Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/pdZnkQ8dTUxFhzD195n822HQiMg.roa
File: pdZnkQ8dTUxFhzD195n822HQiMg.roa (raw, json)
Hash identifier: SZvlh67a2ZHvI9bDs6mJiduSw12+50CrZrYMPXg6AP4=
Subject key identifier: A5:D6:67:91:0F:1D:4D:4C:45:87:30:F5:F7:99:FC:DB:61:D0:88:C8
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A4D76CE636ABF3C04DAD82CD9D35D
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/pdZnkQ8dTUxFhzD195n822HQiMg.roa
Signing time: Wed 01 Jan 2025 19:49:16 +0000
ROA not before: Wed 01 Jan 2025 19:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204526
IP address blocks: 194.34.230.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:4d:76:ce:63:6a:bf:3c:04:da:d8:2c:d9:d3:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5d667910f1d4d4c458730f5f799fcdb61d088c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a3:06:61:31:e6:f7:35:5a:90:97:33:e9:fd:
fa:8e:90:7f:3d:65:e9:90:20:54:8e:88:5f:55:3e:
59:65:b2:69:d4:23:88:b8:c0:1c:96:be:be:33:68:
2e:8e:ea:82:87:f6:14:04:7b:38:4d:90:11:99:7a:
6f:89:2b:73:06:20:a1:dd:d6:45:5a:03:fe:2a:88:
e4:fe:92:25:72:2d:ea:5f:87:18:63:fa:89:71:39:
78:4d:f2:30:c9:22:e0:f6:0c:f7:eb:8e:d1:36:85:
fb:1d:e5:a1:a9:87:7e:05:cb:4e:e0:64:63:1c:39:
39:31:20:e1:69:24:6f:c9:09:cf:26:83:28:09:ad:
6d:0a:b5:03:aa:d8:69:08:30:74:42:98:68:8d:e0:
f8:59:14:eb:1e:e1:94:99:6c:b2:66:03:db:d2:c4:
48:50:b3:05:db:a9:60:8c:01:30:de:5d:b4:e5:a6:
71:4f:3f:7a:13:34:f6:fe:8f:20:e4:fb:d2:60:bf:
33:a3:1d:a3:c5:2c:40:b9:3a:92:dc:ad:b4:3d:2f:
05:3d:72:ea:0d:24:10:98:a4:c1:a7:71:c6:3f:04:
2a:87:1a:28:b8:93:a1:0c:ba:6c:2d:c2:02:02:c9:
9a:60:c7:6b:76:b5:bb:81:7c:2f:4d:1f:c5:5d:d4:
47:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:D6:67:91:0F:1D:4D:4C:45:87:30:F5:F7:99:FC:DB:61:D0:88:C8
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/pdZnkQ8dTUxFhzD195n822HQiMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.230.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:24:41:27:79:6d:39:e5:8d:0b:63:1a:13:b1:e9:d6:18:af:
0a:cd:eb:33:b2:de:58:6f:e7:0d:dd:0c:d4:c7:b7:4d:6a:ae:
37:12:b5:83:fe:a9:7a:3f:c6:3d:e2:8b:05:d9:a6:9d:5c:74:
c7:31:bc:43:f1:35:ea:30:a0:08:83:32:fb:de:df:33:c3:6c:
40:7a:92:1c:8b:a3:93:96:5b:76:2f:97:b3:5d:13:9c:44:25:
67:b1:37:df:bd:2e:90:76:56:ae:b7:63:c2:9c:fc:69:51:56:
cb:a9:01:1b:7f:c5:29:82:07:6c:0f:07:64:b0:28:4c:8d:4f:
8b:09:df:9d:f5:17:5d:a9:29:61:a6:d9:ee:44:b9:14:40:4d:
91:5d:b9:88:75:58:32:2e:21:63:b7:a0:e0:ff:3a:95:8d:39:
25:7b:dc:1c:96:4b:45:4f:21:3f:bb:23:4b:32:cd:e1:fb:dc:
0f:33:b0:81:1f:f3:a2:dc:72:13:b8:21:4d:e2:d2:18:e8:65:
af:0c:e1:39:d3:f1:0d:df:7a:d1:1a:94:3d:30:0a:76:f9:2e:
1b:bc:bd:4e:e1:6c:2c:bf:a6:d6:36:25:7f:bf:26:74:bf:58:
68:9f:8e:c3:79:04:6a:c0:c3:01:9b:05:53:d2:30:14:73:67:
d2:84:17:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjak12zmNqvzwE2tgs2dNdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWQ2Njc5MTBmMWQ0ZDRjNDU4NzMwZjVmNzk5ZmNkYjYxZDA4OGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aMGYTHm9zVakJcz6f36jpB/PWXp
kCBUjohfVT5ZZbJp1COIuMAclr6+M2gujuqCh/YUBHs4TZARmXpviStzBiCh3dZF
WgP+Kojk/pIlci3qX4cYY/qJcTl4TfIwySLg9gz3647RNoX7HeWhqYd+BctO4GRj
HDk5MSDhaSRvyQnPJoMoCa1tCrUDqthpCDB0QphojeD4WRTrHuGUmWyyZgPb0sRI
ULMF26lgjAEw3l205aZxTz96EzT2/o8g5PvSYL8zox2jxSxAuTqS3K20PS8FPXLq
DSQQmKTBp3HGPwQqhxoouJOhDLpsLcICAsmaYMdrdrW7gXwvTR/FXdRHcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXWZ5EPHU1MRYcw9feZ/Nth0IjIMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvcGRabmtROGRUVXhGaHpEMTk1bjgyMkhRaU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiLmMA0G
CSqGSIb3DQEBCwUAA4IBAQBbJEEneW055Y0LYxoTsenWGK8Kzeszst5Yb+cN3QzU
x7dNaq43ErWD/ql6P8Y94osF2aadXHTHMbxD8TXqMKAIgzL73t8zw2xAepIci6OT
llt2L5ezXROcRCVnsTffvS6Qdlaut2PCnPxpUVbLqQEbf8UpggdsDwdksChMjU+L
Cd+d9RddqSlhptnuRLkUQE2RXbmIdVgyLiFjt6Dg/zqVjTkle9wclktFTyE/uyNL
Ms3h+9wPM7CBH/Oi3HITuCFN4tIY6GWvDOE50/EN33rRGpQ9MAp2+S4bvL1O4Wws
v6bWNiV/vyZ0v1hon47DeQRqwMMBmwVT0jAUc2fShBc9
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:51:27 2025 by rpki-client