Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/96CoHDqUFKRWLMKpuPNky2AThV0.roa
File: 96CoHDqUFKRWLMKpuPNky2AThV0.roa (raw, json)
Hash identifier: 2dbkXGtx2Y2iGJ3uWXJRyOKWK4j+bBsW6iNp6F1vwRk=
Subject key identifier: F7:A0:A8:1C:3A:94:14:A4:56:2C:C2:A9:B8:F3:64:CB:60:13:85:5D
Certificate issuer: /CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Certificate serial: 0194266C08C94D93476D116B3B8EA7F32311
Authority key identifier: 94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/96CoHDqUFKRWLMKpuPNky2AThV0.roa
Signing time: Thu 02 Jan 2025 09:50:01 +0000
ROA not before: Thu 02 Jan 2025 09:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57344
IP address blocks: 194.24.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:08:c9:4d:93:47:6d:11:6b:3b:8e:a7:f3:23:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Validity
Not Before: Jan 2 09:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7a0a81c3a9414a4562cc2a9b8f364cb6013855d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8f:d6:0d:29:18:6d:10:2c:cf:14:b5:5a:88:
7a:c9:70:d4:e3:6a:f9:19:ab:aa:46:f6:fb:93:2c:
09:df:10:6e:d7:d3:c9:9c:bc:48:2d:63:e8:2e:8b:
a8:69:97:a1:7c:35:eb:30:3a:6c:0d:9e:10:d0:89:
82:30:c3:5b:9c:0b:79:1e:14:9c:0a:73:06:8b:5b:
f9:7d:21:e6:50:f7:5b:27:da:06:9b:96:31:0d:8d:
2a:23:50:8b:5d:7c:17:e1:be:91:fd:ce:58:82:54:
01:3f:61:ef:9b:1a:23:b9:4d:77:b3:b8:55:4d:9e:
c8:13:02:96:ff:14:c4:b3:cf:ee:1f:c4:ed:fb:ec:
8b:eb:29:87:75:3b:5e:a5:76:ca:f6:be:90:82:73:
18:30:7c:1c:3b:5a:c0:3f:71:f2:c2:7a:2f:a8:2d:
1c:e3:83:a4:27:80:ce:15:3e:92:4e:59:c6:1f:e8:
50:9b:49:71:4b:f4:79:34:eb:63:ca:fe:3f:19:57:
a6:66:fe:0b:30:3c:cb:0b:78:1e:15:43:8f:4b:6b:
ba:62:6b:f0:2f:5d:ca:b8:70:81:6b:11:9e:b5:39:
fc:5b:80:19:4b:d0:6b:2c:73:dd:5e:cd:f8:fe:6a:
3d:fd:82:4e:c2:e3:54:76:99:ac:4f:8c:81:23:7e:
d7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A0:A8:1C:3A:94:14:A4:56:2C:C2:A9:B8:F3:64:CB:60:13:85:5D
X509v3 Authority Key Identifier:
keyid:94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/96CoHDqUFKRWLMKpuPNky2AThV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.189.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:80:12:b5:e1:91:cd:9e:55:f1:28:7b:9d:e0:de:df:f9:15:
96:d4:c2:ce:5d:cc:b1:79:82:f7:b1:d2:42:2e:06:da:0e:fe:
91:9f:a4:ea:d9:07:69:05:d3:fe:2c:c5:86:fe:d4:ad:5c:88:
c3:37:8b:ef:02:d8:49:85:e9:eb:4b:29:5a:a8:9b:c9:b6:b2:
a5:9c:c9:aa:84:26:a2:f5:6b:8f:53:4c:f7:41:0a:57:1e:6c:
c4:49:7a:83:50:0f:da:a3:3a:6c:ee:b7:47:f8:a6:62:17:c2:
07:43:10:13:f6:b2:7e:22:0b:c6:e0:93:04:ae:cc:f0:92:45:
8f:b5:70:86:d9:33:0f:5d:b6:98:16:66:e2:ee:e3:2d:2c:2b:
89:16:ee:90:1d:51:22:d0:01:96:7e:12:a1:1d:7a:e3:12:fa:
b1:34:0c:b3:32:a1:1b:68:d1:30:5d:33:c9:38:4f:23:44:2e:
97:7f:d9:78:11:f7:07:3e:19:40:5d:4b:6e:79:3d:a2:0c:0e:
7a:4b:1b:3a:bd:59:1c:5d:cd:32:5c:32:32:cb:2b:70:e4:34:
83:41:a7:21:ac:2b:18:bb:be:f0:14:d1:7c:bb:50:6d:2c:7c:
e1:60:c3:b9:e1:17:64:df:cc:7c:aa:eb:3b:10:cc:be:06:2f:
77:97:fd:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbAjJTZNHbRFrO46n8yMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGExMGEyNTY3MjhmMTFhNGJiYWFkYzMyMDRiN2YwYTM1
YTUwMDAwHhcNMjUwMTAyMDk1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2EwYTgxYzNhOTQxNGE0NTYyY2MyYTliOGYzNjRjYjYwMTM4NTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4/WDSkYbRAszxS1Woh6yXDU42r5
GauqRvb7kywJ3xBu19PJnLxILWPoLouoaZehfDXrMDpsDZ4Q0ImCMMNbnAt5HhSc
CnMGi1v5fSHmUPdbJ9oGm5YxDY0qI1CLXXwX4b6R/c5YglQBP2HvmxojuU13s7hV
TZ7IEwKW/xTEs8/uH8Tt++yL6ymHdTtepXbK9r6QgnMYMHwcO1rAP3HywnovqC0c
44OkJ4DOFT6STlnGH+hQm0lxS/R5NOtjyv4/GVemZv4LMDzLC3geFUOPS2u6Ymvw
L13KuHCBaxGetTn8W4AZS9BrLHPdXs34/mo9/YJOwuNUdpmsT4yBI37XUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPegqBw6lBSkVizCqbjzZMtgE4VdMB8GA1UdIwQY
MBaAFJQKEKJWco8RpLuq3DIEt/CjWlAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYt
ZGNlNmQ2OTA5MjQ3LzEvOTZDb0hEcVVGS1JXTE1LcHVQTmt5MkFUaFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYtZGNlNmQ2OTA5MjQ3
LzEvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhi9MA0G
CSqGSIb3DQEBCwUAA4IBAQAugBK14ZHNnlXxKHud4N7f+RWW1MLOXcyxeYL3sdJC
LgbaDv6Rn6Tq2QdpBdP+LMWG/tStXIjDN4vvAthJhenrSylaqJvJtrKlnMmqhCai
9WuPU0z3QQpXHmzESXqDUA/aozps7rdH+KZiF8IHQxAT9rJ+IgvG4JMErszwkkWP
tXCG2TMPXbaYFmbi7uMtLCuJFu6QHVEi0AGWfhKhHXrjEvqxNAyzMqEbaNEwXTPJ
OE8jRC6Xf9l4EfcHPhlAXUtueT2iDA56Sxs6vVkcXc0yXDIyyytw5DSDQachrCsY
u77wFNF8u1BtLHzhYMO54Rdk38x8qus7EMy+Bi93l/1E
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:33:56 2025 by rpki-client