Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/4ef2c3-06d8-4f11-84b7-338196935050/1/mNpTYlNKotcL-0Zd_8NTbLjemtY.roa
File: mNpTYlNKotcL-0Zd_8NTbLjemtY.roa (raw, json)
Hash identifier: fghzEiX2an8ofk9BT1CH7W5YLfyP+hGmPzrsnOAoc1M=
Subject key identifier: 98:DA:53:62:53:4A:A2:D7:0B:FB:46:5D:FF:C3:53:6C:B8:DE:9A:D6
Certificate issuer: /CN=102282537eb00130b79651f408000edca56450ea
Certificate serial: 0194228D5DAB36E6720FC7D20F1C3E810BC7
Authority key identifier: 10:22:82:53:7E:B0:01:30:B7:96:51:F4:08:00:0E:DC:A5:64:50:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECKCU36wATC3llH0CAAO3KVkUOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/4ef2c3-06d8-4f11-84b7-338196935050/1/mNpTYlNKotcL-0Zd_8NTbLjemtY.roa
Signing time: Wed 01 Jan 2025 15:47:57 +0000
ROA not before: Wed 01 Jan 2025 15:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5617
IP address blocks: 194.127.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:5d:ab:36:e6:72:0f:c7:d2:0f:1c:3e:81:0b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=102282537eb00130b79651f408000edca56450ea
Validity
Not Before: Jan 1 15:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98da5362534aa2d70bfb465dffc3536cb8de9ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5f:2c:86:68:b6:3a:96:e0:52:d7:f1:51:03:
4d:07:6a:44:71:88:76:55:e8:fd:64:e5:a0:f7:a5:
0a:a3:9a:85:18:05:da:dc:49:21:68:80:99:5c:6f:
fc:20:93:f2:b7:c0:ed:63:29:26:ae:fb:54:bf:8d:
5b:82:80:48:1c:6e:cc:d5:31:34:ee:a7:aa:18:19:
8b:85:98:37:a6:9a:b4:8f:81:68:66:83:87:ed:51:
c5:91:79:16:13:7f:c8:2d:12:3c:c4:6f:0a:91:66:
55:8a:04:30:84:7c:e5:e1:11:47:a5:1e:56:f4:78:
13:6b:e8:0d:d6:66:de:97:fb:aa:8c:1b:61:7e:0e:
43:7d:ac:ad:65:0d:8e:f9:94:89:6f:3c:27:ad:1b:
28:7e:aa:84:e2:e1:e5:d9:c0:5c:da:1e:42:dd:77:
f4:c2:b5:b0:f5:8b:1c:c7:ad:a3:dc:c6:df:7f:dd:
d8:6c:75:5a:75:9e:5c:b8:cb:b0:73:5c:3d:1e:7f:
cb:7f:f9:cd:12:44:49:4b:89:67:12:83:fd:6b:2d:
b8:6a:f0:9a:5b:ba:1b:e4:1d:d6:c9:99:20:78:61:
59:e5:da:87:8d:70:27:70:06:0a:77:bd:72:f5:13:
97:5a:b4:b3:85:33:66:f7:48:06:a9:0b:90:1c:e1:
2c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:DA:53:62:53:4A:A2:D7:0B:FB:46:5D:FF:C3:53:6C:B8:DE:9A:D6
X509v3 Authority Key Identifier:
keyid:10:22:82:53:7E:B0:01:30:B7:96:51:F4:08:00:0E:DC:A5:64:50:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECKCU36wATC3llH0CAAO3KVkUOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/4ef2c3-06d8-4f11-84b7-338196935050/1/mNpTYlNKotcL-0Zd_8NTbLjemtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/4ef2c3-06d8-4f11-84b7-338196935050/1/ECKCU36wATC3llH0CAAO3KVkUOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.136.0/24
Signature Algorithm: sha256WithRSAEncryption
09:bb:32:72:d9:57:c3:0c:8d:b7:d3:61:af:21:48:fc:39:60:
89:ba:bb:42:aa:a0:b6:3c:6f:0b:95:63:0f:63:cd:4c:b5:5f:
05:cd:4d:69:c9:79:ea:a5:11:3b:1d:1b:4d:dc:a7:7a:5e:ec:
57:be:ee:39:fc:a8:83:4b:c2:39:7f:03:d3:5b:95:53:bd:29:
7c:21:de:b4:c0:35:c2:e8:0b:ff:06:08:98:78:54:dd:f9:31:
01:de:2a:71:2c:b5:4c:09:99:f5:2b:83:b4:31:ab:f4:c7:80:
a8:69:ed:99:d4:b2:88:0f:ce:94:c0:25:4d:97:ec:30:2e:0a:
b1:83:59:ce:8e:f8:7e:9c:a7:7d:98:ea:53:d2:4a:22:f6:01:
60:4e:9e:b2:2d:18:de:2c:fe:d4:4d:e3:46:c2:50:8a:2d:81:
f7:f8:b4:5c:85:71:b5:a0:f1:07:19:f3:9a:82:c3:47:e0:f8:
78:4d:11:19:02:47:70:bd:3a:22:f6:f2:7e:6e:cd:5f:f3:93:
24:6d:50:25:0e:88:e9:a3:0f:b0:57:5c:7d:3a:db:17:33:c7:
6b:16:3c:fd:61:2c:ad:3c:8d:c5:3d:1a:85:47:9a:1e:0e:b6:
83:53:11:00:94:f0:9b:da:e9:25:71:6a:58:c7:52:a0:ef:fc:
82:8e:f5:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijV2rNuZyD8fSDxw+gQvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMjI4MjUzN2ViMDAxMzBiNzk2NTFmNDA4MDAwZWRjYTU2
NDUwZWEwHhcNMjUwMTAxMTU0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGRhNTM2MjUzNGFhMmQ3MGJmYjQ2NWRmZmMzNTM2Y2I4ZGU5YWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl8shmi2OpbgUtfxUQNNB2pEcYh2
Vej9ZOWg96UKo5qFGAXa3EkhaICZXG/8IJPyt8DtYykmrvtUv41bgoBIHG7M1TE0
7qeqGBmLhZg3ppq0j4FoZoOH7VHFkXkWE3/ILRI8xG8KkWZVigQwhHzl4RFHpR5W
9HgTa+gN1mbel/uqjBthfg5DfaytZQ2O+ZSJbzwnrRsofqqE4uHl2cBc2h5C3Xf0
wrWw9Yscx62j3Mbff93YbHVadZ5cuMuwc1w9Hn/Lf/nNEkRJS4lnEoP9ay24avCa
W7ob5B3WyZkgeGFZ5dqHjXAncAYKd71y9ROXWrSzhTNm90gGqQuQHOEsBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjaU2JTSqLXC/tGXf/DU2y43prWMB8GA1UdIwQY
MBaAFBAiglN+sAEwt5ZR9AgADtylZFDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUNLQ1UzNndBVEMzbGxIMENBQU8zS1ZrVU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi80ZWYyYzMtMDZkOC00ZjExLTg0Yjct
MzM4MTk2OTM1MDUwLzEvbU5wVFlsTktvdGNMLTBaZF84TlRiTGplbXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi80ZWYyYzMtMDZkOC00ZjExLTg0YjctMzM4MTk2OTM1MDUw
LzEvRUNLQ1UzNndBVEMzbGxIMENBQU8zS1ZrVU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn+IMA0G
CSqGSIb3DQEBCwUAA4IBAQAJuzJy2VfDDI2302GvIUj8OWCJurtCqqC2PG8LlWMP
Y81MtV8FzU1pyXnqpRE7HRtN3Kd6XuxXvu45/KiDS8I5fwPTW5VTvSl8Id60wDXC
6Av/BgiYeFTd+TEB3ipxLLVMCZn1K4O0Mav0x4Coae2Z1LKID86UwCVNl+wwLgqx
g1nOjvh+nKd9mOpT0koi9gFgTp6yLRjeLP7UTeNGwlCKLYH3+LRchXG1oPEHGfOa
gsNH4Ph4TREZAkdwvToi9vJ+bs1f85MkbVAlDojpow+wV1x9OtsXM8drFjz9YSyt
PI3FPRqFR5oeDraDUxEAlPCb2uklcWpYx1Kg7/yCjvWn
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:11:30 2025 by rpki-client