Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/9hHn7bmfmoqHF75Tow6Kh5VSbps.roa
File: 9hHn7bmfmoqHF75Tow6Kh5VSbps.roa (raw, json)
Hash identifier: WEgHH0n/g/skrA6UVfBrxp7y2FhG+f3miMwNxAoAwaU=
Subject key identifier: F6:11:E7:ED:B9:9F:9A:8A:87:17:BE:53:A3:0E:8A:87:95:52:6E:9B
Certificate issuer: /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial: 01856D01CD1BD54B5FC572CEA670CD196684
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/9hHn7bmfmoqHF75Tow6Kh5VSbps.roa
Signing time: Sun 01 Jan 2023 11:05:12 +0000
ROA not before: Sun 01 Jan 2023 11:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204500
IP address blocks: 195.72.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:cd:1b:d5:4b:5f:c5:72:ce:a6:70:cd:19:66:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Validity
Not Before: Jan 1 11:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f611e7edb99f9a8a8717be53a30e8a8795526e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0f:a8:15:99:43:63:17:c5:dc:7f:93:6e:9f:
17:ae:7f:96:bd:53:04:48:d9:d2:9c:43:63:86:27:
11:07:ac:e4:3f:4c:1b:6b:55:42:48:c7:22:2b:29:
69:d0:46:b1:3f:16:39:96:dd:5f:e0:c5:fa:18:14:
e2:80:f5:7a:b6:5d:e5:23:78:a3:51:73:28:0d:df:
fc:cc:25:90:d1:3e:f5:a8:c1:e1:ca:54:6a:d4:92:
eb:ac:3d:e7:f3:10:8f:90:82:94:b9:ef:fc:1b:74:
f1:94:7c:b5:59:e5:5c:91:d1:51:b6:cf:17:e2:4d:
a8:2c:46:94:6d:12:5f:c8:88:02:b8:7e:0d:ae:89:
1a:98:ee:e8:a8:6f:81:ac:ad:f1:cb:81:a7:f6:80:
bf:54:9b:a7:5f:f4:88:f9:22:99:ff:69:75:e0:0d:
7f:f6:79:2d:f7:e0:97:e2:60:e8:4a:5b:9c:86:57:
a8:dc:05:b7:76:84:ea:13:6a:1a:44:02:88:cf:16:
26:b8:71:de:01:0d:bf:b6:72:9f:22:4f:b8:ba:eb:
22:dc:1e:58:3e:58:f0:86:12:22:23:ef:6d:e7:a1:
6a:d3:d7:b8:bb:c9:74:12:3a:c5:a6:35:83:c5:fe:
fb:cf:a6:92:c1:fc:9f:f8:f2:8b:6f:6f:da:fc:29:
10:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:11:E7:ED:B9:9F:9A:8A:87:17:BE:53:A3:0E:8A:87:95:52:6E:9B
X509v3 Authority Key Identifier:
keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/9hHn7bmfmoqHF75Tow6Kh5VSbps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.72.119.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:b2:f8:74:70:05:93:67:57:6a:2c:ec:f3:ff:10:c2:0b:90:
15:55:0a:b8:16:cc:ca:38:3c:54:23:a1:31:c8:7a:3e:38:87:
d7:a9:cb:c0:50:62:63:14:d0:33:d1:eb:37:11:de:1b:03:d1:
d5:5c:ec:76:8e:97:48:93:d5:f1:5f:b0:9e:da:6f:3b:8e:1e:
44:9a:e9:c4:17:38:f5:db:b7:ba:6e:6f:ed:3d:2f:48:09:c1:
12:2e:38:12:a6:6d:42:a5:03:11:be:88:1a:ae:f4:e3:0c:f1:
43:5f:5d:c9:c6:42:77:8d:bd:bc:c7:df:7b:35:7e:e9:e9:e9:
74:f1:4b:a8:75:f3:06:23:d2:cb:29:60:38:39:5a:ae:61:b4:
e4:9f:42:27:fc:1c:41:1b:1c:1d:17:5e:e3:d2:cc:23:5e:73:
2b:75:ef:f7:7c:48:d6:d6:38:2e:bb:fd:a7:83:fe:84:b9:ca:
fc:a8:09:ea:3a:46:03:40:f8:ce:df:4d:c9:8f:9d:38:83:68:
49:64:78:43:e3:ee:44:cc:74:5d:0b:9b:5d:09:1a:60:b5:00:
28:2b:6e:6c:5b:f8:51:a7:a9:b8:28:15:a0:79:c2:04:1f:78:
f4:2e:d7:6d:b9:99:4d:dc:32:9c:2b:11:d2:67:fb:0a:24:d7:
93:51:4a:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAc0b1UtfxXLOpnDNGWaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjMwMTAxMTEwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjExZTdlZGI5OWY5YThhODcxN2JlNTNhMzBlOGE4Nzk1NTI2ZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ+oFZlDYxfF3H+Tbp8Xrn+WvVME
SNnSnENjhicRB6zkP0wba1VCSMciKylp0EaxPxY5lt1f4MX6GBTigPV6tl3lI3ij
UXMoDd/8zCWQ0T71qMHhylRq1JLrrD3n8xCPkIKUue/8G3TxlHy1WeVckdFRts8X
4k2oLEaUbRJfyIgCuH4NrokamO7oqG+BrK3xy4Gn9oC/VJunX/SI+SKZ/2l14A1/
9nkt9+CX4mDoSluchleo3AW3doTqE2oaRAKIzxYmuHHeAQ2/tnKfIk+4uusi3B5Y
PljwhhIiI+9t56Fq09e4u8l0EjrFpjWDxf77z6aSwfyf+PKLb2/a/CkQnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPYR5+25n5qKhxe+U6MOioeVUm6bMB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvOWhIbjdibWZtb3FIRjc1VG93NktoNVZTYnBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0h3MA0G
CSqGSIb3DQEBCwUAA4IBAQCssvh0cAWTZ1dqLOzz/xDCC5AVVQq4FszKODxUI6Ex
yHo+OIfXqcvAUGJjFNAz0es3Ed4bA9HVXOx2jpdIk9XxX7Ce2m87jh5EmunEFzj1
27e6bm/tPS9ICcESLjgSpm1CpQMRvogarvTjDPFDX13JxkJ3jb28x997NX7p6el0
8UuodfMGI9LLKWA4OVquYbTkn0In/BxBGxwdF17j0swjXnMrde/3fEjW1jguu/2n
g/6Eucr8qAnqOkYDQPjO303Jj504g2hJZHhD4+5EzHRdC5tdCRpgtQAoK25sW/hR
p6m4KBWgecIEH3j0LtdtuZlN3DKcKxHSZ/sKJNeTUUoc
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:41:46 2025 by rpki-client