Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/1-oryDNIqRt4125OL6A9J0dp3eaE.roa
File: 1-oryDNIqRt4125OL6A9J0dp3eaE.roa (raw, json)
Hash identifier: TGkbGZQvG4uUvKAZgwSwWCQm6/QNgnnsrUWS1ihYnNs=
Subject key identifier: FA:8A:F2:0C:D2:2A:46:DE:35:DB:93:8B:E8:0F:49:D1:DA:77:79:A1
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019422201A9FF3CF2A11A228D2FAA54AA50B
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/1-oryDNIqRt4125OL6A9J0dp3eaE.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 14.102.228.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:1a:9f:f3:cf:2a:11:a2:28:d2:fa:a5:4a:a5:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa8af20cd22a46de35db938be80f49d1da7779a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c9:c2:36:07:61:47:f4:10:5a:8e:6b:5d:9d:
2b:3f:a6:fc:4a:d8:0f:40:a4:57:ec:2d:f4:47:1b:
fa:95:87:b7:85:4e:60:e1:96:0c:d1:d2:9b:7a:02:
02:43:17:98:2e:cf:36:87:6a:fe:5a:48:fc:07:13:
81:1c:af:7e:f4:f8:ea:4e:e6:28:83:e2:c4:25:e9:
17:be:1a:5c:57:1f:b7:07:c3:cd:69:a5:13:1f:0c:
49:45:c9:d9:50:77:61:c1:1a:79:14:b8:22:48:5c:
4f:79:e9:c0:d9:9f:6d:2c:7b:72:6f:02:b5:b9:0f:
62:c9:e8:8d:e7:6f:29:1c:5b:9c:51:df:1e:80:45:
de:48:50:45:89:87:5d:81:b3:0f:8c:02:47:a0:1c:
42:86:3f:2b:db:a8:88:d8:f2:10:61:28:0a:e3:df:
f9:72:67:54:94:f7:dd:34:b9:1b:cd:97:4f:f3:6c:
8b:9f:6a:cb:a6:b8:03:98:35:5c:9e:a0:51:28:89:
5c:5b:a8:34:7d:72:60:4d:92:72:46:7b:13:8c:32:
a3:73:32:8c:85:a2:05:e3:00:ea:bc:0d:7e:a3:00:
7a:06:27:11:12:a3:23:f5:3f:89:8e:3d:c4:17:18:
f5:11:45:da:89:d9:e5:72:c1:2c:21:24:b8:75:ab:
33:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:8A:F2:0C:D2:2A:46:DE:35:DB:93:8B:E8:0F:49:D1:DA:77:79:A1
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/1-oryDNIqRt4125OL6A9J0dp3eaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.228.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:81:e4:84:2c:bb:36:f7:64:b9:3c:7e:47:8a:d9:04:0b:b4:
7e:40:74:8a:01:7e:87:b3:31:29:be:66:9d:ed:ef:6a:dc:bd:
00:2f:b2:66:52:0b:52:8b:68:57:58:7f:e9:09:81:9b:37:17:
39:22:e9:ed:b7:fe:9c:12:5d:80:55:a4:05:cb:d1:50:82:d9:
b9:e8:cb:db:d6:00:16:74:29:1c:af:b7:8f:c0:54:b5:2d:00:
64:1b:33:31:49:b5:02:aa:15:36:52:f2:ff:85:56:55:ab:d4:
4b:66:bd:e3:34:65:c8:bb:99:15:2c:6a:84:57:7a:52:0e:35:
66:2a:a0:28:a0:6a:39:c2:af:bd:46:76:70:86:12:39:f3:1e:
49:51:be:98:1e:e2:72:36:2a:d8:ad:36:1b:3f:1e:66:3a:63:
30:5d:eb:86:62:e6:cf:2d:34:f3:a8:12:aa:0e:fe:36:ca:0d:
04:f0:66:57:9e:25:1e:1b:72:55:a5:e3:d4:b0:16:37:32:4d:
e3:bf:9e:42:0e:85:80:bd:c8:00:0c:21:28:49:a3:cd:8a:13:
78:0f:e1:b8:ce:d3:4b:5f:0d:d4:15:88:a3:42:6b:c1:cd:38:
28:ec:df:19:36:43:a5:ec:ef:fa:16:e4:98:b9:6b:66:a7:9d:
62:67:5f:80
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQiIBqf888qEaIo0vqlSqULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYThhZjIwY2QyMmE0NmRlMzVkYjkzOGJlODBmNDlkMWRhNzc3OWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MnCNgdhR/QQWo5rXZ0rP6b8StgP
QKRX7C30Rxv6lYe3hU5g4ZYM0dKbegICQxeYLs82h2r+Wkj8BxOBHK9+9PjqTuYo
g+LEJekXvhpcVx+3B8PNaaUTHwxJRcnZUHdhwRp5FLgiSFxPeenA2Z9tLHtybwK1
uQ9iyeiN528pHFucUd8egEXeSFBFiYddgbMPjAJHoBxChj8r26iI2PIQYSgK49/5
cmdUlPfdNLkbzZdP82yLn2rLprgDmDVcnqBRKIlcW6g0fXJgTZJyRnsTjDKjczKM
haIF4wDqvA1+owB6BicREqMj9T+Jjj3EFxj1EUXaidnlcsEsISS4daszFwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPqK8gzSKkbeNduTi+gPSdHad3mhMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvMS1vcnlETklxUnQ0MTI1T0w2QTlKMGRwM2VhRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWIvMWZmNDRmLTUxZDYtNDU0NS1hZDM2LWI0YjhkYjIwYjFm
Yi8xLzdodzBjc0phelRSelpMZldNU1lZcWpVd3kyTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQ5m5DAN
BgkqhkiG9w0BAQsFAAOCAQEAPYHkhCy7NvdkuTx+R4rZBAu0fkB0igF+h7MxKb5m
ne3vaty9AC+yZlILUotoV1h/6QmBmzcXOSLp7bf+nBJdgFWkBcvRUILZuejL29YA
FnQpHK+3j8BUtS0AZBszMUm1AqoVNlLy/4VWVavUS2a94zRlyLuZFSxqhFd6Ug41
ZiqgKKBqOcKvvUZ2cIYSOfMeSVG+mB7icjYq2K02Gz8eZjpjMF3rhmLmzy0086gS
qg7+NsoNBPBmV54lHhtyVaXj1LAWNzJN47+eQg6FgL3IAAwhKEmjzYoTeA/huM7T
S18N1BWIo0Jrwc04KOzfGTZDpezv+hbkmLlrZqedYmdfgA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:32 2025 by rpki-client