Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/d787d7-425f-4eb4-b182-03e5cd35e2b0/1/o5JNPv4fyrvoLufC5JromiP4cJg.roa
File: o5JNPv4fyrvoLufC5JromiP4cJg.roa (raw, json)
Hash identifier: 02u0pKEC0xBlDCPE6h6fs/U6XsDX1yy0bSDhnteEpe0=
Subject key identifier: A3:92:4D:3E:FE:1F:CA:BB:E8:2E:E7:C2:E4:9A:E8:9A:23:F8:70:98
Certificate issuer: /CN=9dde45e9367801d18ef0fb0a9fe513beb0e4a54a
Certificate serial: 018CC56EE617C56C007DAC06D9E23C711DD7
Authority key identifier: 9D:DE:45:E9:36:78:01:D1:8E:F0:FB:0A:9F:E5:13:BE:B0:E4:A5:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nd5F6TZ4AdGO8PsKn-UTvrDkpUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/d787d7-425f-4eb4-b182-03e5cd35e2b0/1/o5JNPv4fyrvoLufC5JromiP4cJg.roa
Signing time: Mon 01 Jan 2024 14:30:28 +0000
ROA not before: Mon 01 Jan 2024 14:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50848
IP address blocks: 194.247.18.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:e6:17:c5:6c:00:7d:ac:06:d9:e2:3c:71:1d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dde45e9367801d18ef0fb0a9fe513beb0e4a54a
Validity
Not Before: Jan 1 14:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3924d3efe1fcabbe82ee7c2e49ae89a23f87098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:20:e5:98:84:75:18:1c:bc:c7:61:44:17:09:
e1:b4:ca:8c:cf:7e:df:f0:5b:05:a9:c5:ad:87:8e:
c8:b8:6c:e3:a3:58:fa:a8:8e:a8:59:9f:f8:37:58:
ef:ec:ca:a8:df:a8:10:da:68:ea:8c:97:0c:d7:87:
23:e5:c1:da:39:a8:ad:9c:94:fc:76:44:b1:64:2b:
1b:df:3c:46:c6:d5:4b:f2:28:69:6c:1a:6e:09:1e:
b2:b4:95:ce:df:ec:05:e1:d9:ba:71:52:69:70:d4:
59:e3:8f:25:4b:dc:18:f8:b0:c7:d3:dd:33:12:c9:
07:b7:f5:d2:dd:76:77:7f:37:b5:dd:29:37:62:2c:
35:ec:a1:2a:4c:ee:29:83:17:6b:4c:62:91:0c:08:
e1:d3:af:94:8c:e2:7b:24:35:fc:a0:96:a0:d7:a7:
96:3c:e1:4f:80:6e:83:72:76:39:08:6c:3a:89:66:
d2:6e:f7:0a:b2:14:4b:48:ee:43:32:3d:26:7c:78:
7c:a2:87:2a:e4:0b:12:60:d8:30:ce:7c:00:28:4b:
d7:cd:fc:f9:a0:a0:94:95:58:13:75:9c:99:af:16:
4d:33:07:78:b9:8c:f6:32:2b:93:92:ed:f7:f5:91:
5b:fd:0f:d2:63:df:ee:55:dc:5d:be:dd:d0:b4:03:
be:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:92:4D:3E:FE:1F:CA:BB:E8:2E:E7:C2:E4:9A:E8:9A:23:F8:70:98
X509v3 Authority Key Identifier:
keyid:9D:DE:45:E9:36:78:01:D1:8E:F0:FB:0A:9F:E5:13:BE:B0:E4:A5:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nd5F6TZ4AdGO8PsKn-UTvrDkpUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d787d7-425f-4eb4-b182-03e5cd35e2b0/1/o5JNPv4fyrvoLufC5JromiP4cJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d787d7-425f-4eb4-b182-03e5cd35e2b0/1/nd5F6TZ4AdGO8PsKn-UTvrDkpUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.247.18.0/23
Signature Algorithm: sha256WithRSAEncryption
44:88:d1:2a:1b:36:5f:f6:0e:7d:f7:9d:03:5b:27:e6:2c:f8:
95:d7:6f:e6:38:f1:af:2c:63:03:88:bf:5e:d1:73:45:7e:1d:
9a:a0:c3:9e:00:1a:96:e6:5b:71:cb:cd:a4:fa:9f:c1:d8:e4:
1f:8f:0c:b8:b4:0a:48:9e:6a:8c:91:55:a3:94:10:fd:7b:4c:
04:3f:20:62:94:f5:66:6d:88:0f:ea:fd:08:bc:58:08:62:6b:
e0:53:d9:04:63:53:d8:d1:ea:97:27:29:d9:55:09:12:cd:46:
7a:80:87:57:57:4b:66:ec:d2:8e:84:ea:10:a7:b8:8e:f8:b8:
20:13:5f:ca:56:8c:ab:0b:c6:9d:32:b8:2a:bd:44:bd:ff:42:
c1:fe:de:d1:62:45:b9:46:3d:00:a2:3b:e9:9e:a9:8b:e4:79:
eb:ef:6e:72:a3:c9:1c:34:9b:71:29:62:32:ea:00:a9:ae:0d:
ca:b4:86:37:15:cb:d7:58:a8:78:c5:b4:56:74:8d:d6:7a:cc:
25:3b:2b:f5:36:38:17:26:59:a3:ec:92:05:5d:8b:bf:96:f3:
e1:ef:ca:43:c8:4f:0d:d0:25:00:c8:c9:d0:c7:6a:ac:93:1b:
09:de:b0:93:1c:7e:7a:59:28:f9:b9:cc:d2:35:e0:99:29:e6:
7d:9c:ba:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbuYXxWwAfawG2eI8cR3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZGU0NWU5MzY3ODAxZDE4ZWYwZmIwYTlmZTUxM2JlYjBl
NGE1NGEwHhcNMjQwMTAxMTQzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzkyNGQzZWZlMWZjYWJiZTgyZWU3YzJlNDlhZTg5YTIzZjg3MDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yDlmIR1GBy8x2FEFwnhtMqMz37f
8FsFqcWth47IuGzjo1j6qI6oWZ/4N1jv7Mqo36gQ2mjqjJcM14cj5cHaOaitnJT8
dkSxZCsb3zxGxtVL8ihpbBpuCR6ytJXO3+wF4dm6cVJpcNRZ448lS9wY+LDH090z
EskHt/XS3XZ3fze13Sk3Yiw17KEqTO4pgxdrTGKRDAjh06+UjOJ7JDX8oJag16eW
POFPgG6DcnY5CGw6iWbSbvcKshRLSO5DMj0mfHh8oocq5AsSYNgwznwAKEvXzfz5
oKCUlVgTdZyZrxZNMwd4uYz2MiuTku339ZFb/Q/SY9/uVdxdvt3QtAO+5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOSTT7+H8q76C7nwuSa6Joj+HCYMB8GA1UdIwQY
MBaAFJ3eRek2eAHRjvD7Cp/lE76w5KVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmQ1RjZUWjRBZEdPOFBzS24tVVR2ckRrcFVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kNzg3ZDctNDI1Zi00ZWI0LWIxODIt
MDNlNWNkMzVlMmIwLzEvbzVKTlB2NGZ5cnZvTHVmQzVKcm9taVA0Y0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9kNzg3ZDctNDI1Zi00ZWI0LWIxODItMDNlNWNkMzVlMmIw
LzEvbmQ1RjZUWjRBZEdPOFBzS24tVVR2ckRrcFVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwvcSMA0G
CSqGSIb3DQEBCwUAA4IBAQBEiNEqGzZf9g59950DWyfmLPiV12/mOPGvLGMDiL9e
0XNFfh2aoMOeABqW5ltxy82k+p/B2OQfjwy4tApInmqMkVWjlBD9e0wEPyBilPVm
bYgP6v0IvFgIYmvgU9kEY1PY0eqXJynZVQkSzUZ6gIdXV0tm7NKOhOoQp7iO+Lgg
E1/KVoyrC8adMrgqvUS9/0LB/t7RYkW5Rj0AojvpnqmL5Hnr725yo8kcNJtxKWIy
6gCprg3KtIY3FcvXWKh4xbRWdI3WeswlOyv1NjgXJlmj7JIFXYu/lvPh78pDyE8N
0CUAyMnQx2qskxsJ3rCTHH56WSj5uczSNeCZKeZ9nLqC
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:22 2025 by rpki-client