Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/2923ab-3ff8-4aa9-9220-5e292aa544af/1/1-t2gnE5sOGltaGyK08vMro9QjaY.roa
File: 1-t2gnE5sOGltaGyK08vMro9QjaY.roa (raw, json)
Hash identifier: KqgeQLln5bUSPOutirb1nGDGQJDA+7LtG2hn/tE6y4I=
Subject key identifier: FA:DD:A0:9C:4E:6C:38:69:6D:68:6C:8A:D3:CB:CC:AE:8F:50:8D:A6
Certificate issuer: /CN=4516eb0ee37a71076461ec6cba8b925ac5e28a04
Certificate serial: 0194266C42B3ABE0C3408C464B16629440A9
Authority key identifier: 45:16:EB:0E:E3:7A:71:07:64:61:EC:6C:BA:8B:92:5A:C5:E2:8A:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RRbrDuN6cQdkYexsuouSWsXiigQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/2923ab-3ff8-4aa9-9220-5e292aa544af/1/1-t2gnE5sOGltaGyK08vMro9QjaY.roa
Signing time: Thu 02 Jan 2025 09:50:16 +0000
ROA not before: Thu 02 Jan 2025 09:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56457
IP address blocks: 194.48.152.0/24 maxlen: 24
2a13:5a00::/30 maxlen: 32
2a13:5a04::/31 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:42:b3:ab:e0:c3:40:8c:46:4b:16:62:94:40:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4516eb0ee37a71076461ec6cba8b925ac5e28a04
Validity
Not Before: Jan 2 09:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fadda09c4e6c38696d686c8ad3cbccae8f508da6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ac:c9:41:da:36:82:9e:d3:bb:fb:39:f6:5c:
46:3b:7c:3a:30:ba:51:ac:26:17:50:90:38:47:36:
52:ba:55:b3:17:38:ec:23:dc:f2:37:82:cb:df:56:
3e:d4:a3:fe:78:9d:ab:36:a4:91:18:c2:f6:ff:35:
5d:02:a1:1a:dd:6c:f3:28:c6:ce:2c:bd:0c:e6:d4:
44:b8:c1:5f:5f:33:c4:82:76:4d:fa:6d:9c:40:62:
40:9e:24:d3:56:84:c5:78:d0:a0:6a:67:ed:11:5a:
d9:31:03:d9:3c:da:bc:49:19:45:d2:29:99:e8:a4:
9b:3d:0a:6f:a8:9e:97:4c:b8:a7:79:64:77:21:38:
12:9f:ad:7e:a8:5b:93:c9:9a:ad:1e:29:c5:b9:85:
57:67:97:b4:2b:a3:46:34:88:b8:30:fa:16:2b:c4:
26:1a:fb:f8:b5:1d:c2:5e:c4:20:f9:41:e9:86:89:
63:88:03:7e:98:6d:70:d1:00:ae:fb:00:43:66:53:
4e:9e:14:4c:11:94:ee:f8:3f:84:1d:36:b0:a4:bd:
b7:75:66:39:81:83:3f:fd:82:22:7b:9e:b4:1e:ff:
8b:a7:d3:ca:c1:77:09:f5:84:e4:ee:76:57:2a:58:
44:98:ce:d7:de:33:48:99:cf:6e:46:85:4c:9a:38:
9a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DD:A0:9C:4E:6C:38:69:6D:68:6C:8A:D3:CB:CC:AE:8F:50:8D:A6
X509v3 Authority Key Identifier:
keyid:45:16:EB:0E:E3:7A:71:07:64:61:EC:6C:BA:8B:92:5A:C5:E2:8A:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RRbrDuN6cQdkYexsuouSWsXiigQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/2923ab-3ff8-4aa9-9220-5e292aa544af/1/1-t2gnE5sOGltaGyK08vMro9QjaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/2923ab-3ff8-4aa9-9220-5e292aa544af/1/RRbrDuN6cQdkYexsuouSWsXiigQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.152.0/24
IPv6:
2a13:5a00::-2a13:5a05:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4d:6e:ae:aa:88:b9:bd:47:9d:e9:6b:95:56:b5:da:ac:8e:98:
9c:ad:9c:83:38:c4:c8:67:c0:53:3d:22:1a:32:37:93:5a:5a:
73:41:95:72:b2:4c:c3:95:9e:0f:76:f2:7e:54:7a:1f:74:1d:
d7:0e:80:4f:29:5f:30:0d:ff:da:f4:3b:02:b1:a1:4b:38:d4:
71:a0:fd:c8:ce:06:7c:ab:c6:f8:26:af:64:1a:1e:a9:92:eb:
91:a1:c9:f3:4a:de:65:9b:30:ec:c8:e3:e8:93:0a:9c:e2:c1:
10:9a:3c:50:c4:61:8d:c6:20:24:7d:92:1e:d1:2f:4d:82:ec:
f4:8a:ac:fa:9d:a4:bd:41:d4:b3:08:60:43:83:b4:b7:1a:78:
e6:ca:43:f1:0e:82:a2:a5:87:b5:9a:65:a3:da:2d:d5:bf:3f:
6f:f0:05:3b:75:df:44:ca:e0:9d:ca:e3:71:b5:fc:d6:8f:6a:
4a:bf:f3:24:f5:a8:6e:49:7f:3e:dd:46:ab:e7:4a:23:b7:99:
04:81:08:ca:1b:cb:c0:08:12:b8:7f:da:ff:3c:b0:58:73:66:
20:49:ae:72:df:29:a3:3c:17:93:6b:6b:c2:8b:fb:d7:4f:96:
8c:94:cd:9d:ad:64:9a:31:1c:68:7c:da:d5:44:43:64:a3:29:
81:1b:b7:1f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQmbEKzq+DDQIxGSxZilECpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MTZlYjBlZTM3YTcxMDc2NDYxZWM2Y2JhOGI5MjVhYzVl
MjhhMDQwHhcNMjUwMTAyMDk1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWRkYTA5YzRlNmMzODY5NmQ2ODZjOGFkM2NiY2NhZThmNTA4ZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6zJQdo2gp7Tu/s59lxGO3w6MLpR
rCYXUJA4RzZSulWzFzjsI9zyN4LL31Y+1KP+eJ2rNqSRGML2/zVdAqEa3WzzKMbO
LL0M5tREuMFfXzPEgnZN+m2cQGJAniTTVoTFeNCgamftEVrZMQPZPNq8SRlF0imZ
6KSbPQpvqJ6XTLineWR3ITgSn61+qFuTyZqtHinFuYVXZ5e0K6NGNIi4MPoWK8Qm
Gvv4tR3CXsQg+UHpholjiAN+mG1w0QCu+wBDZlNOnhRMEZTu+D+EHTawpL23dWY5
gYM//YIie560Hv+Lp9PKwXcJ9YTk7nZXKlhEmM7X3jNImc9uRoVMmjia4QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPrdoJxObDhpbWhsitPLzK6PUI2mMB8GA1UdIwQY
MBaAFEUW6w7jenEHZGHsbLqLklrF4ooEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlJickR1TjZjUWRrWWV4c3VvdVNXc1hpaWdRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8yOTIzYWItM2ZmOC00YWE5LTkyMjAt
NWUyOTJhYTU0NGFmLzEvMS10MmduRTVzT0dsdGFHeUswOHZNcm85UWphWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTMvMjkyM2FiLTNmZjgtNGFhOS05MjIwLTVlMjkyYWE1NDRh
Zi8xL1JSYnJEdU42Y1Fka1lleHN1b3VTV3NYaWlnUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUwDAQCAAEwBgMEAMIwmDAV
BAIAAjAPMA0DBAEqE1oDBQEqE1oEMA0GCSqGSIb3DQEBCwUAA4IBAQBNbq6qiLm9
R53pa5VWtdqsjpicrZyDOMTIZ8BTPSIaMjeTWlpzQZVyskzDlZ4PdvJ+VHofdB3X
DoBPKV8wDf/a9DsCsaFLONRxoP3IzgZ8q8b4Jq9kGh6pkuuRocnzSt5lmzDsyOPo
kwqc4sEQmjxQxGGNxiAkfZIe0S9Nguz0iqz6naS9QdSzCGBDg7S3GnjmykPxDoKi
pYe1mmWj2i3Vvz9v8AU7dd9EyuCdyuNxtfzWj2pKv/Mk9ahuSX8+3Uar50ojt5kE
gQjKG8vACBK4f9r/PLBYc2YgSa5y3ymjPBeTa2vCi/vXT5aMlM2drWSaMRxofNrV
RENkoymBG7cf
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:26:09 2025 by rpki-client