Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/TXiax0-5Zk6kC2Pc1q14vgsT_fM.roa
File: TXiax0-5Zk6kC2Pc1q14vgsT_fM.roa (raw, json)
Hash identifier: IoSRkRnD8oX+v8+Ieb3aUg+H+PiYfztkJk/l72Evyh0=
Subject key identifier: 4D:78:9A:C7:4F:B9:66:4E:A4:0B:63:DC:D6:AD:78:BE:0B:13:FD:F3
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018CC348D0C461A46A926678B418E9DF7B0F
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/TXiax0-5Zk6kC2Pc1q14vgsT_fM.roa
Signing time: Mon 01 Jan 2024 04:29:38 +0000
ROA not before: Mon 01 Jan 2024 04:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12511
IP address blocks: 195.65.35.0/24 maxlen: 24
195.65.34.0/24 maxlen: 24
195.65.34.0/23 maxlen: 23
2001:918:ffeb::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d0:c4:61:a4:6a:92:66:78:b4:18:e9:df:7b:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 04:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d789ac74fb9664ea40b63dcd6ad78be0b13fdf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c8:71:b6:e6:00:b6:68:a8:62:19:f0:78:bc:
8d:fe:07:ff:ed:7c:f5:c5:43:8a:5b:fe:2f:56:c1:
e7:3c:6a:eb:41:59:c9:83:23:6a:cc:48:79:c0:03:
8c:f0:5b:cd:d8:6a:91:2b:34:76:c5:c2:32:48:66:
0e:89:2a:c3:22:a5:84:bb:34:5b:ae:eb:9d:0c:f1:
e7:b3:cb:4a:a6:ab:5d:08:c2:08:53:99:6f:95:23:
31:39:6d:a8:89:4b:e5:b4:f4:af:49:42:49:0b:93:
15:3e:0e:9c:b1:12:59:43:f4:d3:b0:39:b8:3b:b1:
6a:80:a1:24:bc:b9:ad:a5:10:6b:98:1b:d2:be:4d:
ec:30:bc:73:95:c0:cc:de:45:ea:56:ce:00:de:89:
a3:83:5c:ac:62:da:3e:6e:b5:c1:77:b0:7f:30:af:
3d:15:eb:c5:be:11:73:60:9c:5f:a8:08:7d:3a:43:
3c:f2:86:4f:86:52:bc:4c:ac:fe:7d:d0:4a:c1:25:
92:15:9d:b4:96:61:75:8f:26:3b:08:70:a3:45:e0:
be:8d:75:89:e7:8c:af:9a:70:cf:da:52:3f:f2:bf:
87:41:ba:b1:cd:20:a3:7d:f2:44:12:8a:ca:2e:39:
51:a9:97:6d:56:43:3c:e6:d7:37:19:ea:c6:ec:3d:
d5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:78:9A:C7:4F:B9:66:4E:A4:0B:63:DC:D6:AD:78:BE:0B:13:FD:F3
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/TXiax0-5Zk6kC2Pc1q14vgsT_fM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.65.34.0/23
IPv6:
2001:918:ffeb::/48
Signature Algorithm: sha256WithRSAEncryption
3d:d1:bc:c0:2b:b3:eb:a5:d9:00:4f:ca:56:8e:c4:34:c8:e1:
1b:78:33:fd:3a:ac:dc:d2:d3:10:8c:fc:6b:d8:08:7a:ac:83:
b1:0e:a2:b2:db:65:a4:d4:b8:c6:23:3c:00:fd:10:bd:07:1a:
3f:d0:d1:41:4b:7d:1c:ae:59:6e:ab:73:68:fe:80:ac:09:a9:
65:72:80:db:d1:8d:f1:69:2d:c6:d1:e7:8d:63:8b:5b:24:ff:
26:2f:ee:2b:15:82:fe:2d:51:0b:6c:9e:5f:de:c4:f4:5f:89:
4c:fe:31:99:2e:ca:6c:1d:c4:e8:93:75:55:10:76:50:56:08:
19:5e:fd:0a:8e:6f:4e:43:bc:c3:d0:8a:b7:d3:05:ba:4e:2c:
cb:28:64:a1:9d:bc:35:5a:51:5f:c0:8b:56:dc:d1:aa:32:fd:
4e:d6:4f:df:e4:fb:55:b1:b8:0e:16:4f:af:b8:d9:f7:a3:fe:
3b:24:84:e8:77:c0:fe:eb:3d:a3:7b:03:04:6b:fc:0f:8b:14:
3a:b2:ba:79:cf:4b:f1:c1:32:3d:d1:52:7c:42:e0:2f:a2:c4:
3b:00:9d:f7:13:4f:94:5d:77:42:69:e4:8f:00:be:f7:d5:c8:
89:5f:c6:40:c9:d6:cb:f3:ec:4d:21:55:85:5b:e1:37:39:56:
0a:8b:32:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDSNDEYaRqkmZ4tBjp33sPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMTAxMDQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDc4OWFjNzRmYjk2NjRlYTQwYjYzZGNkNmFkNzhiZTBiMTNmZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8hxtuYAtmioYhnweLyN/gf/7Xz1
xUOKW/4vVsHnPGrrQVnJgyNqzEh5wAOM8FvN2GqRKzR2xcIySGYOiSrDIqWEuzRb
ruudDPHns8tKpqtdCMIIU5lvlSMxOW2oiUvltPSvSUJJC5MVPg6csRJZQ/TTsDm4
O7FqgKEkvLmtpRBrmBvSvk3sMLxzlcDM3kXqVs4A3omjg1ysYto+brXBd7B/MK89
FevFvhFzYJxfqAh9OkM88oZPhlK8TKz+fdBKwSWSFZ20lmF1jyY7CHCjReC+jXWJ
54yvmnDP2lI/8r+HQbqxzSCjffJEEorKLjlRqZdtVkM85tc3GerG7D3VmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE14msdPuWZOpAtj3NateL4LE/3zMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvVFhpYXgwLTVaazZrQzJQYzFxMTR2Z3NUX2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw0EiMA8E
AgACMAkDBwAgAQkY/+swDQYJKoZIhvcNAQELBQADggEBAD3RvMArs+ul2QBPylaO
xDTI4Rt4M/06rNzS0xCM/GvYCHqsg7EOorLbZaTUuMYjPAD9EL0HGj/Q0UFLfRyu
WW6rc2j+gKwJqWVygNvRjfFpLcbR541ji1sk/yYv7isVgv4tUQtsnl/exPRfiUz+
MZkuymwdxOiTdVUQdlBWCBle/QqOb05DvMPQirfTBbpOLMsoZKGdvDVaUV/Ai1bc
0aoy/U7WT9/k+1WxuA4WT6+42fej/jskhOh3wP7rPaN7AwRr/A+LFDqyunnPS/HB
Mj3RUnxC4C+ixDsAnfcTT5Rdd0Jp5I8AvvfVyIlfxkDJ1svz7E0hVYVb4Tc5VgqL
MgI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:05:50 2025 by rpki-client