Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/pfTZ88SRK7BJ1bWmmJVB35dV26A.roa
File: pfTZ88SRK7BJ1bWmmJVB35dV26A.roa (raw, json)
Hash identifier: TVV4m/AajwnJi7L7QdoUgaL2HibNFWxDJ80dMIKyPdw=
Subject key identifier: A5:F4:D9:F3:C4:91:2B:B0:49:D5:B5:A6:98:95:41:DF:97:55:DB:A0
Certificate issuer: /CN=9ff2f682053d43c9ad1c6539caee9f4621b0da16
Certificate serial: 019426D9B29C6EC3618040143DF0120F11A6
Authority key identifier: 9F:F2:F6:82:05:3D:43:C9:AD:1C:65:39:CA:EE:9F:46:21:B0:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n_L2ggU9Q8mtHGU5yu6fRiGw2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/pfTZ88SRK7BJ1bWmmJVB35dV26A.roa
Signing time: Thu 02 Jan 2025 11:49:48 +0000
ROA not before: Thu 02 Jan 2025 11:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13039
IP address blocks: 194.76.14.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:b2:9c:6e:c3:61:80:40:14:3d:f0:12:0f:11:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ff2f682053d43c9ad1c6539caee9f4621b0da16
Validity
Not Before: Jan 2 11:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5f4d9f3c4912bb049d5b5a6989541df9755dba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fb:42:9d:d7:10:5e:1d:89:f6:c0:ec:a4:e8:
f0:92:e8:8a:e5:d9:e4:4b:00:ae:59:ed:0f:d2:79:
ae:08:a1:6a:fb:25:76:ac:0b:a2:e2:2a:65:69:77:
cd:49:1f:05:01:e0:90:57:fb:8f:4e:68:41:b0:51:
29:a2:fc:d8:99:89:f8:43:5c:eb:60:da:2f:17:0d:
5f:25:f6:bf:b4:b1:46:00:ed:6d:0c:a5:9f:6e:35:
8e:3f:4c:e5:e9:17:82:93:12:b7:7e:3e:00:fc:c2:
de:09:9d:75:75:5f:2e:08:80:c2:09:79:e0:4b:93:
ef:01:7f:07:e8:94:c5:f7:6f:49:6a:bd:99:71:44:
5d:cc:4f:ce:38:9f:a3:f6:1a:c8:90:d8:c2:e5:a8:
0e:8c:45:b5:c3:61:c7:a5:90:14:4a:cc:d6:fd:90:
b6:80:e7:19:6b:fb:cd:45:61:a1:c7:eb:83:e1:be:
62:23:68:0e:08:20:85:d2:0a:80:11:ec:75:79:7c:
05:fe:db:0c:c0:10:9a:5c:dd:5a:c7:35:13:29:fe:
ec:bf:af:fb:dc:4d:6d:07:43:26:dd:13:70:42:a6:
e6:29:50:f1:8f:78:38:19:8f:a8:1a:8c:57:08:ea:
d4:fb:08:d2:d7:4d:fc:70:4f:f9:6b:c8:23:6d:a8:
6d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F4:D9:F3:C4:91:2B:B0:49:D5:B5:A6:98:95:41:DF:97:55:DB:A0
X509v3 Authority Key Identifier:
keyid:9F:F2:F6:82:05:3D:43:C9:AD:1C:65:39:CA:EE:9F:46:21:B0:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_L2ggU9Q8mtHGU5yu6fRiGw2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/pfTZ88SRK7BJ1bWmmJVB35dV26A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/n_L2ggU9Q8mtHGU5yu6fRiGw2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.14.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:26:20:00:b7:bd:80:b0:c2:89:72:7d:89:39:9f:49:71:09:
58:5c:15:9e:82:2a:57:14:24:6a:37:38:f8:ad:bf:35:f3:57:
6c:d4:af:44:d6:20:67:b4:2f:13:1d:03:46:84:72:d0:2c:5c:
1a:bd:24:79:fc:17:5e:a2:1f:eb:85:db:39:53:e8:cf:af:32:
5d:9e:7a:47:06:69:cf:5b:25:8d:58:77:c0:75:d1:f4:41:3e:
3c:c1:bd:a1:d6:96:40:51:5f:ae:5a:81:20:07:b1:c7:27:0c:
c6:95:8f:2f:ec:19:c5:f5:21:43:c5:a0:ab:f9:c9:85:d4:a6:
ac:74:16:c7:c1:30:6c:f1:e3:89:0b:d8:8e:a7:0c:ac:b4:31:
ab:ac:18:7b:88:a6:45:34:6f:cc:7a:f3:c8:db:78:37:5f:c9:
c5:b4:0c:e0:68:57:3a:65:c2:12:d3:36:f2:0c:73:d7:e2:8b:
65:a2:a6:58:98:b0:a6:88:0a:7b:0f:c9:08:f0:ff:85:82:eb:
e0:33:e3:92:f1:ad:b3:6c:dc:19:1f:08:ca:0b:d0:0b:12:2e:
b7:3d:77:70:a8:2d:06:1e:a4:85:63:fa:2d:aa:06:ec:23:af:
06:8d:28:aa:6b:f0:a6:f6:d7:45:37:6f:63:cb:72:c8:96:d9:
8e:0b:e4:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2bKcbsNhgEAUPfASDxGmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZjJmNjgyMDUzZDQzYzlhZDFjNjUzOWNhZWU5ZjQ2MjFi
MGRhMTYwHhcNMjUwMTAyMTE0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWY0ZDlmM2M0OTEyYmIwNDlkNWI1YTY5ODk1NDFkZjk3NTVkYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/tCndcQXh2J9sDspOjwkuiK5dnk
SwCuWe0P0nmuCKFq+yV2rAui4iplaXfNSR8FAeCQV/uPTmhBsFEpovzYmYn4Q1zr
YNovFw1fJfa/tLFGAO1tDKWfbjWOP0zl6ReCkxK3fj4A/MLeCZ11dV8uCIDCCXng
S5PvAX8H6JTF929Jar2ZcURdzE/OOJ+j9hrIkNjC5agOjEW1w2HHpZAUSszW/ZC2
gOcZa/vNRWGhx+uD4b5iI2gOCCCF0gqAEex1eXwF/tsMwBCaXN1axzUTKf7sv6/7
3E1tB0Mm3RNwQqbmKVDxj3g4GY+oGoxXCOrU+wjS1038cE/5a8gjbahtAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKX02fPEkSuwSdW1ppiVQd+XVdugMB8GA1UdIwQY
MBaAFJ/y9oIFPUPJrRxlOcrun0YhsNoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbl9MMmdnVTlROG10SEdVNXl1NmZSaUd3MmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8yZmE2MjQtNWI1ZC00NjQ2LWIxM2Qt
MTY1MTFhNmVkOWM2LzEvcGZUWjg4U1JLN0JKMWJXbW1KVkIzNWRWMjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8yZmE2MjQtNWI1ZC00NjQ2LWIxM2QtMTY1MTFhNmVkOWM2
LzEvbl9MMmdnVTlROG10SEdVNXl1NmZSaUd3MmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkwOMA0G
CSqGSIb3DQEBCwUAA4IBAQCOJiAAt72AsMKJcn2JOZ9JcQlYXBWegipXFCRqNzj4
rb8181ds1K9E1iBntC8THQNGhHLQLFwavSR5/Bdeoh/rhds5U+jPrzJdnnpHBmnP
WyWNWHfAddH0QT48wb2h1pZAUV+uWoEgB7HHJwzGlY8v7BnF9SFDxaCr+cmF1Kas
dBbHwTBs8eOJC9iOpwystDGrrBh7iKZFNG/MevPI23g3X8nFtAzgaFc6ZcIS0zby
DHPX4otloqZYmLCmiAp7D8kI8P+FguvgM+OS8a2zbNwZHwjKC9ALEi63PXdwqC0G
HqSFY/otqgbsI68GjSiqa/Cm9tdFN29jy3LIltmOC+R6
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:26 2025 by rpki-client