Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/2aa44d-3bf3-420b-ae3e-e8a6a14419d9/1/ymqELlMii23trp9Ry-AEB-L5Gsg.roa
File: ymqELlMii23trp9Ry-AEB-L5Gsg.roa (raw, json)
Hash identifier: bg95RMRsGjw0+vtsFPQKv+EI6I0p/reBLLmPNmAd/+I=
Subject key identifier: CA:6A:84:2E:53:22:8B:6D:ED:AE:9F:51:CB:E0:04:07:E2:F9:1A:C8
Certificate issuer: /CN=acb8385d0857080cfc013aa521bde6a3a93e4812
Certificate serial: 019426D96AFD98F15AB06987F23AD4BAF192
Authority key identifier: AC:B8:38:5D:08:57:08:0C:FC:01:3A:A5:21:BD:E6:A3:A9:3E:48:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rLg4XQhXCAz8ATqlIb3mo6k-SBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/2aa44d-3bf3-420b-ae3e-e8a6a14419d9/1/ymqELlMii23trp9Ry-AEB-L5Gsg.roa
Signing time: Thu 02 Jan 2025 11:49:30 +0000
ROA not before: Thu 02 Jan 2025 11:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 194.147.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:6a:fd:98:f1:5a:b0:69:87:f2:3a:d4:ba:f1:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acb8385d0857080cfc013aa521bde6a3a93e4812
Validity
Not Before: Jan 2 11:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca6a842e53228b6dedae9f51cbe00407e2f91ac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f4:94:06:39:e4:e8:10:c5:f5:0b:a4:d4:fe:
a4:01:9e:0b:de:01:d5:c8:d3:ce:9b:0f:f6:cf:0d:
82:83:61:c0:92:f0:61:99:b9:28:50:21:37:1d:f8:
96:e0:df:f9:1c:6b:76:22:d7:6b:68:c6:9e:13:ca:
b2:1b:0b:95:84:86:01:20:07:cb:4a:03:45:72:d8:
c3:c7:09:15:d9:6c:75:22:f5:95:be:b0:e8:41:ce:
bb:2a:b6:58:b5:c5:da:65:e0:38:a6:80:39:b3:b9:
a2:b1:dd:47:76:89:10:4b:51:4f:f6:2f:2a:75:0a:
24:c0:31:87:0d:8b:8e:68:99:e7:04:e0:eb:72:a5:
7e:94:c5:ae:72:4e:15:4a:66:3e:b8:c0:8d:24:f1:
85:fa:ec:f5:3c:47:4b:02:fd:c8:60:2e:d2:7c:53:
21:20:b8:28:a3:a8:e9:12:e2:64:8b:8f:14:20:25:
8c:65:c9:15:cc:e6:68:1c:be:92:82:63:e2:4a:3e:
e6:a1:dd:f5:0f:83:ba:e7:ac:ad:f1:27:94:e7:fd:
d0:dd:ac:16:41:14:ed:78:ef:3c:33:4a:8a:7a:20:
8c:57:3f:52:bb:c5:40:5e:ee:d8:d2:e1:f4:9d:ef:
83:f8:57:8d:ad:97:87:77:a5:48:0b:4a:c7:b8:09:
55:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:6A:84:2E:53:22:8B:6D:ED:AE:9F:51:CB:E0:04:07:E2:F9:1A:C8
X509v3 Authority Key Identifier:
keyid:AC:B8:38:5D:08:57:08:0C:FC:01:3A:A5:21:BD:E6:A3:A9:3E:48:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rLg4XQhXCAz8ATqlIb3mo6k-SBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2aa44d-3bf3-420b-ae3e-e8a6a14419d9/1/ymqELlMii23trp9Ry-AEB-L5Gsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2aa44d-3bf3-420b-ae3e-e8a6a14419d9/1/rLg4XQhXCAz8ATqlIb3mo6k-SBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.171.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:aa:5d:e4:f3:0d:2f:39:80:8f:47:b6:b0:13:95:8c:b3:ef:
7f:a6:c9:4a:7c:57:75:02:2c:29:a7:40:ee:ce:8e:81:ab:1e:
c5:ef:89:1e:ba:ae:f6:e2:52:a0:07:0e:3f:9f:40:3a:b5:9e:
9d:9c:13:a0:4b:41:0f:39:39:1b:d8:a0:17:d2:06:4f:11:ef:
07:14:21:77:88:e5:76:1e:e1:67:a8:9f:20:ac:4c:72:d8:13:
3e:e3:f3:df:ac:c4:be:7b:e8:1e:eb:64:7b:88:e6:0c:a6:3b:
fc:c7:dc:21:10:1d:05:ce:85:d7:d3:88:9d:89:87:ad:a2:cf:
5c:d4:98:d0:b6:9c:16:48:e4:34:77:0b:56:10:08:7e:a6:ee:
42:b4:86:4e:91:85:76:0b:c9:6c:92:a1:ec:3f:3c:28:77:58:
07:f9:49:53:42:cd:54:af:fd:d7:20:ab:37:3c:04:04:91:40:
27:81:77:a9:79:cc:02:b7:6b:26:cf:b0:c5:7f:e9:9a:90:23:
d4:c6:73:d9:2a:7a:32:4d:0c:0c:35:96:e8:25:cf:d0:08:c2:
ba:b2:c1:c8:13:01:64:a4:8e:6b:6f:32:33:a2:6a:47:48:1c:
fc:50:e7:7c:7f:a1:b3:6e:2e:42:42:ee:6f:a9:47:8c:7c:44:
f2:ca:69:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2Wr9mPFasGmH8jrUuvGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYjgzODVkMDg1NzA4MGNmYzAxM2FhNTIxYmRlNmEzYTkz
ZTQ4MTIwHhcNMjUwMTAyMTE0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTZhODQyZTUzMjI4YjZkZWRhZTlmNTFjYmUwMDQwN2UyZjkxYWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/SUBjnk6BDF9Quk1P6kAZ4L3gHV
yNPOmw/2zw2Cg2HAkvBhmbkoUCE3HfiW4N/5HGt2ItdraMaeE8qyGwuVhIYBIAfL
SgNFctjDxwkV2Wx1IvWVvrDoQc67KrZYtcXaZeA4poA5s7misd1HdokQS1FP9i8q
dQokwDGHDYuOaJnnBODrcqV+lMWuck4VSmY+uMCNJPGF+uz1PEdLAv3IYC7SfFMh
ILgoo6jpEuJki48UICWMZckVzOZoHL6SgmPiSj7mod31D4O656yt8SeU5/3Q3awW
QRTteO88M0qKeiCMVz9Su8VAXu7Y0uH0ne+D+FeNrZeHd6VIC0rHuAlViQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpqhC5TIott7a6fUcvgBAfi+RrIMB8GA1UdIwQY
MBaAFKy4OF0IVwgM/AE6pSG95qOpPkgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckxnNFhRaFhDQXo4QVRxbEliM21vNmstU0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yYWE0NGQtM2JmMy00MjBiLWFlM2Ut
ZThhNmExNDQxOWQ5LzEveW1xRUxsTWlpMjN0cnA5UnktQUVCLUw1R3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yYWE0NGQtM2JmMy00MjBiLWFlM2UtZThhNmExNDQxOWQ5
LzEvckxnNFhRaFhDQXo4QVRxbEliM21vNmstU0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpOrMA0G
CSqGSIb3DQEBCwUAA4IBAQCdql3k8w0vOYCPR7awE5WMs+9/pslKfFd1Aiwpp0Du
zo6Bqx7F74keuq724lKgBw4/n0A6tZ6dnBOgS0EPOTkb2KAX0gZPEe8HFCF3iOV2
HuFnqJ8grExy2BM+4/PfrMS+e+ge62R7iOYMpjv8x9whEB0FzoXX04idiYetos9c
1JjQtpwWSOQ0dwtWEAh+pu5CtIZOkYV2C8lskqHsPzwod1gH+UlTQs1Ur/3XIKs3
PAQEkUAngXepecwCt2smz7DFf+makCPUxnPZKnoyTQwMNZboJc/QCMK6ssHIEwFk
pI5rbzIzompHSBz8UOd8f6Gzbi5CQu5vqUeMfETyymnA
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:43:37 2025 by rpki-client