Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/283234-a52a-4556-b3cb-f1d5ca96a7d6/1/1-XrmEJC-kOLvoeP9rgvbg0A53hs.roa
File: 1-XrmEJC-kOLvoeP9rgvbg0A53hs.roa (raw, json)
Hash identifier: EiYdih7Qfn/m/+BWxzflbgrLM7vuel5hPMdd9Y8tb4I=
Subject key identifier: F9:7A:E6:10:90:BE:90:E2:EF:A1:E3:FD:AE:0B:DB:83:40:39:DE:1B
Certificate issuer: /CN=414915cdd322bfe39472536955464a5ff67117c3
Certificate serial: 019427B41AECF473C9D9D4EB4C4B2298F725
Authority key identifier: 41:49:15:CD:D3:22:BF:E3:94:72:53:69:55:46:4A:5F:F6:71:17:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QUkVzdMiv-OUclNpVUZKX_ZxF8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/283234-a52a-4556-b3cb-f1d5ca96a7d6/1/1-XrmEJC-kOLvoeP9rgvbg0A53hs.roa
Signing time: Thu 02 Jan 2025 15:48:22 +0000
ROA not before: Thu 02 Jan 2025 15:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9044
IP address blocks: 195.137.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:1a:ec:f4:73:c9:d9:d4:eb:4c:4b:22:98:f7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=414915cdd322bfe39472536955464a5ff67117c3
Validity
Not Before: Jan 2 15:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f97ae61090be90e2efa1e3fdae0bdb834039de1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f2:e8:37:2e:76:ea:1e:fc:a1:b8:4c:58:1b:
87:c1:82:4e:39:ac:6d:2e:5f:cd:59:59:d3:a6:54:
a6:e8:a7:07:dc:d6:c3:5f:c0:01:22:d3:ea:6f:90:
65:5f:1f:41:0c:e8:2b:0b:69:5b:e9:e2:7d:86:cb:
90:27:d2:d3:68:e8:2d:bf:91:f4:f9:d1:d2:6f:ed:
83:93:1c:61:31:7d:42:56:b0:af:d0:a9:b5:36:f2:
15:5e:46:d0:62:e4:e9:77:08:1f:c1:9c:fd:79:a9:
6e:8c:03:43:02:9f:59:6c:76:a7:31:94:77:11:c1:
d0:22:1b:1d:e3:44:dc:11:3a:9c:42:1b:85:f4:e4:
6a:12:8c:7b:d2:81:92:bc:95:29:94:cc:0c:5a:2a:
59:94:c1:69:cf:83:e1:ac:54:1b:09:c4:e0:23:f4:
8a:ef:30:89:7b:4d:16:16:7a:34:38:bc:30:74:da:
e5:eb:e0:f7:7c:54:2f:1b:5b:0a:2f:d2:77:90:4e:
34:a2:55:48:70:e0:22:c2:e2:50:51:85:88:db:70:
d1:22:dd:5c:09:e4:fa:45:4a:b4:ce:9c:e0:b8:cf:
90:8d:89:81:1e:47:00:aa:a1:e0:7f:3d:3a:d1:e3:
33:3f:35:17:1c:d2:cd:26:04:ae:5a:06:e7:45:fa:
c5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:7A:E6:10:90:BE:90:E2:EF:A1:E3:FD:AE:0B:DB:83:40:39:DE:1B
X509v3 Authority Key Identifier:
keyid:41:49:15:CD:D3:22:BF:E3:94:72:53:69:55:46:4A:5F:F6:71:17:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QUkVzdMiv-OUclNpVUZKX_ZxF8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/283234-a52a-4556-b3cb-f1d5ca96a7d6/1/1-XrmEJC-kOLvoeP9rgvbg0A53hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/283234-a52a-4556-b3cb-f1d5ca96a7d6/1/QUkVzdMiv-OUclNpVUZKX_ZxF8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.175.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:16:0a:2a:bf:73:12:47:f9:87:95:9b:79:86:f0:e3:10:56:
2b:69:d2:2e:65:65:e9:ad:c9:6c:49:b3:69:fc:5e:31:03:27:
00:9d:90:b8:39:32:2e:3c:0a:6d:84:e1:1d:fb:c6:7b:59:51:
2c:b6:fc:bc:a1:c8:f2:29:3c:d9:b8:0c:e3:05:90:9b:66:0f:
4d:00:27:c6:b1:5d:54:e9:03:95:18:cb:f5:1a:53:da:72:c7:
cc:ca:c8:48:bc:91:2f:80:50:6c:7c:75:25:e5:2e:d1:01:77:
8f:05:f6:84:71:07:51:8e:9b:e8:b5:c5:96:fc:94:1b:ca:90:
fd:7c:e0:5f:4e:71:24:dc:f5:5e:a8:c5:69:01:79:16:94:d1:
c3:55:09:83:75:c3:2f:56:03:a2:f4:91:56:f8:00:cd:f1:0b:
89:97:8a:4e:5c:6d:4a:c9:ef:9e:f8:02:a5:83:47:ad:02:b7:
e6:b6:eb:94:f7:aa:8b:15:35:0a:fb:98:7d:d2:bf:84:e8:c1:
44:0d:d2:3a:81:49:ab:40:c1:ac:27:43:f1:c8:85:20:11:7f:
e7:28:e9:d0:b2:af:0a:a1:2e:33:21:f3:81:86:e3:f6:1e:00:
ee:b3:b7:df:62:85:50:ec:67:98:7c:b9:2f:60:f3:45:07:af:
c4:7c:3f:ba
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntBrs9HPJ2dTrTEsimPclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNDkxNWNkZDMyMmJmZTM5NDcyNTM2OTU1NDY0YTVmZjY3
MTE3YzMwHhcNMjUwMTAyMTU0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTdhZTYxMDkwYmU5MGUyZWZhMWUzZmRhZTBiZGI4MzQwMzlkZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/LoNy526h78obhMWBuHwYJOOaxt
Ll/NWVnTplSm6KcH3NbDX8ABItPqb5BlXx9BDOgrC2lb6eJ9hsuQJ9LTaOgtv5H0
+dHSb+2DkxxhMX1CVrCv0Km1NvIVXkbQYuTpdwgfwZz9ealujANDAp9ZbHanMZR3
EcHQIhsd40TcETqcQhuF9ORqEox70oGSvJUplMwMWipZlMFpz4PhrFQbCcTgI/SK
7zCJe00WFno0OLwwdNrl6+D3fFQvG1sKL9J3kE40olVIcOAiwuJQUYWI23DRIt1c
CeT6RUq0zpzguM+QjYmBHkcAqqHgfz060eMzPzUXHNLNJgSuWgbnRfrF6QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPl65hCQvpDi76Hj/a4L24NAOd4bMB8GA1UdIwQY
MBaAFEFJFc3TIr/jlHJTaVVGSl/2cRfDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVVrVnpkTWl2LU9VY2xOcFZVWktYX1p4RjhNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8yODMyMzQtYTUyYS00NTU2LWIzY2It
ZjFkNWNhOTZhN2Q2LzEvMS1Ycm1FSkMta09Mdm9lUDlyZ3ZiZzBBNTNocy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzEvMjgzMjM0LWE1MmEtNDU1Ni1iM2NiLWYxZDVjYTk2YTdk
Ni8xL1FVa1Z6ZE1pdi1PVWNsTnBWVVpLWF9aeEY4TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMOJrzAN
BgkqhkiG9w0BAQsFAAOCAQEADRYKKr9zEkf5h5WbeYbw4xBWK2nSLmVl6a3JbEmz
afxeMQMnAJ2QuDkyLjwKbYThHfvGe1lRLLb8vKHI8ik82bgM4wWQm2YPTQAnxrFd
VOkDlRjL9RpT2nLHzMrISLyRL4BQbHx1JeUu0QF3jwX2hHEHUY6b6LXFlvyUG8qQ
/XzgX05xJNz1XqjFaQF5FpTRw1UJg3XDL1YDovSRVvgAzfELiZeKTlxtSsnvnvgC
pYNHrQK35rbrlPeqixU1CvuYfdK/hOjBRA3SOoFJq0DBrCdD8ciFIBF/5yjp0LKv
CqEuMyHzgYbj9h4A7rO332KFUOxnmHy5L2DzRQevxHw/ug==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:10:54 2025 by rpki-client