Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/0JAW72MZKRqNPvvLJj-mrzsc6bA.roa
File: 0JAW72MZKRqNPvvLJj-mrzsc6bA.roa (raw, json)
Hash identifier: NEJr2j8Q5/yoZT3ZjHtn7D79sLVX3rHSkvuJZKnCCDU=
Subject key identifier: D0:90:16:EF:63:19:29:1A:8D:3E:FB:CB:26:3F:A6:AF:3B:1C:E9:B0
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 01955C00F11A7A42EA0942FE275AC9EAC40F
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/0JAW72MZKRqNPvvLJj-mrzsc6bA.roa
Signing time: Mon 03 Mar 2025 12:35:20 +0000
ROA not before: Mon 03 Mar 2025 12:35:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10103
IP address blocks: 194.116.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:00:f1:1a:7a:42:ea:09:42:fe:27:5a:c9:ea:c4:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Mar 3 12:35:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d09016ef6319291a8d3efbcb263fa6af3b1ce9b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:83:46:ee:50:19:31:69:a4:f2:95:94:0d:04:
05:c2:7c:b0:b9:23:ae:5b:eb:d8:d2:b7:71:cd:2b:
9b:a1:15:8f:47:5f:0c:4a:1b:dc:8d:2d:f0:3f:0a:
0c:30:e4:57:3f:0f:72:79:f1:63:95:be:21:82:5a:
1f:b3:a5:db:f7:79:8c:01:10:96:6b:8d:92:6d:b4:
ca:2e:c6:50:59:22:52:b3:b7:7d:e7:d0:9d:55:a6:
91:e0:af:4b:c1:da:48:eb:08:c9:bd:4d:2f:86:0b:
39:cc:38:aa:cf:86:26:00:31:fe:19:59:5e:88:ff:
55:9a:19:25:6f:ee:b9:01:17:6f:33:93:44:34:b6:
3d:bb:ef:25:7b:7b:1e:8a:85:2f:85:d8:73:fd:b9:
a8:18:23:40:e3:17:1e:18:d4:7d:63:70:f2:ab:1b:
57:c1:be:65:7d:17:a8:c0:ac:05:5e:ba:d8:ac:ed:
ee:30:52:8a:ee:30:59:1a:48:2f:d1:bd:98:46:e2:
6c:24:af:93:ae:2e:ba:66:1d:2b:b8:95:44:b9:e5:
9b:90:b8:71:c6:a2:5c:b6:b8:a6:2c:8f:4d:a7:04:
d4:a9:a1:f3:88:22:9b:e5:59:8b:a4:bf:80:2e:e7:
d9:9c:07:85:c1:17:a4:e1:87:5d:8e:71:41:8d:bf:
a9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:90:16:EF:63:19:29:1A:8D:3E:FB:CB:26:3F:A6:AF:3B:1C:E9:B0
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/0JAW72MZKRqNPvvLJj-mrzsc6bA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.235.0/24
Signature Algorithm: sha256WithRSAEncryption
74:43:a8:d1:78:34:97:27:36:56:77:09:ca:93:ab:a1:a2:5e:
4b:75:2b:a4:4a:57:ab:9b:92:6b:6b:68:a1:39:ef:b0:02:63:
06:63:ae:5e:1c:48:fa:46:c6:e9:f0:28:04:32:39:4d:a9:d5:
70:be:32:91:d7:bd:bf:c8:ea:54:75:6d:82:ff:a8:36:a1:33:
2d:7b:5f:bf:b6:7b:49:f8:94:27:61:5e:81:65:6b:93:1c:3b:
3c:5e:0d:d9:e8:0c:fa:43:26:78:12:e1:4c:52:a7:7a:28:7d:
89:17:da:58:dd:25:07:62:4c:ed:58:9d:96:d4:d3:7d:07:35:
6b:06:5f:a2:5d:66:58:ee:8d:e5:03:19:c3:38:fc:02:4e:00:
b1:03:3a:7f:ac:cf:d8:23:9a:aa:8a:07:6b:97:a8:4f:ed:c3:
76:e0:de:ca:09:d5:26:b0:df:60:64:8a:03:c5:0e:04:fb:f2:
79:03:66:6a:cb:d5:93:2a:a5:8c:74:27:d3:dd:d4:0d:10:18:
e7:4b:c1:1e:3a:88:f5:b7:f2:1a:02:0f:26:d6:68:6b:19:fa:
ef:64:cb:9f:17:01:ac:48:26:d1:84:fb:8c:7d:1a:43:be:dd:
bc:23:4c:3e:86:08:15:34:7e:a6:f3:54:79:63:65:d8:70:d7:
f6:d2:6e:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVcAPEaekLqCUL+J1rJ6sQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjUwMzAzMTIzNTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDkwMTZlZjYzMTkyOTFhOGQzZWZiY2IyNjNmYTZhZjNiMWNlOWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ING7lAZMWmk8pWUDQQFwnywuSOu
W+vY0rdxzSuboRWPR18MShvcjS3wPwoMMORXPw9yefFjlb4hglofs6Xb93mMARCW
a42SbbTKLsZQWSJSs7d959CdVaaR4K9LwdpI6wjJvU0vhgs5zDiqz4YmADH+GVle
iP9Vmhklb+65ARdvM5NENLY9u+8le3seioUvhdhz/bmoGCNA4xceGNR9Y3DyqxtX
wb5lfReowKwFXrrYrO3uMFKK7jBZGkgv0b2YRuJsJK+Tri66Zh0ruJVEueWbkLhx
xqJctrimLI9NpwTUqaHziCKb5VmLpL+ALufZnAeFwRek4YddjnFBjb+pmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCQFu9jGSkajT77yyY/pq87HOmwMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvMEpBVzcyTVpLUnFOUHZ2TEpqLW1yenNjNmJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnTrMA0G
CSqGSIb3DQEBCwUAA4IBAQB0Q6jReDSXJzZWdwnKk6uhol5LdSukSlerm5Jra2ih
Oe+wAmMGY65eHEj6Rsbp8CgEMjlNqdVwvjKR172/yOpUdW2C/6g2oTMte1+/tntJ
+JQnYV6BZWuTHDs8Xg3Z6Az6QyZ4EuFMUqd6KH2JF9pY3SUHYkztWJ2W1NN9BzVr
Bl+iXWZY7o3lAxnDOPwCTgCxAzp/rM/YI5qqigdrl6hP7cN24N7KCdUmsN9gZIoD
xQ4E+/J5A2Zqy9WTKqWMdCfT3dQNEBjnS8EeOoj1t/IaAg8m1mhrGfrvZMufFwGs
SCbRhPuMfRpDvt28I0w+hggVNH6m81R5Y2XYcNf20m7l
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:06:38 2025 by rpki-client