Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sQmov1OlN82DcAdiUmdo4_8t-VA.roa
File: sQmov1OlN82DcAdiUmdo4_8t-VA.roa (raw, json)
Hash identifier: 8iUeToh29QHq8MqC13PjFjyjAQovYDL1jLag25Mi0PM=
Subject key identifier: B1:09:A8:BF:53:A5:37:CD:83:70:07:62:52:67:68:E3:FF:2D:F9:50
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0194C6340A2B2B3666A5A444DE9073828814
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sQmov1OlN82DcAdiUmdo4_8t-VA.roa
Signing time: Sun 02 Feb 2025 10:28:06 +0000
ROA not before: Sun 02 Feb 2025 10:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199654
IP address blocks: 195.58.58.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c6:34:0a:2b:2b:36:66:a5:a4:44:de:90:73:82:88:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 2 10:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b109a8bf53a537cd83700762526768e3ff2df950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fb:ec:c6:6c:dc:b4:39:d6:1e:ac:7f:b2:5b:
e9:aa:e0:8a:25:09:d9:d4:84:77:7e:40:1f:bc:84:
15:45:e6:e6:7e:b0:42:a6:22:b8:76:8d:fa:e0:c7:
25:bf:03:1c:09:30:05:07:01:18:44:0a:90:b1:3b:
c6:a8:26:1f:a3:ac:f1:0b:14:0f:fa:5e:df:21:71:
5f:f2:b3:2c:29:e5:5c:7c:b4:59:fb:08:62:3b:4d:
01:00:0b:b3:fa:cb:d2:81:11:8e:3d:b8:2e:87:1f:
30:c3:ed:88:70:7f:30:a7:a0:2d:17:93:f8:2b:d1:
54:bc:cf:dc:aa:04:a6:bc:ab:f9:85:47:be:5c:12:
73:51:fb:b4:1c:f3:77:9e:72:6a:66:15:b0:e0:99:
6e:dd:e2:51:13:2f:1c:a6:bc:89:c1:c6:ff:a8:15:
d2:92:8b:17:86:4d:48:2d:fe:11:6f:79:9c:e9:51:
58:cd:7a:37:dd:78:5d:ca:47:46:17:67:61:90:b3:
1a:2f:ff:01:47:2d:31:b4:ba:6c:12:57:19:20:99:
19:af:fc:9d:1b:2f:c1:41:ce:a4:c3:4c:c5:49:95:
e5:4f:15:54:ba:b7:01:ba:3b:f5:e1:59:ad:50:13:
f4:10:7a:96:22:00:0d:45:83:54:32:f4:66:72:ac:
ae:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:09:A8:BF:53:A5:37:CD:83:70:07:62:52:67:68:E3:FF:2D:F9:50
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sQmov1OlN82DcAdiUmdo4_8t-VA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.58.0/24
Signature Algorithm: sha256WithRSAEncryption
87:bc:55:42:71:04:14:02:92:e5:07:c3:e1:eb:65:53:79:00:
a2:98:31:be:2a:d1:36:06:5f:15:8b:12:95:ff:bf:43:69:26:
6d:32:6b:16:1b:08:a5:66:b7:75:85:de:f1:16:a3:6e:0c:1a:
07:45:5d:f6:5a:f8:7b:16:da:b3:53:80:d0:a7:da:a9:3b:65:
f7:04:f8:1d:1c:a6:d8:e7:18:33:84:5b:9b:53:bc:49:ce:5f:
b1:79:cf:86:60:14:df:fd:5c:a4:ce:33:a2:61:37:35:67:fc:
44:9f:d9:7a:20:43:fb:10:72:96:99:cd:a4:1a:cd:17:99:af:
f2:0d:30:85:dd:1d:a8:c0:b1:0d:76:bd:e5:d3:72:90:28:c1:
0e:18:4d:24:39:c7:02:ad:95:e4:73:ed:a7:28:5c:bf:7e:57:
51:4f:2a:db:5e:56:b8:64:f4:8a:82:d4:08:4f:9c:05:57:aa:
0c:ad:ad:9f:15:5a:80:1b:da:ab:6f:9d:08:a7:c0:c7:c4:ab:
5d:f7:1c:2e:6f:3d:bd:b3:c5:a9:ee:ec:65:9a:4c:af:70:69:
ff:aa:14:d5:d8:5e:9f:68:e3:9e:ce:8b:d4:fa:11:5c:49:ec:
84:92:6b:8f:3f:cb:84:d4:4d:7e:78:f7:71:62:9c:a4:8a:60:
a0:f5:c9:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTGNAorKzZmpaRE3pBzgogUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMjAyMTAyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTA5YThiZjUzYTUzN2NkODM3MDA3NjI1MjY3NjhlM2ZmMmRmOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPvsxmzctDnWHqx/slvpquCKJQnZ
1IR3fkAfvIQVRebmfrBCpiK4do364MclvwMcCTAFBwEYRAqQsTvGqCYfo6zxCxQP
+l7fIXFf8rMsKeVcfLRZ+whiO00BAAuz+svSgRGOPbguhx8ww+2IcH8wp6AtF5P4
K9FUvM/cqgSmvKv5hUe+XBJzUfu0HPN3nnJqZhWw4Jlu3eJREy8cpryJwcb/qBXS
kosXhk1ILf4Rb3mc6VFYzXo33XhdykdGF2dhkLMaL/8BRy0xtLpsElcZIJkZr/yd
Gy/BQc6kw0zFSZXlTxVUurcBujv14VmtUBP0EHqWIgANRYNUMvRmcqyu8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLEJqL9TpTfNg3AHYlJnaOP/LflQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc1Ftb3YxT2xOODJEY0FkaVVtZG80Xzh0LVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzo6MA0G
CSqGSIb3DQEBCwUAA4IBAQCHvFVCcQQUApLlB8Ph62VTeQCimDG+KtE2Bl8VixKV
/79DaSZtMmsWGwilZrd1hd7xFqNuDBoHRV32Wvh7FtqzU4DQp9qpO2X3BPgdHKbY
5xgzhFubU7xJzl+xec+GYBTf/VykzjOiYTc1Z/xEn9l6IEP7EHKWmc2kGs0Xma/y
DTCF3R2owLENdr3l03KQKMEOGE0kOccCrZXkc+2nKFy/fldRTyrbXla4ZPSKgtQI
T5wFV6oMra2fFVqAG9qrb50Ip8DHxKtd9xwubz29s8Wp7uxlmkyvcGn/qhTV2F6f
aOOezovU+hFcSeyEkmuPP8uE1E1+ePdxYpykimCg9clI
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:00:17 2025 by rpki-client