Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/IyhkNaIs3qTvuGaX5ox1MpjaGj8.roa
File: IyhkNaIs3qTvuGaX5ox1MpjaGj8.roa (raw, json)
Hash identifier: 6i+xa2CzH5AfGrHLBcHql63DVH+1xXl8pX8U1Gdvh/4=
Subject key identifier: 23:28:64:35:A2:2C:DE:A4:EF:B8:66:97:E6:8C:75:32:98:DA:1A:3F
Certificate issuer: /CN=4f149b847d31293f701e1cf99dd8ca0ebbb0b5bd
Certificate serial: 01941F8C0B83007820352B6F3B2D681AF7B1
Authority key identifier: 4F:14:9B:84:7D:31:29:3F:70:1E:1C:F9:9D:D8:CA:0E:BB:B0:B5:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxSbhH0xKT9wHhz5ndjKDruwtb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/IyhkNaIs3qTvuGaX5ox1MpjaGj8.roa
Signing time: Wed 01 Jan 2025 01:47:39 +0000
ROA not before: Wed 01 Jan 2025 01:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202311
IP address blocks: 195.26.68.0/22 maxlen: 24
195.26.68.0/24 maxlen: 24
195.26.70.0/24 maxlen: 24
195.26.71.0/24 maxlen: 24
2a07:f680::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:0b:83:00:78:20:35:2b:6f:3b:2d:68:1a:f7:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f149b847d31293f701e1cf99dd8ca0ebbb0b5bd
Validity
Not Before: Jan 1 01:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23286435a22cdea4efb86697e68c753298da1a3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8e:b4:c3:58:b5:5a:ab:5d:bb:c1:3e:6c:db:
00:1a:51:f9:50:34:8a:4a:3d:05:6d:b4:81:b1:a2:
79:f9:ca:2c:5e:8a:92:44:e9:38:a3:eb:98:8c:f1:
a9:81:b9:e8:d0:cd:b5:7c:61:fe:d2:3a:8e:91:dc:
60:81:2d:00:9b:3e:cc:58:82:61:0e:33:7e:6c:42:
23:1c:60:a3:03:34:ad:d0:a7:c7:4a:94:6c:80:ca:
56:c3:89:a9:bc:b6:f4:22:06:a9:de:77:56:4d:0f:
79:b2:75:99:94:df:17:15:9f:01:91:87:4b:94:31:
ca:ac:85:be:cf:bd:fa:45:4a:21:23:b4:12:7f:34:
2e:1b:b6:c3:82:5c:96:65:8c:ff:1a:6a:64:96:5a:
50:1e:b1:f7:59:75:1c:51:61:d3:39:6a:e1:6b:95:
f7:e2:4d:db:21:5d:6f:22:0b:3f:2c:ae:bc:a8:53:
d0:ec:9d:71:ef:b2:ea:c1:80:7e:9a:ed:7b:14:8f:
24:f4:93:0b:e5:2b:07:3b:a0:45:f3:ea:27:1b:b8:
9f:16:3a:91:78:3a:3e:b3:ec:5e:ed:45:92:de:28:
be:41:31:fc:6b:8d:02:76:05:17:cf:a8:ab:cc:a9:
8a:56:82:22:74:9c:a6:d6:d6:09:9c:62:43:64:54:
79:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:28:64:35:A2:2C:DE:A4:EF:B8:66:97:E6:8C:75:32:98:DA:1A:3F
X509v3 Authority Key Identifier:
keyid:4F:14:9B:84:7D:31:29:3F:70:1E:1C:F9:9D:D8:CA:0E:BB:B0:B5:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxSbhH0xKT9wHhz5ndjKDruwtb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/IyhkNaIs3qTvuGaX5ox1MpjaGj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/TxSbhH0xKT9wHhz5ndjKDruwtb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.68.0/22
IPv6:
2a07:f680::/29
Signature Algorithm: sha256WithRSAEncryption
3c:62:a6:6b:53:69:00:55:36:bf:f1:87:14:da:10:0f:83:6a:
f9:e5:27:c2:fc:27:8f:8b:13:e3:ad:03:b8:5e:53:35:17:44:
99:df:4f:a4:8b:a2:df:47:5d:73:6b:8b:65:ed:e2:40:49:08:
35:89:f3:b7:2c:c1:dc:84:ef:e6:b0:9e:94:e5:d7:e7:ad:f0:
b6:a9:b9:e2:a2:19:5f:4a:37:f1:e6:38:70:b2:9c:8e:be:d2:
65:0a:2f:9e:78:5f:4b:66:d9:6b:52:c1:58:74:4e:9f:8d:fc:
6e:40:d3:92:b6:60:bb:93:19:3a:73:57:6f:14:07:57:2b:2e:
b2:d3:e5:37:5f:fb:4b:5a:1a:6b:a2:8c:bb:62:d3:33:3f:46:
0b:44:10:fe:87:3c:47:d1:7d:b4:ae:1f:c6:1a:87:12:1d:eb:
1b:ce:2d:9a:51:64:fb:8a:5a:95:66:62:3f:22:4c:56:6c:7d:
c4:e5:8d:ef:65:c1:8b:59:86:9b:a1:28:6b:70:8f:17:8a:15:
9b:a9:b5:cd:ac:5a:82:94:cc:6a:82:ac:cb:4d:5c:6d:d2:52:
3b:90:5f:bf:ca:41:2b:a9:d0:62:0d:cb:f7:2b:b0:d1:a5:ca:
8e:71:9c:73:fc:9d:a4:36:36:7a:fe:6f:07:90:0d:cb:b0:74:
20:8a:a5:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjAuDAHggNStvOy1oGvexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQ5Yjg0N2QzMTI5M2Y3MDFlMWNmOTlkZDhjYTBlYmJi
MGI1YmQwHhcNMjUwMTAxMDE0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzI4NjQzNWEyMmNkZWE0ZWZiODY2OTdlNjhjNzUzMjk4ZGExYTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2o60w1i1Wqtdu8E+bNsAGlH5UDSK
Sj0FbbSBsaJ5+cosXoqSROk4o+uYjPGpgbno0M21fGH+0jqOkdxggS0Amz7MWIJh
DjN+bEIjHGCjAzSt0KfHSpRsgMpWw4mpvLb0Igap3ndWTQ95snWZlN8XFZ8BkYdL
lDHKrIW+z736RUohI7QSfzQuG7bDglyWZYz/GmpkllpQHrH3WXUcUWHTOWrha5X3
4k3bIV1vIgs/LK68qFPQ7J1x77LqwYB+mu17FI8k9JML5SsHO6BF8+onG7ifFjqR
eDo+s+xe7UWS3ii+QTH8a40CdgUXz6irzKmKVoIidJym1tYJnGJDZFR5zQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCMoZDWiLN6k77hml+aMdTKY2ho/MB8GA1UdIwQY
MBaAFE8Um4R9MSk/cB4c+Z3Yyg67sLW9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhTYmhIMHhLVDl3SGh6NW5kaktEcnV3dGIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy83MzFmODItYjE4Zi00ZDVjLWIxMjIt
NDUyYmFkZmQ1YTZkLzEvSXloa05hSXMzcVR2dUdhWDVveDFNcGphR2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy83MzFmODItYjE4Zi00ZDVjLWIxMjItNDUyYmFkZmQ1YTZk
LzEvVHhTYmhIMHhLVDl3SGh6NW5kaktEcnV3dGIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwxpEMA0E
AgACMAcDBQMqB/aAMA0GCSqGSIb3DQEBCwUAA4IBAQA8YqZrU2kAVTa/8YcU2hAP
g2r55SfC/CePixPjrQO4XlM1F0SZ30+ki6LfR11za4tl7eJASQg1ifO3LMHchO/m
sJ6U5dfnrfC2qbniohlfSjfx5jhwspyOvtJlCi+eeF9LZtlrUsFYdE6fjfxuQNOS
tmC7kxk6c1dvFAdXKy6y0+U3X/tLWhprooy7YtMzP0YLRBD+hzxH0X20rh/GGocS
Hesbzi2aUWT7ilqVZmI/IkxWbH3E5Y3vZcGLWYaboShrcI8XihWbqbXNrFqClMxq
gqzLTVxt0lI7kF+/ykErqdBiDcv3K7DRpcqOcZxz/J2kNjZ6/m8HkA3LsHQgiqV5
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:45:24 2025 by rpki-client