Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e2891d-6652-4fc2-b992-1386f490b1bf/1/M2fwGzBU6nDKxpm-Pc1IFuJ4Nag.roa
File: M2fwGzBU6nDKxpm-Pc1IFuJ4Nag.roa (raw, json)
Hash identifier: vrxm3TrBX7K8TL87BNMaN8PEU+ZSVIUj0UnP2LzffAE=
Subject key identifier: 33:67:F0:1B:30:54:EA:70:CA:C6:99:BE:3D:CD:48:16:E2:78:35:A8
Certificate issuer: /CN=e7e356fd885796e5d3fe3c4ab51a8c7fd2e8ae5c
Certificate serial: 0195BD67C694B7521ABFD7159B18E1D6DF8C
Authority key identifier: E7:E3:56:FD:88:57:96:E5:D3:FE:3C:4A:B5:1A:8C:7F:D2:E8:AE:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5-NW_YhXluXT_jxKtRqMf9Lorlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e2891d-6652-4fc2-b992-1386f490b1bf/1/M2fwGzBU6nDKxpm-Pc1IFuJ4Nag.roa
Signing time: Sat 22 Mar 2025 10:30:49 +0000
ROA not before: Sat 22 Mar 2025 10:30:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 996
IP address blocks: 194.124.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bd:67:c6:94:b7:52:1a:bf:d7:15:9b:18:e1:d6:df:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7e356fd885796e5d3fe3c4ab51a8c7fd2e8ae5c
Validity
Not Before: Mar 22 10:30:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3367f01b3054ea70cac699be3dcd4816e27835a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2b:97:73:c0:c6:fe:02:dd:04:f0:49:10:42:
7a:bb:90:0f:36:8b:b2:47:6e:96:8d:6d:71:c3:8f:
04:80:3d:a6:b6:d7:08:78:ad:78:62:2c:22:41:db:
fa:3e:07:db:12:7a:75:61:2b:6b:35:83:b5:37:2c:
b6:e0:72:cd:3f:60:de:0c:16:1c:3a:1a:56:e7:25:
ce:48:2c:e6:42:f1:f4:57:b6:1d:e7:bc:b5:31:65:
96:11:0e:dd:06:b0:0a:91:ba:18:1b:42:63:b2:2b:
c0:ab:32:fb:e2:4c:e6:fc:fb:85:84:0b:dc:7b:c9:
2d:84:7d:10:e1:3b:f8:6b:59:80:fe:07:32:40:9b:
fb:1a:a3:34:63:d4:fd:c0:68:db:6c:e6:2d:02:52:
d9:f4:ff:27:e1:ef:81:d6:e7:7a:1d:f8:8c:73:21:
e9:cc:6f:66:64:27:1a:ff:cd:dd:fc:5e:2d:d6:3f:
31:e4:51:9a:2f:86:e3:bf:c4:ab:e3:54:3d:03:3f:
1d:64:ae:e2:55:5f:0c:36:78:87:84:12:06:0b:39:
fd:81:7c:a7:37:5d:df:1b:17:0e:73:db:f5:c0:40:
07:9a:31:65:15:43:56:c4:c6:9e:2b:d6:f7:c6:47:
45:09:a8:88:ca:86:c8:54:03:1e:59:d0:82:8a:fc:
f4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:67:F0:1B:30:54:EA:70:CA:C6:99:BE:3D:CD:48:16:E2:78:35:A8
X509v3 Authority Key Identifier:
keyid:E7:E3:56:FD:88:57:96:E5:D3:FE:3C:4A:B5:1A:8C:7F:D2:E8:AE:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5-NW_YhXluXT_jxKtRqMf9Lorlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e2891d-6652-4fc2-b992-1386f490b1bf/1/M2fwGzBU6nDKxpm-Pc1IFuJ4Nag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e2891d-6652-4fc2-b992-1386f490b1bf/1/5-NW_YhXluXT_jxKtRqMf9Lorlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.234.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:e6:80:12:0a:0c:8b:6f:8e:63:89:c0:29:88:95:1a:9a:23:
fc:b8:a4:1e:d3:ee:67:2f:ee:ac:bf:be:19:5e:45:2e:57:07:
33:22:9d:1a:8d:97:17:5e:9e:07:37:57:29:0b:7a:69:1b:46:
db:d2:2a:12:d3:f7:08:9d:68:ff:f6:56:a9:63:05:00:3b:e9:
f7:cc:18:5d:46:8b:7b:02:8b:e5:fa:30:5a:66:d7:17:1f:b5:
ee:88:80:59:53:b4:8a:ff:f3:27:75:bd:6b:4d:9f:94:5b:a1:
0a:ff:c9:42:76:9a:e0:ab:34:fd:22:6f:4c:4d:d9:ea:14:0a:
18:32:05:a5:75:b1:8c:6e:ed:81:ad:71:5c:c7:c7:c0:25:5f:
0b:e2:87:4f:ab:1c:31:87:82:3c:4e:79:61:45:d4:02:04:09:
ec:bc:4e:d0:88:ab:dd:35:0a:28:04:a9:7e:b0:f1:7b:01:94:
78:51:c9:13:f0:ea:22:c6:45:d3:31:f3:cc:01:20:7f:9f:43:
15:e4:99:80:5a:a1:95:ba:ec:c4:c6:d3:64:4f:13:0e:e1:42:
ce:1d:01:03:5d:01:a5:d7:11:24:80:a4:cc:d1:51:43:74:b5:
1b:06:bd:3c:44:88:79:a5:a7:24:6a:b4:e4:f1:7d:c6:2b:59:
83:9a:1e:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZW9Z8aUt1Iav9cVmxjh1t+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZTM1NmZkODg1Nzk2ZTVkM2ZlM2M0YWI1MWE4YzdmZDJl
OGFlNWMwHhcNMjUwMzIyMTAzMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzY3ZjAxYjMwNTRlYTcwY2FjNjk5YmUzZGNkNDgxNmUyNzgzNWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CuXc8DG/gLdBPBJEEJ6u5APNouy
R26WjW1xw48EgD2mttcIeK14YiwiQdv6PgfbEnp1YStrNYO1Nyy24HLNP2DeDBYc
OhpW5yXOSCzmQvH0V7Yd57y1MWWWEQ7dBrAKkboYG0JjsivAqzL74kzm/PuFhAvc
e8kthH0Q4Tv4a1mA/gcyQJv7GqM0Y9T9wGjbbOYtAlLZ9P8n4e+B1ud6HfiMcyHp
zG9mZCca/83d/F4t1j8x5FGaL4bjv8Sr41Q9Az8dZK7iVV8MNniHhBIGCzn9gXyn
N13fGxcOc9v1wEAHmjFlFUNWxMaeK9b3xkdFCaiIyobIVAMeWdCCivz0swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDNn8BswVOpwysaZvj3NSBbieDWoMB8GA1UdIwQY
MBaAFOfjVv2IV5bl0/48SrUajH/S6K5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNS1OV19ZaFhsdVhUX2p4S3RScU1mOUxvcmx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lMjg5MWQtNjY1Mi00ZmMyLWI5OTIt
MTM4NmY0OTBiMWJmLzEvTTJmd0d6QlU2bkRLeHBtLVBjMUlGdUo0TmFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lMjg5MWQtNjY1Mi00ZmMyLWI5OTItMTM4NmY0OTBiMWJm
LzEvNS1OV19ZaFhsdVhUX2p4S3RScU1mOUxvcmx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnzqMA0G
CSqGSIb3DQEBCwUAA4IBAQBd5oASCgyLb45jicApiJUamiP8uKQe0+5nL+6sv74Z
XkUuVwczIp0ajZcXXp4HN1cpC3ppG0bb0ioS0/cInWj/9lapYwUAO+n3zBhdRot7
Aovl+jBaZtcXH7XuiIBZU7SK//Mndb1rTZ+UW6EK/8lCdprgqzT9Im9MTdnqFAoY
MgWldbGMbu2BrXFcx8fAJV8L4odPqxwxh4I8TnlhRdQCBAnsvE7QiKvdNQooBKl+
sPF7AZR4UckT8OoixkXTMfPMASB/n0MV5JmAWqGVuuzExtNkTxMO4ULOHQEDXQGl
1xEkgKTM0VFDdLUbBr08RIh5packarTk8X3GK1mDmh4z
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:37:44 2025 by rpki-client