Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/mF-qnHCYHA9WTNp9j6yOA_R4yu8.roa
File: mF-qnHCYHA9WTNp9j6yOA_R4yu8.roa (raw, json)
Hash identifier: jrTEg5IuAZrOX+dmbHaApAZQghmofnNMmUTvEgxMTkw=
Subject key identifier: 98:5F:AA:9C:70:98:1C:0F:56:4C:DA:7D:8F:AC:8E:03:F4:78:CA:EF
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 01942827AF4AD97DC88A64F69CCF9ADD6989
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/mF-qnHCYHA9WTNp9j6yOA_R4yu8.roa
Signing time: Thu 02 Jan 2025 17:54:36 +0000
ROA not before: Thu 02 Jan 2025 17:54:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 195.216.178.0/24 maxlen: 24
195.216.179.0/24 maxlen: 24
195.216.180.0/24 maxlen: 24
195.216.181.0/24 maxlen: 24
195.216.182.0/24 maxlen: 24
195.216.183.0/24 maxlen: 24
195.216.184.0/24 maxlen: 24
195.216.185.0/24 maxlen: 24
195.216.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:af:4a:d9:7d:c8:8a:64:f6:9c:cf:9a:dd:69:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jan 2 17:54:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=985faa9c70981c0f564cda7d8fac8e03f478caef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c3:18:d1:f9:5a:d5:f7:46:b9:df:7f:50:35:
47:56:31:93:9d:b2:e9:d9:ae:50:54:b5:1e:a1:dd:
83:af:0a:e7:71:b5:f7:5a:cc:24:fb:55:d3:2c:4e:
b6:48:13:8a:9c:62:9b:95:44:64:6d:d2:3b:17:ba:
ed:0e:8e:3a:67:af:ff:1a:01:1c:34:26:9c:e0:d1:
d7:08:9f:b4:f4:18:36:26:f2:17:03:86:17:66:ba:
73:9e:09:29:f9:32:46:87:6c:ac:52:4c:5a:ff:0e:
5e:50:3d:fa:31:47:16:43:97:31:22:60:e9:82:53:
11:5b:28:f7:b5:fd:e6:cc:8d:83:b0:a8:41:a6:09:
f4:f7:96:f6:60:70:81:16:40:20:eb:ce:ca:a9:ef:
66:2c:0f:e5:17:af:a0:d8:30:88:f4:7b:16:8f:72:
2c:9c:cc:9d:fe:06:1e:09:9e:aa:77:5a:50:c2:d4:
a5:f5:09:68:35:82:dd:80:4d:21:f0:20:d9:21:b2:
db:2a:36:c0:9d:76:90:66:92:84:c7:d6:32:0f:ac:
2c:bf:14:4f:eb:3a:03:b9:49:2c:7d:ed:b4:cc:2b:
3d:bf:00:cf:e1:d6:4a:bb:60:43:6e:d2:be:fe:75:
c3:bd:3d:fb:6d:d4:8d:1f:aa:12:45:5a:d6:37:86:
ea:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:5F:AA:9C:70:98:1C:0F:56:4C:DA:7D:8F:AC:8E:03:F4:78:CA:EF
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/mF-qnHCYHA9WTNp9j6yOA_R4yu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.178.0-195.216.185.255
195.216.188.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:83:23:b7:3b:d2:70:3e:0c:e7:df:8f:65:d5:e4:7a:d0:cb:
41:e7:ed:ec:07:52:2c:4d:ff:32:1e:35:50:f5:6a:24:15:9b:
0b:18:f9:3a:62:d0:3e:40:84:5c:1f:b9:d5:87:c3:c7:2d:41:
cd:b6:fc:e6:84:07:df:35:03:ce:48:1e:34:9b:7c:06:85:38:
0d:2c:67:6f:83:ad:8f:98:7f:84:70:98:d2:4a:9a:26:83:08:
05:b6:22:37:da:50:ce:c2:5b:bf:f7:d9:0d:37:17:50:13:20:
d2:30:2c:06:27:0e:fc:1c:9d:2a:a1:61:f8:bc:dc:d1:63:6b:
6c:1b:32:a5:7f:94:4d:c1:12:c5:40:a8:7f:4f:f0:f5:b1:5a:
94:df:e7:b4:2b:c8:30:52:4d:df:9d:f6:61:0a:17:01:cd:fe:
c8:32:1c:2f:29:74:38:7a:90:16:76:22:42:76:fc:af:ff:b3:
56:77:65:43:f4:f9:ea:88:64:aa:e5:f7:a4:ce:96:fb:cc:8b:
c5:16:d3:c9:17:0f:5a:1a:be:5f:1e:44:31:cf:d4:0d:e0:a4:
4b:ab:6e:5d:1b:19:d0:38:c5:96:9b:d0:2e:b5:59:e2:98:65:
70:c6:db:28:b7:4e:27:a2:eb:36:34:18:ce:67:38:44:ca:14:
39:68:8d:8f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQoJ69K2X3IimT2nM+a3WmJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwMTAyMTc1NDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODVmYWE5YzcwOTgxYzBmNTY0Y2RhN2Q4ZmFjOGUwM2Y0NzhjYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsMY0fla1fdGud9/UDVHVjGTnbLp
2a5QVLUeod2DrwrncbX3Wswk+1XTLE62SBOKnGKblURkbdI7F7rtDo46Z6//GgEc
NCac4NHXCJ+09Bg2JvIXA4YXZrpzngkp+TJGh2ysUkxa/w5eUD36MUcWQ5cxImDp
glMRWyj3tf3mzI2DsKhBpgn095b2YHCBFkAg687Kqe9mLA/lF6+g2DCI9HsWj3Is
nMyd/gYeCZ6qd1pQwtSl9QloNYLdgE0h8CDZIbLbKjbAnXaQZpKEx9YyD6wsvxRP
6zoDuUksfe20zCs9vwDP4dZKu2BDbtK+/nXDvT37bdSNH6oSRVrWN4bqjQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJhfqpxwmBwPVkzafY+sjgP0eMrvMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvbUYtcW5IQ1lIQTlXVE5wOWo2eU9BX1I0eXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAHD2LID
BAHD2LgDBADD2LwwDQYJKoZIhvcNAQELBQADggEBAF2DI7c70nA+DOffj2XV5HrQ
y0Hn7ewHUixN/zIeNVD1aiQVmwsY+Tpi0D5AhFwfudWHw8ctQc22/OaEB981A85I
HjSbfAaFOA0sZ2+DrY+Yf4RwmNJKmiaDCAW2IjfaUM7CW7/32Q03F1ATINIwLAYn
DvwcnSqhYfi83NFja2wbMqV/lE3BEsVAqH9P8PWxWpTf57QryDBSTd+d9mEKFwHN
/sgyHC8pdDh6kBZ2IkJ2/K//s1Z3ZUP0+eqIZKrl96TOlvvMi8UW08kXD1oavl8e
RDHP1A3gpEurbl0bGdA4xZab0C61WeKYZXDG2yi3Tiei6zY0GM5nOETKFDlojY8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:42:44 2025 by rpki-client