Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hyvQpksZFYO9itCaUKxiwpujBDc.roa
File: hyvQpksZFYO9itCaUKxiwpujBDc.roa (raw, json)
Hash identifier: 1dnrcYafYAsdXfi+1q4X9C9r/+YefJK+cnYgcsApyh0=
Subject key identifier: 87:2B:D0:A6:4B:19:15:83:BD:8A:D0:9A:50:AC:62:C2:9B:A3:04:37
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194274844C599F24B13305D56653F12D0FF
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hyvQpksZFYO9itCaUKxiwpujBDc.roa
Signing time: Thu 02 Jan 2025 13:50:35 +0000
ROA not before: Thu 02 Jan 2025 13:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20625
IP address blocks: 194.14.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:44:c5:99:f2:4b:13:30:5d:56:65:3f:12:d0:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=872bd0a64b191583bd8ad09a50ac62c29ba30437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:83:d4:40:b6:2a:dd:59:ef:b0:38:ee:30:f3:
29:6a:05:bd:c0:c6:03:de:30:11:6b:21:09:91:eb:
fc:d6:03:95:73:50:ed:16:44:ef:52:12:dc:88:1e:
51:14:be:0f:6b:f8:73:2b:ec:80:51:1f:d7:06:37:
c1:5e:cf:51:6d:68:89:1c:08:ee:4f:3d:87:db:ed:
af:74:cc:3c:6a:68:73:f8:9a:99:39:f7:4a:21:40:
35:7c:09:ad:da:13:e6:9e:1b:1e:f4:91:d4:2d:d3:
5b:a1:b5:99:43:92:3e:f5:a1:2b:e9:fa:34:4c:53:
d3:1a:62:6f:5d:20:d8:da:c4:27:61:6a:ac:97:a3:
f3:0e:03:4e:ad:0d:74:31:68:df:9c:04:3f:37:3e:
2e:41:e8:e2:ed:ce:06:7f:06:c8:56:6f:43:c6:9a:
bc:fa:50:41:af:76:00:29:2a:81:ab:fc:9f:89:dd:
18:2f:c9:65:af:25:90:d3:e4:56:60:53:55:b2:96:
c2:ee:c6:80:eb:03:0b:2d:0a:08:a6:28:e1:d7:bb:
3a:7e:37:bc:07:a6:15:6e:07:e6:74:a2:d5:65:f3:
b6:84:cd:cb:a4:7a:60:fa:60:c5:27:46:79:08:46:
8f:d9:21:b1:c3:2b:a3:3a:dd:56:0d:61:4c:c5:e5:
e5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2B:D0:A6:4B:19:15:83:BD:8A:D0:9A:50:AC:62:C2:9B:A3:04:37
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hyvQpksZFYO9itCaUKxiwpujBDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.14.103.0/24
Signature Algorithm: sha256WithRSAEncryption
41:b0:34:8f:c3:e0:cf:ee:08:be:69:1a:57:0f:cf:8a:49:f8:
5e:c1:af:4a:68:01:5f:78:16:17:6c:b6:d7:26:d5:ab:e9:69:
2e:fd:7a:10:97:a7:a5:97:85:e2:8b:11:60:20:ef:bf:be:1e:
b7:b6:68:33:2a:8b:ea:da:77:be:50:fb:28:a8:d2:6a:34:d5:
f6:4a:00:af:fc:55:c0:76:8f:6e:da:52:65:cd:11:62:f3:ba:
56:5c:1b:6a:04:d6:3c:40:48:ab:44:41:18:f2:42:2d:7f:97:
02:24:eb:17:ae:3b:f7:2f:93:7c:d0:25:31:a9:88:db:5e:ba:
46:da:b6:67:12:47:e4:55:8e:08:16:3c:3e:0a:11:17:4f:79:
d1:a1:78:59:c4:7e:07:31:1f:fa:20:d1:96:4b:a8:ed:35:4e:
ec:50:d0:41:e0:11:ee:cf:dc:ad:7b:c6:3b:45:8c:b0:16:f3:
2b:3f:3c:58:f3:6d:ac:2f:e6:76:8e:9a:1f:99:ed:65:97:99:
2e:54:53:ab:5f:9c:45:12:7d:7c:66:58:74:a4:9a:d8:27:1c:
24:e0:89:8c:9f:79:d7:e7:98:80:d6:d8:46:3d:a7:52:62:6b:
5e:0e:2f:25:dd:74:eb:34:06:04:fb:8f:a0:88:66:65:98:66:
78:14:87:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSETFmfJLEzBdVmU/EtD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzJiZDBhNjRiMTkxNTgzYmQ4YWQwOWE1MGFjNjJjMjliYTMwNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYPUQLYq3VnvsDjuMPMpagW9wMYD
3jARayEJkev81gOVc1DtFkTvUhLciB5RFL4Pa/hzK+yAUR/XBjfBXs9RbWiJHAju
Tz2H2+2vdMw8amhz+JqZOfdKIUA1fAmt2hPmnhse9JHULdNbobWZQ5I+9aEr6fo0
TFPTGmJvXSDY2sQnYWqsl6PzDgNOrQ10MWjfnAQ/Nz4uQeji7c4GfwbIVm9Dxpq8
+lBBr3YAKSqBq/yfid0YL8llryWQ0+RWYFNVspbC7saA6wMLLQoIpijh17s6fje8
B6YVbgfmdKLVZfO2hM3LpHpg+mDFJ0Z5CEaP2SGxwyujOt1WDWFMxeXl4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIcr0KZLGRWDvYrQmlCsYsKbowQ3MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvaHl2UXBrc1pGWU85aXRDYVVLeGl3cHVqQkRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg5nMA0G
CSqGSIb3DQEBCwUAA4IBAQBBsDSPw+DP7gi+aRpXD8+KSfhewa9KaAFfeBYXbLbX
JtWr6Wku/XoQl6ell4XiixFgIO+/vh63tmgzKovq2ne+UPsoqNJqNNX2SgCv/FXA
do9u2lJlzRFi87pWXBtqBNY8QEirREEY8kItf5cCJOsXrjv3L5N80CUxqYjbXrpG
2rZnEkfkVY4IFjw+ChEXT3nRoXhZxH4HMR/6INGWS6jtNU7sUNBB4BHuz9yte8Y7
RYywFvMrPzxY822sL+Z2jpofme1ll5kuVFOrX5xFEn18Zlh0pJrYJxwk4ImMn3nX
55iA1thGPadSYmteDi8l3XTrNAYE+4+giGZlmGZ4FIei
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:40 2025 by rpki-client