Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/5MqBF4i8BqhzlDGimWpaFWipxD8.roa
File: 5MqBF4i8BqhzlDGimWpaFWipxD8.roa (raw, json)
Hash identifier: MYEA5FchPdcQGymALvx1VvMPC8QAmCOTqUn7uw1S3z0=
Subject key identifier: E4:CA:81:17:88:BC:06:A8:73:94:31:A2:99:6A:5A:15:68:A9:C4:3F
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 0195A3D30265814B52F9489871B5234F03C0
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/5MqBF4i8BqhzlDGimWpaFWipxD8.roa
Signing time: Mon 17 Mar 2025 11:17:49 +0000
ROA not before: Mon 17 Mar 2025 11:17:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 194.31.165.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a3:d3:02:65:81:4b:52:f9:48:98:71:b5:23:4f:03:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Mar 17 11:17:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4ca811788bc06a8739431a2996a5a1568a9c43f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:28:6b:f7:dc:eb:d6:48:88:ad:6e:f1:c2:36:
48:75:58:8b:d4:a4:0e:cd:f3:c1:9e:92:69:38:e2:
56:16:f6:e6:21:ef:fa:70:50:b7:27:13:4b:72:cc:
71:76:dc:4b:57:f6:b8:57:6b:3f:70:6f:68:40:28:
b2:5b:69:44:b5:f6:27:1a:de:d2:e5:5a:b4:60:fb:
14:af:13:fd:40:96:16:89:b4:79:a3:a2:63:42:d3:
00:31:8d:b7:c0:16:26:ca:3d:6a:80:20:db:23:7c:
f4:1d:24:1b:f7:39:27:d4:0b:34:9d:a5:a2:29:05:
06:4f:ec:10:5a:1d:9a:5e:52:ee:11:14:b4:00:de:
e9:2c:b7:6b:02:66:3e:34:11:49:88:79:0f:0e:75:
f3:ff:16:e8:2d:7b:80:e4:61:95:fb:1e:97:e3:75:
60:5b:54:f0:3c:04:05:40:b0:10:02:8a:79:66:27:
da:60:23:92:4a:44:ab:be:45:0c:d0:dd:d7:40:f5:
23:ba:3c:66:cb:25:95:10:2c:58:1d:16:6b:e5:53:
90:8c:94:9c:22:af:09:3a:16:28:f0:56:43:4a:7c:
e8:59:ec:c0:7f:c8:99:35:88:8e:e9:c7:c7:2f:6e:
a7:00:bd:d5:b8:23:0a:f5:a4:a6:36:ab:ac:b9:84:
89:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:CA:81:17:88:BC:06:A8:73:94:31:A2:99:6A:5A:15:68:A9:C4:3F
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/5MqBF4i8BqhzlDGimWpaFWipxD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.165.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:ea:a2:d0:1f:c9:20:72:d2:d1:80:70:4d:ed:50:58:15:68:
04:27:8e:1f:49:6b:d4:ad:d1:de:95:b1:56:db:ef:6b:8f:78:
0a:48:d8:69:be:0d:c8:f4:b3:f3:9e:bd:98:bb:dc:a1:0b:5d:
0c:b0:f9:42:f3:8c:fb:20:d9:02:2f:e1:ed:6f:cf:f0:ba:aa:
83:e6:35:e2:30:62:35:b1:35:6c:d1:53:ef:9d:1a:c1:95:f2:
c4:a2:3d:5e:5e:a4:a4:59:f3:2d:f9:4a:76:e2:a0:9c:34:9f:
0f:5a:19:ba:67:54:5e:c2:4e:c0:4a:49:ae:3b:e4:b2:7c:3b:
20:53:97:c8:76:ab:93:dd:c5:c7:10:2b:29:bd:f9:c5:a7:13:
bb:aa:b0:bc:55:5b:75:92:08:d0:7b:b2:ec:27:72:68:d5:0a:
8a:c1:36:b0:c4:47:8c:1e:42:3a:dc:e7:45:78:e6:86:a3:93:
f9:b0:26:47:0b:19:8c:2d:d8:47:a5:20:16:e0:a4:3d:d4:e2:
b4:f6:d4:32:1b:98:65:9c:45:a7:6c:b9:68:fe:bc:84:9e:01:
49:67:67:f8:42:d9:f0:3e:b3:0f:c2:44:ec:f4:95:8f:1e:6b:
d9:7b:13:5c:64:af:43:b5:a8:44:ad:f3:00:da:b8:50:8a:1f:
3d:74:00:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWj0wJlgUtS+UiYcbUjTwPAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwMzE3MTExNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGNhODExNzg4YmMwNmE4NzM5NDMxYTI5OTZhNWExNTY4YTljNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnShr99zr1kiIrW7xwjZIdViL1KQO
zfPBnpJpOOJWFvbmIe/6cFC3JxNLcsxxdtxLV/a4V2s/cG9oQCiyW2lEtfYnGt7S
5Vq0YPsUrxP9QJYWibR5o6JjQtMAMY23wBYmyj1qgCDbI3z0HSQb9zkn1As0naWi
KQUGT+wQWh2aXlLuERS0AN7pLLdrAmY+NBFJiHkPDnXz/xboLXuA5GGV+x6X43Vg
W1TwPAQFQLAQAop5ZifaYCOSSkSrvkUM0N3XQPUjujxmyyWVECxYHRZr5VOQjJSc
Iq8JOhYo8FZDSnzoWezAf8iZNYiO6cfHL26nAL3VuCMK9aSmNqusuYSJdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOTKgReIvAaoc5QxoplqWhVoqcQ/MB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvNU1xQkY0aThCcWh6bERHaW1XcGFGV2lweEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh+lMA0G
CSqGSIb3DQEBCwUAA4IBAQC66qLQH8kgctLRgHBN7VBYFWgEJ44fSWvUrdHelbFW
2+9rj3gKSNhpvg3I9LPznr2Yu9yhC10MsPlC84z7INkCL+Htb8/wuqqD5jXiMGI1
sTVs0VPvnRrBlfLEoj1eXqSkWfMt+Up24qCcNJ8PWhm6Z1Rewk7ASkmuO+SyfDsg
U5fIdquT3cXHECspvfnFpxO7qrC8VVt1kgjQe7LsJ3Jo1QqKwTawxEeMHkI63OdF
eOaGo5P5sCZHCxmMLdhHpSAW4KQ91OK09tQyG5hlnEWnbLlo/ryEngFJZ2f4Qtnw
PrMPwkTs9JWPHmvZexNcZK9DtahErfMA2rhQih89dACS
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:36:49 2025 by rpki-client