Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/3UFn9ZKL5xnyw3p3E5ZPlAB21Ko.roa
File: 3UFn9ZKL5xnyw3p3E5ZPlAB21Ko.roa (raw, json)
Hash identifier: 6Pd7GRQDu0g4GEPlaJKLxZv9PduNId/exEPYyekEroo=
Subject key identifier: DD:41:67:F5:92:8B:E7:19:F2:C3:7A:77:13:96:4F:94:00:76:D4:AA
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 0194228DCDD8E3C7738175ADDB306B7D59BD
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/3UFn9ZKL5xnyw3p3E5ZPlAB21Ko.roa
Signing time: Wed 01 Jan 2025 15:48:26 +0000
ROA not before: Wed 01 Jan 2025 15:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9087
IP address blocks: 194.59.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:cd:d8:e3:c7:73:81:75:ad:db:30:6b:7d:59:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Jan 1 15:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd4167f5928be719f2c37a7713964f940076d4aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:96:6c:ca:aa:a0:85:fa:35:1a:10:9f:aa:76:
82:53:69:81:58:5f:1b:1e:a4:96:12:6c:d8:fa:f3:
4d:eb:50:ed:fe:2b:84:bf:00:20:c1:48:ff:b7:52:
0a:4c:70:69:f7:48:44:6a:b7:21:f4:ec:b2:0d:1e:
11:33:b5:8b:86:ea:59:8b:34:3f:8f:6e:16:7d:22:
bf:d4:73:ac:b6:df:3e:ab:17:a1:80:b5:b0:8f:61:
52:12:f9:54:d3:bb:7f:dc:36:81:98:45:bc:89:d6:
e7:ae:37:e1:84:5d:ab:19:bd:3d:19:1c:28:a4:1c:
23:66:ec:a6:9f:1c:35:e3:5d:2a:c4:d2:e0:c1:84:
53:97:ea:7f:eb:0f:af:f3:cc:5c:98:93:be:56:35:
0b:5f:2b:37:9c:59:9a:ea:bb:d3:86:d3:c4:58:6a:
bd:3d:65:e4:56:38:59:11:fa:44:1f:45:5e:c1:0d:
cd:ad:87:79:21:4f:4e:bc:03:71:5e:cf:78:5c:89:
94:49:27:5e:a8:31:7c:a3:31:81:60:22:ed:fd:fa:
01:09:a2:7e:e7:b0:68:d1:8f:9c:6f:f1:4b:7e:1a:
36:d3:8f:f5:d8:14:19:32:4b:ce:f9:f4:35:dc:a9:
5c:00:c8:e8:78:e1:50:b5:86:21:b2:ad:17:af:d7:
83:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:41:67:F5:92:8B:E7:19:F2:C3:7A:77:13:96:4F:94:00:76:D4:AA
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/3UFn9ZKL5xnyw3p3E5ZPlAB21Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.9.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:60:f1:5a:62:1f:94:dd:9a:8e:49:29:5c:36:a5:39:1f:fd:
d7:ce:1a:d8:6f:d9:03:81:f5:21:99:e7:9d:0e:34:d7:3b:50:
74:98:16:15:c6:51:c9:12:9e:f1:af:99:2f:cc:f0:c7:b6:11:
b6:d2:22:eb:04:a8:6c:4f:d9:8e:4c:57:5d:39:6f:41:f2:17:
54:cc:3e:24:f4:5b:4e:4a:ad:73:c1:f5:4b:d9:5a:cb:0c:92:
e8:c0:61:5a:56:b2:07:31:86:b5:d0:a7:bc:8f:18:ad:4e:7d:
2c:15:ce:b6:6a:50:52:7b:8c:32:fb:86:d1:15:e4:a7:3e:e2:
78:1e:b6:e4:4b:7b:0b:a3:52:9c:24:55:76:a0:58:11:56:a9:
3a:1f:fd:cb:a8:f9:f8:96:cf:38:b6:98:ff:a4:ea:71:82:3a:
6b:5f:db:ff:ce:b4:26:a5:49:45:b4:13:15:f3:8f:15:bf:05:
27:4e:75:36:45:e1:a9:a6:9d:55:8b:7c:de:94:2e:c6:3a:4c:
d9:c1:c5:c4:45:37:16:c0:c3:5f:fc:b2:10:ad:a2:e8:4e:94:
90:9a:e1:17:e8:2c:df:f7:af:f6:ac:f6:09:cb:fd:30:10:00:
aa:03:08:bb:58:14:fa:a6:8e:6d:76:fc:f2:3f:ee:b3:81:f8:
4b:ba:a8:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijc3Y48dzgXWt2zBrfVm9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjUwMTAxMTU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQxNjdmNTkyOGJlNzE5ZjJjMzdhNzcxMzk2NGY5NDAwNzZkNGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5Zsyqqghfo1GhCfqnaCU2mBWF8b
HqSWEmzY+vNN61Dt/iuEvwAgwUj/t1IKTHBp90hEarch9OyyDR4RM7WLhupZizQ/
j24WfSK/1HOstt8+qxehgLWwj2FSEvlU07t/3DaBmEW8idbnrjfhhF2rGb09GRwo
pBwjZuymnxw1410qxNLgwYRTl+p/6w+v88xcmJO+VjULXys3nFma6rvThtPEWGq9
PWXkVjhZEfpEH0VewQ3NrYd5IU9OvANxXs94XImUSSdeqDF8ozGBYCLt/foBCaJ+
57Bo0Y+cb/FLfho204/12BQZMkvO+fQ13KlcAMjoeOFQtYYhsq0Xr9eD7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1BZ/WSi+cZ8sN6dxOWT5QAdtSqMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvM1VGbjlaS0w1eG55dzNwM0U1WlBsQUIyMUtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjsJMA0G
CSqGSIb3DQEBCwUAA4IBAQB6YPFaYh+U3ZqOSSlcNqU5H/3XzhrYb9kDgfUhmeed
DjTXO1B0mBYVxlHJEp7xr5kvzPDHthG20iLrBKhsT9mOTFddOW9B8hdUzD4k9FtO
Sq1zwfVL2VrLDJLowGFaVrIHMYa10Ke8jxitTn0sFc62alBSe4wy+4bRFeSnPuJ4
HrbkS3sLo1KcJFV2oFgRVqk6H/3LqPn4ls84tpj/pOpxgjprX9v/zrQmpUlFtBMV
848VvwUnTnU2ReGppp1Vi3zelC7GOkzZwcXERTcWwMNf/LIQraLoTpSQmuEX6Czf
96/2rPYJy/0wEACqAwi7WBT6po5tdvzyP+6zgfhLuqiT
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:38 2025 by rpki-client