Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/b4566b-bcc8-4df5-ba2f-e15e666ad6c2/1/s_4M0Xn3RWdVl5Ee5amLr_m-SKI.roa
File: s_4M0Xn3RWdVl5Ee5amLr_m-SKI.roa (raw, json)
Hash identifier: PZMtSOH/plvjDd02CCjFt0ICQDy0I1QjX54XMQBvGFg=
Subject key identifier: B3:FE:0C:D1:79:F7:45:67:55:97:91:1E:E5:A9:8B:AF:F9:BE:48:A2
Certificate issuer: /CN=075e993e76f9d7fa404d69a6cb60d4bf98f2ba1e
Certificate serial: 019426D9ECA5C342FDD191EFB31FF51F7B4F
Authority key identifier: 07:5E:99:3E:76:F9:D7:FA:40:4D:69:A6:CB:60:D4:BF:98:F2:BA:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B16ZPnb51_pATWmmy2DUv5jyuh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/b4566b-bcc8-4df5-ba2f-e15e666ad6c2/1/s_4M0Xn3RWdVl5Ee5amLr_m-SKI.roa
Signing time: Thu 02 Jan 2025 11:50:03 +0000
ROA not before: Thu 02 Jan 2025 11:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 194.11.156.0/22 maxlen: 23
2001:67c:5d8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ec:a5:c3:42:fd:d1:91:ef:b3:1f:f5:1f:7b:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=075e993e76f9d7fa404d69a6cb60d4bf98f2ba1e
Validity
Not Before: Jan 2 11:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3fe0cd179f745675597911ee5a98baff9be48a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0a:30:99:0a:00:15:ea:f7:79:dc:0b:11:fb:
90:34:fb:86:fa:94:e8:55:dc:0c:14:bb:a9:6d:3b:
45:e6:3a:f6:87:7f:df:42:d9:86:70:49:d8:2c:a8:
3c:96:ea:e2:dd:cf:69:79:bb:b8:e2:2b:84:5c:da:
fd:2c:60:9a:23:0b:73:78:48:0c:eb:f2:da:ae:fa:
e4:9d:a7:6f:54:27:84:41:7e:dd:38:4b:89:be:b9:
2d:02:66:ec:6b:ff:78:b4:21:ee:eb:3b:8c:98:d7:
4e:5e:e9:11:cd:79:ef:4b:63:48:3e:1f:d4:93:1c:
29:58:4d:29:89:d7:e0:8a:03:c2:8e:f5:d4:c7:9a:
34:14:35:e5:9b:d1:d4:fe:33:7a:b2:4c:d2:3f:6d:
56:4c:df:05:0a:d2:c8:5b:3d:0f:0a:12:ab:b2:17:
a2:e7:f2:d8:ae:e9:0e:41:ee:df:63:d7:05:c7:59:
60:34:6d:4c:14:e2:7d:18:c0:32:ba:37:24:da:4e:
45:51:c1:08:7d:ab:86:57:bd:cf:e0:ce:f7:8e:db:
ca:66:34:7e:0c:a3:88:a6:ea:df:af:4e:b2:ec:21:
53:58:41:43:ea:03:94:6f:82:09:5f:53:97:6d:6b:
a0:6c:18:3c:ea:89:df:9d:3f:c4:c3:7b:fb:5d:ed:
93:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:FE:0C:D1:79:F7:45:67:55:97:91:1E:E5:A9:8B:AF:F9:BE:48:A2
X509v3 Authority Key Identifier:
keyid:07:5E:99:3E:76:F9:D7:FA:40:4D:69:A6:CB:60:D4:BF:98:F2:BA:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B16ZPnb51_pATWmmy2DUv5jyuh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/b4566b-bcc8-4df5-ba2f-e15e666ad6c2/1/s_4M0Xn3RWdVl5Ee5amLr_m-SKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/b4566b-bcc8-4df5-ba2f-e15e666ad6c2/1/B16ZPnb51_pATWmmy2DUv5jyuh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.11.156.0/22
IPv6:
2001:67c:5d8::/48
Signature Algorithm: sha256WithRSAEncryption
98:c1:6c:87:09:a8:1e:12:3a:74:d0:6d:e7:7e:0f:4d:5b:7a:
8b:c2:4c:e0:e0:aa:fa:ea:20:cd:75:d9:b5:8e:44:6d:5e:60:
2b:e9:5b:b6:60:0b:8a:07:e3:2d:c9:30:b9:b4:25:e0:d2:a4:
fe:e2:d5:51:c6:bb:d3:d2:5b:29:2b:6e:77:42:fd:ed:0b:39:
31:a0:eb:25:cd:73:3f:27:e5:8a:92:15:10:c5:e8:f2:4f:84:
1e:42:63:f1:99:93:1e:f0:86:cf:ed:2f:b8:15:55:c0:9d:70:
dc:57:55:3a:67:13:1a:e6:08:1a:d3:d9:d2:0d:33:11:4e:48:
c2:43:5f:fe:61:b9:2c:e0:a2:b1:3d:b6:9c:68:4a:82:c7:b1:
be:8c:c0:f2:2e:43:ef:03:68:5c:6c:04:80:d8:bf:ac:85:d4:
ca:55:7e:e2:ea:c9:56:6b:99:ed:9c:c1:5e:0d:5b:2a:32:44:
a5:a4:8b:f9:65:9f:ae:e7:a6:15:13:ae:a0:55:3b:82:6e:81:
93:25:23:18:10:f9:80:08:48:d1:90:36:42:3c:08:de:8d:c6:
6a:c8:4b:4e:63:f4:29:22:57:56:7e:53:c4:0e:0e:44:8b:20:
17:eb:21:fc:8f:65:bb:e5:e3:77:ab:0e:3b:3f:82:49:d2:be:
1a:10:61:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQm2eylw0L90ZHvsx/1H3tPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NWU5OTNlNzZmOWQ3ZmE0MDRkNjlhNmNiNjBkNGJmOThm
MmJhMWUwHhcNMjUwMTAyMTE1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2ZlMGNkMTc5Zjc0NTY3NTU5NzkxMWVlNWE5OGJhZmY5YmU0OGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgowmQoAFer3edwLEfuQNPuG+pTo
VdwMFLupbTtF5jr2h3/fQtmGcEnYLKg8luri3c9pebu44iuEXNr9LGCaIwtzeEgM
6/LarvrknadvVCeEQX7dOEuJvrktAmbsa/94tCHu6zuMmNdOXukRzXnvS2NIPh/U
kxwpWE0pidfgigPCjvXUx5o0FDXlm9HU/jN6skzSP21WTN8FCtLIWz0PChKrshei
5/LYrukOQe7fY9cFx1lgNG1MFOJ9GMAyujck2k5FUcEIfauGV73P4M73jtvKZjR+
DKOIpurfr06y7CFTWEFD6gOUb4IJX1OXbWugbBg86onfnT/Ew3v7Xe2TtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLP+DNF590VnVZeRHuWpi6/5vkiiMB8GA1UdIwQY
MBaAFAdemT52+df6QE1ppstg1L+Y8roeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjE2WlBuYjUxX3BBVFdtbXkyRFV2NWp5dWg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iNDU2NmItYmNjOC00ZGY1LWJhMmYt
ZTE1ZTY2NmFkNmMyLzEvc180TTBYbjNSV2RWbDVFZTVhbUxyX20tU0tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iNDU2NmItYmNjOC00ZGY1LWJhMmYtZTE1ZTY2NmFkNmMy
LzEvQjE2WlBuYjUxX3BBVFdtbXkyRFV2NWp5dWg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwgucMA8E
AgACMAkDBwAgAQZ8BdgwDQYJKoZIhvcNAQELBQADggEBAJjBbIcJqB4SOnTQbed+
D01beovCTODgqvrqIM112bWORG1eYCvpW7ZgC4oH4y3JMLm0JeDSpP7i1VHGu9PS
WykrbndC/e0LOTGg6yXNcz8n5YqSFRDF6PJPhB5CY/GZkx7whs/tL7gVVcCdcNxX
VTpnExrmCBrT2dINMxFOSMJDX/5huSzgorE9tpxoSoLHsb6MwPIuQ+8DaFxsBIDY
v6yF1MpVfuLqyVZrme2cwV4NWyoyRKWki/lln67nphUTrqBVO4JugZMlIxgQ+YAI
SNGQNkI8CN6NxmrIS05j9CkiV1Z+U8QODkSLIBfrIfyPZbvl43erDjs/gknSvhoQ
YTg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:33:31 2025 by rpki-client