Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/68kR1YH6vPpC7K_aOQRi3Orp3sc.roa
File: 68kR1YH6vPpC7K_aOQRi3Orp3sc.roa (raw, json)
Hash identifier: aZ6L6a8pAuWjQaEjC3vj3YavcqZ46UhDO+oUWO1ZRho=
Subject key identifier: EB:C9:11:D5:81:FA:BC:FA:42:EC:AF:DA:39:04:62:DC:EA:E9:DE:C7
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194274837072E2A0CE3CB4AFDFA3922C428
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/68kR1YH6vPpC7K_aOQRi3Orp3sc.roa
Signing time: Thu 02 Jan 2025 13:50:31 +0000
ROA not before: Thu 02 Jan 2025 13:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1653
IP address blocks: 194.14.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:37:07:2e:2a:0c:e3:cb:4a:fd:fa:39:22:c4:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebc911d581fabcfa42ecafda390462dceae9dec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c6:2d:7e:de:14:c7:8d:d1:26:7a:ab:5b:b8:
78:1d:b8:93:2b:ef:b1:93:a1:25:12:68:3b:b3:cf:
75:42:0a:e6:e3:4a:47:7d:cb:3e:a1:9f:72:4e:e8:
03:4a:dc:46:c7:c1:18:f8:6a:5e:40:02:8c:66:08:
86:dc:8d:e8:1e:97:9f:92:47:4d:6e:69:dc:0b:18:
9a:c5:36:f9:6e:cc:5d:5a:0f:4e:cf:06:ea:7c:af:
d8:53:88:19:54:85:e3:ba:2d:fa:2a:7b:32:89:2a:
8a:0c:5c:56:95:bf:8e:0a:9f:f4:31:ea:0a:64:c2:
8c:83:46:3d:63:da:6e:b1:95:4f:78:db:22:fe:56:
42:5f:d4:f5:3e:6e:a1:87:f1:18:e2:ee:06:74:31:
52:a6:ee:c7:d3:6e:f4:e8:0d:a8:0a:d0:16:6c:62:
17:f1:35:b9:7c:93:5b:2a:09:55:ec:79:17:97:90:
0e:51:b4:80:8a:b3:c7:b4:2e:4d:3f:ef:df:44:40:
25:a4:85:d4:4e:cc:bf:38:83:5c:94:78:3e:19:65:
2a:6c:a3:3c:fc:f1:35:ba:af:74:e7:a1:9a:10:68:
3d:37:94:03:a2:5b:d6:2d:54:a0:4f:82:96:0f:5d:
86:a6:f8:30:5a:75:be:ce:67:92:5d:6e:97:68:29:
0c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C9:11:D5:81:FA:BC:FA:42:EC:AF:DA:39:04:62:DC:EA:E9:DE:C7
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/68kR1YH6vPpC7K_aOQRi3Orp3sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.14.45.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:ba:74:ef:41:45:99:78:22:54:85:77:32:ac:a9:47:8a:60:
3a:98:31:fc:51:62:5f:88:d8:10:58:2b:cb:9d:59:7f:ee:53:
d9:6c:09:2c:a4:58:91:77:df:3e:3d:7b:10:74:b2:a1:63:49:
f8:84:5d:00:9c:d7:9b:a9:7c:fb:12:9b:35:ef:96:7a:cc:56:
e2:34:d2:fe:6a:23:3c:c2:ee:83:28:7a:31:30:93:7e:12:b2:
0e:74:84:27:a1:56:d9:8a:98:2b:f6:84:0a:a2:08:f8:73:67:
8c:fa:e6:cc:32:1f:01:ea:09:73:cb:45:67:e6:ab:d5:cb:51:
a2:4c:4a:2c:43:be:9c:66:59:c0:5e:a8:38:e4:9f:74:64:94:
b1:dd:96:83:01:68:02:b7:35:1d:25:c1:12:d8:ab:ef:d6:45:
0f:8b:a2:9d:7b:21:71:bf:a9:0a:38:f4:76:ac:b9:6d:a6:1e:
98:25:b7:32:7c:06:f0:39:e4:f9:b4:4a:bf:58:84:e9:87:03:
3b:df:d9:ca:48:8d:b5:e2:0f:44:9a:12:f7:b3:94:ae:52:dd:
e0:30:9d:05:cd:15:aa:87:d1:ef:3e:a5:7b:e8:34:92:70:d5:
77:b1:5f:48:52:4e:88:08:f6:a5:1b:07:50:4f:f6:22:e2:66:
dd:07:8d:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSDcHLioM48tK/fo5IsQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmM5MTFkNTgxZmFiY2ZhNDJlY2FmZGEzOTA0NjJkY2VhZTlkZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8Ytft4Ux43RJnqrW7h4HbiTK++x
k6ElEmg7s891Qgrm40pHfcs+oZ9yTugDStxGx8EY+GpeQAKMZgiG3I3oHpefkkdN
bmncCxiaxTb5bsxdWg9OzwbqfK/YU4gZVIXjui36KnsyiSqKDFxWlb+OCp/0MeoK
ZMKMg0Y9Y9pusZVPeNsi/lZCX9T1Pm6hh/EY4u4GdDFSpu7H02706A2oCtAWbGIX
8TW5fJNbKglV7HkXl5AOUbSAirPHtC5NP+/fREAlpIXUTsy/OINclHg+GWUqbKM8
/PE1uq9056GaEGg9N5QDolvWLVSgT4KWD12GpvgwWnW+zmeSXW6XaCkMqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOvJEdWB+rz6Quyv2jkEYtzq6d7HMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvNjhrUjFZSDZ2UHBDN0tfYU9RUmkzT3JwM3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg4tMA0G
CSqGSIb3DQEBCwUAA4IBAQCtunTvQUWZeCJUhXcyrKlHimA6mDH8UWJfiNgQWCvL
nVl/7lPZbAkspFiRd98+PXsQdLKhY0n4hF0AnNebqXz7Eps175Z6zFbiNNL+aiM8
wu6DKHoxMJN+ErIOdIQnoVbZipgr9oQKogj4c2eM+ubMMh8B6glzy0Vn5qvVy1Gi
TEosQ76cZlnAXqg45J90ZJSx3ZaDAWgCtzUdJcES2Kvv1kUPi6KdeyFxv6kKOPR2
rLltph6YJbcyfAbwOeT5tEq/WITphwM739nKSI214g9EmhL3s5SuUt3gMJ0FzRWq
h9HvPqV76DSScNV3sV9IUk6ICPalGwdQT/Yi4mbdB410
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:32 2025 by rpki-client