Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/M9C6QMgYRZoXXytQw2C6mkvtC-8.roa
File: M9C6QMgYRZoXXytQw2C6mkvtC-8.roa (raw, json)
Hash identifier: COEuLsdWxN3xYacMDKz0U9tiwB/XJTMey8K5tDI06Go=
Subject key identifier: 33:D0:BA:40:C8:18:45:9A:17:5F:2B:50:C3:60:BA:9A:4B:ED:0B:EF
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01942067C3FFD9E9F4CF6AB2281D98949349
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/M9C6QMgYRZoXXytQw2C6mkvtC-8.roa
Signing time: Wed 01 Jan 2025 05:47:38 +0000
ROA not before: Wed 01 Jan 2025 05:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21190
IP address blocks: 194.209.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:c3:ff:d9:e9:f4:cf:6a:b2:28:1d:98:94:93:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 05:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33d0ba40c818459a175f2b50c360ba9a4bed0bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:92:fc:54:11:ce:7d:fa:bd:18:f3:6e:8e:bc:
56:f7:64:43:bc:36:e0:f3:dc:01:31:30:53:47:02:
b7:ed:2c:88:a6:33:af:58:50:be:1a:15:4f:4b:86:
dc:27:68:f1:7f:2b:d1:1e:94:cc:bc:3c:0f:07:ab:
ab:54:3d:44:6a:0b:87:14:78:98:b0:63:93:34:a1:
84:a8:a9:ec:e0:34:bf:f2:44:7a:b7:4b:a7:d8:71:
e4:c5:8f:0c:57:a0:2b:8a:27:8e:c8:7f:98:38:02:
21:b3:24:c6:7b:79:bc:7f:4c:9b:d3:6a:4a:94:19:
2d:ce:33:7a:d0:1e:e9:25:93:7f:68:e5:27:5f:3a:
a9:5f:dd:21:8a:9b:32:84:e6:86:22:9a:0f:a3:e6:
d6:f5:98:53:36:61:f9:7c:18:84:cb:b4:5d:68:48:
b9:74:0b:30:f8:ca:e7:06:e3:ec:dd:9c:f9:e7:13:
ed:25:a7:af:5a:5a:80:1c:9e:db:4e:2a:35:18:74:
16:a4:4f:f2:c2:7a:09:00:71:6a:6c:f1:fe:11:a7:
d4:7c:47:ea:5d:5b:7c:93:3c:06:1e:ea:5d:5d:31:
7c:c1:b2:1a:7d:42:50:4d:4f:c2:85:8a:e8:c9:38:
fe:d5:cf:cd:0f:73:42:e3:b8:bc:c6:ca:e0:10:00:
9f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D0:BA:40:C8:18:45:9A:17:5F:2B:50:C3:60:BA:9A:4B:ED:0B:EF
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/M9C6QMgYRZoXXytQw2C6mkvtC-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.217.0/24
Signature Algorithm: sha256WithRSAEncryption
96:0d:9a:74:ff:b8:c9:a1:c4:0a:bf:25:e2:3e:de:4b:43:22:
3c:a9:4d:af:2b:ef:b3:dd:a9:32:08:b7:c3:2b:c7:b9:17:2e:
c0:3a:6d:f1:70:32:6a:d3:76:9b:da:7b:84:08:80:af:c3:84:
3d:8e:ea:dd:b2:b7:3a:e6:c9:16:42:31:4d:70:a4:eb:8d:7f:
b2:36:e4:29:a9:1d:ac:d7:db:26:f2:96:9a:c1:01:18:07:4d:
ad:e7:ea:65:7b:8a:bc:92:a8:47:e8:ad:af:d0:70:2a:e6:53:
f0:81:ea:59:dc:e3:b7:bf:15:8d:d0:d8:16:08:00:fc:7d:4b:
40:0e:e3:52:a6:59:40:25:7b:1e:9f:32:bb:10:45:e5:ed:69:
8d:d5:93:5c:e4:04:21:e9:25:08:e3:d1:e4:38:18:91:aa:bc:
34:63:c7:1d:c4:51:4b:19:5c:cb:54:4b:ed:5a:a9:56:0d:a1:
9c:82:e2:8e:70:3e:7c:d3:d8:df:59:3b:8b:0a:30:bd:0c:59:
24:56:9c:1d:9d:6c:21:de:c9:67:9a:75:b2:03:0a:90:d0:a9:
fe:47:34:7f:b1:cb:60:b4:b0:28:e6:2d:a2:cb:6d:55:7b:b0:
3a:1e:b9:42:f6:c1:64:26:52:03:8e:5b:13:e8:88:68:b9:d1:
4e:7d:c8:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ8P/2en0z2qyKB2YlJNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjUwMTAxMDU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2QwYmE0MGM4MTg0NTlhMTc1ZjJiNTBjMzYwYmE5YTRiZWQwYmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppL8VBHOffq9GPNujrxW92RDvDbg
89wBMTBTRwK37SyIpjOvWFC+GhVPS4bcJ2jxfyvRHpTMvDwPB6urVD1EaguHFHiY
sGOTNKGEqKns4DS/8kR6t0un2HHkxY8MV6AriieOyH+YOAIhsyTGe3m8f0yb02pK
lBktzjN60B7pJZN/aOUnXzqpX90hipsyhOaGIpoPo+bW9ZhTNmH5fBiEy7RdaEi5
dAsw+MrnBuPs3Zz55xPtJaevWlqAHJ7bTio1GHQWpE/ywnoJAHFqbPH+EafUfEfq
XVt8kzwGHupdXTF8wbIafUJQTU/ChYroyTj+1c/ND3NC47i8xsrgEACfjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPQukDIGEWaF18rUMNguppL7QvvMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvTTlDNlFNZ1lSWm9YWHl0UXcyQzZta3Z0Qy04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwtHZMA0G
CSqGSIb3DQEBCwUAA4IBAQCWDZp0/7jJocQKvyXiPt5LQyI8qU2vK++z3akyCLfD
K8e5Fy7AOm3xcDJq03ab2nuECICvw4Q9jurdsrc65skWQjFNcKTrjX+yNuQpqR2s
19sm8paawQEYB02t5+ple4q8kqhH6K2v0HAq5lPwgepZ3OO3vxWN0NgWCAD8fUtA
DuNSpllAJXsenzK7EEXl7WmN1ZNc5AQh6SUI49HkOBiRqrw0Y8cdxFFLGVzLVEvt
WqlWDaGcguKOcD5809jfWTuLCjC9DFkkVpwdnWwh3slnmnWyAwqQ0Kn+RzR/sctg
tLAo5i2iy21Ve7A6HrlC9sFkJlIDjlsT6IhoudFOfcj8
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:36:38 2025 by rpki-client