Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/2aBvo3uePHabjxoCNaNyANuC24o.roa
File: 2aBvo3uePHabjxoCNaNyANuC24o.roa (raw, json)
Hash identifier: bq5NdlvYzfXE1z4fZjGKHyQYsuJfjFDPOt9CJ6OuUcM=
Subject key identifier: D9:A0:6F:A3:7B:9E:3C:76:9B:8F:1A:02:35:A3:72:00:DB:82:DB:8A
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019425FD5B403E8A77447A3D51709839A4F2
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/2aBvo3uePHabjxoCNaNyANuC24o.roa
Signing time: Thu 02 Jan 2025 07:49:08 +0000
ROA not before: Thu 02 Jan 2025 07:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57530
IP address blocks: 194.226.176.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:5b:40:3e:8a:77:44:7a:3d:51:70:98:39:a4:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 07:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9a06fa37b9e3c769b8f1a0235a37200db82db8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b9:b7:34:08:59:c8:e0:a0:c5:97:cf:d8:c5:
39:ac:a5:7f:e6:62:38:5e:ca:57:55:2b:0e:f5:8d:
10:8e:87:ca:15:24:42:92:93:57:b2:36:ac:0f:2a:
ac:87:61:5f:01:b3:85:0c:c7:59:04:8c:7a:f1:cb:
19:cd:e0:52:ed:6d:65:74:ee:a1:4b:12:eb:b3:d0:
b6:34:83:d0:b0:39:63:3b:d4:c5:1f:8a:79:98:a6:
4a:63:35:30:51:1f:85:13:72:43:dd:2d:a8:f3:a6:
35:81:a7:db:1e:9d:47:7d:52:24:5a:fd:7c:de:80:
cf:1a:aa:2c:0b:46:67:51:e9:0a:72:64:37:8e:91:
cc:06:9b:46:e9:52:4f:6e:97:50:f5:1f:26:f0:cb:
f4:10:47:7d:90:ff:7e:78:90:27:be:05:b9:8d:71:
85:66:83:e1:74:9d:db:95:07:05:b0:1c:bb:44:1f:
f0:d0:d8:c0:3f:a9:89:ce:da:71:3f:38:7d:08:2d:
c0:03:66:1e:93:77:56:e8:51:ab:7f:ab:69:83:9b:
5c:ee:66:73:9d:1f:ca:f8:b0:70:d4:30:95:fa:c5:
fb:04:2f:09:d1:49:3e:38:af:1d:0c:0e:37:c2:ad:
fe:ad:09:67:23:5d:d5:26:54:c1:a9:79:d4:b4:ed:
a4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A0:6F:A3:7B:9E:3C:76:9B:8F:1A:02:35:A3:72:00:DB:82:DB:8A
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/2aBvo3uePHabjxoCNaNyANuC24o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.226.176.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:5f:dc:c5:7c:9a:f3:03:2a:96:3a:72:97:31:4a:8e:45:d7:
d7:e1:fd:4f:92:5e:12:e2:a2:f9:ff:33:79:d4:47:67:f3:5d:
aa:fb:de:31:37:2b:a0:23:6a:3c:f5:2e:f3:fa:ab:17:3a:82:
8e:26:ff:08:2e:9e:49:be:a5:d3:d5:69:dc:f8:bc:a1:82:42:
cf:37:fb:d3:dc:90:40:eb:e1:94:53:4b:4e:44:11:1f:66:74:
27:cf:8a:c6:06:76:3b:02:e1:f4:a8:d5:a9:3c:79:81:3c:16:
55:4a:68:7f:bd:ab:2d:6a:12:23:3c:ca:12:7a:75:ca:bf:76:
28:44:2f:c6:ca:86:78:a6:39:b7:69:42:46:76:43:6b:1e:e0:
f8:0c:ad:46:80:8c:7f:2a:3b:70:9e:e0:86:48:b7:c1:a8:0c:
1c:81:c1:43:76:59:dd:b4:37:5c:f0:47:13:1e:42:34:c9:78:
af:ba:ae:06:35:0a:c0:d4:bd:33:48:64:4f:4f:18:69:88:2e:
9e:63:2b:e2:cf:84:c5:b2:02:46:74:10:65:a5:3c:eb:61:e2:
39:55:2c:24:b5:da:95:17:87:58:24:19:b4:19:74:68:fa:23:
50:56:54:f9:dd:a8:9a:c7:19:43:07:6e:bb:f5:8b:85:c4:46:
6a:1d:c7:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/VtAPop3RHo9UXCYOaTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTAyMDc0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWEwNmZhMzdiOWUzYzc2OWI4ZjFhMDIzNWEzNzIwMGRiODJkYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybm3NAhZyOCgxZfP2MU5rKV/5mI4
XspXVSsO9Y0QjofKFSRCkpNXsjasDyqsh2FfAbOFDMdZBIx68csZzeBS7W1ldO6h
SxLrs9C2NIPQsDljO9TFH4p5mKZKYzUwUR+FE3JD3S2o86Y1gafbHp1HfVIkWv18
3oDPGqosC0ZnUekKcmQ3jpHMBptG6VJPbpdQ9R8m8Mv0EEd9kP9+eJAnvgW5jXGF
ZoPhdJ3blQcFsBy7RB/w0NjAP6mJztpxPzh9CC3AA2Yek3dW6FGrf6tpg5tc7mZz
nR/K+LBw1DCV+sX7BC8J0Uk+OK8dDA43wq3+rQlnI13VJlTBqXnUtO2knQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmgb6N7njx2m48aAjWjcgDbgtuKMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvMmFCdm8zdWVQSGFianhvQ05hTnlBTnVDMjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwuKwMA0G
CSqGSIb3DQEBCwUAA4IBAQBNX9zFfJrzAyqWOnKXMUqORdfX4f1Pkl4S4qL5/zN5
1Edn812q+94xNyugI2o89S7z+qsXOoKOJv8ILp5JvqXT1Wnc+LyhgkLPN/vT3JBA
6+GUU0tORBEfZnQnz4rGBnY7AuH0qNWpPHmBPBZVSmh/vastahIjPMoSenXKv3Yo
RC/GyoZ4pjm3aUJGdkNrHuD4DK1GgIx/KjtwnuCGSLfBqAwcgcFDdlndtDdc8EcT
HkI0yXivuq4GNQrA1L0zSGRPTxhpiC6eYyviz4TFsgJGdBBlpTzrYeI5VSwktdqV
F4dYJBm0GXRo+iNQVlT53aiaxxlDB2679YuFxEZqHccD
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:54:13 2025 by rpki-client