Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/vXaInH9GMVRsh2fS9hIvaiSoFdA.roa
File: vXaInH9GMVRsh2fS9hIvaiSoFdA.roa (raw, json)
Hash identifier: a0cNwrBuY/oV0A/g5UU/CxyDLathCf+t22Rqy9aezE4=
Subject key identifier: BD:76:88:9C:7F:46:31:54:6C:87:67:D2:F6:12:2F:6A:24:A8:15:D0
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B56AD44A71BE8A35BD5BBA84DB61ED
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/vXaInH9GMVRsh2fS9hIvaiSoFdA.roa
Signing time: Thu 02 Jan 2025 15:49:48 +0000
ROA not before: Thu 02 Jan 2025 15:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201414
IP address blocks: 192.162.64.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:6a:d4:4a:71:be:8a:35:bd:5b:ba:84:db:61:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd76889c7f4631546c8767d2f6122f6a24a815d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:85:a0:5c:f3:ec:de:a4:3a:7d:a4:be:b4:0a:
8e:c2:3d:8d:3e:7e:81:c7:f9:f1:da:e4:a5:f7:3d:
92:3a:d7:9a:04:2d:4c:da:58:4c:91:48:4c:a8:3e:
fd:7a:2e:e2:79:1f:1d:6c:e2:19:19:5e:0a:fd:2d:
eb:a1:1c:8e:5c:5b:f3:dc:99:e0:63:90:4a:e4:a6:
98:c8:d9:fd:2e:80:56:f6:34:87:ef:3b:4e:49:a7:
a7:61:5b:55:54:63:3f:64:3d:ca:fa:3b:ef:09:87:
65:ca:73:58:0d:e6:cc:15:26:c9:e3:30:a7:48:70:
a5:8a:cc:19:57:ba:1a:98:e7:6a:be:d1:50:75:8c:
dc:81:0f:ce:38:31:0a:27:73:36:94:e1:47:cc:9c:
44:57:1d:6b:88:e7:b7:d9:fa:5c:4c:ef:ba:a2:05:
b0:5a:3d:d0:49:37:d4:c5:c8:f6:24:f1:3e:9f:b0:
e5:11:ca:a0:0b:e3:21:5d:e7:53:31:5e:fb:be:37:
db:dd:63:f6:a6:5b:35:49:d1:f0:b0:4b:39:b1:c2:
78:fc:9c:5d:3c:0d:71:0a:65:a6:b4:47:0e:16:59:
8c:b9:c5:e8:fd:b9:75:d2:e1:30:aa:61:30:c4:f8:
79:62:66:da:b7:70:1d:f2:47:19:ed:8d:6a:43:68:
f2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:76:88:9C:7F:46:31:54:6C:87:67:D2:F6:12:2F:6A:24:A8:15:D0
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/vXaInH9GMVRsh2fS9hIvaiSoFdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.64.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:07:ca:09:1b:68:41:0c:77:a5:81:0f:75:a0:93:7c:dd:16:
5c:af:b9:6a:8c:98:3a:28:6d:21:1d:81:85:51:2b:68:a7:ca:
ae:3b:c2:1c:40:9e:d8:ae:eb:dd:4a:e5:51:e6:1d:f6:5d:e8:
23:e7:f0:eb:29:00:4c:e4:84:33:d8:7a:f4:57:6f:e0:8d:1b:
9a:7b:9b:61:04:42:df:bf:2b:87:18:17:36:3d:c1:76:7f:7a:
f5:65:96:58:f2:5e:ab:54:6d:21:e4:3a:1a:30:3a:7f:c5:33:
1c:f0:da:ce:e8:f3:e8:cf:e1:09:fd:71:f3:3a:d4:e5:3a:52:
28:87:92:00:ef:67:a0:e8:f3:88:16:6b:1c:9e:aa:98:d9:a1:
bc:69:15:1e:ad:b9:65:63:78:2d:7f:61:e4:a8:43:02:bd:68:
d7:ef:33:b0:24:9d:00:76:33:ce:55:ea:0b:c4:cb:3e:8b:37:
b1:ef:b4:8f:77:70:59:01:7d:d6:c2:e8:55:3d:ff:69:b4:8f:
63:d7:c6:4c:83:7c:72:e8:b9:23:09:4e:15:90:5a:5f:47:4e:
d8:4a:18:02:0b:aa:7c:44:07:37:c3:ae:71:f4:32:ab:cd:c6:
47:f6:15:e1:e5:24:f0:a0:07:bb:72:96:80:0a:0b:de:53:20:
d8:05:1b:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntWrUSnG+ijW9W7qE22HtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDc2ODg5YzdmNDYzMTU0NmM4NzY3ZDJmNjEyMmY2YTI0YTgxNWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYWgXPPs3qQ6faS+tAqOwj2NPn6B
x/nx2uSl9z2SOteaBC1M2lhMkUhMqD79ei7ieR8dbOIZGV4K/S3roRyOXFvz3Jng
Y5BK5KaYyNn9LoBW9jSH7ztOSaenYVtVVGM/ZD3K+jvvCYdlynNYDebMFSbJ4zCn
SHCliswZV7oamOdqvtFQdYzcgQ/OODEKJ3M2lOFHzJxEVx1riOe32fpcTO+6ogWw
Wj3QSTfUxcj2JPE+n7DlEcqgC+MhXedTMV77vjfb3WP2pls1SdHwsEs5scJ4/Jxd
PA1xCmWmtEcOFlmMucXo/bl10uEwqmEwxPh5Ymbat3Ad8kcZ7Y1qQ2jygQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL12iJx/RjFUbIdn0vYSL2okqBXQMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvdlhhSW5IOUdNVlJzaDJmUzloSXZhaVNvRmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKJAMA0G
CSqGSIb3DQEBCwUAA4IBAQAPB8oJG2hBDHelgQ91oJN83RZcr7lqjJg6KG0hHYGF
UStop8quO8IcQJ7YruvdSuVR5h32Xegj5/DrKQBM5IQz2Hr0V2/gjRuae5thBELf
vyuHGBc2PcF2f3r1ZZZY8l6rVG0h5DoaMDp/xTMc8NrO6PPoz+EJ/XHzOtTlOlIo
h5IA72eg6POIFmscnqqY2aG8aRUerbllY3gtf2HkqEMCvWjX7zOwJJ0AdjPOVeoL
xMs+izex77SPd3BZAX3WwuhVPf9ptI9j18ZMg3xy6LkjCU4VkFpfR07YShgCC6p8
RAc3w65x9DKrzcZH9hXh5STwoAe7cpaACgveUyDYBRva
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:11:12 2025 by rpki-client