Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/2kQfxhS4B_MkQSOZapCePJ-M54E.roa
File: 2kQfxhS4B_MkQSOZapCePJ-M54E.roa (raw, json)
Hash identifier: 2kr2ZaX36faPtRgGjLW7dLtHnD40t42niSs4VZlqG5M=
Subject key identifier: DA:44:1F:C6:14:B8:07:F3:24:41:23:99:6A:90:9E:3C:9F:8C:E7:81
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 01942369D773B8652FF2638E80991FA00C88
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/2kQfxhS4B_MkQSOZapCePJ-M54E.roa
Signing time: Wed 01 Jan 2025 19:48:46 +0000
ROA not before: Wed 01 Jan 2025 19:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204957
IP address blocks: 194.32.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:d7:73:b8:65:2f:f2:63:8e:80:99:1f:a0:0c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 19:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da441fc614b807f3244123996a909e3c9f8ce781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:73:64:2c:ec:f4:bf:4a:09:17:20:5c:77:f4:
6e:b3:75:8c:5e:6e:74:fe:13:7f:72:59:e4:08:86:
00:c4:1c:76:3f:21:92:08:83:c8:e2:5b:87:a5:47:
9d:3a:d2:78:66:5d:87:b7:4c:d5:92:b1:6d:7f:f9:
e1:19:cd:08:56:83:ff:f4:a3:de:3d:b7:e6:2a:07:
02:78:7f:5e:a3:6a:9e:50:32:13:b6:6e:76:74:60:
77:ff:ed:b9:9a:74:b9:32:1f:d6:2f:6f:7a:57:b7:
da:15:6b:47:df:13:f6:1d:7f:09:61:97:60:4e:c9:
72:d3:01:42:60:dc:f9:8e:c8:a3:86:2f:5e:cb:12:
df:60:34:68:f2:88:2a:d4:9f:7c:f5:cf:4d:4b:40:
a6:1f:7c:22:3d:43:cb:3b:01:4c:9e:4c:ff:84:44:
ca:32:32:bc:9c:79:05:32:32:a1:6b:30:69:e4:96:
74:32:6f:fb:5a:2d:ec:89:9e:90:e4:ff:3d:0a:79:
16:57:aa:9a:6f:88:35:c2:69:36:ca:c9:d0:70:e6:
37:66:0d:28:70:38:6d:e8:ff:92:24:74:06:3c:53:
81:1f:40:56:36:c2:cb:d1:f6:08:45:f1:1c:d5:b8:
1e:4b:ce:fb:fe:47:24:58:20:6d:c6:e3:2d:17:c0:
c8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:44:1F:C6:14:B8:07:F3:24:41:23:99:6A:90:9E:3C:9F:8C:E7:81
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/2kQfxhS4B_MkQSOZapCePJ-M54E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.104.0/24
Signature Algorithm: sha256WithRSAEncryption
34:f4:28:3e:9e:cc:1d:1a:22:30:15:5f:51:eb:18:85:d6:7b:
1a:0c:df:4e:65:74:63:fa:57:d6:e9:cb:3c:f4:47:2f:b7:18:
3e:9f:06:5c:23:19:1d:d5:5f:6a:0b:4e:cd:4e:c7:ce:c9:ff:
b8:9d:8e:02:c9:b3:b6:84:00:6a:dd:0a:04:9e:f4:ac:98:bb:
40:18:bc:44:77:51:5f:94:f8:ff:d8:c9:6e:62:1c:52:d2:19:
1b:90:9d:b5:3a:59:aa:c9:a6:14:d3:aa:06:6b:8e:22:bf:cb:
59:f5:76:86:8e:fc:1f:13:b3:5d:99:d4:7a:2f:d2:77:26:1e:
67:dd:4f:e0:cc:d7:f2:c1:e3:e0:eb:20:9e:6b:8c:97:ff:70:
cb:46:02:2d:40:06:fe:18:14:a2:0b:de:81:48:8f:41:33:e6:
0a:bb:6b:b0:58:a9:a1:7f:7c:d8:9b:1b:70:69:48:21:8e:ff:
2a:bf:02:df:83:7d:f3:86:ef:e8:a9:32:fc:de:e3:37:52:57:
09:1a:23:4a:b6:e4:b8:e1:8b:06:53:f2:23:1a:ec:9c:8e:b2:
cd:a4:18:31:3d:46:a8:d8:2e:c4:67:5e:16:5f:f8:f9:e1:6e:
b0:b4:18:42:db:cc:eb:71:47:7e:06:01:45:4c:20:a9:a3:35:
31:e8:67:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaddzuGUv8mOOgJkfoAyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMTAxMTk0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQ0MWZjNjE0YjgwN2YzMjQ0MTIzOTk2YTkwOWUzYzlmOGNlNzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXNkLOz0v0oJFyBcd/Rus3WMXm50
/hN/clnkCIYAxBx2PyGSCIPI4luHpUedOtJ4Zl2Ht0zVkrFtf/nhGc0IVoP/9KPe
PbfmKgcCeH9eo2qeUDITtm52dGB3/+25mnS5Mh/WL296V7faFWtH3xP2HX8JYZdg
Tsly0wFCYNz5jsijhi9eyxLfYDRo8ogq1J989c9NS0CmH3wiPUPLOwFMnkz/hETK
MjK8nHkFMjKhazBp5JZ0Mm/7Wi3siZ6Q5P89CnkWV6qab4g1wmk2ysnQcOY3Zg0o
cDht6P+SJHQGPFOBH0BWNsLL0fYIRfEc1bgeS877/kckWCBtxuMtF8DICQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNpEH8YUuAfzJEEjmWqQnjyfjOeBMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvMmtRZnhoUzRCX01rUVNPWmFwQ2VQSi1NNTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiBoMA0G
CSqGSIb3DQEBCwUAA4IBAQA09Cg+nswdGiIwFV9R6xiF1nsaDN9OZXRj+lfW6cs8
9Ecvtxg+nwZcIxkd1V9qC07NTsfOyf+4nY4CybO2hABq3QoEnvSsmLtAGLxEd1Ff
lPj/2MluYhxS0hkbkJ21OlmqyaYU06oGa44iv8tZ9XaGjvwfE7NdmdR6L9J3Jh5n
3U/gzNfywePg6yCea4yX/3DLRgItQAb+GBSiC96BSI9BM+YKu2uwWKmhf3zYmxtw
aUghjv8qvwLfg33zhu/oqTL83uM3UlcJGiNKtuS44YsGU/IjGuycjrLNpBgxPUao
2C7EZ14WX/j54W6wtBhC28zrcUd+BgFFTCCpozUx6Gfd
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:56 2025 by rpki-client