Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/482708-c1d4-40fc-9321-6698b93233d6/1/1-kqFnbhB2LCPJU3KtgP3OhHNEbM.roa
File: 1-kqFnbhB2LCPJU3KtgP3OhHNEbM.roa (raw, json)
Hash identifier: sYai5O0I+e4s9fEjeNx81CRmECPgFmQDJeWhDrbRAeo=
Subject key identifier: FA:4A:85:9D:B8:41:D8:B0:8F:25:4D:CA:B6:03:F7:3A:11:CD:11:B3
Certificate issuer: /CN=f9742d777d082416a2d847d4003a331b50e2423e
Certificate serial: 019420685CCB0BD7A530036B88E33221F08C
Authority key identifier: F9:74:2D:77:7D:08:24:16:A2:D8:47:D4:00:3A:33:1B:50:E2:42:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XQtd30IJBai2EfUADozG1DiQj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/482708-c1d4-40fc-9321-6698b93233d6/1/1-kqFnbhB2LCPJU3KtgP3OhHNEbM.roa
Signing time: Wed 01 Jan 2025 05:48:17 +0000
ROA not before: Wed 01 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39373
IP address blocks: 195.178.100.0/23 maxlen: 24
195.178.100.0/24 maxlen: 24
195.178.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5c:cb:0b:d7:a5:30:03:6b:88:e3:32:21:f0:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9742d777d082416a2d847d4003a331b50e2423e
Validity
Not Before: Jan 1 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa4a859db841d8b08f254dcab603f73a11cd11b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0f:c6:12:88:66:63:e7:20:ee:b6:28:5d:b2:
9e:77:c6:ba:96:38:80:65:8d:df:a5:e5:01:fe:f6:
05:79:e3:45:47:d6:b5:0b:da:b2:1f:0f:6f:d6:32:
2d:9d:e2:4a:98:f0:b0:a3:fd:31:62:6d:e8:d2:8d:
7c:2e:34:2a:d0:05:f6:86:23:ea:52:f5:1a:70:9c:
a2:d1:fc:c4:34:92:2c:30:d1:6a:13:18:f4:e6:5d:
d5:2a:4e:53:31:ec:5f:85:e0:92:5e:d0:87:31:12:
30:60:ab:7a:4d:3e:48:3f:8d:b1:9e:82:77:39:ef:
6d:40:aa:18:5c:f2:5a:23:2d:57:1a:9a:73:30:e3:
74:ae:13:0d:7f:63:1b:b9:7a:36:37:2f:a9:42:d2:
85:c7:b9:f1:a3:42:fc:4f:24:fe:f3:ab:d8:56:c5:
7b:36:7c:43:c5:c1:ae:9f:63:55:a9:6b:54:b9:a5:
8b:a8:77:1f:04:b2:4b:23:ba:85:e4:c2:91:a2:58:
7e:3f:ac:18:69:0a:2d:7a:cf:0c:1e:04:5f:b3:e2:
37:28:76:13:d0:e6:61:4f:03:fa:2c:1c:7c:01:7b:
d0:d3:1d:2f:0e:f0:e2:d0:9f:dc:ef:f5:5b:76:0c:
c5:97:45:75:46:48:31:d4:5c:fb:56:21:50:1b:44:
5f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4A:85:9D:B8:41:D8:B0:8F:25:4D:CA:B6:03:F7:3A:11:CD:11:B3
X509v3 Authority Key Identifier:
keyid:F9:74:2D:77:7D:08:24:16:A2:D8:47:D4:00:3A:33:1B:50:E2:42:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XQtd30IJBai2EfUADozG1DiQj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/482708-c1d4-40fc-9321-6698b93233d6/1/1-kqFnbhB2LCPJU3KtgP3OhHNEbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/482708-c1d4-40fc-9321-6698b93233d6/1/1-XQtd30IJBai2EfUADozG1DiQj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.178.100.0/23
Signature Algorithm: sha256WithRSAEncryption
70:5a:88:05:e5:08:7a:3d:af:5f:f1:0e:7a:70:bd:db:ab:1f:
ae:29:4d:61:d3:4a:f5:b8:ca:d9:d0:4f:6b:a9:fc:c8:6b:e3:
8e:e1:56:27:c5:51:68:03:04:55:5c:8a:6f:84:e3:5a:91:56:
e3:f6:df:63:58:1c:c5:80:ea:15:7b:97:84:e5:30:21:9e:f4:
cd:ad:0f:76:b5:44:3b:8d:6d:f7:b9:f7:9f:6b:40:04:46:44:
a8:15:b4:8c:f5:ed:95:f5:98:bf:8f:be:8f:c3:b7:36:0e:a6:
5f:6c:48:80:d6:8c:e5:4c:6f:4e:c1:d1:d2:39:83:99:cc:ea:
2f:f5:96:c8:69:73:b0:e0:da:d5:6d:d9:b8:86:d6:f5:c2:b8:
8d:b9:23:6f:c7:2e:4f:7e:15:b1:22:17:d9:85:c4:a3:bc:45:
e3:7b:34:88:d8:4a:7f:57:25:67:34:a2:b9:86:93:54:df:66:
53:a1:e4:21:6f:14:98:2b:73:e4:40:dc:7e:c7:b9:e5:38:0d:
60:5e:cf:ff:93:ce:a7:24:dc:39:af:5c:b1:56:31:20:6a:dc:
d1:08:72:13:f3:52:d8:c9:5b:28:55:c5:b1:4c:4e:4f:6b:4e:
f9:3b:fb:dc:a3:1c:21:3c:99:63:d4:0c:2a:48:3a:c7:05:54:
a4:ec:38:ac
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQgaFzLC9elMANriOMyIfCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NzQyZDc3N2QwODI0MTZhMmQ4NDdkNDAwM2EzMzFiNTBl
MjQyM2UwHhcNMjUwMTAxMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTRhODU5ZGI4NDFkOGIwOGYyNTRkY2FiNjAzZjczYTExY2QxMWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAng/GEohmY+cg7rYoXbKed8a6ljiA
ZY3fpeUB/vYFeeNFR9a1C9qyHw9v1jItneJKmPCwo/0xYm3o0o18LjQq0AX2hiPq
UvUacJyi0fzENJIsMNFqExj05l3VKk5TMexfheCSXtCHMRIwYKt6TT5IP42xnoJ3
Oe9tQKoYXPJaIy1XGppzMON0rhMNf2MbuXo2Ny+pQtKFx7nxo0L8TyT+86vYVsV7
NnxDxcGun2NVqWtUuaWLqHcfBLJLI7qF5MKRolh+P6wYaQotes8MHgRfs+I3KHYT
0OZhTwP6LBx8AXvQ0x0vDvDi0J/c7/VbdgzFl0V1Rkgx1Fz7ViFQG0RfAwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPpKhZ24QdiwjyVNyrYD9zoRzRGzMB8GA1UdIwQY
MBaAFPl0LXd9CCQWothH1AA6MxtQ4kI+MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YUXRkMzBJSkJhaTJFZlVBRG96RzFEaVFqNC5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQvNDgyNzA4LWMxZDQtNDBmYy05MzIx
LTY2OThiOTMyMzNkNi8xLzEta3FGbmJoQjJMQ1BKVTNLdGdQM09oSE5FYk0ucm9h
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL2Q0LzQ4MjcwOC1jMWQ0LTQwZmMtOTMyMS02Njk4YjkzMjMz
ZDYvMS8xLVhRdGQzMElKQmFpMkVmVUFEb3pHMURpUWo0LmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw7Jk
MA0GCSqGSIb3DQEBCwUAA4IBAQBwWogF5Qh6Pa9f8Q56cL3bqx+uKU1h00r1uMrZ
0E9rqfzIa+OO4VYnxVFoAwRVXIpvhONakVbj9t9jWBzFgOoVe5eE5TAhnvTNrQ92
tUQ7jW33ufefa0AERkSoFbSM9e2V9Zi/j76Pw7c2DqZfbEiA1ozlTG9OwdHSOYOZ
zOov9ZbIaXOw4NrVbdm4htb1wriNuSNvxy5PfhWxIhfZhcSjvEXjezSI2Ep/VyVn
NKK5hpNU32ZToeQhbxSYK3PkQNx+x7nlOA1gXs//k86nJNw5r1yxVjEgatzRCHIT
81LYyVsoVcWxTE5Pa075O/vcoxwhPJlj1AwqSDrHBVSk7Dis
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:24:13 2025 by rpki-client