Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/fHBWkmSFwq7LIW_ikf6imNT9GPM.roa
File: fHBWkmSFwq7LIW_ikf6imNT9GPM.roa (raw, json)
Hash identifier: vMQgcBUmEy5lwUWbnyfzmlIYcn2OcylWPP/mcEC7Ato=
Subject key identifier: 7C:70:56:92:64:85:C2:AE:CB:21:6F:E2:91:FE:A2:98:D4:FD:18:F3
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 0195A3D30330062B399081BCFB696351BACF
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/fHBWkmSFwq7LIW_ikf6imNT9GPM.roa
Signing time: Mon 17 Mar 2025 11:17:49 +0000
ROA not before: Mon 17 Mar 2025 11:17:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197537
IP address blocks: 194.31.165.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a3:d3:03:30:06:2b:39:90:81:bc:fb:69:63:51:ba:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Mar 17 11:17:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c7056926485c2aecb216fe291fea298d4fd18f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:db:f7:22:34:6b:26:aa:98:2f:05:cc:15:1d:
7c:34:07:49:9d:84:be:1d:c9:72:5f:f2:f3:db:e5:
95:1b:86:69:d8:9d:7a:f3:bb:e4:43:e6:3c:62:6a:
24:a0:7a:25:66:9c:2b:22:62:23:af:36:92:81:36:
40:c8:27:a3:1b:ba:c5:20:28:33:59:57:31:16:8d:
b7:28:0d:1e:db:a3:9b:cd:91:3c:8a:d1:20:ea:cb:
a0:fc:49:bb:76:25:c3:29:76:be:1a:98:32:a1:1d:
c0:fd:f8:92:68:69:5c:53:51:65:d4:66:2f:71:62:
c8:45:2a:1e:4a:ca:5b:d8:61:f1:ed:1f:02:98:3a:
87:57:f7:c6:cd:4d:df:ec:1e:29:e0:3d:33:7f:c2:
91:7f:7f:89:18:1b:8b:04:cd:e6:76:f0:47:f6:fd:
be:e3:ff:55:1b:d2:90:d4:ee:a0:10:0e:95:92:f6:
c6:82:86:a9:bb:df:4c:9f:a7:4f:89:13:56:fa:d9:
33:07:54:2a:cd:fc:f5:0d:0c:11:bf:17:40:b1:8a:
2f:01:bb:7a:ae:37:ec:cc:34:73:ff:02:dc:7e:4d:
04:cb:3b:3e:c7:16:6e:07:1d:f1:f6:ab:c3:e7:98:
8a:bd:58:9c:c7:ae:dd:4d:ac:94:6f:7b:43:74:03:
fd:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:70:56:92:64:85:C2:AE:CB:21:6F:E2:91:FE:A2:98:D4:FD:18:F3
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/fHBWkmSFwq7LIW_ikf6imNT9GPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.165.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:d1:ab:3f:a3:cd:4a:10:d5:89:52:5e:39:0a:bc:9f:e4:52:
73:df:19:c1:43:1a:8b:95:a4:d9:94:2b:0e:86:3b:f1:83:06:
58:df:e7:38:a7:dd:0b:a3:ce:d6:81:b3:c3:f5:1b:52:3c:68:
be:37:03:e6:39:58:6e:37:f2:4d:85:a0:76:84:84:9f:2a:ec:
ec:de:b9:63:f4:56:42:5a:aa:58:93:5a:77:21:a4:d8:b1:b0:
9f:9c:c9:de:67:82:10:76:bb:93:67:02:0e:a3:39:c4:1c:44:
5f:97:3f:ee:ca:45:1c:94:e5:3d:40:c9:69:35:d2:40:73:9d:
1a:01:71:53:3e:1e:d4:63:c6:12:2d:07:a6:bd:10:80:4a:31:
09:43:00:13:24:26:24:48:51:0c:c8:cc:77:15:4c:8c:12:e2:
4b:60:d8:d8:16:72:cc:c9:78:9e:e6:bf:9a:05:22:32:bf:84:
18:63:83:ae:34:5f:fd:37:fd:84:7e:9e:2e:a3:5e:e3:8d:6b:
ca:57:b2:d3:67:fb:9d:93:a1:9f:2c:5f:e8:35:5a:d1:46:38:
e6:a2:a1:42:fd:a9:84:4b:2f:e8:f6:f6:95:45:5e:38:65:49:
7f:53:e5:24:ef:cb:f6:72:cb:63:b3:4b:fc:4b:5d:3e:58:c1:
33:81:54:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWj0wMwBis5kIG8+2ljUbrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwMzE3MTExNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzcwNTY5MjY0ODVjMmFlY2IyMTZmZTI5MWZlYTI5OGQ0ZmQxOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Nv3IjRrJqqYLwXMFR18NAdJnYS+
HclyX/Lz2+WVG4Zp2J1687vkQ+Y8YmokoHolZpwrImIjrzaSgTZAyCejG7rFICgz
WVcxFo23KA0e26ObzZE8itEg6sug/Em7diXDKXa+GpgyoR3A/fiSaGlcU1Fl1GYv
cWLIRSoeSspb2GHx7R8CmDqHV/fGzU3f7B4p4D0zf8KRf3+JGBuLBM3mdvBH9v2+
4/9VG9KQ1O6gEA6VkvbGgoapu99Mn6dPiRNW+tkzB1Qqzfz1DQwRvxdAsYovAbt6
rjfszDRz/wLcfk0Eyzs+xxZuBx3x9qvD55iKvVicx67dTayUb3tDdAP9ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHxwVpJkhcKuyyFv4pH+opjU/RjzMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvZkhCV2ttU0Z3cTdMSVdfaWtmNmltTlQ5R1BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh+lMA0G
CSqGSIb3DQEBCwUAA4IBAQBq0as/o81KENWJUl45Cryf5FJz3xnBQxqLlaTZlCsO
hjvxgwZY3+c4p90Lo87WgbPD9RtSPGi+NwPmOVhuN/JNhaB2hISfKuzs3rlj9FZC
WqpYk1p3IaTYsbCfnMneZ4IQdruTZwIOoznEHERflz/uykUclOU9QMlpNdJAc50a
AXFTPh7UY8YSLQemvRCASjEJQwATJCYkSFEMyMx3FUyMEuJLYNjYFnLMyXie5r+a
BSIyv4QYY4OuNF/9N/2Efp4uo17jjWvKV7LTZ/udk6GfLF/oNVrRRjjmoqFC/amE
Sy/o9vaVRV44ZUl/U+Uk78v2cstjs0v8S10+WMEzgVTB
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:18:08 2025 by rpki-client