Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/elLFjR7Yc8USK0O3p5qL-ATVTkA.roa
File: elLFjR7Yc8USK0O3p5qL-ATVTkA.roa (raw, json)
Hash identifier: 2RykagTUfOhC92EtMpxyY7jkA76uPjc6pubeTbcezk4=
Subject key identifier: 7A:52:C5:8D:1E:D8:73:C5:12:2B:43:B7:A7:9A:8B:F8:04:D5:4E:40
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 0194258F934A4BBCC9F114F0AEAE8FCE894B
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/elLFjR7Yc8USK0O3p5qL-ATVTkA.roa
Signing time: Thu 02 Jan 2025 05:49:13 +0000
ROA not before: Thu 02 Jan 2025 05:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49508
IP address blocks: 194.32.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:93:4a:4b:bc:c9:f1:14:f0:ae:ae:8f:ce:89:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jan 2 05:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a52c58d1ed873c5122b43b7a79a8bf804d54e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b3:4f:13:0c:73:68:cd:5e:bf:79:57:7f:1a:
66:7e:07:87:3d:17:97:6f:e7:b1:d0:99:b4:12:31:
0c:c2:c4:73:a5:bc:e9:20:08:d6:5c:fa:7b:69:2f:
92:e3:d5:02:33:91:35:cb:6a:ae:b7:15:f2:36:d5:
5d:fd:c6:66:5b:ba:c7:1f:76:d6:73:f7:be:0e:3f:
6d:1f:08:24:8e:09:f8:22:e8:4e:a4:17:cf:f8:6c:
0a:6c:e3:5b:1a:92:4e:12:44:56:67:69:ee:24:0c:
05:00:49:cc:17:7b:7b:2b:5a:e2:11:1b:9a:db:9d:
06:f2:6c:4f:0e:ca:08:57:08:e2:5a:d6:dc:6c:f9:
7b:aa:f6:47:fd:f7:39:7a:1d:bd:77:08:85:b8:1a:
58:96:98:38:80:85:aa:69:b0:02:f9:3d:19:d6:d9:
b0:e4:db:76:20:5c:ff:d8:d7:bb:a4:a7:cf:a2:5d:
8d:13:18:ad:36:10:2d:f2:c6:25:fb:f4:0e:54:07:
88:82:59:bc:8b:8b:3d:b5:f3:9b:90:f9:33:a7:6e:
ee:ee:f1:f4:1a:4d:b2:c1:ff:24:d0:ae:47:ad:b6:
1d:af:d9:87:fa:01:ea:d7:28:e9:a3:87:9f:2e:2a:
43:04:d6:4d:d6:4a:30:f8:bb:66:38:28:42:15:83:
2b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:52:C5:8D:1E:D8:73:C5:12:2B:43:B7:A7:9A:8B:F8:04:D5:4E:40
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/elLFjR7Yc8USK0O3p5qL-ATVTkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.99.0/24
Signature Algorithm: sha256WithRSAEncryption
43:62:51:18:6e:fb:af:aa:19:2e:5c:0c:dc:c9:0a:cb:63:ad:
ae:5f:f6:64:cb:ac:f1:b0:3c:82:d8:de:00:0c:59:31:cd:68:
4c:24:d2:74:f0:75:ab:a8:62:85:31:93:02:4d:29:0d:be:80:
4e:b5:58:40:af:1c:f4:1d:3f:35:b1:4d:f2:a4:38:6e:b2:d0:
26:f6:f8:a9:55:44:74:a4:56:52:21:5e:f0:7a:05:af:32:d8:
e3:5a:5d:42:79:3a:91:33:fc:53:34:45:16:fd:b9:ef:22:96:
fd:f6:cf:99:37:1a:5b:6e:26:94:65:e0:e4:9d:78:56:09:ce:
84:a4:6a:c6:19:57:a5:65:e3:1b:b3:54:c9:cc:8c:49:eb:ab:
44:3a:ba:63:b7:a2:54:a2:bf:75:ee:18:67:2e:53:fa:af:26:
d9:b0:c6:d1:b0:75:69:52:3b:c5:35:22:f5:80:79:ae:88:4e:
3f:4a:7a:27:ed:5c:a9:6d:1f:c3:90:04:c6:8d:e5:92:21:3f:
b6:47:9a:89:16:4f:bf:46:bf:f3:42:63:1f:84:45:12:c0:fb:
45:f5:ac:8a:96:2e:e4:27:8d:45:00:02:39:fa:ef:a4:78:19:
f8:52:aa:b6:cc:fb:f7:4c:9d:1b:36:a2:bd:90:6c:ae:e3:0e:
07:f6:9b:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj5NKS7zJ8RTwrq6PzolLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUwMTAyMDU0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTUyYzU4ZDFlZDg3M2M1MTIyYjQzYjdhNzlhOGJmODA0ZDU0ZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrNPEwxzaM1ev3lXfxpmfgeHPReX
b+ex0Jm0EjEMwsRzpbzpIAjWXPp7aS+S49UCM5E1y2qutxXyNtVd/cZmW7rHH3bW
c/e+Dj9tHwgkjgn4IuhOpBfP+GwKbONbGpJOEkRWZ2nuJAwFAEnMF3t7K1riERua
250G8mxPDsoIVwjiWtbcbPl7qvZH/fc5eh29dwiFuBpYlpg4gIWqabAC+T0Z1tmw
5Nt2IFz/2Ne7pKfPol2NExitNhAt8sYl+/QOVAeIglm8i4s9tfObkPkzp27u7vH0
Gk2ywf8k0K5HrbYdr9mH+gHq1yjpo4efLipDBNZN1kow+LtmOChCFYMrTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHpSxY0e2HPFEitDt6eai/gE1U5AMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvZWxMRmpSN1ljOFVTSzBPM3A1cUwtQVRWVGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiBjMA0G
CSqGSIb3DQEBCwUAA4IBAQBDYlEYbvuvqhkuXAzcyQrLY62uX/Zky6zxsDyC2N4A
DFkxzWhMJNJ08HWrqGKFMZMCTSkNvoBOtVhArxz0HT81sU3ypDhustAm9vipVUR0
pFZSIV7wegWvMtjjWl1CeTqRM/xTNEUW/bnvIpb99s+ZNxpbbiaUZeDknXhWCc6E
pGrGGVelZeMbs1TJzIxJ66tEOrpjt6JUor917hhnLlP6rybZsMbRsHVpUjvFNSL1
gHmuiE4/Snon7VypbR/DkATGjeWSIT+2R5qJFk+/Rr/zQmMfhEUSwPtF9ayKli7k
J41FAAI5+u+keBn4Uqq2zPv3TJ0bNqK9kGyu4w4H9ptK
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:32:53 2025 by rpki-client