Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/9c72ae-8365-4f50-825e-f82137e00bc3/1/4DXia6r4DTEgUbfUdc0kmvwmm1Y.roa
File: 4DXia6r4DTEgUbfUdc0kmvwmm1Y.roa (raw, json)
Hash identifier: Z6UcUFwAm3cKPg0mR+/9vcq4H9MwUtI5vEk+Pz3XR3A=
Subject key identifier: E0:35:E2:6B:AA:F8:0D:31:20:51:B7:D4:75:CD:24:9A:FC:26:9B:56
Certificate issuer: /CN=a1e8fee97da365b6480821b18bedf9fc23553826
Certificate serial: 0194228D1A2036FB02BB69340F9B055F4DFA
Authority key identifier: A1:E8:FE:E9:7D:A3:65:B6:48:08:21:B1:8B:ED:F9:FC:23:55:38:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oej-6X2jZbZICCGxi-35_CNVOCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/9c72ae-8365-4f50-825e-f82137e00bc3/1/4DXia6r4DTEgUbfUdc0kmvwmm1Y.roa
Signing time: Wed 01 Jan 2025 15:47:40 +0000
ROA not before: Wed 01 Jan 2025 15:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 194.9.44.0/24 maxlen: 24
194.9.45.0/24 maxlen: 24
2001:678:e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:1a:20:36:fb:02:bb:69:34:0f:9b:05:5f:4d:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1e8fee97da365b6480821b18bedf9fc23553826
Validity
Not Before: Jan 1 15:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e035e26baaf80d312051b7d475cd249afc269b56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:de:81:42:ce:0a:03:80:c6:1d:5c:85:8d:5d:
fd:b2:e9:91:b6:21:c3:45:68:35:5b:9f:12:d4:3e:
05:3f:af:9d:9b:60:18:a7:8c:b1:36:e2:54:7d:d8:
7f:5d:86:c0:e6:0e:93:69:66:5e:c7:44:47:68:75:
c1:ca:57:07:c0:96:fd:98:ce:13:f4:15:4e:d5:ab:
f3:81:20:18:85:32:46:ef:26:30:a5:af:93:65:5f:
1a:2f:51:0b:45:78:5e:f7:e7:71:ca:2d:74:e9:45:
5c:d7:48:7f:6b:79:55:55:1d:7b:f0:ce:32:90:43:
b1:52:0f:b0:91:b6:c1:ef:8a:39:5c:2e:46:b6:03:
b5:0d:c0:16:0e:ad:23:fc:d1:26:68:57:be:3e:fa:
b1:d0:98:d6:e1:da:ce:b7:94:a8:ff:a7:ed:29:34:
22:7e:8c:e2:17:5f:da:60:f4:cb:ad:b9:e1:24:68:
6e:76:07:ba:cc:81:90:92:4e:63:13:80:8f:b5:73:
71:d9:85:a1:99:9a:4a:ff:a4:f1:73:fa:94:a5:86:
d0:90:ad:38:cd:e1:cc:cd:3f:41:cd:8a:6c:d8:76:
a4:d8:78:e1:28:2f:73:65:c5:f2:6c:0a:8c:28:85:
33:2d:43:15:bc:ce:df:d7:4a:42:85:f4:89:b9:63:
bb:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:35:E2:6B:AA:F8:0D:31:20:51:B7:D4:75:CD:24:9A:FC:26:9B:56
X509v3 Authority Key Identifier:
keyid:A1:E8:FE:E9:7D:A3:65:B6:48:08:21:B1:8B:ED:F9:FC:23:55:38:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oej-6X2jZbZICCGxi-35_CNVOCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9c72ae-8365-4f50-825e-f82137e00bc3/1/4DXia6r4DTEgUbfUdc0kmvwmm1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9c72ae-8365-4f50-825e-f82137e00bc3/1/oej-6X2jZbZICCGxi-35_CNVOCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.44.0/23
IPv6:
2001:678:e0::/48
Signature Algorithm: sha256WithRSAEncryption
45:cd:df:8c:c6:90:f9:81:d4:ff:d0:86:9b:2d:74:91:7e:9a:
04:c0:04:f2:43:20:66:ba:01:08:95:75:19:11:b5:58:d1:e5:
7a:9d:d0:80:4a:ce:06:13:ed:9e:22:28:95:e9:a4:9b:6a:1b:
08:7a:c0:ee:e9:54:76:ab:1e:d8:db:36:bb:e6:31:eb:5f:cf:
a9:93:0a:38:2c:e2:68:30:a8:69:6e:ab:47:88:2e:86:61:1d:
c3:ef:e9:cf:14:99:b1:56:c0:4d:f6:86:54:14:51:97:1d:cd:
0b:9e:ad:a3:39:44:03:79:2f:ca:73:69:f5:d0:ef:90:3d:b0:
db:77:ad:c8:4d:e8:c3:a0:d3:79:28:77:a3:11:f7:d5:f7:bf:
83:a0:69:b1:98:d2:61:af:50:31:e1:c1:43:62:24:63:b6:12:
80:b8:39:ba:d7:bc:da:b9:06:17:81:14:8b:25:a0:d2:27:9a:
f2:25:00:4f:68:d3:ac:af:3e:5f:97:6b:14:10:25:7e:e8:a4:
ee:78:17:0b:6a:99:d7:1f:b4:46:3b:4b:92:49:2d:7a:91:24:
45:b7:7e:7c:26:04:48:48:08:a8:12:ca:67:59:45:05:06:83:
79:91:27:1b:30:52:1f:83:68:69:e4:0c:b5:de:e9:b3:de:37:
f5:82:d3:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQijRogNvsCu2k0D5sFX036MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZThmZWU5N2RhMzY1YjY0ODA4MjFiMThiZWRmOWZjMjM1
NTM4MjYwHhcNMjUwMTAxMTU0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDM1ZTI2YmFhZjgwZDMxMjA1MWI3ZDQ3NWNkMjQ5YWZjMjY5YjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk96BQs4KA4DGHVyFjV39sumRtiHD
RWg1W58S1D4FP6+dm2AYp4yxNuJUfdh/XYbA5g6TaWZex0RHaHXBylcHwJb9mM4T
9BVO1avzgSAYhTJG7yYwpa+TZV8aL1ELRXhe9+dxyi106UVc10h/a3lVVR178M4y
kEOxUg+wkbbB74o5XC5GtgO1DcAWDq0j/NEmaFe+Pvqx0JjW4drOt5So/6ftKTQi
foziF1/aYPTLrbnhJGhudge6zIGQkk5jE4CPtXNx2YWhmZpK/6Txc/qUpYbQkK04
zeHMzT9BzYps2Hak2HjhKC9zZcXybAqMKIUzLUMVvM7f10pChfSJuWO7kQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOA14muq+A0xIFG31HXNJJr8JptWMB8GA1UdIwQY
MBaAFKHo/ul9o2W2SAghsYvt+fwjVTgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2VqLTZYMmpaYlpJQ0NHeGktMzVfQ05WT0NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85YzcyYWUtODM2NS00ZjUwLTgyNWUt
ZjgyMTM3ZTAwYmMzLzEvNERYaWE2cjREVEVnVWJmVWRjMGttdndtbTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85YzcyYWUtODM2NS00ZjUwLTgyNWUtZjgyMTM3ZTAwYmMz
LzEvb2VqLTZYMmpaYlpJQ0NHeGktMzVfQ05WT0NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwgksMA8E
AgACMAkDBwAgAQZ4AOAwDQYJKoZIhvcNAQELBQADggEBAEXN34zGkPmB1P/Qhpst
dJF+mgTABPJDIGa6AQiVdRkRtVjR5Xqd0IBKzgYT7Z4iKJXppJtqGwh6wO7pVHar
HtjbNrvmMetfz6mTCjgs4mgwqGluq0eILoZhHcPv6c8UmbFWwE32hlQUUZcdzQue
raM5RAN5L8pzafXQ75A9sNt3rchN6MOg03kod6MR99X3v4OgabGY0mGvUDHhwUNi
JGO2EoC4ObrXvNq5BheBFIsloNInmvIlAE9o06yvPl+XaxQQJX7opO54Fwtqmdcf
tEY7S5JJLXqRJEW3fnwmBEhICKgSymdZRQUGg3mRJxswUh+DaGnkDLXe6bPeN/WC
080=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:13:19 2025 by rpki-client