Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/b8f50e-475f-4b47-85c0-5f123555cfb1/1/M_KXgx_JXGIc6tpaSDgr0M5BMPw.roa
File: M_KXgx_JXGIc6tpaSDgr0M5BMPw.roa (raw, json)
Hash identifier: X3pXFD/5xK/MixjNA4bRNTqRZIbmtfbltIvMKrIW70U=
Subject key identifier: 33:F2:97:83:1F:C9:5C:62:1C:EA:DA:5A:48:38:2B:D0:CE:41:30:FC
Certificate issuer: /CN=4feb9457ec519e8237867710bcc82fa30eae67c0
Certificate serial: 019428261524F7D93903DA0655E941BC8047
Authority key identifier: 4F:EB:94:57:EC:51:9E:82:37:86:77:10:BC:C8:2F:A3:0E:AE:67:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T-uUV-xRnoI3hncQvMgvow6uZ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/b8f50e-475f-4b47-85c0-5f123555cfb1/1/M_KXgx_JXGIc6tpaSDgr0M5BMPw.roa
Signing time: Thu 02 Jan 2025 17:52:51 +0000
ROA not before: Thu 02 Jan 2025 17:52:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210567
IP address blocks: 185.163.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:15:24:f7:d9:39:03:da:06:55:e9:41:bc:80:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4feb9457ec519e8237867710bcc82fa30eae67c0
Validity
Not Before: Jan 2 17:52:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33f297831fc95c621ceada5a48382bd0ce4130fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f6:27:55:38:92:c1:d6:12:ad:31:2f:93:10:
28:56:24:9d:38:83:1b:d3:39:ec:53:c2:bf:84:05:
b5:56:79:52:c2:c4:dc:2a:da:3a:be:06:b1:d4:e0:
24:58:10:9e:f7:57:44:2b:ea:10:22:23:ad:6e:20:
44:6f:fd:1a:cf:19:d7:09:d6:cb:8e:bf:56:9d:00:
7a:b7:92:21:10:9b:5c:ed:e4:f1:05:72:83:d8:54:
32:4d:69:87:8d:65:09:75:b4:df:d3:a2:fa:78:31:
19:2e:9a:e3:a3:4a:e0:3b:5d:8c:5e:fc:c1:8c:eb:
21:34:3e:8a:ac:b6:7e:35:a3:34:5b:05:b2:d4:ce:
e0:60:c4:fc:ce:bc:0a:65:e4:48:c2:ed:ff:6b:90:
6d:26:7a:7f:a3:de:e2:73:ce:3b:c7:e2:4c:af:e1:
45:81:51:a0:8d:b3:37:54:08:6d:52:09:60:16:b9:
ca:63:13:66:99:28:58:be:bc:b7:c5:11:ac:22:93:
bd:67:69:61:35:cd:15:72:ee:31:16:6f:36:4a:ad:
00:11:f5:95:f3:99:9b:8c:12:1d:ea:ac:ee:1b:41:
73:cc:50:ff:65:d7:d0:22:ef:8f:ff:42:bf:19:4a:
68:c6:f0:95:e4:74:99:06:9f:35:b5:e9:92:87:3f:
98:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F2:97:83:1F:C9:5C:62:1C:EA:DA:5A:48:38:2B:D0:CE:41:30:FC
X509v3 Authority Key Identifier:
keyid:4F:EB:94:57:EC:51:9E:82:37:86:77:10:BC:C8:2F:A3:0E:AE:67:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T-uUV-xRnoI3hncQvMgvow6uZ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/b8f50e-475f-4b47-85c0-5f123555cfb1/1/M_KXgx_JXGIc6tpaSDgr0M5BMPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/b8f50e-475f-4b47-85c0-5f123555cfb1/1/T-uUV-xRnoI3hncQvMgvow6uZ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.247.0/24
Signature Algorithm: sha256WithRSAEncryption
39:e8:8b:d7:2d:ab:cf:71:06:38:03:f9:23:95:bf:fe:41:53:
43:ef:42:40:e2:1f:ad:55:53:d9:ef:a6:d0:8e:c4:14:3f:76:
b8:d2:d9:db:4a:49:bf:94:f5:60:53:20:24:6c:55:62:87:13:
05:58:3f:de:f7:ae:c2:d9:de:7b:5f:0f:7a:a9:4d:79:43:9f:
bf:65:6f:1e:74:90:70:8c:1a:d6:70:1f:b1:90:2c:79:cc:78:
ce:67:28:2b:db:f2:06:c7:64:0e:4d:d1:77:72:3c:49:65:aa:
99:69:4b:cb:17:54:5d:c0:04:c3:ab:ea:51:83:52:79:13:65:
5a:86:47:c2:7d:27:1d:e6:d8:cc:13:f6:0e:28:20:28:6b:c1:
14:e2:88:f7:00:5a:f0:6d:1e:c4:9e:a0:01:b9:76:99:e2:79:
95:a8:9b:38:b5:6b:36:d7:aa:0c:4d:c6:4e:eb:24:67:4f:bf:
a0:1d:20:18:86:84:be:6d:cc:89:20:f6:80:a6:4e:61:68:cf:
56:b1:90:c6:a4:04:c1:05:70:0d:fa:2f:96:91:ac:95:b2:11:
80:4e:fa:2a:04:6d:ca:b2:30:e3:7d:69:86:ee:95:98:ed:70:
14:e6:05:f6:1d:15:ea:9d:1d:e8:21:58:69:44:86:19:0f:0a:
ce:fe:15:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJhUk99k5A9oGVelBvIBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmZWI5NDU3ZWM1MTllODIzNzg2NzcxMGJjYzgyZmEzMGVh
ZTY3YzAwHhcNMjUwMTAyMTc1MjUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2YyOTc4MzFmYzk1YzYyMWNlYWRhNWE0ODM4MmJkMGNlNDEzMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfYnVTiSwdYSrTEvkxAoViSdOIMb
0znsU8K/hAW1VnlSwsTcKto6vgax1OAkWBCe91dEK+oQIiOtbiBEb/0azxnXCdbL
jr9WnQB6t5IhEJtc7eTxBXKD2FQyTWmHjWUJdbTf06L6eDEZLprjo0rgO12MXvzB
jOshND6KrLZ+NaM0WwWy1M7gYMT8zrwKZeRIwu3/a5BtJnp/o97ic847x+JMr+FF
gVGgjbM3VAhtUglgFrnKYxNmmShYvry3xRGsIpO9Z2lhNc0Vcu4xFm82Sq0AEfWV
85mbjBId6qzuG0FzzFD/ZdfQIu+P/0K/GUpoxvCV5HSZBp81temShz+YEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPyl4MfyVxiHOraWkg4K9DOQTD8MB8GA1UdIwQY
MBaAFE/rlFfsUZ6CN4Z3ELzIL6MOrmfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVC11VVYteFJub0kzaG5jUXZNZ3ZvdzZ1WjhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9iOGY1MGUtNDc1Zi00YjQ3LTg1YzAt
NWYxMjM1NTVjZmIxLzEvTV9LWGd4X0pYR0ljNnRwYVNEZ3IwTTVCTVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9iOGY1MGUtNDc1Zi00YjQ3LTg1YzAtNWYxMjM1NTVjZmIx
LzEvVC11VVYteFJub0kzaG5jUXZNZ3ZvdzZ1WjhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaP3MA0G
CSqGSIb3DQEBCwUAA4IBAQA56IvXLavPcQY4A/kjlb/+QVND70JA4h+tVVPZ76bQ
jsQUP3a40tnbSkm/lPVgUyAkbFVihxMFWD/e967C2d57Xw96qU15Q5+/ZW8edJBw
jBrWcB+xkCx5zHjOZygr2/IGx2QOTdF3cjxJZaqZaUvLF1RdwATDq+pRg1J5E2Va
hkfCfScd5tjME/YOKCAoa8EU4oj3AFrwbR7EnqABuXaZ4nmVqJs4tWs216oMTcZO
6yRnT7+gHSAYhoS+bcyJIPaApk5haM9WsZDGpATBBXAN+i+WkayVshGATvoqBG3K
sjDjfWmG7pWY7XAU5gX2HRXqnR3oIVhpRIYZDwrO/hXJ
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:23 2025 by rpki-client