Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/DQHOKV8IKLhzD_DKbK2yKJLy3qI.roa
File: DQHOKV8IKLhzD_DKbK2yKJLy3qI.roa (raw, json)
Hash identifier: PB4sy0lCqmdf8gfZUrxsVqDoVfWeVXqM8PmI2EwyuMw=
Subject key identifier: 0D:01:CE:29:5F:08:28:B8:73:0F:F0:CA:6C:AD:B2:28:92:F2:DE:A2
Certificate issuer: /CN=cd86b8ce222482a14f9b13468ce57e9992684961
Certificate serial: 0194221F79094EF949CB01392D4B21F0F4C8
Authority key identifier: CD:86:B8:CE:22:24:82:A1:4F:9B:13:46:8C:E5:7E:99:92:68:49:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYa4ziIkgqFPmxNGjOV-mZJoSWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/DQHOKV8IKLhzD_DKbK2yKJLy3qI.roa
Signing time: Wed 01 Jan 2025 13:47:55 +0000
ROA not before: Wed 01 Jan 2025 13:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13030
IP address blocks: 193.28.145.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:79:09:4e:f9:49:cb:01:39:2d:4b:21:f0:f4:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd86b8ce222482a14f9b13468ce57e9992684961
Validity
Not Before: Jan 1 13:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d01ce295f0828b8730ff0ca6cadb22892f2dea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e4:49:d6:d1:29:0e:65:6c:50:8f:ad:d6:f2:
3b:e2:71:d2:33:01:48:02:d9:fe:b0:c6:6f:12:89:
38:aa:12:47:23:33:c3:e9:a5:41:02:48:de:c5:ac:
91:89:45:cc:32:76:8b:04:ff:c7:6c:ce:2e:20:d2:
f0:f7:1a:9a:44:c8:f1:a7:ce:98:7a:cf:bb:44:60:
b8:94:ec:82:c5:c3:2d:e7:03:59:e9:ef:1a:e4:8e:
b3:da:da:85:b1:40:c4:92:f3:d3:28:f2:dd:f4:44:
c9:4f:e7:9e:bf:d4:86:17:59:fc:be:dc:9d:3b:98:
36:ae:7d:a7:b8:b0:ce:9f:a7:b3:c3:11:39:24:f3:
08:bc:66:47:99:a7:e2:02:39:78:5f:5b:20:16:fc:
ec:ab:87:64:4b:7a:43:3b:fc:88:30:1f:7c:12:0e:
8a:6b:26:5b:d4:20:78:d2:f8:dc:a1:4d:b9:9a:1e:
64:73:69:21:8b:f5:1c:92:5a:4e:e1:11:16:ba:35:
47:20:6b:1e:a1:8f:28:d3:06:8b:0f:30:b8:8c:5c:
1e:68:ba:2f:b6:ea:3a:ed:ee:2b:98:05:c7:41:80:
cd:1e:af:01:5b:df:b2:0a:27:33:e6:ee:bb:90:41:
9d:1c:81:49:eb:38:f3:b4:0f:33:11:ad:d9:3f:20:
d4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:01:CE:29:5F:08:28:B8:73:0F:F0:CA:6C:AD:B2:28:92:F2:DE:A2
X509v3 Authority Key Identifier:
keyid:CD:86:B8:CE:22:24:82:A1:4F:9B:13:46:8C:E5:7E:99:92:68:49:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYa4ziIkgqFPmxNGjOV-mZJoSWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/DQHOKV8IKLhzD_DKbK2yKJLy3qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/zYa4ziIkgqFPmxNGjOV-mZJoSWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.145.0/24
Signature Algorithm: sha256WithRSAEncryption
60:fa:35:55:b4:91:da:a3:8e:80:73:29:d4:53:65:38:27:48:
9c:e1:c0:de:3e:82:ad:c4:b2:05:28:85:d2:0b:f4:df:ea:2e:
13:59:cd:11:a7:6b:77:42:fb:c0:7d:54:e6:72:ec:42:b3:19:
70:9e:ea:1f:9a:8c:dd:de:2f:a6:e1:b2:6f:42:75:fb:23:8e:
14:76:1f:7b:e3:d4:08:5e:ea:d2:20:94:85:df:b2:da:c5:0f:
93:b1:1f:c6:f8:73:d1:23:a7:ae:25:9f:2a:80:af:2a:a2:b9:
ad:34:13:b7:28:f7:30:8b:e6:19:a3:09:bf:ce:94:ce:81:72:
8c:63:f9:75:d0:5f:4a:c0:62:c5:67:cc:af:dd:df:6a:d9:1b:
44:d1:e9:e9:21:d8:5e:f0:fb:d6:11:58:81:1c:2f:f6:a1:57:
85:ab:34:dc:7c:ad:f2:2e:17:d6:15:e1:1e:e3:8d:49:bd:20:
ef:4b:f7:af:9b:4b:80:16:dc:ae:3b:d4:5b:68:ae:c7:07:35:
d6:cb:27:d7:36:bd:34:f8:c0:ad:24:b5:d4:91:7e:73:61:68:
a6:e3:ed:a8:26:d7:a6:48:2c:c9:9f:5e:bd:be:20:60:a9:9a:
4f:39:55:34:fb:25:2f:eb:25:70:10:8c:31:63:92:55:70:76:
c4:fa:63:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH3kJTvlJywE5LUsh8PTIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODZiOGNlMjIyNDgyYTE0ZjliMTM0NjhjZTU3ZTk5OTI2
ODQ5NjEwHhcNMjUwMTAxMTM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDAxY2UyOTVmMDgyOGI4NzMwZmYwY2E2Y2FkYjIyODkyZjJkZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uRJ1tEpDmVsUI+t1vI74nHSMwFI
Atn+sMZvEok4qhJHIzPD6aVBAkjexayRiUXMMnaLBP/HbM4uINLw9xqaRMjxp86Y
es+7RGC4lOyCxcMt5wNZ6e8a5I6z2tqFsUDEkvPTKPLd9ETJT+eev9SGF1n8vtyd
O5g2rn2nuLDOn6ezwxE5JPMIvGZHmafiAjl4X1sgFvzsq4dkS3pDO/yIMB98Eg6K
ayZb1CB40vjcoU25mh5kc2khi/UcklpO4REWujVHIGseoY8o0waLDzC4jFweaLov
tuo67e4rmAXHQYDNHq8BW9+yCicz5u67kEGdHIFJ6zjztA8zEa3ZPyDURQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0BzilfCCi4cw/wymytsiiS8t6iMB8GA1UdIwQY
MBaAFM2GuM4iJIKhT5sTRozlfpmSaElhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellhNHppSWtncUZQbXhOR2pPVi1tWkpvU1dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82MDgxMTQtYTk3YS00ODc3LTk0Yzct
ZGMyZDU1NzUwM2VlLzEvRFFIT0tWOElLTGh6RF9ES2JLMnlLSkx5M3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82MDgxMTQtYTk3YS00ODc3LTk0YzctZGMyZDU1NzUwM2Vl
LzEvellhNHppSWtncUZQbXhOR2pPVi1tWkpvU1dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRyRMA0G
CSqGSIb3DQEBCwUAA4IBAQBg+jVVtJHao46AcynUU2U4J0ic4cDePoKtxLIFKIXS
C/Tf6i4TWc0Rp2t3QvvAfVTmcuxCsxlwnuofmozd3i+m4bJvQnX7I44Udh9749QI
XurSIJSF37LaxQ+TsR/G+HPRI6euJZ8qgK8qormtNBO3KPcwi+YZowm/zpTOgXKM
Y/l10F9KwGLFZ8yv3d9q2RtE0enpIdhe8PvWEViBHC/2oVeFqzTcfK3yLhfWFeEe
441JvSDvS/evm0uAFtyuO9RbaK7HBzXWyyfXNr00+MCtJLXUkX5zYWim4+2oJtem
SCzJn169viBgqZpPOVU0+yUv6yVwEIwxY5JVcHbE+mMF
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:19 2025 by rpki-client