Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/cf93ac-dedd-4130-b365-b8e6566a279a/1/GS0H0Drimc0sp3WE4CJI-1tpUww.roa
File: GS0H0Drimc0sp3WE4CJI-1tpUww.roa (raw, json)
Hash identifier: K+fEr22QzZrMpwlikgBYkLomYyjXmKEsLjK8H0qHBus=
Subject key identifier: 19:2D:07:D0:3A:E2:99:CD:2C:A7:75:84:E0:22:48:FB:5B:69:53:0C
Certificate issuer: /CN=548f757a56d17680d6d6690b19d9f39061980033
Certificate serial: 019423D6C1C97226322B785961629B8F6DB5
Authority key identifier: 54:8F:75:7A:56:D1:76:80:D6:D6:69:0B:19:D9:F3:90:61:98:00:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VI91elbRdoDW1mkLGdnzkGGYADM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/cf93ac-dedd-4130-b365-b8e6566a279a/1/GS0H0Drimc0sp3WE4CJI-1tpUww.roa
Signing time: Wed 01 Jan 2025 21:47:44 +0000
ROA not before: Wed 01 Jan 2025 21:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207557
IP address blocks: 194.9.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:c1:c9:72:26:32:2b:78:59:61:62:9b:8f:6d:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=548f757a56d17680d6d6690b19d9f39061980033
Validity
Not Before: Jan 1 21:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=192d07d03ae299cd2ca77584e02248fb5b69530c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a4:df:b1:1c:c6:0a:fa:d8:12:bd:b7:56:d8:
84:f7:d3:0f:64:e0:d5:c0:c5:4d:93:d5:dc:12:ed:
c6:c5:a3:c3:a9:26:59:2c:b6:db:ec:04:32:7b:d2:
40:86:12:f4:f4:d0:bd:b8:83:d2:eb:76:0d:40:38:
bf:7b:6a:93:29:c6:26:c6:64:86:44:c1:bd:8c:36:
05:60:e1:41:bc:c7:08:18:4d:8f:81:84:bc:d1:b4:
7c:2a:05:6f:7c:a1:38:56:ad:7f:03:3f:e0:d8:75:
01:4c:2a:3e:e6:45:55:34:72:3c:d0:94:e4:f9:37:
93:e6:d6:d5:23:e0:76:af:fc:34:46:2f:c6:77:19:
a8:e1:35:e1:f0:c8:f8:e8:95:c3:b3:13:fb:52:f1:
a2:21:15:5c:0f:50:5a:e0:af:7e:5c:e9:df:e0:32:
86:48:32:10:ae:44:51:89:ee:dc:1f:47:91:30:e6:
2f:a9:8d:e3:0f:fa:80:76:e3:be:c7:d8:72:28:91:
71:47:5d:09:32:bf:54:46:48:49:94:ae:30:a5:61:
44:5a:f5:b9:e6:df:fe:b5:fd:0b:f1:c1:08:aa:b3:
d1:6c:0c:a4:25:2e:f6:1d:7f:77:d4:bf:32:e0:0a:
11:f9:70:41:e2:25:af:5f:b1:fc:32:3a:a5:1a:44:
14:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:2D:07:D0:3A:E2:99:CD:2C:A7:75:84:E0:22:48:FB:5B:69:53:0C
X509v3 Authority Key Identifier:
keyid:54:8F:75:7A:56:D1:76:80:D6:D6:69:0B:19:D9:F3:90:61:98:00:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VI91elbRdoDW1mkLGdnzkGGYADM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/cf93ac-dedd-4130-b365-b8e6566a279a/1/GS0H0Drimc0sp3WE4CJI-1tpUww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/cf93ac-dedd-4130-b365-b8e6566a279a/1/VI91elbRdoDW1mkLGdnzkGGYADM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.188.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:47:a4:21:ac:fd:83:79:46:79:9c:a0:3f:0c:17:5b:a7:16:
9e:6f:2a:34:c3:d5:44:6d:c7:b7:2e:cd:14:df:91:05:a3:c6:
2f:07:60:c5:d0:ca:9e:69:11:21:e4:a7:1c:e2:9f:d8:06:d3:
6e:a2:e3:99:58:2d:de:4d:18:95:e0:a1:46:53:73:1d:a8:41:
0d:55:6c:4b:0e:38:2e:58:19:54:23:e3:ec:68:2e:ed:a4:8e:
40:ff:2a:a5:02:74:37:41:e7:fb:0a:60:56:3f:07:5e:2c:33:
e1:a7:1b:50:d6:3f:f5:55:98:9f:26:8c:57:a9:2e:b1:a0:50:
5c:a2:43:d1:52:67:6c:c5:87:d7:b5:9d:36:d6:a5:11:47:82:
dc:82:40:9d:58:87:d3:74:00:e6:3a:37:25:52:93:92:b6:f1:
f1:1d:24:37:24:9c:ec:c5:e8:49:82:86:df:d5:29:5c:64:dd:
df:62:78:3a:dd:6c:a9:ef:93:fe:37:f4:23:81:73:5e:27:59:
e7:ad:78:89:77:62:63:89:88:1b:02:6a:62:47:31:74:10:1f:
0d:0e:f7:cd:c0:5f:c9:cf:5f:e5:53:10:4f:17:bc:24:87:90:
6b:20:06:0a:b4:38:09:32:b5:8e:eb:7d:3c:6c:fa:87:fb:a5:
d2:fa:4f:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1sHJciYyK3hZYWKbj221MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0OGY3NTdhNTZkMTc2ODBkNmQ2NjkwYjE5ZDlmMzkwNjE5
ODAwMzMwHhcNMjUwMTAxMjE0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTJkMDdkMDNhZTI5OWNkMmNhNzc1ODRlMDIyNDhmYjViNjk1MzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaTfsRzGCvrYEr23VtiE99MPZODV
wMVNk9XcEu3GxaPDqSZZLLbb7AQye9JAhhL09NC9uIPS63YNQDi/e2qTKcYmxmSG
RMG9jDYFYOFBvMcIGE2PgYS80bR8KgVvfKE4Vq1/Az/g2HUBTCo+5kVVNHI80JTk
+TeT5tbVI+B2r/w0Ri/Gdxmo4TXh8Mj46JXDsxP7UvGiIRVcD1Ba4K9+XOnf4DKG
SDIQrkRRie7cH0eRMOYvqY3jD/qAduO+x9hyKJFxR10JMr9URkhJlK4wpWFEWvW5
5t/+tf0L8cEIqrPRbAykJS72HX931L8y4AoR+XBB4iWvX7H8MjqlGkQUJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBktB9A64pnNLKd1hOAiSPtbaVMMMB8GA1UdIwQY
MBaAFFSPdXpW0XaA1tZpCxnZ85BhmAAzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkk5MWVsYlJkb0RXMW1rTEdkbnprR0dZQURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jZjkzYWMtZGVkZC00MTMwLWIzNjUt
YjhlNjU2NmEyNzlhLzEvR1MwSDBEcmltYzBzcDNXRTRDSkktMXRwVXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jZjkzYWMtZGVkZC00MTMwLWIzNjUtYjhlNjU2NmEyNzlh
LzEvVkk5MWVsYlJkb0RXMW1rTEdkbnprR0dZQURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgm8MA0G
CSqGSIb3DQEBCwUAA4IBAQC0R6QhrP2DeUZ5nKA/DBdbpxaebyo0w9VEbce3Ls0U
35EFo8YvB2DF0MqeaREh5Kcc4p/YBtNuouOZWC3eTRiV4KFGU3MdqEENVWxLDjgu
WBlUI+PsaC7tpI5A/yqlAnQ3Qef7CmBWPwdeLDPhpxtQ1j/1VZifJoxXqS6xoFBc
okPRUmdsxYfXtZ021qURR4LcgkCdWIfTdADmOjclUpOStvHxHSQ3JJzsxehJgobf
1SlcZN3fYng63Wyp75P+N/QjgXNeJ1nnrXiJd2JjiYgbAmpiRzF0EB8NDvfNwF/J
z1/lUxBPF7wkh5BrIAYKtDgJMrWO6308bPqH+6XS+k9N
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:28:03 2025 by rpki-client