Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/CCavKhP7AEj7Vk_SGWe1jvcCRyg.roa
File: CCavKhP7AEj7Vk_SGWe1jvcCRyg.roa (raw, json)
Hash identifier: ErCh+iOQog12EmBkEQOKm5CnYVqmDx85/Bq5syDjRtk=
Subject key identifier: 08:26:AF:2A:13:FB:00:48:FB:56:4F:D2:19:67:B5:8E:F7:02:47:28
Certificate issuer: /CN=e11aa92850ebfe648ad3d89add8e736ec3675a11
Certificate serial: 01942444B6A050C90A213FBA5804CC94E57E
Authority key identifier: E1:1A:A9:28:50:EB:FE:64:8A:D3:D8:9A:DD:8E:73:6E:C3:67:5A:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4RqpKFDr_mSK09ia3Y5zbsNnWhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/CCavKhP7AEj7Vk_SGWe1jvcCRyg.roa
Signing time: Wed 01 Jan 2025 23:47:50 +0000
ROA not before: Wed 01 Jan 2025 23:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20676
IP address blocks: 194.180.128.0/23 maxlen: 23
194.180.132.0/22 maxlen: 22
194.180.142.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:b6:a0:50:c9:0a:21:3f:ba:58:04:cc:94:e5:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e11aa92850ebfe648ad3d89add8e736ec3675a11
Validity
Not Before: Jan 1 23:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0826af2a13fb0048fb564fd21967b58ef7024728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:80:08:ba:9e:ff:53:a7:40:7f:c8:13:2d:2e:
e4:ec:4e:88:b6:90:88:b6:cf:2d:97:e0:6a:44:d5:
bd:16:ea:c6:bc:a1:15:77:f9:3a:cd:b1:13:2a:9e:
3f:65:48:08:58:30:59:d0:dd:9f:a9:d4:6f:ef:18:
c1:6f:eb:cc:58:96:fe:75:be:14:90:87:18:92:08:
f5:ec:2e:36:3b:c6:cd:8d:47:18:25:ae:1a:d2:1f:
07:d8:c0:6d:11:91:5b:9f:e2:b4:e7:db:88:c1:9e:
eb:00:65:41:75:1c:52:bb:dd:79:77:8c:50:f3:f9:
8a:0c:e2:32:30:dd:15:9a:df:6e:2f:c7:e3:dd:50:
ed:51:9c:d3:c0:85:7e:22:9e:c9:42:fe:fa:34:12:
e4:e3:eb:46:6c:02:b2:1a:b4:81:e5:a5:08:b5:55:
c9:6f:93:fa:eb:57:09:0f:b3:7d:d0:c7:bf:bd:9e:
25:7f:c4:c5:51:3c:44:7c:fc:63:3a:cb:f4:a7:11:
5a:88:4e:e3:34:df:10:9e:89:84:c4:a1:cf:3a:75:
fb:4f:72:15:fa:cb:34:39:ac:5c:60:86:15:e7:2b:
dc:21:5f:77:e8:77:d4:60:5f:8d:74:f7:d9:b7:c6:
58:6f:b2:02:17:0f:dc:b5:a7:e3:94:9a:0e:d9:95:
d8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:26:AF:2A:13:FB:00:48:FB:56:4F:D2:19:67:B5:8E:F7:02:47:28
X509v3 Authority Key Identifier:
keyid:E1:1A:A9:28:50:EB:FE:64:8A:D3:D8:9A:DD:8E:73:6E:C3:67:5A:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4RqpKFDr_mSK09ia3Y5zbsNnWhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/CCavKhP7AEj7Vk_SGWe1jvcCRyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/4RqpKFDr_mSK09ia3Y5zbsNnWhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.128.0/23
194.180.132.0/22
194.180.142.0/23
Signature Algorithm: sha256WithRSAEncryption
45:85:99:b2:01:0f:2f:90:d9:1c:17:cf:cd:ff:18:cd:1b:96:
bd:c3:5a:55:58:38:46:88:bf:2f:9d:ed:a0:1d:17:55:43:db:
b0:2c:79:e3:ee:2f:a2:00:ce:4b:e2:0d:9e:07:65:e0:b6:e6:
2c:25:e2:6b:99:cd:a7:44:c4:f6:e8:ed:da:24:0b:4f:1a:0a:
a9:8e:e5:d9:6b:ae:61:35:c3:e9:43:b4:47:5d:d3:32:51:71:
31:4f:9a:f9:d1:5f:d5:d5:29:46:05:37:06:c4:90:8e:57:a4:
1d:a7:b7:2b:f5:73:87:ab:33:f4:0a:1d:b5:97:52:bd:0e:05:
a1:89:e5:b9:7c:ea:52:fa:b1:e1:5d:1d:43:cc:4c:06:ef:88:
f6:9f:c3:8c:2c:49:47:3e:1b:ac:44:1f:ea:35:17:c1:bf:e3:
7c:c3:92:48:12:c1:a8:5f:21:2f:9f:4a:e0:ce:5a:bc:6a:c9:
09:30:66:19:52:63:c4:07:bf:41:94:b6:bc:33:18:98:5d:77:
87:dc:fe:83:4d:73:ad:de:40:32:12:ee:40:8c:a5:e9:4d:f3:
08:b4:12:a5:d8:5b:af:92:5e:68:08:2d:66:3d:98:fd:b5:b8:
c8:5c:f1:6a:11:17:0e:38:5b:e9:91:b2:e2:98:61:da:94:05:
79:a1:a9:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQkRLagUMkKIT+6WATMlOV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMWFhOTI4NTBlYmZlNjQ4YWQzZDg5YWRkOGU3MzZlYzM2
NzVhMTEwHhcNMjUwMTAxMjM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODI2YWYyYTEzZmIwMDQ4ZmI1NjRmZDIxOTY3YjU4ZWY3MDI0NzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4AIup7/U6dAf8gTLS7k7E6ItpCI
ts8tl+BqRNW9FurGvKEVd/k6zbETKp4/ZUgIWDBZ0N2fqdRv7xjBb+vMWJb+db4U
kIcYkgj17C42O8bNjUcYJa4a0h8H2MBtEZFbn+K059uIwZ7rAGVBdRxSu915d4xQ
8/mKDOIyMN0Vmt9uL8fj3VDtUZzTwIV+Ip7JQv76NBLk4+tGbAKyGrSB5aUItVXJ
b5P661cJD7N90Me/vZ4lf8TFUTxEfPxjOsv0pxFaiE7jNN8QnomExKHPOnX7T3IV
+ss0OaxcYIYV5yvcIV936HfUYF+NdPfZt8ZYb7ICFw/ctafjlJoO2ZXYzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAgmryoT+wBI+1ZP0hlntY73AkcoMB8GA1UdIwQY
MBaAFOEaqShQ6/5kitPYmt2Oc27DZ1oRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFJxcEtGRHJfbVNLMDlpYTNZNXpic05uV2hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8yZWJiYTUtN2EwZC00MzMzLWI5MTEt
MGY4OGQxNmUxYWZlLzEvQ0NhdktoUDdBRWo3VmtfU0dXZTFqdmNDUnlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8yZWJiYTUtN2EwZC00MzMzLWI5MTEtMGY4OGQxNmUxYWZl
LzEvNFJxcEtGRHJfbVNLMDlpYTNZNXpic05uV2hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwrSAAwQC
wrSEAwQBwrSOMA0GCSqGSIb3DQEBCwUAA4IBAQBFhZmyAQ8vkNkcF8/N/xjNG5a9
w1pVWDhGiL8vne2gHRdVQ9uwLHnj7i+iAM5L4g2eB2XgtuYsJeJrmc2nRMT26O3a
JAtPGgqpjuXZa65hNcPpQ7RHXdMyUXExT5r50V/V1SlGBTcGxJCOV6Qdp7cr9XOH
qzP0Ch21l1K9DgWhieW5fOpS+rHhXR1DzEwG74j2n8OMLElHPhusRB/qNRfBv+N8
w5JIEsGoXyEvn0rgzlq8askJMGYZUmPEB79BlLa8MxiYXXeH3P6DTXOt3kAyEu5A
jKXpTfMItBKl2Fuvkl5oCC1mPZj9tbjIXPFqERcOOFvpkbLimGHalAV5oanr
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:06:37 2025 by rpki-client