Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/61109f-2d19-41ce-ba6e-ddbc0def83e1/1/ztG3iRtcx4pgmD82wNPmhKWPj8w.roa
File: ztG3iRtcx4pgmD82wNPmhKWPj8w.roa (raw, json)
Hash identifier: 7wVFIe2H/2PMSyJC9QSggcK+C7T3Sk0wvSIjn0Idsps=
Subject key identifier: CE:D1:B7:89:1B:5C:C7:8A:60:98:3F:36:C0:D3:E6:84:A5:8F:8F:CC
Certificate issuer: /CN=4e7461477b59b7bc0906f6ce60650bb3ad2dee57
Certificate serial: 0194214461D9C7774F75DFD6EBC97BE7A788
Authority key identifier: 4E:74:61:47:7B:59:B7:BC:09:06:F6:CE:60:65:0B:B3:AD:2D:EE:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TnRhR3tZt7wJBvbOYGULs60t7lc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/61109f-2d19-41ce-ba6e-ddbc0def83e1/1/ztG3iRtcx4pgmD82wNPmhKWPj8w.roa
Signing time: Wed 01 Jan 2025 09:48:37 +0000
ROA not before: Wed 01 Jan 2025 09:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29075
IP address blocks: 194.147.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:61:d9:c7:77:4f:75:df:d6:eb:c9:7b:e7:a7:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e7461477b59b7bc0906f6ce60650bb3ad2dee57
Validity
Not Before: Jan 1 09:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ced1b7891b5cc78a60983f36c0d3e684a58f8fcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5e:f1:5a:06:b6:b6:f3:f2:00:4e:f1:9f:01:
2b:ba:c8:f7:8e:10:07:c1:1b:1a:fd:66:36:d7:f7:
af:43:f3:0d:fd:0d:1b:12:4c:51:3e:8e:33:9c:0d:
a4:94:9a:9c:1b:ca:66:b8:d9:1a:45:66:20:96:0b:
d1:28:d3:8c:aa:5c:a7:f6:00:27:ea:fb:59:c8:fd:
33:11:de:95:08:95:db:ad:b3:66:de:d8:e2:17:bf:
15:d9:76:69:86:93:2a:65:34:27:8a:25:0e:d9:1f:
2f:97:5c:7e:70:40:a4:c2:ec:a8:6a:3e:e1:9a:75:
9d:e7:86:04:53:04:eb:9b:06:59:ac:55:02:76:d4:
40:d6:41:05:06:c0:69:37:66:1e:c3:b6:23:7d:59:
80:58:85:19:0e:8c:b8:7a:e7:fe:33:dc:95:53:ff:
d0:a4:99:91:bc:e5:c4:61:b0:22:bc:9e:2a:25:bb:
23:d6:25:3c:85:31:05:4e:1b:e1:c1:64:84:70:2a:
da:72:e9:f5:0a:af:38:27:65:dd:12:a8:39:d1:4e:
50:9b:fe:21:3f:49:d7:36:66:a0:8c:6b:91:6b:a7:
14:ac:14:1c:23:95:a3:3c:86:35:6d:4c:9a:a2:66:
7f:ab:b5:03:5a:5d:b4:f4:14:73:c9:81:6c:ac:6b:
83:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D1:B7:89:1B:5C:C7:8A:60:98:3F:36:C0:D3:E6:84:A5:8F:8F:CC
X509v3 Authority Key Identifier:
keyid:4E:74:61:47:7B:59:B7:BC:09:06:F6:CE:60:65:0B:B3:AD:2D:EE:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TnRhR3tZt7wJBvbOYGULs60t7lc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/61109f-2d19-41ce-ba6e-ddbc0def83e1/1/ztG3iRtcx4pgmD82wNPmhKWPj8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/61109f-2d19-41ce-ba6e-ddbc0def83e1/1/TnRhR3tZt7wJBvbOYGULs60t7lc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.152.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:b3:04:0b:9e:28:db:ca:b1:ed:4c:57:91:bf:a2:e7:25:62:
ea:20:03:12:ae:09:c2:ef:9d:e6:f3:d5:bd:c7:ee:31:7c:38:
b1:47:f9:2d:7a:6a:1b:e8:12:57:6d:44:fc:cf:d0:f5:13:a6:
41:b7:e1:78:66:1a:8b:c2:1f:5a:ce:cd:1d:1a:53:18:87:76:
b3:6c:a4:68:f4:5a:00:af:2b:85:35:b1:d0:72:1f:ed:16:26:
d0:8d:0e:82:b6:c9:a0:91:20:e4:a5:ac:76:cb:a4:9d:05:e2:
72:5d:2a:ec:dc:88:08:10:f7:38:7b:3d:0e:fb:00:5a:bb:0e:
b9:47:8e:1b:c6:d4:28:53:f9:4d:df:ed:fd:50:3f:06:31:ff:
1c:de:7e:ca:1f:bb:eb:7e:15:f3:44:10:68:0c:d1:b7:b1:08:
da:f0:05:18:25:26:f3:96:b3:ff:4e:bf:47:ad:05:f7:42:08:
5b:98:07:75:63:35:3a:0e:7c:d3:ad:3f:72:5e:26:e7:71:8e:
98:0d:7d:3d:79:7f:d6:50:85:7d:2d:a0:78:50:ef:db:ea:58:
be:9f:10:cc:39:3f:20:24:0b:22:0e:66:09:19:b4:80:43:9f:
41:25:d3:d4:ed:52:23:ab:4c:01:e9:1d:da:6d:d2:1c:7a:a3:
48:a3:d8:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRGHZx3dPdd/W68l756eIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNzQ2MTQ3N2I1OWI3YmMwOTA2ZjZjZTYwNjUwYmIzYWQy
ZGVlNTcwHhcNMjUwMTAxMDk0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWQxYjc4OTFiNWNjNzhhNjA5ODNmMzZjMGQzZTY4NGE1OGY4ZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr17xWga2tvPyAE7xnwErusj3jhAH
wRsa/WY21/evQ/MN/Q0bEkxRPo4znA2klJqcG8pmuNkaRWYglgvRKNOMqlyn9gAn
6vtZyP0zEd6VCJXbrbNm3tjiF78V2XZphpMqZTQniiUO2R8vl1x+cECkwuyoaj7h
mnWd54YEUwTrmwZZrFUCdtRA1kEFBsBpN2Yew7YjfVmAWIUZDoy4euf+M9yVU//Q
pJmRvOXEYbAivJ4qJbsj1iU8hTEFThvhwWSEcCracun1Cq84J2XdEqg50U5Qm/4h
P0nXNmagjGuRa6cUrBQcI5WjPIY1bUyaomZ/q7UDWl209BRzyYFsrGuDnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM7Rt4kbXMeKYJg/NsDT5oSlj4/MMB8GA1UdIwQY
MBaAFE50YUd7Wbe8CQb2zmBlC7OtLe5XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG5SaFIzdFp0N3dKQnZiT1lHVUxzNjB0N2xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MTEwOWYtMmQxOS00MWNlLWJhNmUt
ZGRiYzBkZWY4M2UxLzEvenRHM2lSdGN4NHBnbUQ4MndOUG1oS1dQajh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MTEwOWYtMmQxOS00MWNlLWJhNmUtZGRiYzBkZWY4M2Ux
LzEvVG5SaFIzdFp0N3dKQnZiT1lHVUxzNjB0N2xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpOYMA0G
CSqGSIb3DQEBCwUAA4IBAQBPswQLnijbyrHtTFeRv6LnJWLqIAMSrgnC753m89W9
x+4xfDixR/ktemob6BJXbUT8z9D1E6ZBt+F4ZhqLwh9azs0dGlMYh3azbKRo9FoA
ryuFNbHQch/tFibQjQ6CtsmgkSDkpax2y6SdBeJyXSrs3IgIEPc4ez0O+wBauw65
R44bxtQoU/lN3+39UD8GMf8c3n7KH7vrfhXzRBBoDNG3sQja8AUYJSbzlrP/Tr9H
rQX3QghbmAd1YzU6DnzTrT9yXibncY6YDX09eX/WUIV9LaB4UO/b6li+nxDMOT8g
JAsiDmYJGbSAQ59BJdPU7VIjq0wB6R3abdIceqNIo9iw
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:23:08 2025 by rpki-client