Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/Iv7XsxWXHnyoVpEd4DC_3XASFeY.roa
File: Iv7XsxWXHnyoVpEd4DC_3XASFeY.roa (raw, json)
Hash identifier: RkiFvafvAi0w5FjSv5Z+cDcQDkhTTLcusqCEJERJr3M=
Subject key identifier: 22:FE:D7:B3:15:97:1E:7C:A8:56:91:1D:E0:30:BF:DD:70:12:15:E6
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 01942143B49ED6CA355339876C81B9EBD53C
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/Iv7XsxWXHnyoVpEd4DC_3XASFeY.roa
Signing time: Wed 01 Jan 2025 09:47:52 +0000
ROA not before: Wed 01 Jan 2025 09:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49035
IP address blocks: 195.187.156.0/23 maxlen: 23
195.187.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:b4:9e:d6:ca:35:53:39:87:6c:81:b9:eb:d5:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 1 09:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22fed7b315971e7ca856911de030bfdd701215e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c1:75:ae:6d:07:9a:f2:31:ae:13:56:cf:5c:
a1:59:ca:54:b2:ec:55:3b:47:19:0f:f4:86:b7:59:
50:66:a1:72:fa:00:fe:fe:27:7a:b5:67:07:56:b1:
a8:fe:23:22:a1:87:54:d9:c3:1c:65:9c:e3:5f:79:
98:b3:7e:a2:e6:23:96:dc:06:eb:c3:93:6c:5c:dd:
22:0f:04:90:d4:f3:02:bc:25:1c:b9:d4:32:8b:fd:
18:c3:ab:d8:95:50:5e:e3:60:20:bc:4e:5e:58:e1:
06:13:de:31:c2:fa:b1:69:d2:94:8b:2d:24:f9:5f:
5e:6f:fc:85:74:35:88:39:c9:ab:55:2a:f4:1c:62:
e6:c3:ce:61:90:31:49:d5:ce:be:b9:23:8a:94:0a:
12:bb:78:ec:2f:4e:e4:4c:b6:a7:2b:7e:7c:ec:a3:
0a:55:6d:18:7a:71:84:e1:cc:28:24:c7:01:c8:9e:
72:be:bd:59:d0:d1:c2:ae:97:aa:ca:68:6f:30:9e:
7e:f0:3c:2d:69:b8:a7:f7:27:71:b6:78:9b:e0:69:
7c:88:7c:c2:7e:f0:66:87:f9:90:34:fa:87:e4:37:
2d:37:29:b0:90:37:2d:8b:27:5e:a2:87:70:69:aa:
0b:e9:32:3f:4b:66:ed:2d:1e:a4:76:73:9d:2c:fb:
94:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:FE:D7:B3:15:97:1E:7C:A8:56:91:1D:E0:30:BF:DD:70:12:15:E6
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/Iv7XsxWXHnyoVpEd4DC_3XASFeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.187.156.0-195.187.158.255
Signature Algorithm: sha256WithRSAEncryption
86:17:c9:3a:32:70:9b:38:1a:21:41:31:ff:5e:fd:77:9d:78:
ea:48:53:9d:bd:f6:d8:6b:06:a5:9a:7e:78:cd:43:3e:83:85:
31:5a:92:94:cb:1b:34:cf:f3:e8:47:b3:10:ff:4a:5b:93:51:
b5:60:2c:a5:64:16:a0:73:78:19:bc:16:24:83:cb:63:80:45:
43:82:a9:b2:61:e5:a6:d9:54:fb:be:5d:87:50:78:a2:d9:cd:
3f:63:73:0b:dd:a0:f0:1f:78:dd:14:47:44:22:b6:f8:24:42:
c0:c5:71:fc:01:98:f0:bb:fd:f3:6d:22:98:ab:7e:9f:3f:07:
80:ee:e6:49:15:ce:a7:02:e2:f2:e2:f2:a9:1d:4b:1c:a7:24:
86:df:42:47:59:40:87:78:68:db:d5:53:a1:67:34:c1:e0:2f:
0f:8c:1d:fb:5a:f1:d6:8b:4d:52:38:97:b5:78:6b:74:42:86:
f7:57:f5:14:ec:6f:e4:78:49:0b:82:83:4a:59:e7:d1:d4:fd:
38:2f:ac:89:09:1a:3c:52:fd:f6:97:7f:eb:86:6d:be:9c:dc:
39:05:f2:60:80:de:88:c9:84:c8:02:47:73:21:b6:85:ea:18:
3a:05:98:89:56:83:c3:24:58:a5:8a:d8:a2:b3:8a:16:98:42:
a1:2d:7d:53
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQhQ7Se1so1UzmHbIG569U8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjUwMTAxMDk0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmZlZDdiMzE1OTcxZTdjYTg1NjkxMWRlMDMwYmZkZDcwMTIxNWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisF1rm0HmvIxrhNWz1yhWcpUsuxV
O0cZD/SGt1lQZqFy+gD+/id6tWcHVrGo/iMioYdU2cMcZZzjX3mYs36i5iOW3Abr
w5NsXN0iDwSQ1PMCvCUcudQyi/0Yw6vYlVBe42AgvE5eWOEGE94xwvqxadKUiy0k
+V9eb/yFdDWIOcmrVSr0HGLmw85hkDFJ1c6+uSOKlAoSu3jsL07kTLanK3587KMK
VW0YenGE4cwoJMcByJ5yvr1Z0NHCrpeqymhvMJ5+8Dwtabin9ydxtnib4Gl8iHzC
fvBmh/mQNPqH5DctNymwkDctiydeoodwaaoL6TI/S2btLR6kdnOdLPuUdwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCL+17MVlx58qFaRHeAwv91wEhXmMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvSXY3WHN4V1hIbnlvVnBFZDREQ18zWEFTRmVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALDu5wD
BADDu54wDQYJKoZIhvcNAQELBQADggEBAIYXyToycJs4GiFBMf9e/XedeOpIU529
9thrBqWafnjNQz6DhTFakpTLGzTP8+hHsxD/SluTUbVgLKVkFqBzeBm8FiSDy2OA
RUOCqbJh5abZVPu+XYdQeKLZzT9jcwvdoPAfeN0UR0QitvgkQsDFcfwBmPC7/fNt
Ipirfp8/B4Du5kkVzqcC4vLi8qkdSxynJIbfQkdZQId4aNvVU6FnNMHgLw+MHfta
8daLTVI4l7V4a3RChvdX9RTsb+R4SQuCg0pZ59HU/TgvrIkJGjxS/faXf+uGbb6c
3DkF8mCA3ojJhMgCR3MhtoXqGDoFmIlWg8MkWKWK2KKzihaYQqEtfVM=
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:54:22 2025 by rpki-client