Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/M0HXRavRkqsN4Yp8YuczMfQP_uU.roa
File: M0HXRavRkqsN4Yp8YuczMfQP_uU.roa (raw, json)
Hash identifier: X18lhvajK8xZHDNDOlKhHyqtaL6zmU5JMymn+truq78=
Subject key identifier: 33:41:D7:45:AB:D1:92:AB:0D:E1:8A:7C:62:E7:33:31:F4:0F:FE:E5
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6BE0DB474B645F2AF67AE881FF7E1
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/M0HXRavRkqsN4Yp8YuczMfQP_uU.roa
Signing time: Wed 01 Jan 2025 21:47:43 +0000
ROA not before: Wed 01 Jan 2025 21:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47427
IP address blocks: 86.105.32.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:be:0d:b4:74:b6:45:f2:af:67:ae:88:1f:f7:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3341d745abd192ab0de18a7c62e73331f40ffee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b9:54:af:0d:90:40:a4:30:01:73:e6:f7:95:
bc:f4:bc:2a:3d:ae:9c:49:2c:e7:82:f7:cc:6e:f3:
1a:f0:3e:6e:e8:5b:1e:e2:d7:25:9d:ef:76:e4:09:
39:21:38:a3:df:e3:0d:c6:bb:f9:3a:ec:1c:37:15:
f0:24:cf:e1:89:cb:d3:d3:4d:4f:4a:fc:6a:db:0e:
14:57:d0:e9:fd:a6:34:c2:89:fa:17:01:79:e9:5d:
9c:94:c0:c8:93:e0:72:bb:ec:e4:a6:dd:63:7d:6f:
11:fb:24:f1:42:ff:ae:e6:97:91:a6:53:cf:63:98:
80:bb:62:be:37:a1:d9:f7:10:35:9a:44:12:52:05:
ad:b7:8a:13:fd:a3:8d:d9:62:4e:18:be:46:80:04:
ff:be:b0:19:25:14:82:a6:d7:86:13:0d:ac:ee:0e:
cc:4a:b8:e9:42:de:e3:33:28:5a:07:30:3f:f2:2c:
6f:5c:cc:79:90:e8:d8:c4:d7:2e:a5:62:1a:1a:03:
59:d8:03:ed:12:3c:c6:51:25:25:c9:d2:b0:7d:16:
f6:53:5b:1b:3c:d5:84:9e:75:e2:ff:52:ad:c3:e5:
7c:81:9b:d2:a7:00:e2:73:62:c8:8c:f5:e1:e5:b5:
75:6b:9d:14:30:ee:2c:53:6a:aa:08:4b:37:83:b1:
a7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:41:D7:45:AB:D1:92:AB:0D:E1:8A:7C:62:E7:33:31:F4:0F:FE:E5
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/M0HXRavRkqsN4Yp8YuczMfQP_uU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.32.0/21
Signature Algorithm: sha256WithRSAEncryption
88:40:c3:ed:a6:23:b9:50:8f:62:54:cb:a1:de:79:3c:8a:65:
ce:48:9c:bd:5b:4b:03:be:2a:e5:3f:b5:b1:47:a4:f6:14:0b:
74:b4:56:c8:a4:79:4c:36:ad:14:27:4a:39:51:d0:1a:77:32:
ea:d2:2e:69:eb:1a:ca:a8:d3:0e:1b:5b:5a:f8:24:78:3a:fc:
db:33:8a:46:1e:7a:4c:38:d8:09:bc:22:6c:b2:21:35:f5:b4:
98:df:39:7e:dd:67:c3:35:e6:ff:80:99:98:b8:60:e0:ab:b5:
c6:8a:7b:78:76:f0:60:c2:d4:70:8f:40:f4:48:20:e1:b2:a1:
73:f2:ee:ad:d5:c3:9b:2a:7f:12:73:95:44:9b:d1:58:a3:6d:
64:20:95:a2:45:43:ee:41:fc:9a:e5:d9:c7:dd:09:66:b8:24:
a5:90:cf:15:47:7a:f0:f2:48:84:87:75:ea:7d:c6:8f:c0:1d:
d3:f9:46:2f:ab:4a:b3:38:7c:34:7d:96:c1:a0:83:18:53:7e:
e3:56:87:06:df:31:bb:53:45:2f:56:43:74:da:d2:92:ef:2a:
53:51:4d:cc:f7:62:8d:e9:9e:73:1d:47:e4:2e:35:b3:08:7c:
0a:72:61:ca:e7:3b:90:bc:fb:e9:ae:a0:9c:94:6d:b9:dd:78:
ce:ef:0a:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1r4NtHS2RfKvZ66IH/fhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzQxZDc0NWFiZDE5MmFiMGRlMThhN2M2MmU3MzMzMWY0MGZmZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLlUrw2QQKQwAXPm95W89LwqPa6c
SSzngvfMbvMa8D5u6Fse4tclne925Ak5ITij3+MNxrv5OuwcNxXwJM/hicvT001P
Svxq2w4UV9Dp/aY0won6FwF56V2clMDIk+Byu+zkpt1jfW8R+yTxQv+u5peRplPP
Y5iAu2K+N6HZ9xA1mkQSUgWtt4oT/aON2WJOGL5GgAT/vrAZJRSCpteGEw2s7g7M
SrjpQt7jMyhaBzA/8ixvXMx5kOjYxNcupWIaGgNZ2APtEjzGUSUlydKwfRb2U1sb
PNWEnnXi/1Ktw+V8gZvSpwDic2LIjPXh5bV1a50UMO4sU2qqCEs3g7GnvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDNB10Wr0ZKrDeGKfGLnMzH0D/7lMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvTTBIWFJhdlJrcXNONFlwOFl1Y3pNZlFQX3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVmkgMA0G
CSqGSIb3DQEBCwUAA4IBAQCIQMPtpiO5UI9iVMuh3nk8imXOSJy9W0sDvirlP7Wx
R6T2FAt0tFbIpHlMNq0UJ0o5UdAadzLq0i5p6xrKqNMOG1ta+CR4OvzbM4pGHnpM
ONgJvCJssiE19bSY3zl+3WfDNeb/gJmYuGDgq7XGint4dvBgwtRwj0D0SCDhsqFz
8u6t1cObKn8Sc5VEm9FYo21kIJWiRUPuQfya5dnH3QlmuCSlkM8VR3rw8kiEh3Xq
fcaPwB3T+UYvq0qzOHw0fZbBoIMYU37jVocG3zG7U0UvVkN02tKS7ypTUU3M92KN
6Z5zHUfkLjWzCHwKcmHK5zuQvPvprqCclG253XjO7wr4
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:10:22 2025 by rpki-client