Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/iFeMzfeEdL5eLiPhJVZH9fOR9os.roa
File: iFeMzfeEdL5eLiPhJVZH9fOR9os.roa (raw, json)
Hash identifier: Hluf44L3umjh9a1sEhuox24mM0+jKftFeuevrlqeW6M=
Subject key identifier: 88:57:8C:CD:F7:84:74:BE:5E:2E:23:E1:25:56:47:F5:F3:91:F6:8B
Certificate issuer: /CN=b6817762d9fc8f11b01cf5234b6e431cfbec1bcd
Certificate serial: 019421B25C2F7C50051E251490C54CF3A6DD
Authority key identifier: B6:81:77:62:D9:FC:8F:11:B0:1C:F5:23:4B:6E:43:1C:FB:EC:1B:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toF3Ytn8jxGwHPUjS25DHPvsG80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/iFeMzfeEdL5eLiPhJVZH9fOR9os.roa
Signing time: Wed 01 Jan 2025 11:48:44 +0000
ROA not before: Wed 01 Jan 2025 11:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29316
IP address blocks: 195.137.198.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:5c:2f:7c:50:05:1e:25:14:90:c5:4c:f3:a6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6817762d9fc8f11b01cf5234b6e431cfbec1bcd
Validity
Not Before: Jan 1 11:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88578ccdf78474be5e2e23e1255647f5f391f68b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1f:20:db:73:6c:16:eb:82:70:2d:50:c9:64:
13:19:7f:d7:35:ae:48:25:d5:84:91:b9:57:21:6a:
ca:45:9c:b1:4d:51:18:00:64:02:8b:e2:0a:e2:d8:
a8:77:66:43:fd:62:2f:21:69:e7:80:5f:70:37:3b:
b6:4c:85:4d:c0:35:96:f3:91:0b:77:c0:d2:d2:53:
2e:2f:12:99:7a:ff:cc:69:0e:3b:b5:f1:94:9f:6b:
b1:17:02:0f:2e:fa:c5:24:50:08:9a:54:99:23:44:
ef:f6:e2:4b:26:35:7a:c2:10:35:47:80:2d:17:63:
fc:40:b6:73:e0:03:d9:35:e6:f6:bf:d8:06:26:ea:
e8:dc:91:4b:0a:36:a7:30:c8:5f:99:b4:55:dc:0a:
90:67:22:17:31:6a:c8:cb:e6:01:3c:5a:36:5f:32:
f2:78:15:b8:13:18:6d:47:c5:43:57:08:05:90:02:
b4:be:17:71:02:53:b3:6d:83:19:60:fa:6e:64:16:
e8:e7:b7:3c:7b:18:4b:1a:2c:ca:43:6e:e8:be:4c:
d1:7e:ae:aa:43:69:3b:d7:6b:04:13:6c:9a:8b:cc:
14:44:c9:59:ec:84:dd:5a:09:b6:bd:89:68:c0:1b:
2a:51:40:72:be:06:54:33:89:c3:92:bc:c8:61:bb:
ee:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:57:8C:CD:F7:84:74:BE:5E:2E:23:E1:25:56:47:F5:F3:91:F6:8B
X509v3 Authority Key Identifier:
keyid:B6:81:77:62:D9:FC:8F:11:B0:1C:F5:23:4B:6E:43:1C:FB:EC:1B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toF3Ytn8jxGwHPUjS25DHPvsG80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/iFeMzfeEdL5eLiPhJVZH9fOR9os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.198.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:39:5a:9a:58:7e:ce:9c:54:cf:5a:ae:79:74:fe:1a:d1:ce:
18:b5:aa:a9:0c:57:37:c5:e3:62:4e:1f:77:18:66:14:23:b4:
0a:00:48:ac:20:46:30:55:13:b5:eb:28:4a:3f:83:2b:b3:78:
4e:b9:0e:b7:ed:c6:5b:9b:55:55:6d:9a:ec:76:af:d4:00:e4:
e3:25:72:ac:79:6e:d4:d0:53:81:01:2e:e3:d9:38:8a:aa:db:
ac:66:aa:ed:49:54:5c:a6:df:b4:c0:d0:19:fa:3f:33:bc:85:
19:6e:f3:8d:a3:2e:50:bd:4d:ee:ab:58:65:4e:cf:16:33:35:
8a:1d:2b:c9:41:74:0b:dd:30:87:cf:54:b9:f5:ee:8a:af:97:
97:c3:66:56:14:f8:db:94:68:11:29:f5:7a:ef:43:ea:af:41:
6e:17:f8:e0:f4:94:ee:31:0b:ec:eb:52:1f:7f:85:8d:b4:59:
73:af:d8:c8:7d:03:e3:c9:5e:9b:dd:32:00:23:77:47:18:3c:
9a:b2:28:30:bc:73:8d:f7:24:63:9d:b7:a6:ab:88:e1:78:86:
19:b4:fd:7b:1b:4c:b6:2c:b8:0c:03:fc:d5:c3:f6:a6:b8:c2:
38:16:64:7d:79:86:6e:59:4d:3e:99:f1:1e:96:72:92:fb:d7:
6a:64:6a:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhslwvfFAFHiUUkMVM86bdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ODE3NzYyZDlmYzhmMTFiMDFjZjUyMzRiNmU0MzFjZmJl
YzFiY2QwHhcNMjUwMTAxMTE0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODU3OGNjZGY3ODQ3NGJlNWUyZTIzZTEyNTU2NDdmNWYzOTFmNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxR8g23NsFuuCcC1QyWQTGX/XNa5I
JdWEkblXIWrKRZyxTVEYAGQCi+IK4tiod2ZD/WIvIWnngF9wNzu2TIVNwDWW85EL
d8DS0lMuLxKZev/MaQ47tfGUn2uxFwIPLvrFJFAImlSZI0Tv9uJLJjV6whA1R4At
F2P8QLZz4APZNeb2v9gGJuro3JFLCjanMMhfmbRV3AqQZyIXMWrIy+YBPFo2XzLy
eBW4ExhtR8VDVwgFkAK0vhdxAlOzbYMZYPpuZBbo57c8exhLGizKQ27ovkzRfq6q
Q2k712sEE2yai8wURMlZ7ITdWgm2vYlowBsqUUByvgZUM4nDkrzIYbvudwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIhXjM33hHS+Xi4j4SVWR/XzkfaLMB8GA1UdIwQY
MBaAFLaBd2LZ/I8RsBz1I0tuQxz77BvNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG9GM1l0bjhqeEd3SFBValMyNURIUHZzRzgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xZTYzYTMtYjMwNi00MTNhLWFkZjQt
ZDNmMjY1YWQ1MTRmLzEvaUZlTXpmZUVkTDVlTGlQaEpWWkg5Zk9SOW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xZTYzYTMtYjMwNi00MTNhLWFkZjQtZDNmMjY1YWQ1MTRm
LzEvdG9GM1l0bjhqeEd3SFBValMyNURIUHZzRzgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4nGMA0G
CSqGSIb3DQEBCwUAA4IBAQAuOVqaWH7OnFTPWq55dP4a0c4YtaqpDFc3xeNiTh93
GGYUI7QKAEisIEYwVRO16yhKP4Mrs3hOuQ637cZbm1VVbZrsdq/UAOTjJXKseW7U
0FOBAS7j2TiKqtusZqrtSVRcpt+0wNAZ+j8zvIUZbvONoy5QvU3uq1hlTs8WMzWK
HSvJQXQL3TCHz1S59e6Kr5eXw2ZWFPjblGgRKfV670Pqr0FuF/jg9JTuMQvs61If
f4WNtFlzr9jIfQPjyV6b3TIAI3dHGDyasigwvHON9yRjnbemq4jheIYZtP17G0y2
LLgMA/zVw/amuMI4FmR9eYZuWU0+mfEelnKS+9dqZGqY
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:28:35 2025 by rpki-client