Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/RwPF5yAh7fFKkwYRf34eCo_IgE4.roa
File: RwPF5yAh7fFKkwYRf34eCo_IgE4.roa (raw, json)
Hash identifier: mHpHeS/KBgZGiWTvxuE3A7SE0h8okZ3Z/huwi+l7GCk=
Subject key identifier: 47:03:C5:E7:20:21:ED:F1:4A:93:06:11:7F:7E:1E:0A:8F:C8:80:4E
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427485844D41C6D189F2769DA49A3AB1C
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/RwPF5yAh7fFKkwYRf34eCo_IgE4.roa
Signing time: Thu 02 Jan 2025 13:50:40 +0000
ROA not before: Thu 02 Jan 2025 13:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44529
IP address blocks: 194.14.100.0/23 maxlen: 24
194.68.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:58:44:d4:1c:6d:18:9f:27:69:da:49:a3:ab:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4703c5e72021edf14a9306117f7e1e0a8fc8804e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b1:9b:cb:21:95:f6:49:7e:a0:95:80:9c:0d:
1f:43:a2:9b:fa:b3:27:40:87:33:23:c3:bd:03:9b:
a7:b8:d5:91:95:20:c9:8e:e2:a3:56:2b:f8:c6:8a:
b6:57:c5:36:36:0d:12:66:a2:9d:83:50:7e:43:fe:
66:13:cb:49:b7:07:f2:9a:e4:a5:b4:c6:83:8c:4b:
fd:8a:ec:16:62:58:d4:19:4a:1f:82:81:3e:d6:0c:
da:4a:bc:dd:a4:a0:93:da:f4:9e:84:e6:e6:93:5e:
0e:ed:05:67:57:e9:14:67:6e:ef:43:fa:70:68:0a:
a1:8d:f9:79:af:3c:86:9f:03:d4:cc:e2:fd:dd:88:
b4:f3:59:14:0c:81:67:4f:8c:94:82:c4:82:aa:7b:
ea:16:d7:df:a5:33:fb:aa:e9:9d:10:20:42:8c:c0:
2a:3e:91:3b:41:34:bd:19:ee:06:47:04:8a:df:1c:
77:0e:80:26:24:0f:fc:bb:d1:33:64:97:2d:75:56:
73:38:13:c0:33:ac:05:b7:f6:2b:62:52:5b:7d:62:
45:d7:58:79:74:87:7a:1d:b8:fd:7d:bd:6a:2f:c5:
a4:7e:5e:fb:36:87:5e:c7:4a:17:ef:fc:2e:00:0b:
44:58:6a:b2:1b:79:6c:09:b6:7a:4f:49:86:37:49:
9c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:03:C5:E7:20:21:ED:F1:4A:93:06:11:7F:7E:1E:0A:8F:C8:80:4E
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/RwPF5yAh7fFKkwYRf34eCo_IgE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.14.100.0/23
194.68.20.0/24
Signature Algorithm: sha256WithRSAEncryption
52:e7:a9:76:84:2f:e4:81:ac:d1:06:e0:9e:a2:fe:8a:02:9f:
ab:b9:4a:92:a0:6c:de:b7:97:20:ce:74:0b:61:b2:8f:3e:30:
c0:0f:d3:e9:05:12:ec:b1:80:5e:a1:0a:c0:49:be:26:88:3e:
3c:ad:25:62:55:58:21:9e:3a:04:39:d7:8d:b1:46:51:94:03:
eb:87:f6:07:4e:74:3a:3c:74:5f:3d:ee:4f:2f:76:59:a6:a4:
b8:e8:78:db:b9:ce:9d:d1:23:8f:f1:fb:a4:b9:59:d0:42:29:
65:70:62:40:57:34:8e:64:ea:45:50:e5:56:8c:c6:cc:01:84:
c3:8b:b5:b9:b8:55:37:2b:c1:61:6f:02:ad:c9:8b:63:13:b1:
69:a3:5c:fb:3d:78:8b:89:a2:75:c9:80:1d:a2:03:5d:8c:81:
3c:32:b2:71:5e:e0:55:ec:ea:b8:22:9e:08:a5:3e:89:a9:e0:
30:48:42:cc:1d:cf:cc:31:f3:66:c1:1c:52:34:b2:44:aa:6d:
87:75:76:a6:cf:a9:ed:6a:a8:15:80:57:3a:f5:f6:82:2c:17:
b0:dc:c6:77:b0:aa:55:6a:ca:9d:af:db:f8:7f:74:5c:c5:20:
4e:13:78:0d:fc:85:ba:81:57:6a:28:28:2d:83:7b:5c:4e:12:
af:b2:3a:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSFhE1BxtGJ8nadpJo6scMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzAzYzVlNzIwMjFlZGYxNGE5MzA2MTE3ZjdlMWUwYThmYzg4MDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLGbyyGV9kl+oJWAnA0fQ6Kb+rMn
QIczI8O9A5unuNWRlSDJjuKjViv4xoq2V8U2Ng0SZqKdg1B+Q/5mE8tJtwfymuSl
tMaDjEv9iuwWYljUGUofgoE+1gzaSrzdpKCT2vSehObmk14O7QVnV+kUZ27vQ/pw
aAqhjfl5rzyGnwPUzOL93Yi081kUDIFnT4yUgsSCqnvqFtffpTP7qumdECBCjMAq
PpE7QTS9Ge4GRwSK3xx3DoAmJA/8u9EzZJctdVZzOBPAM6wFt/YrYlJbfWJF11h5
dId6Hbj9fb1qL8Wkfl77Nodex0oX7/wuAAtEWGqyG3lsCbZ6T0mGN0mcTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEcDxecgIe3xSpMGEX9+HgqPyIBOMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvUndQRjV5QWg3ZkZLa3dZUmYzNGVDb19JZ0U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwg5kAwQA
wkQUMA0GCSqGSIb3DQEBCwUAA4IBAQBS56l2hC/kgazRBuCeov6KAp+ruUqSoGze
t5cgznQLYbKPPjDAD9PpBRLssYBeoQrASb4miD48rSViVVghnjoEOdeNsUZRlAPr
h/YHTnQ6PHRfPe5PL3ZZpqS46Hjbuc6d0SOP8fukuVnQQillcGJAVzSOZOpFUOVW
jMbMAYTDi7W5uFU3K8FhbwKtyYtjE7Fpo1z7PXiLiaJ1yYAdogNdjIE8MrJxXuBV
7Oq4Ip4IpT6JqeAwSELMHc/MMfNmwRxSNLJEqm2HdXamz6ntaqgVgFc69faCLBew
3MZ3sKpVasqdr9v4f3RcxSBOE3gN/IW6gVdqKCgtg3tcThKvsjoX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:46 2025 by rpki-client