf:
86:38:d7:40:db:09:cc:80:39:f1:e1:fe:69:70:02:
06:ff:c9:01:73:ad:22:63:c7:1e:4a:6e:97:48:ed:
bd:fd:b4:b8:6e:6e:99:d7:6b:59:cc:37:35:4a:2b:
05:c4:51:bb:52:3d:ac:b6:5e:29:ab:5e:74:09:ba:
40:8c:60:e9:1e:7d:7d:e8:54:2d:fb:20:9f:04:99:
fd:68:01:69:6b:2e:fa:91:5a:55:0a:3e:c1:92:11:
4b:53:2d:d9:25:08:0a:6b:b5:09:f1:45:67:0a:d1:
9e:c5:64:72:54:fa:8f:c0:de:0e:e1:e6:53:99:2c:
ea:84:fa:ac:04:ad:dd:76:65:aa:3f:78:c5:d9:64:
5b:8a:cd:bb:a3:96:d7:d2:1b:6e:b4:96:e5:a3:99:
51:78:42:bd:9d:e6:06:ca:ff:09:43:f1:a2:50:55:
5f:b1:43:48:c9:ac:8d:29:da:41:1b:70:e5:b0:38:
7b:73:c1:16:f9:b2:a5:dd:d5:76:9f:15:5c:f7:01:
53:44:60:86:96:d8:a8:11:06:39:f7:eb:27:e3:95:
a7:ac:7c:04:03:d9:52:7e:e6:f4:c4:e8:e1:c3:37:
14:5e:c6:66:3a:ae:53:8e:95:9d:20:68:c8:4c:1e:
43:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F8:2D:7D:F2:40:74:E7:42:39:31:7C:26:BC:25:B2:96:55:EF:44
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/s_gtffJAdOdCOTF8JrwlspZV70Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.88.45.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:f6:f8:1f:af:27:1c:32:04:5a:df:e9:f3:ac:cb:c8:27:b1:
8f:b7:0a:f8:80:2c:36:68:6c:73:de:26:0f:78:40:ee:a4:10:
ae:d8:b1:ce:52:87:86:63:f3:d7:a8:29:56:58:dd:e1:23:a7:
c6:ef:a6:ff:3f:b7:4c:b5:29:d4:1a:2d:df:7a:86:3d:5a:55:
2c:75:b7:80:cd:ee:12:99:74:03:9e:99:1f:3a:f7:12:5f:50:
a4:b9:13:e9:48:f3:59:c4:8a:d3:41:53:67:a6:f6:e4:09:65:
fc:4a:20:9e:69:6b:85:6a:7e:af:b1:40:62:db:28:24:51:ed:
49:e4:bb:52:cb:aa:cf:40:55:cd:40:09:51:61:3e:6b:56:fd:
be:72:00:88:bd:66:7d:a8:68:cb:08:ae:af:44:c7:cf:49:5d:
c7:6e:c9:2a:eb:51:59:72:4d:30:c4:84:8a:a5:34:42:6c:05:
19:66:41:69:8a:0e:a3:70:0a:f7:c9:12:58:2c:dc:a7:19:b2:
ed:60:74:17:1a:a2:e7:6f:58:8c:59:bf:7d:92:a9:73:05:77:
c2:2b:08:b5:4b:be:10:28:95:06:dd:9e:69:0e:cf:ea:3d:c2:
f0:17:f9:6e:d9:c4:72:c9:c4:16:6f:5a:6d:cb:2c:09:13:c4:
a3:f9:c6:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsc55Z601p7u/xB/f5/vEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwMTAxMTE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2Y4MmQ3ZGYyNDA3NGU3NDIzOTMxN2MyNmJjMjViMjk2NTVlZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCxm1cpLh7dvmdM5mr+GONdA2wnM
gDnx4f5pcAIG/8kBc60iY8ceSm6XSO29/bS4bm6Z12tZzDc1SisFxFG7Uj2stl4p
q150CbpAjGDpHn196FQt+yCfBJn9aAFpay76kVpVCj7BkhFLUy3ZJQgKa7UJ8UVn
CtGexWRyVPqPwN4O4eZTmSzqhPqsBK3ddmWqP3jF2WRbis27o5bX0htutJblo5lR
eEK9neYGyv8JQ/GiUFVfsUNIyayNKdpBG3DlsDh7c8EW+bKl3dV2nxVc9wFTRGCG
ltioEQY59+sn45WnrHwEA9lSfub0xOjhwzcUXsZmOq5TjpWdIGjITB5DHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLP4LX3yQHTnQjkxfCa8JbKWVe9EMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvc19ndGZmSkFkT2RDT1RGOEpyd2xzcFpWNzBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlgtMA0G
CSqGSIb3DQEBCwUAA4IBAQBr9vgfryccMgRa3+nzrMvIJ7GPtwr4gCw2aGxz3iYP
eEDupBCu2LHOUoeGY/PXqClWWN3hI6fG76b/P7dMtSnUGi3feoY9WlUsdbeAze4S
mXQDnpkfOvcSX1CkuRPpSPNZxIrTQVNnpvbkCWX8SiCeaWuFan6vsUBi2ygkUe1J
5LtSy6rPQFXNQAlRYT5rVv2+cgCIvWZ9qGjLCK6vRMfPSV3Hbskq61FZck0wxISK
pTRCbAUZZkFpig6jcAr3yRJYLNynGbLtYHQXGqLnb1iMWb99kqlzBXfCKwi1S74Q
KJUG3Z5pDs/qPcLwF/lu2cRyycQWb1ptyywJE8Sj+cY5
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:33 2025 by rpki-client