Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/g5qwkvz9A4lDX_pwzmn6jt85mTw.roa
File: g5qwkvz9A4lDX_pwzmn6jt85mTw.roa (raw, json)
Hash identifier: FrLYGFaLiBvVBsAJ9J7AfYyHPUH5SYB4jJXWBgwW2uo=
Subject key identifier: 83:9A:B0:92:FC:FD:03:89:43:5F:FA:70:CE:69:FA:8E:DF:39:99:3C
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019425FD4D5F832F8C10743D960237986F94
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/g5qwkvz9A4lDX_pwzmn6jt85mTw.roa
Signing time: Thu 02 Jan 2025 07:49:04 +0000
ROA not before: Thu 02 Jan 2025 07:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2643
IP address blocks: 194.190.160.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:4d:5f:83:2f:8c:10:74:3d:96:02:37:98:6f:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 07:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=839ab092fcfd0389435ffa70ce69fa8edf39993c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d4:6a:ee:6b:6e:3c:f3:90:7a:bb:d3:48:f9:
8f:e7:d6:d3:eb:28:f0:f0:4b:72:a4:23:69:28:16:
57:b4:42:75:aa:8b:5a:a2:1c:f5:8a:15:b2:44:00:
57:a1:a4:24:41:5f:0e:bb:d1:fd:aa:5f:d8:41:75:
74:33:e4:9a:cd:bf:8c:34:09:21:19:c5:59:e6:4b:
14:0c:bf:68:47:1c:2c:d7:81:43:a4:b6:5e:41:95:
a7:7a:41:68:93:40:c7:ec:6c:c4:c9:e3:48:78:ed:
de:00:31:47:93:af:ad:61:3a:76:43:ea:9c:cd:42:
20:b5:29:fa:d6:1e:e9:dd:00:24:d3:41:b5:2b:dd:
05:16:18:e6:47:5f:df:52:04:ee:a1:8a:0e:cc:57:
c7:c7:4a:c1:c1:54:13:80:b1:3f:52:28:22:4c:d7:
c8:ab:07:2d:e7:02:0d:c7:83:a7:58:1e:bb:cc:d6:
ef:52:57:92:4c:32:f4:3e:ac:1e:9f:b6:b9:64:17:
bb:8d:53:1a:78:73:db:7b:26:67:bb:6c:7a:42:90:
30:f0:e8:14:db:56:cd:a2:30:6e:c0:56:73:2a:7d:
49:85:c3:86:cd:3a:4d:a5:ba:6e:20:7f:5a:10:9e:
7d:61:3d:ae:79:9f:a5:0e:96:c7:8b:a3:4e:b0:cb:
11:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:9A:B0:92:FC:FD:03:89:43:5F:FA:70:CE:69:FA:8E:DF:39:99:3C
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/g5qwkvz9A4lDX_pwzmn6jt85mTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.190.160.0/21
Signature Algorithm: sha256WithRSAEncryption
44:53:7d:f9:40:60:9f:09:e3:43:01:d9:03:3f:31:82:83:29:
2b:50:6b:75:cf:8f:a0:92:92:b3:56:f8:8b:6e:cc:ba:3d:98:
af:09:8b:46:f4:11:cb:1c:8f:d1:71:99:3e:f3:a1:c0:24:a9:
6f:fd:e8:e9:91:6d:39:54:27:95:4a:ad:ef:54:11:d8:66:a5:
cb:8d:fa:fc:41:da:02:97:03:d8:bd:c5:2c:a0:74:6f:3e:c2:
c3:2b:51:77:45:86:49:44:3c:f7:7a:9b:39:50:3b:0f:45:98:
45:3b:8f:f1:51:47:c5:e2:5a:e6:11:cc:ff:87:91:4f:7d:26:
59:d1:1d:40:53:3f:48:e9:05:73:1e:c6:23:d4:63:35:f3:11:
57:32:04:10:35:83:a0:22:12:b1:78:8f:d1:e0:ac:7c:80:8d:
5c:ee:00:bb:7c:98:25:ae:84:10:bd:b4:1e:dd:9e:d7:42:ea:
b5:a9:68:5e:24:9c:e2:db:97:8b:59:df:1a:f1:ff:0b:e4:34:
08:37:78:e6:33:d5:e0:7d:7d:4e:b4:78:43:e6:b5:40:f5:0f:
56:a8:df:1c:0a:4a:1f:48:10:75:2c:c2:52:18:0c:98:b2:0f:
2e:bc:ba:f8:a4:e5:b3:03:e9:5f:85:19:02:60:b7:4d:d2:d2:
30:b0:a2:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/U1fgy+MEHQ9lgI3mG+UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTAyMDc0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzlhYjA5MmZjZmQwMzg5NDM1ZmZhNzBjZTY5ZmE4ZWRmMzk5OTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNRq7mtuPPOQervTSPmP59bT6yjw
8EtypCNpKBZXtEJ1qotaohz1ihWyRABXoaQkQV8Ou9H9ql/YQXV0M+Sazb+MNAkh
GcVZ5ksUDL9oRxws14FDpLZeQZWnekFok0DH7GzEyeNIeO3eADFHk6+tYTp2Q+qc
zUIgtSn61h7p3QAk00G1K90FFhjmR1/fUgTuoYoOzFfHx0rBwVQTgLE/UigiTNfI
qwct5wINx4OnWB67zNbvUleSTDL0Pqwen7a5ZBe7jVMaeHPbeyZnu2x6QpAw8OgU
21bNojBuwFZzKn1JhcOGzTpNpbpuIH9aEJ59YT2ueZ+lDpbHi6NOsMsRmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIOasJL8/QOJQ1/6cM5p+o7fOZk8MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvZzVxd2t2ejlBNGxEWF9wd3ptbjZqdDg1bVR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwr6gMA0G
CSqGSIb3DQEBCwUAA4IBAQBEU335QGCfCeNDAdkDPzGCgykrUGt1z4+gkpKzVviL
bsy6PZivCYtG9BHLHI/RcZk+86HAJKlv/ejpkW05VCeVSq3vVBHYZqXLjfr8QdoC
lwPYvcUsoHRvPsLDK1F3RYZJRDz3eps5UDsPRZhFO4/xUUfF4lrmEcz/h5FPfSZZ
0R1AUz9I6QVzHsYj1GM18xFXMgQQNYOgIhKxeI/R4Kx8gI1c7gC7fJglroQQvbQe
3Z7XQuq1qWheJJzi25eLWd8a8f8L5DQIN3jmM9XgfX1OtHhD5rVA9Q9WqN8cCkof
SBB1LMJSGAyYsg8uvLr4pOWzA+lfhRkCYLdN0tIwsKKM
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:51:36 2025 by rpki-client