Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/mUKuky3l-ZY5p-RPO9s2pPEyk78.roa
File: mUKuky3l-ZY5p-RPO9s2pPEyk78.roa (raw, json)
Hash identifier: ti7kzq8iHsvI0iGcqQO/PpqkoDoJf7orqrrfuhBfEKg=
Subject key identifier: 99:42:AE:93:2D:E5:F9:96:39:A7:E4:4F:3B:DB:36:A4:F1:32:93:BF
Certificate issuer: /CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Certificate serial: 019421B19E9A555238F37FE39A03F1BAB010
Authority key identifier: 9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/mUKuky3l-ZY5p-RPO9s2pPEyk78.roa
Signing time: Wed 01 Jan 2025 11:47:56 +0000
ROA not before: Wed 01 Jan 2025 11:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21026
IP address blocks: 193.188.250.0/24 maxlen: 25
194.8.96.0/19 maxlen: 25
194.145.64.0/19 maxlen: 25
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:9e:9a:55:52:38:f3:7f:e3:9a:03:f1:ba:b0:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Validity
Not Before: Jan 1 11:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9942ae932de5f99639a7e44f3bdb36a4f13293bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:87:54:b9:6b:58:dc:19:67:a2:47:73:30:c1:
18:6f:58:fd:e2:26:83:e9:0a:d6:92:4b:68:27:39:
9f:36:3f:01:94:c6:a4:c3:ed:ae:92:10:f2:ad:44:
8a:da:57:d6:6f:da:4d:bc:51:9e:85:2c:24:d5:d3:
4d:44:78:6c:19:82:1c:78:fb:12:39:ea:a4:64:20:
fa:60:89:46:10:a5:0c:c6:57:07:68:23:c2:ff:0e:
76:2d:f8:07:1c:b2:51:0d:7a:12:4a:67:e7:a5:39:
b2:7c:e4:e0:1d:02:f7:31:ad:5c:92:fa:8e:a3:65:
5c:21:30:df:3e:27:b1:02:8a:34:39:24:a5:25:e8:
c9:5f:47:9d:f1:76:63:ea:5d:38:ba:58:df:54:37:
74:bf:e5:b2:2a:f1:2f:c1:3a:55:43:bb:b5:f6:97:
e4:a4:04:2e:01:39:1b:3c:5c:f1:09:78:dc:8d:09:
e0:f4:c4:7e:82:6d:bc:58:4a:ef:d5:59:7c:95:72:
06:80:4d:dc:eb:8a:88:e9:c8:dc:d4:68:da:c0:14:
57:80:d3:df:71:62:c5:0c:a5:8f:ce:69:b8:52:39:
77:12:b0:a7:c1:89:da:04:ad:21:21:0c:5e:99:2e:
d4:cb:8b:09:39:e7:b2:17:fb:7c:b2:bc:ee:5e:ca:
49:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:42:AE:93:2D:E5:F9:96:39:A7:E4:4F:3B:DB:36:A4:F1:32:93:BF
X509v3 Authority Key Identifier:
keyid:9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/mUKuky3l-ZY5p-RPO9s2pPEyk78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/nV3kkP-HTpaJzs9ybLtOL1H2xzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.188.250.0/24
194.8.96.0/19
194.145.64.0/19
Signature Algorithm: sha256WithRSAEncryption
22:9d:f6:b1:9f:22:fe:c0:fc:1d:53:80:59:5b:5b:2a:08:27:
5d:82:34:41:01:16:81:bd:3a:23:2c:c0:d9:23:0b:14:50:f7:
ef:5a:da:63:9e:c6:62:2a:cd:c7:a5:d8:24:38:e3:b7:52:6f:
c2:94:c8:e3:9e:d3:c1:3f:3c:92:e5:4a:de:b0:7e:35:f9:18:
fd:3b:c1:cc:be:5a:7e:9f:10:97:be:da:c6:01:d3:79:7f:95:
3d:00:86:e3:75:6c:5a:b9:d8:91:76:24:ac:d2:a5:db:bc:51:
58:64:d8:ff:a6:0c:84:ab:da:7f:ec:c0:c2:8c:ef:48:3f:b2:
22:bc:54:9b:1b:3c:35:63:93:a4:40:1b:03:ed:68:0a:44:f3:
72:0a:89:52:b8:28:93:5f:9f:9e:84:5d:70:ac:b8:c4:11:5e:
04:df:aa:66:1c:0c:3d:58:31:a1:fa:13:ca:f9:bb:ff:dd:4a:
cd:e8:ac:08:25:77:9e:29:db:b2:c4:7c:d6:69:3a:f2:1d:8b:
5c:04:6d:79:08:e7:e9:0c:2a:66:de:1d:7a:90:6b:fa:a0:f8:
fb:06:fe:c1:76:53:a8:17:12:cf:19:ef:17:ef:07:2d:c2:f5:
bf:86:12:79:90:4c:03:5f:19:9c:38:14:e0:72:fa:6f:a5:29:
d0:64:ba:af
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhsZ6aVVI483/jmgPxurAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNWRlNDkwZmY4NzRlOTY4OWNlY2Y3MjZjYmI0ZTJmNTFm
NmM3MzEwHhcNMjUwMTAxMTE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTQyYWU5MzJkZTVmOTk2MzlhN2U0NGYzYmRiMzZhNGYxMzI5M2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIdUuWtY3BlnokdzMMEYb1j94iaD
6QrWkktoJzmfNj8BlMakw+2ukhDyrUSK2lfWb9pNvFGehSwk1dNNRHhsGYIcePsS
OeqkZCD6YIlGEKUMxlcHaCPC/w52LfgHHLJRDXoSSmfnpTmyfOTgHQL3Ma1ckvqO
o2VcITDfPiexAoo0OSSlJejJX0ed8XZj6l04uljfVDd0v+WyKvEvwTpVQ7u19pfk
pAQuATkbPFzxCXjcjQng9MR+gm28WErv1Vl8lXIGgE3c64qI6cjc1GjawBRXgNPf
cWLFDKWPzmm4Ujl3ErCnwYnaBK0hIQxemS7Uy4sJOeeyF/t8srzuXspJXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJlCrpMt5fmWOafkTzvbNqTxMpO/MB8GA1UdIwQY
MBaAFJ1d5JD/h06Wic7Pcmy7Ti9R9scxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblYza2tQLUhUcGFKenM5eWJMdE9MMUgyeHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83NDViZGItMTA0Yi00OWM3LTk5ZDUt
Y2VjMzNiYTFiZGY1LzEvbVVLdWt5M2wtWlk1cC1SUE85czJwUEV5azc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83NDViZGItMTA0Yi00OWM3LTk5ZDUtY2VjMzNiYTFiZGY1
LzEvblYza2tQLUhUcGFKenM5eWJMdE9MMUgyeHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwbz6AwQF
wghgAwQFwpFAMA0GCSqGSIb3DQEBCwUAA4IBAQAinfaxnyL+wPwdU4BZW1sqCCdd
gjRBARaBvTojLMDZIwsUUPfvWtpjnsZiKs3HpdgkOOO3Um/ClMjjntPBPzyS5Ure
sH41+Rj9O8HMvlp+nxCXvtrGAdN5f5U9AIbjdWxaudiRdiSs0qXbvFFYZNj/pgyE
q9p/7MDCjO9IP7IivFSbGzw1Y5OkQBsD7WgKRPNyColSuCiTX5+ehF1wrLjEEV4E
36pmHAw9WDGh+hPK+bv/3UrN6KwIJXeeKduyxHzWaTryHYtcBG15COfpDCpm3h16
kGv6oPj7Bv7BdlOoFxLPGe8X7wctwvW/hhJ5kEwDXxmcOBTgcvpvpSnQZLqv
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:55:06 2025 by rpki-client