Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8b5f7c-b3ae-4b58-81bb-25a40c075f12/1/moiKPG2LP_pIBJ3oE3uKFFimTvs.roa
File: moiKPG2LP_pIBJ3oE3uKFFimTvs.roa (raw, json)
Hash identifier: 7/+kCaotJP3wY1l3ZzCfImaKj4/imFC7lov/Lv+DrVg=
Subject key identifier: 9A:88:8A:3C:6D:8B:3F:FA:48:04:9D:E8:13:7B:8A:14:58:A6:4E:FB
Certificate issuer: /CN=463f917077f8f3d0e338c742ea21d64358d19d52
Certificate serial: 01942521AC6969DE73BF52D4606B53316716
Authority key identifier: 46:3F:91:70:77:F8:F3:D0:E3:38:C7:42:EA:21:D6:43:58:D1:9D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rj-RcHf489DjOMdC6iHWQ1jRnVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/8b5f7c-b3ae-4b58-81bb-25a40c075f12/1/moiKPG2LP_pIBJ3oE3uKFFimTvs.roa
Signing time: Thu 02 Jan 2025 03:49:11 +0000
ROA not before: Thu 02 Jan 2025 03:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44196
IP address blocks: 195.2.202.0/23 maxlen: 23
195.2.202.0/24 maxlen: 24
195.2.203.0/24 maxlen: 24
195.93.132.0/23 maxlen: 23
195.93.132.0/24 maxlen: 24
195.93.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ac:69:69:de:73:bf:52:d4:60:6b:53:31:67:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=463f917077f8f3d0e338c742ea21d64358d19d52
Validity
Not Before: Jan 2 03:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a888a3c6d8b3ffa48049de8137b8a1458a64efb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c9:bf:11:96:13:81:2d:ca:4d:32:3d:8b:0f:
6a:63:d6:74:ed:91:42:0a:97:d5:85:c0:d9:a1:07:
ea:5f:ff:5b:f4:97:e5:6f:41:46:f7:de:73:2f:9b:
83:25:8b:57:28:78:e9:0d:bf:b5:de:14:ad:5f:cf:
25:02:4f:48:27:ff:06:e9:43:f7:35:f1:47:f3:26:
c8:e6:a5:38:50:3a:eb:39:21:8d:4c:d9:8b:95:b2:
1c:c2:20:28:e3:2a:c3:8e:66:87:90:14:2d:f0:56:
63:97:69:c4:45:0d:1e:92:d5:eb:69:9f:e4:2a:bb:
f1:e6:8f:8a:cf:4b:d0:a5:20:ce:42:f7:61:ea:be:
c0:c1:24:e4:88:56:33:06:22:4f:ff:20:7e:b3:18:
08:c2:8e:53:96:c7:39:18:ce:a4:0b:33:c3:ba:2c:
00:25:93:0c:92:43:bf:05:f0:59:3f:a0:bc:6e:1e:
a8:6b:56:14:bc:85:5a:c1:80:60:ee:f3:37:37:42:
82:cc:af:ce:4a:26:e4:a6:4b:35:c5:11:d3:64:d4:
b4:d0:f0:1d:8b:39:94:a3:87:5f:18:e2:44:40:e3:
04:3a:af:c1:b1:51:97:50:45:ef:20:66:53:b5:f3:
16:57:4a:b6:21:2c:cd:e3:1c:9d:d8:15:23:4e:65:
ce:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:88:8A:3C:6D:8B:3F:FA:48:04:9D:E8:13:7B:8A:14:58:A6:4E:FB
X509v3 Authority Key Identifier:
keyid:46:3F:91:70:77:F8:F3:D0:E3:38:C7:42:EA:21:D6:43:58:D1:9D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rj-RcHf489DjOMdC6iHWQ1jRnVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8b5f7c-b3ae-4b58-81bb-25a40c075f12/1/moiKPG2LP_pIBJ3oE3uKFFimTvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8b5f7c-b3ae-4b58-81bb-25a40c075f12/1/Rj-RcHf489DjOMdC6iHWQ1jRnVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.2.202.0/23
195.93.132.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:30:e5:05:92:9a:8f:76:0d:4f:5c:8a:da:4c:bf:3b:98:72:
ce:1b:b5:63:8e:2f:f6:d4:5a:aa:25:d3:a3:9f:c3:dd:e7:b2:
8b:c0:c4:b4:f0:a8:1a:c7:98:c8:ce:34:30:f2:da:15:9e:1c:
d0:79:05:d9:38:b9:8e:2d:7b:bc:5d:8b:aa:0c:b9:2f:08:29:
9d:d4:3a:3d:2e:a4:f9:27:09:9f:b7:3e:2e:f6:d9:c2:7f:e0:
ac:5a:28:50:84:5b:2c:38:80:36:62:61:9e:eb:67:61:57:8c:
a6:f1:b6:42:f7:40:1c:c2:5a:26:16:41:0c:78:78:88:6d:7a:
0e:95:66:e6:b8:af:27:74:86:c8:ea:58:c4:f1:79:95:f6:d9:
90:ff:5a:b1:e1:9b:d0:63:c5:19:aa:9c:13:af:85:09:4e:80:
a8:68:69:cc:33:24:88:c2:d7:29:b7:21:80:4c:be:b9:d5:70:
5a:3d:19:9a:a2:49:0b:96:88:ae:3b:0d:34:93:0c:32:29:6f:
29:07:bd:e8:85:de:5a:91:bd:a8:4b:39:58:76:9a:6c:33:71:
a3:5d:73:c2:9b:0f:63:37:43:41:33:bc:9f:0d:7a:27:0e:19:
d1:1c:a5:25:69:d4:45:07:79:13:49:f3:38:c8:c3:01:65:20:
56:e9:b9:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIaxpad5zv1LUYGtTMWcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2M2Y5MTcwNzdmOGYzZDBlMzM4Yzc0MmVhMjFkNjQzNThk
MTlkNTIwHhcNMjUwMTAyMDM0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTg4OGEzYzZkOGIzZmZhNDgwNDlkZTgxMzdiOGExNDU4YTY0ZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcm/EZYTgS3KTTI9iw9qY9Z07ZFC
CpfVhcDZoQfqX/9b9Jflb0FG995zL5uDJYtXKHjpDb+13hStX88lAk9IJ/8G6UP3
NfFH8ybI5qU4UDrrOSGNTNmLlbIcwiAo4yrDjmaHkBQt8FZjl2nERQ0ektXraZ/k
Krvx5o+Kz0vQpSDOQvdh6r7AwSTkiFYzBiJP/yB+sxgIwo5Tlsc5GM6kCzPDuiwA
JZMMkkO/BfBZP6C8bh6oa1YUvIVawYBg7vM3N0KCzK/OSibkpks1xRHTZNS00PAd
izmUo4dfGOJEQOMEOq/BsVGXUEXvIGZTtfMWV0q2ISzN4xyd2BUjTmXOfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJqIijxtiz/6SASd6BN7ihRYpk77MB8GA1UdIwQY
MBaAFEY/kXB3+PPQ4zjHQuoh1kNY0Z1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmotUmNIZjQ4OURqT01kQzZpSFdRMWpSblZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84YjVmN2MtYjNhZS00YjU4LTgxYmIt
MjVhNDBjMDc1ZjEyLzEvbW9pS1BHMkxQX3BJQkozb0UzdUtGRmltVHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84YjVmN2MtYjNhZS00YjU4LTgxYmItMjVhNDBjMDc1ZjEy
LzEvUmotUmNIZjQ4OURqT01kQzZpSFdRMWpSblZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwwLKAwQB
w12EMA0GCSqGSIb3DQEBCwUAA4IBAQCPMOUFkpqPdg1PXIraTL87mHLOG7Vjji/2
1FqqJdOjn8Pd57KLwMS08Kgax5jIzjQw8toVnhzQeQXZOLmOLXu8XYuqDLkvCCmd
1Do9LqT5Jwmftz4u9tnCf+CsWihQhFssOIA2YmGe62dhV4ym8bZC90AcwlomFkEM
eHiIbXoOlWbmuK8ndIbI6ljE8XmV9tmQ/1qx4ZvQY8UZqpwTr4UJToCoaGnMMySI
wtcptyGATL651XBaPRmaokkLloiuOw00kwwyKW8pB73ohd5akb2oSzlYdppsM3Gj
XXPCmw9jN0NBM7yfDXonDhnRHKUladRFB3kTSfM4yMMBZSBW6bk3
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:14:06 2025 by rpki-client