Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b53db1-1e0e-44d0-a131-4fc28e5098c7/1/tH5X1sIrBGaWrxtJcDhQJ2X9uHg.roa
File: tH5X1sIrBGaWrxtJcDhQJ2X9uHg.roa (raw, json)
Hash identifier: DV2Ywdf2IF4IJkXNNJ6gs2p5s2GMK9q52zFH8lpr0iI=
Subject key identifier: B4:7E:57:D6:C2:2B:04:66:96:AF:1B:49:70:38:50:27:65:FD:B8:78
Certificate issuer: /CN=24d906b90c1d856673e414f39805be583d230ba7
Certificate serial: 019420D611C10C3EB0E211A23432133381EE
Authority key identifier: 24:D9:06:B9:0C:1D:85:66:73:E4:14:F3:98:05:BE:58:3D:23:0B:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JNkGuQwdhWZz5BTzmAW-WD0jC6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b53db1-1e0e-44d0-a131-4fc28e5098c7/1/tH5X1sIrBGaWrxtJcDhQJ2X9uHg.roa
Signing time: Wed 01 Jan 2025 07:48:07 +0000
ROA not before: Wed 01 Jan 2025 07:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48435
IP address blocks: 195.254.184.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:11:c1:0c:3e:b0:e2:11:a2:34:32:13:33:81:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24d906b90c1d856673e414f39805be583d230ba7
Validity
Not Before: Jan 1 07:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b47e57d6c22b046696af1b497038502765fdb878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cc:03:d1:2c:e5:49:95:83:1f:f5:a5:a2:9b:
6e:ac:95:ca:bc:02:4c:62:aa:5d:06:cc:4c:ed:7c:
68:4d:34:88:db:9a:1c:dc:79:e0:8f:58:76:5f:e4:
4f:b2:df:fb:0b:03:b6:11:83:30:55:54:07:9e:3c:
22:c6:a1:eb:cf:02:a6:11:68:dc:15:4a:db:5e:f8:
a7:61:bc:19:38:8c:e3:87:1f:8a:61:84:b8:a1:1a:
a8:51:52:6b:9c:48:e4:52:78:3c:54:d6:11:be:1b:
4a:7c:71:1c:1a:2f:4c:e5:02:0d:28:1a:85:1d:bf:
43:fe:9e:8a:92:f8:de:70:2e:83:4c:7d:78:64:bc:
4f:15:34:e7:87:f1:f7:e3:fe:cb:41:0b:39:11:79:
65:fa:56:e2:81:65:8e:2c:39:5d:0d:a0:cb:78:92:
fb:43:a8:e1:73:45:26:58:2b:38:bc:0e:0a:df:ff:
f5:74:95:a7:db:01:1a:a9:b5:37:fb:4a:f0:4e:f8:
e8:39:55:81:9b:05:30:ad:60:09:90:f6:3d:c3:a5:
73:f3:f4:d2:fe:b6:82:0c:ea:5c:e7:ae:e8:3f:42:
b5:d3:c4:b7:7b:35:f4:30:a2:fb:d4:92:8e:80:2f:
81:12:ac:3d:41:8c:03:49:5e:a3:83:d8:b8:57:de:
97:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:7E:57:D6:C2:2B:04:66:96:AF:1B:49:70:38:50:27:65:FD:B8:78
X509v3 Authority Key Identifier:
keyid:24:D9:06:B9:0C:1D:85:66:73:E4:14:F3:98:05:BE:58:3D:23:0B:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JNkGuQwdhWZz5BTzmAW-WD0jC6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b53db1-1e0e-44d0-a131-4fc28e5098c7/1/tH5X1sIrBGaWrxtJcDhQJ2X9uHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b53db1-1e0e-44d0-a131-4fc28e5098c7/1/JNkGuQwdhWZz5BTzmAW-WD0jC6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.184.0/23
Signature Algorithm: sha256WithRSAEncryption
47:0f:c1:bd:57:22:c9:1a:05:c2:33:9b:0f:2a:55:3a:6d:f8:
8f:92:48:1e:96:84:08:ed:df:88:6a:c9:a1:a5:dd:51:ce:a7:
01:4e:66:26:e5:82:2b:84:db:7c:97:af:67:cc:f8:5a:cc:d1:
7d:99:e1:25:b3:70:4e:f2:2a:74:1e:06:02:6b:0a:79:62:6f:
de:48:b8:83:87:1e:57:8f:f6:ca:d9:52:99:96:76:ae:6f:93:
62:02:60:96:d8:71:72:a6:d4:5a:99:6e:b9:0e:3d:a1:b7:4d:
96:be:4e:f3:7c:13:8a:4d:a7:f5:9f:44:c0:f1:f4:66:ba:78:
3d:51:ff:f7:4d:6d:99:7b:87:05:d3:eb:ec:ae:b2:d6:61:e2:
93:48:3a:c0:ce:12:61:56:84:9f:15:f9:0a:42:db:12:96:dc:
c9:9c:ce:4f:00:1e:01:e7:4c:d2:7a:4a:6c:20:cf:04:b8:19:
b0:0e:31:f5:86:f0:82:40:30:80:04:7e:f4:6a:c6:a8:44:64:
bd:98:b1:db:89:06:7b:59:7a:34:b7:fd:b3:0c:00:f9:18:c0:
4d:cb:86:a0:5f:b2:74:77:91:89:f7:c9:34:79:32:f6:05:bc:
20:c3:12:96:3f:dd:e2:17:dc:9a:e7:3c:0b:ba:a4:0c:ee:74:
3e:ca:25:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1hHBDD6w4hGiNDITM4HuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZDkwNmI5MGMxZDg1NjY3M2U0MTRmMzk4MDViZTU4M2Qy
MzBiYTcwHhcNMjUwMTAxMDc0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDdlNTdkNmMyMmIwNDY2OTZhZjFiNDk3MDM4NTAyNzY1ZmRiODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMwD0SzlSZWDH/WlopturJXKvAJM
YqpdBsxM7XxoTTSI25oc3Hngj1h2X+RPst/7CwO2EYMwVVQHnjwixqHrzwKmEWjc
FUrbXvinYbwZOIzjhx+KYYS4oRqoUVJrnEjkUng8VNYRvhtKfHEcGi9M5QINKBqF
Hb9D/p6KkvjecC6DTH14ZLxPFTTnh/H34/7LQQs5EXll+lbigWWOLDldDaDLeJL7
Q6jhc0UmWCs4vA4K3//1dJWn2wEaqbU3+0rwTvjoOVWBmwUwrWAJkPY9w6Vz8/TS
/raCDOpc567oP0K108S3ezX0MKL71JKOgC+BEqw9QYwDSV6jg9i4V96XnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLR+V9bCKwRmlq8bSXA4UCdl/bh4MB8GA1UdIwQY
MBaAFCTZBrkMHYVmc+QU85gFvlg9IwunMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk5rR3VRd2RoV1p6NUJUem1BVy1XRDBqQzZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iNTNkYjEtMWUwZS00NGQwLWExMzEt
NGZjMjhlNTA5OGM3LzEvdEg1WDFzSXJCR2FXcnh0SmNEaFFKMlg5dUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iNTNkYjEtMWUwZS00NGQwLWExMzEtNGZjMjhlNTA5OGM3
LzEvSk5rR3VRd2RoV1p6NUJUem1BVy1XRDBqQzZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/64MA0G
CSqGSIb3DQEBCwUAA4IBAQBHD8G9VyLJGgXCM5sPKlU6bfiPkkgeloQI7d+Iasmh
pd1RzqcBTmYm5YIrhNt8l69nzPhazNF9meEls3BO8ip0HgYCawp5Ym/eSLiDhx5X
j/bK2VKZlnaub5NiAmCW2HFyptRamW65Dj2ht02Wvk7zfBOKTaf1n0TA8fRmung9
Uf/3TW2Ze4cF0+vsrrLWYeKTSDrAzhJhVoSfFfkKQtsSltzJnM5PAB4B50zSekps
IM8EuBmwDjH1hvCCQDCABH70asaoRGS9mLHbiQZ7WXo0t/2zDAD5GMBNy4agX7J0
d5GJ98k0eTL2BbwgwxKWP93iF9ya5zwLuqQM7nQ+yiXM
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:27:03 2025 by rpki-client