Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/4b4748-5af0-4513-aca9-0b41234cb0ce/1/kRbJM0r9hkR1wq3RdsUFiL0HT7Q.roa
File: kRbJM0r9hkR1wq3RdsUFiL0HT7Q.roa (raw, json)
Hash identifier: TB8ehbBKofWhXL0zKQ3+dh6paWgo+N+m/aat6bTAmec=
Subject key identifier: 91:16:C9:33:4A:FD:86:44:75:C2:AD:D1:76:C5:05:88:BD:07:4F:B4
Certificate issuer: /CN=e85b21afe1b0916f55eea6d5bdc1dbf2e73a3c68
Certificate serial: 019426D9EBDC8C30BFFF7F62963927F0AAB5
Authority key identifier: E8:5B:21:AF:E1:B0:91:6F:55:EE:A6:D5:BD:C1:DB:F2:E7:3A:3C:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Fshr-GwkW9V7qbVvcHb8uc6PGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/4b4748-5af0-4513-aca9-0b41234cb0ce/1/kRbJM0r9hkR1wq3RdsUFiL0HT7Q.roa
Signing time: Thu 02 Jan 2025 11:50:03 +0000
ROA not before: Thu 02 Jan 2025 11:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50102
IP address blocks: 195.225.58.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:eb:dc:8c:30:bf:ff:7f:62:96:39:27:f0:aa:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e85b21afe1b0916f55eea6d5bdc1dbf2e73a3c68
Validity
Not Before: Jan 2 11:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9116c9334afd864475c2add176c50588bd074fb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:98:22:08:8b:42:2a:7d:e0:3c:82:cc:ac:b8:
9f:4a:32:86:a8:e0:c7:e9:22:27:37:c8:1f:6d:fa:
f5:ab:a1:ed:0b:ae:f0:64:3c:15:fa:a5:48:6b:ed:
f7:d0:13:39:97:c4:2f:06:44:00:68:e2:47:30:1f:
3f:a0:3e:bf:bf:42:a7:82:d3:58:a2:ae:dc:63:8a:
bd:00:94:13:9c:47:22:24:13:78:82:76:d5:bf:8b:
01:32:d8:7b:c1:9a:14:3a:e9:bf:42:62:23:81:76:
cc:2b:80:e7:77:1b:dc:dd:f8:c5:4e:10:b8:79:6c:
50:c6:2e:e0:76:72:6f:da:0b:b0:d8:a8:3a:c6:19:
10:da:b9:3f:c2:00:62:a1:47:de:7a:ce:6e:c0:89:
8c:1f:e5:49:d4:2d:fd:0e:4d:05:cd:97:da:e2:be:
ee:2e:d2:14:8c:17:9a:fc:31:36:69:af:0c:ae:41:
9d:80:82:04:a2:79:dc:52:a9:3f:1a:4e:11:9a:0c:
af:0f:3b:cc:9a:a6:ed:a6:2c:be:63:99:f4:b4:66:
bd:bb:3e:fd:0a:86:0c:c3:85:7e:79:90:be:ef:75:
da:fc:3d:22:85:2c:80:33:d0:fb:a0:6e:f8:95:6d:
a7:53:46:a0:e9:3c:22:8b:ad:ad:cf:50:db:41:4b:
e1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:16:C9:33:4A:FD:86:44:75:C2:AD:D1:76:C5:05:88:BD:07:4F:B4
X509v3 Authority Key Identifier:
keyid:E8:5B:21:AF:E1:B0:91:6F:55:EE:A6:D5:BD:C1:DB:F2:E7:3A:3C:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Fshr-GwkW9V7qbVvcHb8uc6PGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/4b4748-5af0-4513-aca9-0b41234cb0ce/1/kRbJM0r9hkR1wq3RdsUFiL0HT7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/4b4748-5af0-4513-aca9-0b41234cb0ce/1/6Fshr-GwkW9V7qbVvcHb8uc6PGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.58.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:81:43:9c:58:2f:e1:85:73:b6:01:35:bf:ba:1a:4c:f2:b0:
d9:36:ae:56:7b:03:7d:a9:cc:3c:44:da:3f:05:a3:af:43:4b:
a1:32:25:fa:b4:5c:69:60:1f:27:c3:3e:37:38:bb:8e:bd:b8:
b0:e9:84:20:a6:9f:dd:8d:54:79:f4:5a:53:16:59:94:bb:94:
23:a2:cf:45:9b:d5:64:22:ba:6c:87:ec:78:c8:84:a6:47:1e:
41:77:9a:d7:b1:d1:d2:48:99:4d:7d:6b:fd:43:4f:93:05:5e:
fe:05:bb:1d:c2:c3:2c:2b:d0:71:16:02:70:aa:c3:67:92:7c:
67:06:3e:ef:88:0f:8d:3d:19:ce:a7:b4:88:0d:58:b8:7e:8a:
af:43:af:68:8a:ce:bf:8f:d2:05:c5:d5:4c:e9:df:82:6b:f7:
0b:c9:aa:26:26:b2:c0:dd:94:c1:7e:c8:70:01:b8:90:47:53:
75:77:f6:c4:0a:80:89:40:05:ab:68:9a:70:8f:1f:e0:94:42:
fc:78:3a:32:38:a8:51:8f:0a:f3:76:7b:de:a3:96:38:80:a4:
c3:a1:ed:5b:d5:21:de:98:40:0c:34:e0:3e:a8:9a:25:d6:93:
cc:39:27:e3:eb:07:a8:e8:b4:c9:46:31:02:b0:ee:71:ae:fa:
bb:3e:eb:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2evcjDC//39iljkn8Kq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NWIyMWFmZTFiMDkxNmY1NWVlYTZkNWJkYzFkYmYyZTcz
YTNjNjgwHhcNMjUwMTAyMTE1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTE2YzkzMzRhZmQ4NjQ0NzVjMmFkZDE3NmM1MDU4OGJkMDc0ZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65giCItCKn3gPILMrLifSjKGqODH
6SInN8gfbfr1q6HtC67wZDwV+qVIa+330BM5l8QvBkQAaOJHMB8/oD6/v0KngtNY
oq7cY4q9AJQTnEciJBN4gnbVv4sBMth7wZoUOum/QmIjgXbMK4Dndxvc3fjFThC4
eWxQxi7gdnJv2guw2Kg6xhkQ2rk/wgBioUfees5uwImMH+VJ1C39Dk0FzZfa4r7u
LtIUjBea/DE2aa8MrkGdgIIEonncUqk/Gk4RmgyvDzvMmqbtpiy+Y5n0tGa9uz79
CoYMw4V+eZC+73Xa/D0ihSyAM9D7oG74lW2nU0ag6Twii62tz1DbQUvhuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEWyTNK/YZEdcKt0XbFBYi9B0+0MB8GA1UdIwQY
MBaAFOhbIa/hsJFvVe6m1b3B2/LnOjxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZzaHItR3drVzlWN3FiVnZjSGI4dWM2UEdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80YjQ3NDgtNWFmMC00NTEzLWFjYTkt
MGI0MTIzNGNiMGNlLzEva1JiSk0wcjloa1Ixd3EzUmRzVUZpTDBIVDdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80YjQ3NDgtNWFmMC00NTEzLWFjYTktMGI0MTIzNGNiMGNl
LzEvNkZzaHItR3drVzlWN3FiVnZjSGI4dWM2UEdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw+E6MA0G
CSqGSIb3DQEBCwUAA4IBAQCOgUOcWC/hhXO2ATW/uhpM8rDZNq5WewN9qcw8RNo/
BaOvQ0uhMiX6tFxpYB8nwz43OLuOvbiw6YQgpp/djVR59FpTFlmUu5Qjos9Fm9Vk
Irpsh+x4yISmRx5Bd5rXsdHSSJlNfWv9Q0+TBV7+BbsdwsMsK9BxFgJwqsNnknxn
Bj7viA+NPRnOp7SIDVi4foqvQ69ois6/j9IFxdVM6d+Ca/cLyaomJrLA3ZTBfshw
AbiQR1N1d/bECoCJQAWraJpwjx/glEL8eDoyOKhRjwrzdnveo5Y4gKTDoe1b1SHe
mEAMNOA+qJol1pPMOSfj6weo6LTJRjECsO5xrvq7Put1
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:24:52 2025 by rpki-client