Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/6b6335-0439-47f2-ae34-7424fdee210e/1/pMbs7XGdo_xSX6txJyvIyBbRMlo.roa
File: pMbs7XGdo_xSX6txJyvIyBbRMlo.roa (raw, json)
Hash identifier: 98SgzoxY6svU/NSUJNYIa8/zWjIUUc01QOY2lQs4JFE=
Subject key identifier: A4:C6:EC:ED:71:9D:A3:FC:52:5F:AB:71:27:2B:C8:C8:16:D1:32:5A
Certificate issuer: /CN=6fcedcbda03c3b36cd7d7037ead339bcb88c9a24
Certificate serial: 019420684A569D0FC05D29792DA4ED192D30
Authority key identifier: 6F:CE:DC:BD:A0:3C:3B:36:CD:7D:70:37:EA:D3:39:BC:B8:8C:9A:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b87cvaA8OzbNfXA36tM5vLiMmiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/6b6335-0439-47f2-ae34-7424fdee210e/1/pMbs7XGdo_xSX6txJyvIyBbRMlo.roa
Signing time: Wed 01 Jan 2025 05:48:13 +0000
ROA not before: Wed 01 Jan 2025 05:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43374
IP address blocks: 193.228.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4a:56:9d:0f:c0:5d:29:79:2d:a4:ed:19:2d:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fcedcbda03c3b36cd7d7037ead339bcb88c9a24
Validity
Not Before: Jan 1 05:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4c6eced719da3fc525fab71272bc8c816d1325a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:90:83:99:49:c2:5f:64:f5:f2:6a:83:e0:1d:
39:d6:69:ae:42:82:98:13:56:db:98:1b:8d:25:65:
e3:61:9b:69:18:cb:03:d1:e4:f1:29:c6:88:dc:66:
30:8e:d0:18:0c:41:5f:fe:e2:04:b4:91:6e:02:82:
ab:73:15:d8:16:b4:61:2f:4b:95:1e:97:2c:b8:9a:
a0:2d:d5:f6:1f:62:6f:6c:c0:41:3e:94:b9:9b:79:
74:3b:f1:a9:66:5c:91:8c:21:04:a6:d2:2b:f4:56:
b5:40:cd:4d:c4:c4:61:76:6f:4b:a6:d9:52:04:33:
9c:a2:1b:b1:15:10:3e:ca:95:c5:10:eb:18:69:72:
57:ea:0e:46:02:e7:f4:19:ca:60:fa:ac:69:2d:84:
10:fc:3e:5e:c7:9b:66:bd:cb:92:6d:93:06:ba:d1:
57:bd:72:65:59:3e:30:c4:14:7f:d8:0c:0b:bf:de:
5a:60:ed:90:d2:a4:e2:fe:ef:bd:ef:00:be:e8:07:
13:44:59:ea:cf:14:c5:b4:bf:12:24:92:df:6b:4f:
c9:77:36:c1:9b:99:34:b8:d3:0c:8e:94:13:f8:52:
88:8b:f7:1c:b6:76:79:4c:2c:79:fc:72:ef:d1:f2:
26:3c:7d:f4:5b:b0:98:67:12:bf:51:0e:8c:a9:f0:
8a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C6:EC:ED:71:9D:A3:FC:52:5F:AB:71:27:2B:C8:C8:16:D1:32:5A
X509v3 Authority Key Identifier:
keyid:6F:CE:DC:BD:A0:3C:3B:36:CD:7D:70:37:EA:D3:39:BC:B8:8C:9A:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b87cvaA8OzbNfXA36tM5vLiMmiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/6b6335-0439-47f2-ae34-7424fdee210e/1/pMbs7XGdo_xSX6txJyvIyBbRMlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/6b6335-0439-47f2-ae34-7424fdee210e/1/b87cvaA8OzbNfXA36tM5vLiMmiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.228.159.0/24
Signature Algorithm: sha256WithRSAEncryption
03:ca:0a:1f:b8:44:25:d3:30:0b:4b:d7:d8:df:76:18:00:8a:
99:4f:b6:03:68:10:82:0f:32:89:fe:0a:4e:c9:af:01:39:7f:
68:3a:7f:d2:d6:d2:99:69:3c:7c:b7:ee:b3:f2:e6:d9:f2:13:
ec:44:83:26:07:93:6e:7b:9c:10:48:d2:73:b6:f2:9c:1c:7b:
c4:3d:c0:e9:9d:15:b2:06:e3:bc:cd:0e:c6:5b:0d:fe:d7:ca:
80:d8:3a:6a:04:10:4e:c6:5f:95:dd:c1:e9:28:c9:e9:a1:dc:
4c:a7:54:d4:af:9b:f9:79:8e:ff:61:4c:52:3a:04:1f:22:5d:
22:8d:79:04:e3:d2:18:ee:9e:25:fb:27:f1:59:e3:61:82:fb:
da:0f:fd:f1:39:bf:88:a8:5a:43:91:1d:84:5c:bd:e4:f1:e3:
5f:e8:c6:de:37:48:c9:e1:d7:76:be:1e:bd:82:b1:0d:51:18:
57:fe:6b:94:bb:35:ff:92:f2:18:f3:d3:9b:64:5e:48:0a:6e:
5a:98:64:bd:bc:96:f0:c1:a3:97:5b:e0:97:b9:60:b6:34:88:
45:68:94:40:a6:0e:a5:b5:fa:b5:08:6f:72:51:84:ee:00:98:
17:0c:22:50:41:e2:5a:36:73:5e:11:15:69:fb:1f:11:82:7f:
21:60:12:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaEpWnQ/AXSl5LaTtGS0wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2VkY2JkYTAzYzNiMzZjZDdkNzAzN2VhZDMzOWJjYjg4
YzlhMjQwHhcNMjUwMTAxMDU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGM2ZWNlZDcxOWRhM2ZjNTI1ZmFiNzEyNzJiYzhjODE2ZDEzMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZCDmUnCX2T18mqD4B051mmuQoKY
E1bbmBuNJWXjYZtpGMsD0eTxKcaI3GYwjtAYDEFf/uIEtJFuAoKrcxXYFrRhL0uV
HpcsuJqgLdX2H2JvbMBBPpS5m3l0O/GpZlyRjCEEptIr9Fa1QM1NxMRhdm9LptlS
BDOcohuxFRA+ypXFEOsYaXJX6g5GAuf0Gcpg+qxpLYQQ/D5ex5tmvcuSbZMGutFX
vXJlWT4wxBR/2AwLv95aYO2Q0qTi/u+97wC+6AcTRFnqzxTFtL8SJJLfa0/JdzbB
m5k0uNMMjpQT+FKIi/cctnZ5TCx5/HLv0fImPH30W7CYZxK/UQ6MqfCKuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKTG7O1xnaP8Ul+rcScryMgW0TJaMB8GA1UdIwQY
MBaAFG/O3L2gPDs2zX1wN+rTOby4jJokMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjg3Y3ZhQThPemJOZlhBMzZ0TTV2TGlNbWlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC82YjYzMzUtMDQzOS00N2YyLWFlMzQt
NzQyNGZkZWUyMTBlLzEvcE1iczdYR2RvX3hTWDZ0eEp5dkl5QmJSTWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC82YjYzMzUtMDQzOS00N2YyLWFlMzQtNzQyNGZkZWUyMTBl
LzEvYjg3Y3ZhQThPemJOZlhBMzZ0TTV2TGlNbWlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAweSfMA0G
CSqGSIb3DQEBCwUAA4IBAQADygofuEQl0zALS9fY33YYAIqZT7YDaBCCDzKJ/gpO
ya8BOX9oOn/S1tKZaTx8t+6z8ubZ8hPsRIMmB5Nue5wQSNJztvKcHHvEPcDpnRWy
BuO8zQ7GWw3+18qA2DpqBBBOxl+V3cHpKMnpodxMp1TUr5v5eY7/YUxSOgQfIl0i
jXkE49IY7p4l+yfxWeNhgvvaD/3xOb+IqFpDkR2EXL3k8eNf6MbeN0jJ4dd2vh69
grENURhX/muUuzX/kvIY89ObZF5ICm5amGS9vJbwwaOXW+CXuWC2NIhFaJRApg6l
tfq1CG9yUYTuAJgXDCJQQeJaNnNeERVp+x8Rgn8hYBK1
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:38 2025 by rpki-client