Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/3c616f-0138-4ffb-af17-55f41fdf0e63/1/xewexu8qO3LGfnqqWqfVcH7b-hQ.roa
File: xewexu8qO3LGfnqqWqfVcH7b-hQ.roa (raw, json)
Hash identifier: foDGso9eJE+J/6Qu10A3sNz/jBAeKKZ8zvRJtBdUh9I=
Subject key identifier: C5:EC:1E:C6:EF:2A:3B:72:C6:7E:7A:AA:5A:A7:D5:70:7E:DB:FA:14
Certificate issuer: /CN=0039f741686da11e79ae7c5e486aa290808cb1b7
Certificate serial: 019421B1C3E59F322F058D53C25E25F998BF
Authority key identifier: 00:39:F7:41:68:6D:A1:1E:79:AE:7C:5E:48:6A:A2:90:80:8C:B1:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ADn3QWhtoR55rnxeSGqikICMsbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/3c616f-0138-4ffb-af17-55f41fdf0e63/1/xewexu8qO3LGfnqqWqfVcH7b-hQ.roa
Signing time: Wed 01 Jan 2025 11:48:05 +0000
ROA not before: Wed 01 Jan 2025 11:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211045
IP address blocks: 194.31.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c3:e5:9f:32:2f:05:8d:53:c2:5e:25:f9:98:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0039f741686da11e79ae7c5e486aa290808cb1b7
Validity
Not Before: Jan 1 11:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5ec1ec6ef2a3b72c67e7aaa5aa7d5707edbfa14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:91:9c:bf:61:e2:9c:9e:10:2c:66:c9:cc:5a:
bd:9a:97:09:59:e1:84:c7:7a:dd:5b:2d:e9:73:1a:
b1:58:34:74:5c:9e:b9:32:05:fb:e0:0a:32:5f:fb:
6f:f8:7d:0a:92:ce:6b:5e:17:e3:23:bf:0b:0b:56:
ca:cd:22:ce:59:72:90:3f:31:b2:24:68:a4:d2:36:
84:e6:b3:48:09:07:36:9c:2d:64:b4:32:5e:3b:8f:
e2:5f:c4:22:5b:17:f3:42:4b:a2:b1:51:0c:ee:66:
cc:0c:61:6f:0a:a1:bc:a4:f1:eb:2f:74:e5:4c:be:
82:fe:fc:ef:15:68:c3:28:43:c5:bf:ed:f5:dc:09:
3a:26:27:6c:89:49:d8:a2:b4:13:8a:aa:14:e0:3e:
e9:82:c9:d0:77:53:1f:aa:bb:32:eb:f5:6f:a2:3d:
e7:1c:22:a8:cb:76:dd:f4:04:6c:f3:84:c0:5c:6f:
94:92:71:8f:a6:9b:ed:1e:c4:19:6a:c5:40:6d:f1:
ce:96:33:d2:a6:10:08:f8:9a:2b:ab:e7:a8:0e:96:
ca:67:1d:b8:78:9a:ac:ef:a8:40:5a:a9:c9:d9:95:
db:d0:72:bc:ea:61:98:7a:df:a2:aa:cb:0d:09:ab:
e0:2d:79:3b:71:80:81:02:ef:76:1c:1f:28:c9:94:
0b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:EC:1E:C6:EF:2A:3B:72:C6:7E:7A:AA:5A:A7:D5:70:7E:DB:FA:14
X509v3 Authority Key Identifier:
keyid:00:39:F7:41:68:6D:A1:1E:79:AE:7C:5E:48:6A:A2:90:80:8C:B1:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ADn3QWhtoR55rnxeSGqikICMsbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/3c616f-0138-4ffb-af17-55f41fdf0e63/1/xewexu8qO3LGfnqqWqfVcH7b-hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/3c616f-0138-4ffb-af17-55f41fdf0e63/1/ADn3QWhtoR55rnxeSGqikICMsbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.67.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:8a:0c:42:1f:9d:dd:b5:28:2c:0c:d1:dc:e8:8e:cd:e0:ef:
22:78:ea:38:84:da:7c:37:fc:59:bc:d4:b0:b2:73:de:34:d3:
d4:78:82:9b:e5:d2:98:ac:31:97:58:1a:06:aa:50:52:14:5d:
04:68:18:f3:ea:8c:2d:c3:0b:27:5f:1a:ca:e3:e8:3f:3f:2f:
c5:d8:72:7a:fe:99:ac:9b:6a:a9:25:05:10:3c:ec:97:79:46:
34:6a:14:a5:71:48:5c:fa:de:da:9e:5f:50:e8:e0:f0:01:c4:
0f:bc:53:24:86:aa:33:75:c6:a0:76:2f:01:7b:ea:c6:3f:54:
57:62:b9:e1:dd:22:ef:de:ec:d1:c2:ef:bb:18:9b:67:c1:fb:
8b:f0:2f:e5:c5:fc:03:1a:6a:76:42:db:e0:9e:23:2a:82:43:
50:eb:aa:58:d0:07:71:f9:da:cd:58:03:28:1d:43:2f:f3:c2:
e0:11:16:76:8c:46:a7:cf:a3:0c:b9:12:cc:c8:01:d3:bf:24:
9d:9d:af:ce:df:5f:20:01:4e:a4:89:e5:e0:f7:6d:50:73:b3:
8f:d2:b9:c6:7f:fe:4c:22:87:62:30:c5:c4:17:84:2e:87:07:
29:a0:f7:ad:a5:29:34:87:3d:87:f3:8a:53:f7:19:d9:4d:7c:
56:ff:cd:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhscPlnzIvBY1Twl4l+Zi/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMzlmNzQxNjg2ZGExMWU3OWFlN2M1ZTQ4NmFhMjkwODA4
Y2IxYjcwHhcNMjUwMTAxMTE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWVjMWVjNmVmMmEzYjcyYzY3ZTdhYWE1YWE3ZDU3MDdlZGJmYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+pGcv2HinJ4QLGbJzFq9mpcJWeGE
x3rdWy3pcxqxWDR0XJ65MgX74AoyX/tv+H0Kks5rXhfjI78LC1bKzSLOWXKQPzGy
JGik0jaE5rNICQc2nC1ktDJeO4/iX8QiWxfzQkuisVEM7mbMDGFvCqG8pPHrL3Tl
TL6C/vzvFWjDKEPFv+313Ak6JidsiUnYorQTiqoU4D7pgsnQd1Mfqrsy6/Vvoj3n
HCKoy3bd9ARs84TAXG+UknGPppvtHsQZasVAbfHOljPSphAI+Jorq+eoDpbKZx24
eJqs76hAWqnJ2ZXb0HK86mGYet+iqssNCavgLXk7cYCBAu92HB8oyZQLowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMXsHsbvKjtyxn56qlqn1XB+2/oUMB8GA1UdIwQY
MBaAFAA590FobaEeea58XkhqopCAjLG3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQURuM1FXaHRvUjU1cm54ZVNHcWlrSUNNc2JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8zYzYxNmYtMDEzOC00ZmZiLWFmMTct
NTVmNDFmZGYwZTYzLzEveGV3ZXh1OHFPM0xHZm5xcVdxZlZjSDdiLWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8zYzYxNmYtMDEzOC00ZmZiLWFmMTctNTVmNDFmZGYwZTYz
LzEvQURuM1FXaHRvUjU1cm54ZVNHcWlrSUNNc2JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh9DMA0G
CSqGSIb3DQEBCwUAA4IBAQAPigxCH53dtSgsDNHc6I7N4O8ieOo4hNp8N/xZvNSw
snPeNNPUeIKb5dKYrDGXWBoGqlBSFF0EaBjz6owtwwsnXxrK4+g/Py/F2HJ6/pms
m2qpJQUQPOyXeUY0ahSlcUhc+t7anl9Q6ODwAcQPvFMkhqozdcagdi8Be+rGP1RX
Yrnh3SLv3uzRwu+7GJtnwfuL8C/lxfwDGmp2QtvgniMqgkNQ66pY0Adx+drNWAMo
HUMv88LgERZ2jEanz6MMuRLMyAHTvySdna/O318gAU6kieXg921Qc7OP0rnGf/5M
IodiMMXEF4QuhwcpoPetpSk0hz2H84pT9xnZTXxW/83e
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:37:03 2025 by rpki-client