Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/NVPuKIwqd6rXOALhTsUic2d4hlA.roa
File: NVPuKIwqd6rXOALhTsUic2d4hlA.roa (raw, json)
Hash identifier: T7Dyc87WaeHKY9kvTOaXHf9jWNh88eWIMhxiFozXzd0=
Subject key identifier: 35:53:EE:28:8C:2A:77:AA:D7:38:02:E1:4E:C5:22:73:67:78:86:50
Certificate issuer: /CN=321ec194107843848cd36330232b5f6a43791db4
Certificate serial: 01942067D3D6953B1C98B137ACE369291252
Authority key identifier: 32:1E:C1:94:10:78:43:84:8C:D3:63:30:23:2B:5F:6A:43:79:1D:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mh7BlBB4Q4SM02MwIytfakN5HbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/NVPuKIwqd6rXOALhTsUic2d4hlA.roa
Signing time: Wed 01 Jan 2025 05:47:42 +0000
ROA not before: Wed 01 Jan 2025 05:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5089
IP address blocks: 194.101.120.0/22 maxlen: 22
194.227.208.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:d3:d6:95:3b:1c:98:b1:37:ac:e3:69:29:12:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=321ec194107843848cd36330232b5f6a43791db4
Validity
Not Before: Jan 1 05:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3553ee288c2a77aad73802e14ec5227367788650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:12:58:fb:2e:92:a1:3b:22:0e:6a:e7:af:3f:
c4:d4:e1:78:51:39:1e:3f:18:11:00:59:28:36:f0:
05:b5:6b:5c:ca:db:64:17:25:c9:a7:bb:02:1c:8f:
41:94:20:b2:49:1b:5d:fe:3d:ba:57:6a:a4:eb:e1:
b9:d8:a8:78:89:4d:df:36:95:9a:a6:61:33:92:50:
42:91:87:fb:c2:da:27:20:da:f5:1a:a7:70:5e:0e:
b5:78:9f:93:57:3c:a7:f8:df:67:c8:86:cc:40:cf:
60:fe:36:37:8c:65:25:0e:9e:ed:02:4a:be:0d:19:
ed:6d:2d:62:62:c8:f9:26:69:2f:8d:a4:c2:17:2e:
29:5e:11:f3:ec:77:17:9b:57:bb:6b:2c:bf:31:74:
f6:dc:fb:24:7b:4f:73:24:6f:a4:0f:ac:ca:55:a9:
82:af:0a:b2:8c:93:e3:76:f8:14:a3:f6:b4:48:7b:
c9:93:48:66:55:8e:cb:79:36:c6:51:c0:66:08:33:
6a:65:ba:a5:cc:92:98:3a:87:d3:fe:69:6f:75:c9:
14:a5:35:a1:ab:18:e4:0a:71:18:d6:07:d0:28:25:
88:82:03:cf:94:57:12:84:48:98:97:a0:1b:0f:22:
e1:65:e0:22:63:4d:4d:34:f7:c4:49:a9:ba:41:95:
b1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:53:EE:28:8C:2A:77:AA:D7:38:02:E1:4E:C5:22:73:67:78:86:50
X509v3 Authority Key Identifier:
keyid:32:1E:C1:94:10:78:43:84:8C:D3:63:30:23:2B:5F:6A:43:79:1D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh7BlBB4Q4SM02MwIytfakN5HbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/NVPuKIwqd6rXOALhTsUic2d4hlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/Mh7BlBB4Q4SM02MwIytfakN5HbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.101.120.0/22
194.227.208.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:d5:16:29:12:ba:e5:46:27:32:f8:cf:0b:c5:47:d0:e6:f5:
6f:da:52:3e:2d:f8:49:62:a9:25:05:51:12:3d:46:58:67:ee:
d1:b6:db:d3:9c:6e:ac:bb:a7:3a:94:b5:07:6a:02:8c:87:1d:
53:84:85:25:ee:6e:a1:28:2c:f4:42:8c:0a:63:56:bd:c2:54:
9e:a3:af:e1:5a:f7:dc:d2:f0:6c:20:e2:d3:0b:50:79:89:ba:
b9:cb:01:06:d8:70:fd:e3:b1:8f:f7:89:96:bf:da:80:3e:90:
fc:bd:18:08:9c:7c:c3:48:5b:df:a8:00:a0:32:df:db:96:6a:
d2:3f:3f:b7:77:0d:9c:cf:65:8e:eb:69:bb:37:38:89:99:85:
e6:d6:6a:28:cd:3e:03:9e:aa:3b:0a:ea:ac:28:24:be:2a:2b:
56:fd:ab:52:fd:39:61:64:45:d9:e7:0f:b5:7b:68:cf:f9:1e:
7d:4e:c3:6c:eb:a8:60:30:64:f6:00:26:9c:47:6f:ae:ec:15:
ab:28:f0:b0:fb:61:0b:da:43:65:86:0f:50:1c:ed:be:7e:59:
97:72:a2:01:af:e7:67:c4:f5:8c:1c:ca:0c:1e:b4:9e:3a:1e:
dc:3e:ea:f3:32:cd:a9:1d:28:e6:93:d9:a8:43:0e:be:a1:01:
fb:2f:d4:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgZ9PWlTscmLE3rONpKRJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWVjMTk0MTA3ODQzODQ4Y2QzNjMzMDIzMmI1ZjZhNDM3
OTFkYjQwHhcNMjUwMTAxMDU0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTUzZWUyODhjMmE3N2FhZDczODAyZTE0ZWM1MjI3MzY3Nzg4NjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xJY+y6SoTsiDmrnrz/E1OF4UTke
PxgRAFkoNvAFtWtcyttkFyXJp7sCHI9BlCCySRtd/j26V2qk6+G52Kh4iU3fNpWa
pmEzklBCkYf7wtonINr1GqdwXg61eJ+TVzyn+N9nyIbMQM9g/jY3jGUlDp7tAkq+
DRntbS1iYsj5JmkvjaTCFy4pXhHz7HcXm1e7ayy/MXT23Pske09zJG+kD6zKVamC
rwqyjJPjdvgUo/a0SHvJk0hmVY7LeTbGUcBmCDNqZbqlzJKYOofT/mlvdckUpTWh
qxjkCnEY1gfQKCWIggPPlFcShEiYl6AbDyLhZeAiY01NNPfESam6QZWx2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDVT7iiMKneq1zgC4U7FInNneIZQMB8GA1UdIwQY
MBaAFDIewZQQeEOEjNNjMCMrX2pDeR20MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg3QmxCQjRRNFNNMDJNd0l5dGZha041SGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9mMTQ1OGYtYmRjMy00ZTRiLTlmNjgt
M2E2MTFjMDkzYTJjLzEvTlZQdUtJd3FkNnJYT0FMaFRzVWljMmQ0aGxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9mMTQ1OGYtYmRjMy00ZTRiLTlmNjgtM2E2MTFjMDkzYTJj
LzEvTWg3QmxCQjRRNFNNMDJNd0l5dGZha041SGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwmV4AwQB
wuPQMA0GCSqGSIb3DQEBCwUAA4IBAQCM1RYpErrlRicy+M8LxUfQ5vVv2lI+LfhJ
YqklBVESPUZYZ+7RttvTnG6su6c6lLUHagKMhx1ThIUl7m6hKCz0QowKY1a9wlSe
o6/hWvfc0vBsIOLTC1B5ibq5ywEG2HD947GP94mWv9qAPpD8vRgInHzDSFvfqACg
Mt/blmrSPz+3dw2cz2WO62m7NziJmYXm1moozT4Dnqo7CuqsKCS+KitW/atS/Tlh
ZEXZ5w+1e2jP+R59TsNs66hgMGT2ACacR2+u7BWrKPCw+2EL2kNlhg9QHO2+flmX
cqIBr+dnxPWMHMoMHrSeOh7cPurzMs2pHSjmk9moQw6+oQH7L9TH
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:10 2025 by rpki-client