Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/ebb83a-0126-43c0-b9ea-32dd53640b9c/1/9Es8iFXDyIiBpEBLJtDb3ICiuKQ.roa
File: 9Es8iFXDyIiBpEBLJtDb3ICiuKQ.roa (raw, json)
Hash identifier: HEzkbHdkYcaNhXkFRgu0o/snijaUYbXsMj2B9AbGYOo=
Subject key identifier: F4:4B:3C:88:55:C3:C8:88:81:A4:40:4B:26:D0:DB:DC:80:A2:B8:A4
Certificate issuer: /CN=1d8eab93530cfd50da7fb7da5eba0aa440c9ef0c
Certificate serial: 0194221F9FB3C14725E57F8929D819B98394
Authority key identifier: 1D:8E:AB:93:53:0C:FD:50:DA:7F:B7:DA:5E:BA:0A:A4:40:C9:EF:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HY6rk1MM_VDaf7faXroKpEDJ7ww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/ebb83a-0126-43c0-b9ea-32dd53640b9c/1/9Es8iFXDyIiBpEBLJtDb3ICiuKQ.roa
Signing time: Wed 01 Jan 2025 13:48:05 +0000
ROA not before: Wed 01 Jan 2025 13:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209956
IP address blocks: 194.48.95.0/24 maxlen: 24
217.119.134.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:9f:b3:c1:47:25:e5:7f:89:29:d8:19:b9:83:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8eab93530cfd50da7fb7da5eba0aa440c9ef0c
Validity
Not Before: Jan 1 13:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f44b3c8855c3c88881a4404b26d0dbdc80a2b8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:44:23:7c:89:9b:a1:73:41:50:10:4e:b5:25:
0e:46:c7:13:79:e7:b1:71:ce:b1:c4:fe:3e:c6:ac:
42:08:8e:93:68:0c:f5:02:1b:3a:29:91:62:06:84:
7f:06:f6:95:f2:2b:48:bb:14:42:c1:ba:6f:75:83:
64:1f:25:63:6d:e2:35:67:5b:3e:c3:b3:dc:04:85:
2c:45:41:a8:fe:22:8f:b2:f2:59:f6:c0:77:b4:df:
8d:af:aa:ab:06:b7:61:49:01:a7:3a:75:f1:da:63:
e3:2a:11:39:22:56:7d:99:f0:6d:47:04:34:45:76:
b6:aa:e1:0e:57:88:bf:22:35:cc:f5:fc:6b:c4:cc:
bc:b8:ea:6f:1e:ab:9a:4e:2c:11:82:23:ea:1e:de:
6e:7c:65:59:d8:7b:b9:5b:27:12:be:19:4d:ee:c1:
84:7a:dc:aa:e5:f5:83:c2:3e:cd:88:5b:61:53:52:
ae:43:33:5a:ef:93:04:9d:e9:1c:29:7c:e5:19:d8:
5e:74:99:11:59:6c:70:21:19:d9:3b:8c:7e:cd:34:
88:7f:ca:e6:ad:8b:8b:5c:b6:9b:e0:c1:be:c2:4a:
82:57:f7:39:d0:d3:96:b7:c3:f3:7f:44:88:cb:74:
87:e9:b9:f6:14:47:c4:3e:c4:a6:0b:bf:42:3e:b7:
44:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:4B:3C:88:55:C3:C8:88:81:A4:40:4B:26:D0:DB:DC:80:A2:B8:A4
X509v3 Authority Key Identifier:
keyid:1D:8E:AB:93:53:0C:FD:50:DA:7F:B7:DA:5E:BA:0A:A4:40:C9:EF:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HY6rk1MM_VDaf7faXroKpEDJ7ww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ebb83a-0126-43c0-b9ea-32dd53640b9c/1/9Es8iFXDyIiBpEBLJtDb3ICiuKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ebb83a-0126-43c0-b9ea-32dd53640b9c/1/HY6rk1MM_VDaf7faXroKpEDJ7ww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.95.0/24
217.119.134.0/24
Signature Algorithm: sha256WithRSAEncryption
77:89:ab:91:88:09:9f:5b:bd:31:16:f7:79:98:e3:22:34:7a:
d7:e3:2b:5a:16:40:d7:81:91:cf:86:9b:e5:37:36:00:46:41:
d5:dc:d8:ca:13:ea:08:7f:e2:4e:86:a2:15:55:d0:fe:cf:44:
0d:19:fc:e2:0b:20:e7:20:bc:8b:d8:eb:8b:9e:e2:04:69:64:
95:cc:87:ea:41:66:0f:5e:fa:99:45:1f:bd:8a:18:c8:94:a3:
66:c3:5f:f0:8a:32:72:21:f1:e0:38:3f:91:e3:b2:4f:d0:04:
23:f3:46:41:7c:d6:3d:ec:96:80:64:6d:c3:fd:96:95:cf:45:
01:db:c6:b8:9a:20:8f:4e:50:08:7f:15:e7:e7:45:a7:78:60:
93:09:93:d4:28:a8:de:31:98:66:b7:0a:b4:e1:e6:80:bf:c5:
5f:60:19:4f:b2:13:96:b3:06:42:77:7e:ba:78:db:a3:62:b4:
08:67:c7:53:2e:bf:99:0b:b8:20:d1:e0:89:de:e3:d8:c0:60:
41:eb:9f:ad:31:32:07:99:09:16:17:06:eb:a7:25:9f:3c:7b:
e3:81:3b:19:b9:36:2a:86:55:2a:fd:08:93:cf:94:2d:2f:99:
eb:0c:c1:38:ff:3e:e9:51:91:ce:b6:42:21:ef:40:5d:09:b1:
c5:7e:f6:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH5+zwUcl5X+JKdgZuYOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOGVhYjkzNTMwY2ZkNTBkYTdmYjdkYTVlYmEwYWE0NDBj
OWVmMGMwHhcNMjUwMTAxMTM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDRiM2M4ODU1YzNjODg4ODFhNDQwNGIyNmQwZGJkYzgwYTJiOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UQjfImboXNBUBBOtSUORscTeeex
cc6xxP4+xqxCCI6TaAz1Ahs6KZFiBoR/BvaV8itIuxRCwbpvdYNkHyVjbeI1Z1s+
w7PcBIUsRUGo/iKPsvJZ9sB3tN+Nr6qrBrdhSQGnOnXx2mPjKhE5IlZ9mfBtRwQ0
RXa2quEOV4i/IjXM9fxrxMy8uOpvHquaTiwRgiPqHt5ufGVZ2Hu5WycSvhlN7sGE
etyq5fWDwj7NiFthU1KuQzNa75MEnekcKXzlGdhedJkRWWxwIRnZO4x+zTSIf8rm
rYuLXLab4MG+wkqCV/c50NOWt8Pzf0SIy3SH6bn2FEfEPsSmC79CPrdE8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPRLPIhVw8iIgaRASybQ29yAorikMB8GA1UdIwQY
MBaAFB2Oq5NTDP1Q2n+32l66CqRAye8MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFk2cmsxTU1fVkRhZjdmYVhyb0twRURKN3d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lYmI4M2EtMDEyNi00M2MwLWI5ZWEt
MzJkZDUzNjQwYjljLzEvOUVzOGlGWER5SWlCcEVCTEp0RGIzSUNpdUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lYmI4M2EtMDEyNi00M2MwLWI5ZWEtMzJkZDUzNjQwYjlj
LzEvSFk2cmsxTU1fVkRhZjdmYVhyb0twRURKN3d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwjBfAwQA
2XeGMA0GCSqGSIb3DQEBCwUAA4IBAQB3iauRiAmfW70xFvd5mOMiNHrX4ytaFkDX
gZHPhpvlNzYARkHV3NjKE+oIf+JOhqIVVdD+z0QNGfziCyDnILyL2OuLnuIEaWSV
zIfqQWYPXvqZRR+9ihjIlKNmw1/wijJyIfHgOD+R47JP0AQj80ZBfNY97JaAZG3D
/ZaVz0UB28a4miCPTlAIfxXn50WneGCTCZPUKKjeMZhmtwq04eaAv8VfYBlPshOW
swZCd366eNujYrQIZ8dTLr+ZC7gg0eCJ3uPYwGBB65+tMTIHmQkWFwbrpyWfPHvj
gTsZuTYqhlUq/QiTz5QtL5nrDME4/z7pUZHOtkIh70BdCbHFfvaX
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:55:35 2025 by rpki-client