Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e8b89c-8268-402b-aa26-ead041774e07/1/0v4Q3A_w9M1p1YcV4-7Pe389fdU.roa
File: 0v4Q3A_w9M1p1YcV4-7Pe389fdU.roa (raw, json)
Hash identifier: WhKTFW0tZdeh1NFz5izqlimm3sG/vP+EpF9M2Z10RmY=
Subject key identifier: D2:FE:10:DC:0F:F0:F4:CD:69:D5:87:15:E3:EE:CF:7B:7F:3D:7D:D5
Certificate issuer: /CN=6765a21b561ba8665cf79fbf44c31959de28f216
Certificate serial: 019421B15BC18BDDA7C63D5DB35CD3427EA1
Authority key identifier: 67:65:A2:1B:56:1B:A8:66:5C:F7:9F:BF:44:C3:19:59:DE:28:F2:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z2WiG1YbqGZc95-_RMMZWd4o8hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e8b89c-8268-402b-aa26-ead041774e07/1/0v4Q3A_w9M1p1YcV4-7Pe389fdU.roa
Signing time: Wed 01 Jan 2025 11:47:38 +0000
ROA not before: Wed 01 Jan 2025 11:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199476
IP address blocks: 194.39.244.0/24 maxlen: 24
2a13:9d80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:5b:c1:8b:dd:a7:c6:3d:5d:b3:5c:d3:42:7e:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6765a21b561ba8665cf79fbf44c31959de28f216
Validity
Not Before: Jan 1 11:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2fe10dc0ff0f4cd69d58715e3eecf7b7f3d7dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7f:b7:1b:92:dc:50:d8:5b:48:9c:0a:a1:5b:
6c:98:12:b9:af:60:c2:93:92:7c:74:df:70:c6:f5:
60:f1:a6:cd:51:9b:86:02:2f:50:4a:9d:40:dc:7b:
df:4a:a8:a6:82:f0:0c:bf:be:74:20:5f:01:4b:ed:
e9:06:1b:be:94:8b:e0:fb:76:1f:85:33:d4:ad:cc:
d1:36:cb:26:43:87:4c:c7:92:07:df:88:e8:9a:9c:
e1:34:5a:69:7b:88:44:ce:9f:cb:d2:ae:c5:ba:23:
c4:b8:3c:d5:2f:ab:0d:81:4f:42:8b:54:f4:b3:c8:
20:22:3f:e2:ac:b0:a1:27:86:b5:75:c4:02:4a:16:
95:20:a7:8f:5e:85:ff:ee:1a:eb:43:98:ac:e8:22:
7d:18:de:e7:10:4f:39:6b:b1:be:ea:6e:6e:7c:27:
81:75:cd:19:c0:79:48:38:0b:31:e5:f0:70:df:51:
e7:65:4d:fa:9a:ca:cd:fc:d1:8a:d6:1c:8c:25:1f:
ec:19:fc:ab:7d:84:9b:13:12:8c:a8:3a:ca:9c:35:
91:47:81:4a:76:1a:f2:57:b6:00:44:6a:4f:b4:3a:
6a:05:4f:2b:a3:bb:b8:7d:07:71:77:fb:02:15:7e:
9f:28:8b:49:75:ed:59:c9:96:2f:5d:22:1f:5a:6f:
be:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:FE:10:DC:0F:F0:F4:CD:69:D5:87:15:E3:EE:CF:7B:7F:3D:7D:D5
X509v3 Authority Key Identifier:
keyid:67:65:A2:1B:56:1B:A8:66:5C:F7:9F:BF:44:C3:19:59:DE:28:F2:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z2WiG1YbqGZc95-_RMMZWd4o8hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e8b89c-8268-402b-aa26-ead041774e07/1/0v4Q3A_w9M1p1YcV4-7Pe389fdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e8b89c-8268-402b-aa26-ead041774e07/1/Z2WiG1YbqGZc95-_RMMZWd4o8hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.244.0/24
IPv6:
2a13:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
78:e1:da:9a:20:ec:7b:f6:2e:08:a5:b3:27:aa:ac:a7:55:fc:
89:f2:2f:b9:83:6c:92:d2:d5:e8:4b:13:55:5f:f9:94:d8:97:
b2:ed:92:c5:68:87:00:9f:a3:1d:d7:99:74:79:1a:14:59:b8:
6d:03:5b:da:b8:6d:50:54:15:10:ca:18:f7:d8:46:91:80:bf:
8f:59:f1:bb:27:b6:aa:08:a0:3d:fa:00:1e:83:c0:2e:7f:c5:
61:fd:17:1a:1b:7f:2f:81:35:a5:bf:d3:7f:0d:32:45:3b:ac:
57:c2:2c:8e:a7:ca:16:1a:36:ba:3d:71:3d:77:20:33:98:70:
98:98:f7:39:14:8a:81:00:40:58:cd:99:36:08:0f:23:3d:95:
b5:df:ae:0d:b1:78:01:f2:f1:de:63:3c:3b:52:fb:8e:bd:89:
86:9c:75:eb:2b:be:16:4a:2b:9a:17:30:54:fd:0f:97:70:c7:
31:ba:d6:c7:58:c3:fa:4e:31:a5:0c:d2:00:31:44:06:2a:40:
00:ec:b1:31:ee:b4:bc:90:d9:65:b2:e5:22:b5:c2:18:1c:7b:
37:af:3e:c3:79:76:92:a1:3f:b9:74:a7:06:b7:5a:c6:a6:99:
e2:67:ea:c7:95:05:28:f6:43:ee:b7:1e:74:fe:24:15:48:0d:
e8:3c:c3:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsVvBi92nxj1ds1zTQn6hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NjVhMjFiNTYxYmE4NjY1Y2Y3OWZiZjQ0YzMxOTU5ZGUy
OGYyMTYwHhcNMjUwMTAxMTE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmZlMTBkYzBmZjBmNGNkNjlkNTg3MTVlM2VlY2Y3YjdmM2Q3ZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyH+3G5LcUNhbSJwKoVtsmBK5r2DC
k5J8dN9wxvVg8abNUZuGAi9QSp1A3HvfSqimgvAMv750IF8BS+3pBhu+lIvg+3Yf
hTPUrczRNssmQ4dMx5IH34jompzhNFppe4hEzp/L0q7FuiPEuDzVL6sNgU9Ci1T0
s8ggIj/irLChJ4a1dcQCShaVIKePXoX/7hrrQ5is6CJ9GN7nEE85a7G+6m5ufCeB
dc0ZwHlIOAsx5fBw31HnZU36msrN/NGK1hyMJR/sGfyrfYSbExKMqDrKnDWRR4FK
dhryV7YARGpPtDpqBU8ro7u4fQdxd/sCFX6fKItJde1ZyZYvXSIfWm++IwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNL+ENwP8PTNadWHFePuz3t/PX3VMB8GA1UdIwQY
MBaAFGdlohtWG6hmXPefv0TDGVneKPIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjJXaUcxWWJxR1pjOTUtX1JNTVpXZDRvOGhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lOGI4OWMtODI2OC00MDJiLWFhMjYt
ZWFkMDQxNzc0ZTA3LzEvMHY0UTNBX3c5TTFwMVljVjQtN1BlMzg5ZmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lOGI4OWMtODI2OC00MDJiLWFhMjYtZWFkMDQxNzc0ZTA3
LzEvWjJXaUcxWWJxR1pjOTUtX1JNTVpXZDRvOGhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwif0MA0E
AgACMAcDBQAqE52AMA0GCSqGSIb3DQEBCwUAA4IBAQB44dqaIOx79i4IpbMnqqyn
VfyJ8i+5g2yS0tXoSxNVX/mU2Jey7ZLFaIcAn6Md15l0eRoUWbhtA1vauG1QVBUQ
yhj32EaRgL+PWfG7J7aqCKA9+gAeg8Auf8Vh/RcaG38vgTWlv9N/DTJFO6xXwiyO
p8oWGja6PXE9dyAzmHCYmPc5FIqBAEBYzZk2CA8jPZW1364NsXgB8vHeYzw7UvuO
vYmGnHXrK74WSiuaFzBU/Q+XcMcxutbHWMP6TjGlDNIAMUQGKkAA7LEx7rS8kNll
suUitcIYHHs3rz7DeXaSoT+5dKcGt1rGppniZ+rHlQUo9kPutx50/iQVSA3oPMOW
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:56:31 2025 by rpki-client