Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/lG1BuTFjXhh1jhBZGFRoMZ1VGUk.roa
File: lG1BuTFjXhh1jhBZGFRoMZ1VGUk.roa (raw, json)
Hash identifier: MY1BZJhxcWBrL8EPmHWLLNAliv/8MF/BrwKcRtPCEYA=
Subject key identifier: 94:6D:41:B9:31:63:5E:18:75:8E:10:59:18:54:68:31:9D:55:19:49
Certificate issuer: /CN=143239651db6aab1bcb67325f785b5ee1f4025cb
Certificate serial: 0194FBBF6CF0EAF435525856A5AF832AF3B8
Authority key identifier: 14:32:39:65:1D:B6:AA:B1:BC:B6:73:25:F7:85:B5:EE:1F:40:25:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/lG1BuTFjXhh1jhBZGFRoMZ1VGUk.roa
Signing time: Wed 12 Feb 2025 20:00:14 +0000
ROA not before: Wed 12 Feb 2025 20:00:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208972
IP address blocks: 194.36.86.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fb:bf:6c:f0:ea:f4:35:52:58:56:a5:af:83:2a:f3:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=143239651db6aab1bcb67325f785b5ee1f4025cb
Validity
Not Before: Feb 12 20:00:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=946d41b931635e18758e1059185468319d551949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5c:be:b1:8f:90:9e:d2:2d:b5:32:ca:8b:4f:
18:ef:07:5b:70:62:32:e6:e2:af:b1:c4:86:61:3d:
21:1d:f5:70:4a:56:21:6f:86:8e:b5:92:c4:36:db:
16:04:2a:fc:4b:73:94:6a:be:f8:ca:fb:e3:c9:67:
07:7e:61:40:b0:be:7f:0d:9d:ce:d6:c6:74:bf:81:
3a:04:04:48:4f:59:b8:f4:e8:9c:5f:75:8a:c4:37:
83:0a:58:1b:79:ff:ed:27:50:41:8c:15:6e:24:b2:
0b:80:62:d8:4b:7f:e4:d4:44:7a:ed:9e:48:7b:95:
a8:3c:4f:1d:36:04:ac:54:04:7b:b9:3b:2a:6a:12:
67:03:0e:ed:c0:e1:a7:16:13:24:ea:d0:d6:d2:bd:
85:cd:a9:46:4a:70:38:3b:e6:e6:bc:80:c7:4c:67:
bf:fb:fc:14:d4:57:71:61:1b:b5:a0:20:4b:e9:8e:
d4:8b:84:72:63:b2:b4:74:df:3d:ea:6e:b9:d9:af:
8a:1f:c9:f6:64:a9:0e:fe:5b:cf:4e:58:77:8a:e2:
25:89:18:1f:c6:de:a1:47:68:10:69:e1:87:01:95:
3b:a9:45:5b:82:0f:d7:84:29:8a:88:78:e3:ea:8c:
cb:36:03:08:5e:65:3b:40:ce:e6:fd:84:9e:12:ee:
e3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:6D:41:B9:31:63:5E:18:75:8E:10:59:18:54:68:31:9D:55:19:49
X509v3 Authority Key Identifier:
keyid:14:32:39:65:1D:B6:AA:B1:BC:B6:73:25:F7:85:B5:EE:1F:40:25:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/lG1BuTFjXhh1jhBZGFRoMZ1VGUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/FDI5ZR22qrG8tnMl94W17h9AJcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.86.0/24
Signature Algorithm: sha256WithRSAEncryption
21:1e:dd:23:7d:25:36:53:de:b5:09:36:fb:c9:77:ab:1f:b8:
4b:14:9a:03:18:7c:2d:92:dd:62:48:8d:b0:d7:4a:18:02:cc:
5d:e1:25:2c:4f:20:a7:c9:19:1f:f7:44:78:b2:82:bc:75:e0:
02:09:f9:95:ea:48:d0:32:d9:30:09:58:9b:d6:d8:62:72:b2:
52:14:65:85:97:05:1a:58:45:95:a4:58:14:5e:e3:db:a4:08:
6a:10:2a:fa:28:f1:e3:0f:d9:08:de:d1:82:59:db:a4:fa:7f:
40:98:6c:e7:f8:e9:05:d0:b2:92:ec:8f:94:da:bf:d1:a3:7a:
89:cc:1c:14:c1:e8:70:09:96:2a:65:e6:18:37:e6:22:e9:31:
b3:ef:68:ec:c2:52:66:49:46:0a:fc:39:d3:34:b3:93:2b:fc:
75:70:b7:c7:31:2b:34:86:6a:a2:03:24:04:03:aa:35:3b:29:
9c:71:c4:e7:a1:98:f0:e0:d1:a0:47:00:a2:ca:d4:60:d2:e6:
b2:1b:c6:97:9c:9b:51:5a:a6:75:dd:d1:d6:c0:5b:d3:09:86:
88:c7:4b:e6:41:51:78:74:62:fe:40:bb:83:ee:21:dc:61:db:
d9:30:63:58:97:3e:81:08:3f:50:f4:82:88:f2:75:b1:65:ca:
7b:ba:d2:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZT7v2zw6vQ1UlhWpa+DKvO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MzIzOTY1MWRiNmFhYjFiY2I2NzMyNWY3ODViNWVlMWY0
MDI1Y2IwHhcNMjUwMjEyMjAwMDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDZkNDFiOTMxNjM1ZTE4NzU4ZTEwNTkxODU0NjgzMTlkNTUxOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVy+sY+QntIttTLKi08Y7wdbcGIy
5uKvscSGYT0hHfVwSlYhb4aOtZLENtsWBCr8S3OUar74yvvjyWcHfmFAsL5/DZ3O
1sZ0v4E6BARIT1m49OicX3WKxDeDClgbef/tJ1BBjBVuJLILgGLYS3/k1ER67Z5I
e5WoPE8dNgSsVAR7uTsqahJnAw7twOGnFhMk6tDW0r2FzalGSnA4O+bmvIDHTGe/
+/wU1FdxYRu1oCBL6Y7Ui4RyY7K0dN896m652a+KH8n2ZKkO/lvPTlh3iuIliRgf
xt6hR2gQaeGHAZU7qUVbgg/XhCmKiHjj6ozLNgMIXmU7QM7m/YSeEu7jmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRtQbkxY14YdY4QWRhUaDGdVRlJMB8GA1UdIwQY
MBaAFBQyOWUdtqqxvLZzJfeFte4fQCXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkRJNVpSMjJxckc4dG5NbDk0VzE3aDlBSmNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC82ZjQ2ZDktM2FmMC00MmFhLWIzMzQt
NmVlYzc3ZDliOTg1LzEvbEcxQnVURmpYaGgxamhCWkdGUm9NWjFWR1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC82ZjQ2ZDktM2FmMC00MmFhLWIzMzQtNmVlYzc3ZDliOTg1
LzEvRkRJNVpSMjJxckc4dG5NbDk0VzE3aDlBSmNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiRWMA0G
CSqGSIb3DQEBCwUAA4IBAQAhHt0jfSU2U961CTb7yXerH7hLFJoDGHwtkt1iSI2w
10oYAsxd4SUsTyCnyRkf90R4soK8deACCfmV6kjQMtkwCVib1thicrJSFGWFlwUa
WEWVpFgUXuPbpAhqECr6KPHjD9kI3tGCWduk+n9AmGzn+OkF0LKS7I+U2r/Ro3qJ
zBwUwehwCZYqZeYYN+Yi6TGz72jswlJmSUYK/DnTNLOTK/x1cLfHMSs0hmqiAyQE
A6o1OymcccTnoZjw4NGgRwCiytRg0uayG8aXnJtRWqZ13dHWwFvTCYaIx0vmQVF4
dGL+QLuD7iHcYdvZMGNYlz6BCD9Q9IKI8nWxZcp7utIB
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:16:47 2025 by rpki-client