Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/c92c90-0eeb-4fc2-a7e1-ba14e76548e8/1/1-lP7_xRcRpGwASeFzRGM1_TNWFs.roa
File: 1-lP7_xRcRpGwASeFzRGM1_TNWFs.roa (raw, json)
Hash identifier: DNiLtXdh5RV+3npIgyOV8Y2zbZqp/2QaFrfkEPdaK10=
Subject key identifier: FA:53:FB:FF:14:5C:46:91:B0:01:27:85:CD:11:8C:D7:F4:CD:58:5B
Certificate issuer: /CN=cb257316b841d773dcb79ade8a8f3e7259f112ab
Certificate serial: 0193AED51DFB487C4E4B49DF0641426CC296
Authority key identifier: CB:25:73:16:B8:41:D7:73:DC:B7:9A:DE:8A:8F:3E:72:59:F1:12:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yyVzFrhB13Pct5reio8-clnxEqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/c92c90-0eeb-4fc2-a7e1-ba14e76548e8/1/1-lP7_xRcRpGwASeFzRGM1_TNWFs.roa
Signing time: Tue 10 Dec 2024 04:30:22 +0000
ROA not before: Tue 10 Dec 2024 04:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48955
IP address blocks: 194.106.206.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ae:d5:1d:fb:48:7c:4e:4b:49:df:06:41:42:6c:c2:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb257316b841d773dcb79ade8a8f3e7259f112ab
Validity
Not Before: Dec 10 04:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa53fbff145c4691b0012785cd118cd7f4cd585b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ad:86:d8:7a:50:be:a0:ec:9d:32:cb:51:1a:
28:c4:e1:d2:4b:17:85:ff:77:90:8e:06:35:7d:2b:
22:24:44:4f:c6:a7:29:23:f9:d4:98:b7:29:be:73:
a8:e7:4a:83:e9:8d:6a:14:18:05:01:54:fc:63:0e:
db:28:85:1b:cd:13:7e:9b:2b:53:96:c2:42:aa:a2:
15:a2:7f:29:49:dd:54:d3:e0:0a:b5:4e:43:b0:f5:
41:97:c2:00:a6:87:c6:cb:b6:0a:ad:a8:af:c1:48:
e8:77:7b:2d:79:2d:7e:c1:b3:81:45:b7:e6:9a:25:
4d:a6:2a:52:63:62:4d:ee:3f:ed:06:9b:d5:5b:29:
dc:1d:c2:9e:b3:bb:f8:34:b2:95:2f:14:23:9d:8c:
95:1f:65:28:02:55:31:cc:72:a0:38:8b:8e:d7:ad:
1f:39:65:bb:74:92:10:15:03:e6:58:19:c3:52:e7:
a9:0f:2e:7b:b2:b4:54:c6:24:40:99:c2:19:ab:59:
dc:f1:ec:fc:11:cb:ff:e6:d9:64:00:53:1b:a1:26:
cb:9d:fe:46:ee:29:9e:8b:c4:ca:6b:18:3e:8c:dc:
8c:64:b0:6d:1e:8e:42:45:7d:8d:80:bd:36:ed:c2:
45:93:46:1a:ff:16:73:9b:f4:b5:5d:bf:e2:fa:7f:
17:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:53:FB:FF:14:5C:46:91:B0:01:27:85:CD:11:8C:D7:F4:CD:58:5B
X509v3 Authority Key Identifier:
keyid:CB:25:73:16:B8:41:D7:73:DC:B7:9A:DE:8A:8F:3E:72:59:F1:12:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyVzFrhB13Pct5reio8-clnxEqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/c92c90-0eeb-4fc2-a7e1-ba14e76548e8/1/1-lP7_xRcRpGwASeFzRGM1_TNWFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/c92c90-0eeb-4fc2-a7e1-ba14e76548e8/1/yyVzFrhB13Pct5reio8-clnxEqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.106.206.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:ed:75:b0:be:04:cf:29:fa:09:16:49:32:9f:a1:0b:6d:10:
3c:d7:23:87:2e:04:a0:88:e6:25:ae:1d:0d:8c:b3:db:8a:e6:
2d:5a:fb:d7:1f:1d:2a:46:5a:ff:97:93:71:78:c6:96:24:3d:
de:ab:a5:ef:cb:dc:26:6f:d7:c7:fb:b5:cf:dc:86:33:4a:3d:
45:17:0a:09:30:d7:10:1d:04:1b:06:f7:3b:d9:2a:b8:eb:43:
31:b5:62:76:59:c7:00:f7:50:af:c6:2a:fb:f6:38:79:91:95:
41:c9:b3:9d:fb:3f:0a:5a:66:6a:70:81:8f:27:21:e5:07:c7:
c1:9d:eb:37:a3:69:7d:1a:b1:41:cc:eb:66:fc:4e:3e:dc:ad:
d1:43:ab:af:40:80:8b:13:6f:57:48:54:d5:f9:f0:42:13:23:
0e:71:65:c1:6c:c7:e7:27:9c:77:9c:6d:d3:4a:f5:67:7f:2b:
d7:8b:6b:b5:a1:79:68:17:0c:95:6b:9b:f3:15:51:c0:a5:54:
92:33:5f:52:60:91:55:e8:5a:82:08:75:90:a8:2f:cb:aa:1e:
ee:bb:de:c8:5d:d6:2e:91:90:a6:2f:88:55:98:2a:36:4a:de:
f2:9b:a9:3a:8b:28:03:54:19:9c:57:89:8d:d8:96:20:ea:32:
77:34:49:8f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZOu1R37SHxOS0nfBkFCbMKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjU3MzE2Yjg0MWQ3NzNkY2I3OWFkZThhOGYzZTcyNTlm
MTEyYWIwHhcNMjQxMjEwMDQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTUzZmJmZjE0NWM0NjkxYjAwMTI3ODVjZDExOGNkN2Y0Y2Q1ODViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK2G2HpQvqDsnTLLURooxOHSSxeF
/3eQjgY1fSsiJERPxqcpI/nUmLcpvnOo50qD6Y1qFBgFAVT8Yw7bKIUbzRN+mytT
lsJCqqIVon8pSd1U0+AKtU5DsPVBl8IApofGy7YKraivwUjod3steS1+wbOBRbfm
miVNpipSY2JN7j/tBpvVWyncHcKes7v4NLKVLxQjnYyVH2UoAlUxzHKgOIuO160f
OWW7dJIQFQPmWBnDUuepDy57srRUxiRAmcIZq1nc8ez8Ecv/5tlkAFMboSbLnf5G
7imei8TKaxg+jNyMZLBtHo5CRX2NgL027cJFk0Ya/xZzm/S1Xb/i+n8XZwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpT+/8UXEaRsAEnhc0RjNf0zVhbMB8GA1UdIwQY
MBaAFMslcxa4Qddz3Lea3oqPPnJZ8RKrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlWekZyaEIxM1BjdDVyZWlvOC1jbG54RXFzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9jOTJjOTAtMGVlYi00ZmMyLWE3ZTEt
YmExNGU3NjU0OGU4LzEvMS1sUDdfeFJjUnBHd0FTZUZ6UkdNMV9UTldGcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYzkyYzkwLTBlZWItNGZjMi1hN2UxLWJhMTRlNzY1NDhl
OC8xL3l5VnpGcmhCMTNQY3Q1cmVpbzgtY2xueEVxcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJqzjAN
BgkqhkiG9w0BAQsFAAOCAQEAC+11sL4Ezyn6CRZJMp+hC20QPNcjhy4EoIjmJa4d
DYyz24rmLVr71x8dKkZa/5eTcXjGliQ93qul78vcJm/Xx/u1z9yGM0o9RRcKCTDX
EB0EGwb3O9kquOtDMbVidlnHAPdQr8Yq+/Y4eZGVQcmznfs/ClpmanCBjych5QfH
wZ3rN6NpfRqxQczrZvxOPtyt0UOrr0CAixNvV0hU1fnwQhMjDnFlwWzH5yecd5xt
00r1Z38r14trtaF5aBcMlWub8xVRwKVUkjNfUmCRVehaggh1kKgvy6oe7rveyF3W
LpGQpi+IVZgqNkre8pupOosoA1QZnFeJjdiWIOoydzRJjw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:10 2025 by rpki-client