Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/M9dXL-Oza0PNDTAVGMoUMD1-IlA.roa
File: M9dXL-Oza0PNDTAVGMoUMD1-IlA.roa (raw, json)
Hash identifier: jhP7c0ubJpNShQl4AZbo7W8l+sNrqPUvkjw+552fAtk=
Subject key identifier: 33:D7:57:2F:E3:B3:6B:43:CD:0D:30:15:18:CA:14:30:3D:7E:22:50
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 019423D71986EE597907AF92ED2E94545FB2
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/M9dXL-Oza0PNDTAVGMoUMD1-IlA.roa
Signing time: Wed 01 Jan 2025 21:48:06 +0000
ROA not before: Wed 01 Jan 2025 21:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21734
IP address blocks: 95.172.76.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:19:86:ee:59:79:07:af:92:ed:2e:94:54:5f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Jan 1 21:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33d7572fe3b36b43cd0d301518ca14303d7e2250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:f6:1e:06:66:2b:10:2f:3f:1d:ce:09:27:52:
d8:3e:97:49:16:95:3d:33:cb:cc:93:30:55:cd:40:
f5:4e:a4:32:4c:ed:37:56:8b:30:1f:87:45:69:ea:
bb:1a:41:c4:02:db:19:d1:a6:c4:62:f7:6f:19:14:
0e:de:48:e5:0a:6b:30:a9:e0:3d:74:db:2d:09:3a:
41:76:a3:a7:17:1b:83:7a:fa:a6:c3:e2:c2:5c:df:
3c:49:11:ad:97:55:c8:92:bd:7e:39:5c:2d:dd:c1:
37:e1:e4:4d:b9:cb:e3:ea:31:dd:63:dc:8b:09:93:
1c:51:54:17:5a:3a:e7:62:33:dc:0e:3f:0c:e8:eb:
c3:a4:23:23:29:2f:22:ee:f1:ea:60:77:78:fa:e9:
18:ee:b1:f7:14:61:64:15:2c:84:66:60:73:bd:bd:
30:a9:d4:0f:61:35:cb:e9:e3:9d:10:1a:40:b1:02:
6a:bc:6c:7d:f8:9b:c5:b5:56:c5:90:fb:cc:f7:a1:
3f:86:9d:83:b4:9d:f0:cf:77:05:91:2e:b6:53:4a:
44:b9:e7:81:11:0e:3d:20:2f:ab:9e:ac:ed:e5:fc:
0d:5e:4a:ef:e2:97:c2:3c:4f:22:8d:6a:6c:b1:25:
6e:43:67:c4:b3:22:26:e5:78:7f:a2:2b:3f:53:4d:
d4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D7:57:2F:E3:B3:6B:43:CD:0D:30:15:18:CA:14:30:3D:7E:22:50
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/M9dXL-Oza0PNDTAVGMoUMD1-IlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.172.76.0/24
Signature Algorithm: sha256WithRSAEncryption
99:35:37:8c:15:05:e2:61:84:e6:14:63:04:9b:b7:5e:4e:a2:
63:0c:90:9d:45:90:87:5e:b8:cf:c2:ba:22:04:4f:82:b6:6d:
92:f1:6f:d6:50:0c:62:d1:e1:0a:1d:23:9f:64:cc:a6:c3:e4:
b6:1d:77:57:02:58:fe:22:75:4d:df:ed:2f:33:a8:76:44:20:
43:02:b0:b8:b5:64:58:3f:13:be:2d:2f:47:00:60:cc:89:13:
ea:3b:80:7e:62:2f:8e:28:77:52:26:c1:7b:6e:c3:ee:4c:1b:
f1:78:4f:a2:e8:be:90:4a:f1:df:36:6d:7b:70:f1:06:54:b3:
91:de:35:c9:3f:29:8c:20:98:94:bb:dd:58:6f:5d:e2:b7:6e:
85:ad:60:10:5f:aa:b3:e1:9e:4e:ad:be:4e:2f:e0:0c:1b:31:
31:3f:01:9f:72:73:4d:0a:67:53:1f:bb:29:7a:1b:82:82:3e:
cd:bc:c9:7f:50:44:3a:d9:b5:be:ff:d3:46:f3:08:ff:63:ea:
43:25:67:1a:1d:dc:7a:30:d1:d6:02:d5:c3:43:ce:43:92:01:
0d:a6:2e:65:f9:5a:4c:5d:1c:54:60:1e:23:0f:ba:0e:3e:46:
eb:b3:87:47:39:24:14:3c:95:40:6c:9e:8f:63:e2:ab:33:a5:
6a:3e:9c:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1xmG7ll5B6+S7S6UVF+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjUwMTAxMjE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Q3NTcyZmUzYjM2YjQzY2QwZDMwMTUxOGNhMTQzMDNkN2UyMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8PYeBmYrEC8/Hc4JJ1LYPpdJFpU9
M8vMkzBVzUD1TqQyTO03VoswH4dFaeq7GkHEAtsZ0abEYvdvGRQO3kjlCmswqeA9
dNstCTpBdqOnFxuDevqmw+LCXN88SRGtl1XIkr1+OVwt3cE34eRNucvj6jHdY9yL
CZMcUVQXWjrnYjPcDj8M6OvDpCMjKS8i7vHqYHd4+ukY7rH3FGFkFSyEZmBzvb0w
qdQPYTXL6eOdEBpAsQJqvGx9+JvFtVbFkPvM96E/hp2DtJ3wz3cFkS62U0pEueeB
EQ49IC+rnqzt5fwNXkrv4pfCPE8ijWpssSVuQ2fEsyIm5Xh/ois/U03UsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPXVy/js2tDzQ0wFRjKFDA9fiJQMB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvTTlkWEwtT3phMFBORFRBVkdNb1VNRDEtSWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6xMMA0G
CSqGSIb3DQEBCwUAA4IBAQCZNTeMFQXiYYTmFGMEm7deTqJjDJCdRZCHXrjPwroi
BE+Ctm2S8W/WUAxi0eEKHSOfZMymw+S2HXdXAlj+InVN3+0vM6h2RCBDArC4tWRY
PxO+LS9HAGDMiRPqO4B+Yi+OKHdSJsF7bsPuTBvxeE+i6L6QSvHfNm17cPEGVLOR
3jXJPymMIJiUu91Yb13it26FrWAQX6qz4Z5Orb5OL+AMGzExPwGfcnNNCmdTH7sp
ehuCgj7NvMl/UEQ62bW+/9NG8wj/Y+pDJWcaHdx6MNHWAtXDQ85DkgENpi5l+VpM
XRxUYB4jD7oOPkbrs4dHOSQUPJVAbJ6PY+KrM6VqPpzr
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:53:20 2025 by rpki-client