Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/hNzhsJdSXiT8XXk4l8WcnUMry00.roa
File: hNzhsJdSXiT8XXk4l8WcnUMry00.roa (raw, json)
Hash identifier: y9TrG3MRhc+YaHxz1FlPh4FWDR2QP4R98mul7cPcOWM=
Subject key identifier: 84:DC:E1:B0:97:52:5E:24:FC:5D:79:38:97:C5:9C:9D:43:2B:CB:4D
Certificate issuer: /CN=e11aa92850ebfe648ad3d89add8e736ec3675a11
Certificate serial: 01942444B5ED9F19FDC0FBA0D7A2187BE884
Authority key identifier: E1:1A:A9:28:50:EB:FE:64:8A:D3:D8:9A:DD:8E:73:6E:C3:67:5A:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4RqpKFDr_mSK09ia3Y5zbsNnWhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/hNzhsJdSXiT8XXk4l8WcnUMry00.roa
Signing time: Wed 01 Jan 2025 23:47:50 +0000
ROA not before: Wed 01 Jan 2025 23:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 194.180.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:b5:ed:9f:19:fd:c0:fb:a0:d7:a2:18:7b:e8:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e11aa92850ebfe648ad3d89add8e736ec3675a11
Validity
Not Before: Jan 1 23:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84dce1b097525e24fc5d793897c59c9d432bcb4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:35:7d:16:63:9c:e6:63:5e:39:58:37:10:5a:
a2:dd:04:ad:13:29:1d:3f:38:a0:b8:8b:26:6a:3c:
c7:47:d7:e7:31:5a:33:4c:d6:c2:01:b4:de:06:a9:
95:6b:db:31:97:67:0b:ed:d8:41:3f:1f:94:8c:33:
31:db:2f:62:48:2e:94:14:44:2b:0b:0d:5e:0a:75:
df:f5:9e:87:54:66:73:6f:54:41:06:ba:b2:67:28:
d4:e6:8a:3f:b2:16:1f:17:28:f6:20:15:29:b9:3c:
cc:c0:4b:66:9a:a7:0c:a7:63:13:41:e4:0d:60:78:
50:78:c1:85:06:7e:2f:ff:71:b2:4e:3e:b2:39:a8:
b8:54:9c:02:56:62:be:cc:4c:73:3c:e7:a3:82:c3:
18:b6:9d:dd:fd:6e:8e:06:11:53:66:de:4a:48:71:
af:29:56:1c:30:a7:3c:3f:4f:cb:96:fc:fe:2c:87:
26:c5:b0:a2:2f:f6:d4:5a:84:9f:c4:60:bd:60:51:
4a:ac:d1:c6:73:54:81:d3:9b:a8:43:d7:a6:c8:6c:
a1:fa:e9:a0:85:dc:2e:4e:02:c2:10:54:b8:46:3f:
c7:bd:03:cb:07:3c:a9:3d:e0:15:8d:00:87:34:bb:
23:96:ad:e8:65:14:c4:b4:3d:17:f7:fb:81:9a:9d:
28:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DC:E1:B0:97:52:5E:24:FC:5D:79:38:97:C5:9C:9D:43:2B:CB:4D
X509v3 Authority Key Identifier:
keyid:E1:1A:A9:28:50:EB:FE:64:8A:D3:D8:9A:DD:8E:73:6E:C3:67:5A:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4RqpKFDr_mSK09ia3Y5zbsNnWhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/hNzhsJdSXiT8XXk4l8WcnUMry00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/4RqpKFDr_mSK09ia3Y5zbsNnWhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.131.0/24
Signature Algorithm: sha256WithRSAEncryption
48:3a:7d:48:9c:c4:a1:04:65:ae:18:01:f4:6b:c6:48:05:a0:
25:e0:47:12:84:38:81:77:9c:9e:e0:c0:1a:c8:11:51:d3:38:
28:f7:c0:6e:8f:6c:48:3f:e6:94:3a:91:a7:c3:47:4f:6f:77:
4b:a1:66:f4:d8:3f:6c:27:29:63:62:9b:0d:78:63:fe:78:d8:
28:e1:0d:de:bd:2b:f6:92:1b:2e:0d:74:67:0a:24:31:08:39:
ce:e1:0d:e9:30:fa:a7:22:6f:db:8c:2e:d0:a9:9b:98:61:2a:
8c:4b:53:44:52:30:d5:1f:0f:9a:50:7a:e0:e4:0f:54:71:7f:
8c:69:2c:50:80:23:9d:97:0a:95:ad:16:d1:14:57:10:46:4a:
36:b3:b0:48:41:0e:f0:58:7e:92:ba:5a:82:a6:5b:f4:f3:6e:
81:bb:60:96:e3:2d:b6:62:d4:ad:43:4c:cb:fd:1b:fb:a1:9f:
ba:25:3e:fd:11:1b:43:c8:6a:df:2f:5c:58:67:e4:f3:7e:c4:
e9:41:07:be:68:c3:08:6b:d1:06:8f:d4:6b:d3:35:56:df:53:
9b:22:9a:f1:b4:c2:7a:15:b8:5b:bd:8b:8f:b2:44:b0:54:8e:
0e:0e:9e:0e:ae:06:a4:38:db:9b:b7:67:21:b6:48:53:b7:7e:
95:fd:cc:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRLXtnxn9wPug16IYe+iEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMWFhOTI4NTBlYmZlNjQ4YWQzZDg5YWRkOGU3MzZlYzM2
NzVhMTEwHhcNMjUwMTAxMjM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGRjZTFiMDk3NTI1ZTI0ZmM1ZDc5Mzg5N2M1OWM5ZDQzMmJjYjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzV9FmOc5mNeOVg3EFqi3QStEykd
PziguIsmajzHR9fnMVozTNbCAbTeBqmVa9sxl2cL7dhBPx+UjDMx2y9iSC6UFEQr
Cw1eCnXf9Z6HVGZzb1RBBrqyZyjU5oo/shYfFyj2IBUpuTzMwEtmmqcMp2MTQeQN
YHhQeMGFBn4v/3GyTj6yOai4VJwCVmK+zExzPOejgsMYtp3d/W6OBhFTZt5KSHGv
KVYcMKc8P0/Llvz+LIcmxbCiL/bUWoSfxGC9YFFKrNHGc1SB05uoQ9emyGyh+umg
hdwuTgLCEFS4Rj/HvQPLBzypPeAVjQCHNLsjlq3oZRTEtD0X9/uBmp0oKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITc4bCXUl4k/F15OJfFnJ1DK8tNMB8GA1UdIwQY
MBaAFOEaqShQ6/5kitPYmt2Oc27DZ1oRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFJxcEtGRHJfbVNLMDlpYTNZNXpic05uV2hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8yZWJiYTUtN2EwZC00MzMzLWI5MTEt
MGY4OGQxNmUxYWZlLzEvaE56aHNKZFNYaVQ4WFhrNGw4V2NuVU1yeTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8yZWJiYTUtN2EwZC00MzMzLWI5MTEtMGY4OGQxNmUxYWZl
LzEvNFJxcEtGRHJfbVNLMDlpYTNZNXpic05uV2hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrSDMA0G
CSqGSIb3DQEBCwUAA4IBAQBIOn1InMShBGWuGAH0a8ZIBaAl4EcShDiBd5ye4MAa
yBFR0zgo98Buj2xIP+aUOpGnw0dPb3dLoWb02D9sJyljYpsNeGP+eNgo4Q3evSv2
khsuDXRnCiQxCDnO4Q3pMPqnIm/bjC7QqZuYYSqMS1NEUjDVHw+aUHrg5A9UcX+M
aSxQgCOdlwqVrRbRFFcQRko2s7BIQQ7wWH6SulqCplv0826Bu2CW4y22YtStQ0zL
/Rv7oZ+6JT79ERtDyGrfL1xYZ+TzfsTpQQe+aMMIa9EGj9Rr0zVW31ObIprxtMJ6
FbhbvYuPskSwVI4ODp4OrgakONubt2chtkhTt36V/cwB
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:13:47 2025 by rpki-client