Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/0KFOTw8mw8rqvR73lDvTvz4eLlM.roa
File: 0KFOTw8mw8rqvR73lDvTvz4eLlM.roa (raw, json)
Hash identifier: czZq6CrDBuBW60D89viYE/HEQ3Elp6ceJu/itDlsmLQ=
Subject key identifier: D0:A1:4E:4F:0F:26:C3:CA:EA:BD:1E:F7:94:3B:D3:BF:3E:1E:2E:53
Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial: 019424B3CD4F1C4ED2FE1378921B4646AF69
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/0KFOTw8mw8rqvR73lDvTvz4eLlM.roa
Signing time: Thu 02 Jan 2025 01:49:10 +0000
ROA not before: Thu 02 Jan 2025 01:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31400
IP address blocks: 194.126.196.0/24 maxlen: 24
2a03:2902::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:cd:4f:1c:4e:d2:fe:13:78:92:1b:46:46:af:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Validity
Not Before: Jan 2 01:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0a14e4f0f26c3caeabd1ef7943bd3bf3e1e2e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6c:6a:4f:07:68:e6:66:69:7c:1d:18:8a:ff:
c3:be:c2:bc:3b:28:2d:78:d7:7a:6c:20:80:a3:12:
27:5c:00:f5:0d:2c:92:00:d8:22:43:7e:e5:66:1e:
9a:4f:f2:8c:cb:29:96:94:3e:a1:26:1c:2f:51:30:
14:70:98:c6:25:36:0f:3f:5d:f8:fa:17:f9:ab:eb:
1b:7e:49:5c:e4:94:6e:40:de:cf:93:b0:0e:a5:8e:
30:b6:75:38:04:af:39:62:7d:b2:01:76:6c:67:e7:
5c:11:2c:bc:c3:c8:1e:b1:b1:13:e0:6f:08:38:3e:
22:5e:4c:1a:dd:f3:7e:c4:57:98:12:e1:5f:50:7d:
56:4f:cf:dd:4f:7d:3f:21:74:0d:30:cc:4e:5b:b1:
d0:0b:d6:db:eb:63:b6:1e:81:fe:a4:53:d8:e1:51:
e1:a5:70:f2:25:08:36:f6:19:b0:be:16:16:67:ea:
bf:51:74:64:f4:8a:00:17:b0:da:9a:f0:da:fa:f5:
d8:cc:c4:34:fc:9d:1a:7b:c5:42:53:c7:2e:c4:07:
05:a1:d4:5a:e4:6d:3d:06:ce:29:79:2c:2d:06:c3:
46:2e:b2:9d:3c:56:6e:15:a5:23:87:7a:f5:5f:29:
f3:85:fa:ce:af:d2:be:e1:a9:cd:44:45:e1:5b:78:
41:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A1:4E:4F:0F:26:C3:CA:EA:BD:1E:F7:94:3B:D3:BF:3E:1E:2E:53
X509v3 Authority Key Identifier:
keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/0KFOTw8mw8rqvR73lDvTvz4eLlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.196.0/24
IPv6:
2a03:2902::/32
Signature Algorithm: sha256WithRSAEncryption
ac:18:47:63:1a:36:4f:2a:3a:15:4d:1c:0c:8d:cf:a3:6c:bc:
1e:fa:5c:23:ba:46:10:04:77:b4:6d:6e:c6:ec:3a:fa:bd:de:
52:da:95:c9:43:ec:03:21:d2:31:af:1f:aa:da:68:5e:82:cf:
e3:a1:16:19:1f:9b:fc:27:b8:1b:d2:fe:14:f0:30:b0:fc:c2:
ff:29:4e:c6:4c:0b:6f:83:2d:ac:67:e6:c6:1b:d2:f9:d3:88:
87:fb:30:48:e1:55:d7:b7:6a:82:aa:ac:b6:8e:c9:27:7b:ca:
71:17:b5:8e:5f:9e:9d:32:c0:ea:bd:69:60:4a:4c:1b:ea:d5:
2e:a9:2a:3e:6f:0d:38:49:86:f7:65:1e:75:c7:0e:e7:81:83:
98:ab:ef:c8:d8:a1:87:93:93:f1:45:f7:de:72:9d:6b:08:61:
01:c3:1a:7b:01:5d:9e:3c:c0:86:21:b6:e3:3f:74:28:a8:5a:
f4:e2:33:7e:06:53:d6:f3:23:94:42:de:5c:87:a7:9c:42:5c:
16:3e:90:ea:9d:77:3d:29:04:47:8a:9f:f6:71:0f:c1:f6:a5:
09:dd:42:03:1b:02:67:df:bc:70:c4:85:fd:8d:c8:26:3b:44:
4a:c6:3c:d8:c8:d9:37:03:fa:68:fa:6c:1b:9f:c2:a3:16:25:
45:41:0d:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks81PHE7S/hN4khtGRq9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4
NTE4YmUwHhcNMjUwMTAyMDE0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGExNGU0ZjBmMjZjM2NhZWFiZDFlZjc5NDNiZDNiZjNlMWUyZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2xqTwdo5mZpfB0Yiv/DvsK8Oygt
eNd6bCCAoxInXAD1DSySANgiQ37lZh6aT/KMyymWlD6hJhwvUTAUcJjGJTYPP134
+hf5q+sbfklc5JRuQN7Pk7AOpY4wtnU4BK85Yn2yAXZsZ+dcESy8w8gesbET4G8I
OD4iXkwa3fN+xFeYEuFfUH1WT8/dT30/IXQNMMxOW7HQC9bb62O2HoH+pFPY4VHh
pXDyJQg29hmwvhYWZ+q/UXRk9IoAF7DamvDa+vXYzMQ0/J0ae8VCU8cuxAcFodRa
5G09Bs4peSwtBsNGLrKdPFZuFaUjh3r1XynzhfrOr9K+4anNREXhW3hBeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNChTk8PJsPK6r0e95Q7078+Hi5TMB8GA1UdIwQY
MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt
MGUyZDY5N2IyN2UzLzEvMEtGT1R3OG13OHJxdlI3M2xEdlR2ejRlTGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz
LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwn7EMA0E
AgACMAcDBQAqAykCMA0GCSqGSIb3DQEBCwUAA4IBAQCsGEdjGjZPKjoVTRwMjc+j
bLwe+lwjukYQBHe0bW7G7Dr6vd5S2pXJQ+wDIdIxrx+q2mhegs/joRYZH5v8J7gb
0v4U8DCw/ML/KU7GTAtvgy2sZ+bGG9L504iH+zBI4VXXt2qCqqy2jskne8pxF7WO
X56dMsDqvWlgSkwb6tUuqSo+bw04SYb3ZR51xw7ngYOYq+/I2KGHk5PxRffecp1r
CGEBwxp7AV2ePMCGIbbjP3QoqFr04jN+BlPW8yOUQt5ch6ecQlwWPpDqnXc9KQRH
ip/2cQ/B9qUJ3UIDGwJn37xwxIX9jcgmO0RKxjzYyNk3A/po+mwbn8KjFiVFQQ31
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:45:48 2025 by rpki-client