Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/kMIoPYj99g2K5sWXNcD0fsxHkHM.roa
File: kMIoPYj99g2K5sWXNcD0fsxHkHM.roa (raw, json)
Hash identifier: FopABAV6PSptIp6OTBNiTRgtYU723NWq9ChEZhzR3FM=
Subject key identifier: 90:C2:28:3D:88:FD:F6:0D:8A:E6:C5:97:35:C0:F4:7E:CC:47:90:73
Certificate issuer: /CN=c412bb3da65caab524851ef86ce9baa62074e1ed
Certificate serial: 0194228DDC4F09F3DB7780232E509171853B
Authority key identifier: C4:12:BB:3D:A6:5C:AA:B5:24:85:1E:F8:6C:E9:BA:A6:20:74:E1:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/kMIoPYj99g2K5sWXNcD0fsxHkHM.roa
Signing time: Wed 01 Jan 2025 15:48:29 +0000
ROA not before: Wed 01 Jan 2025 15:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 94.127.40.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:dc:4f:09:f3:db:77:80:23:2e:50:91:71:85:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c412bb3da65caab524851ef86ce9baa62074e1ed
Validity
Not Before: Jan 1 15:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90c2283d88fdf60d8ae6c59735c0f47ecc479073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0b:a1:9f:e0:13:5e:db:4f:2d:20:ae:2f:75:
27:dd:bf:53:d6:92:af:4a:5a:ec:ff:1c:55:eb:2f:
4b:a7:a4:88:bf:86:b1:4f:a8:e5:79:17:36:5d:92:
ad:86:e7:9b:fe:f0:e3:7f:ce:a8:7d:ef:a1:02:4e:
d2:d5:a7:60:d2:36:e2:f1:91:18:b6:46:63:11:ee:
c3:fb:eb:75:5e:c1:e8:09:c1:de:41:3c:53:b8:3c:
3e:22:2c:58:86:c6:9e:08:9f:64:94:d1:15:a0:b7:
5a:35:f7:7b:1a:6e:40:7b:cc:cc:00:3b:5a:db:bb:
8d:bb:84:e3:57:cd:12:66:1a:59:d7:0f:5a:78:c7:
a4:ca:33:7d:73:fa:76:41:c4:22:a0:d7:cd:fa:48:
61:58:6b:a4:0a:9a:2e:10:b5:51:c4:c2:4f:62:58:
9b:7b:0a:b9:35:55:d9:9e:fd:33:95:ed:30:1e:5b:
50:68:be:75:6b:ce:dd:8d:6d:94:86:38:72:71:b9:
52:05:85:ee:32:65:61:de:90:1e:75:81:7a:ef:3b:
8e:ff:5d:8b:40:b6:9e:57:11:bb:1b:65:df:dd:74:
73:08:22:b8:d7:38:18:3c:26:6f:08:72:2d:09:3d:
f8:fc:a8:4f:bd:c0:c8:13:5a:55:2e:59:14:7a:19:
7d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C2:28:3D:88:FD:F6:0D:8A:E6:C5:97:35:C0:F4:7E:CC:47:90:73
X509v3 Authority Key Identifier:
keyid:C4:12:BB:3D:A6:5C:AA:B5:24:85:1E:F8:6C:E9:BA:A6:20:74:E1:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/kMIoPYj99g2K5sWXNcD0fsxHkHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.40.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:99:b1:ac:b8:e4:8f:71:55:df:c4:48:4d:a1:c7:d1:6a:a1:
00:3a:b2:ce:8e:2e:d5:16:29:bc:4e:98:bd:f5:2b:61:04:ff:
61:4f:76:98:1b:e2:3b:02:8f:22:a8:6d:ed:f0:85:bb:19:10:
26:a9:5e:68:75:12:f0:3c:d8:5a:07:56:89:c0:22:fc:44:da:
a4:23:c9:0d:21:0b:a1:ab:75:ee:ec:fc:cd:5d:13:dc:7b:9b:
21:b0:df:a5:a5:29:cb:ac:e7:47:a7:d6:fb:55:50:6e:5b:85:
21:0f:ec:fa:b1:4a:ad:42:d0:43:7e:cd:ca:a8:c5:e7:81:f0:
9f:59:af:2e:7b:f1:e9:bb:99:5a:cd:b5:52:37:e6:00:33:f9:
b6:e5:99:17:26:c3:f6:d2:e8:b2:ce:1b:b3:85:a2:39:88:f0:
e6:dc:1f:ca:23:16:87:9a:da:70:f9:44:fd:52:b4:d2:08:7b:
e7:a6:f4:fd:e2:59:59:4d:fd:6c:a6:43:da:ff:b2:60:fa:e9:
ff:2f:af:2d:91:0d:a9:df:f0:ad:2b:4a:d7:55:63:61:ce:4d:
0b:61:fa:bc:3a:08:b3:ef:d0:b7:a7:ad:c9:29:c8:a7:0b:7d:
0e:84:af:af:fe:69:9c:ca:eb:22:76:50:23:eb:02:66:9c:61:
ad:4c:43:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijdxPCfPbd4AjLlCRcYU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTJiYjNkYTY1Y2FhYjUyNDg1MWVmODZjZTliYWE2MjA3
NGUxZWQwHhcNMjUwMTAxMTU0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGMyMjgzZDg4ZmRmNjBkOGFlNmM1OTczNWMwZjQ3ZWNjNDc5MDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQuhn+ATXttPLSCuL3Un3b9T1pKv
Slrs/xxV6y9Lp6SIv4axT6jleRc2XZKthueb/vDjf86ofe+hAk7S1adg0jbi8ZEY
tkZjEe7D++t1XsHoCcHeQTxTuDw+IixYhsaeCJ9klNEVoLdaNfd7Gm5Ae8zMADta
27uNu4TjV80SZhpZ1w9aeMekyjN9c/p2QcQioNfN+khhWGukCpouELVRxMJPYlib
ewq5NVXZnv0zle0wHltQaL51a87djW2UhjhycblSBYXuMmVh3pAedYF67zuO/12L
QLaeVxG7G2Xf3XRzCCK41zgYPCZvCHItCT34/KhPvcDIE1pVLlkUehl94wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDCKD2I/fYNiubFlzXA9H7MR5BzMB8GA1UdIwQY
MBaAFMQSuz2mXKq1JIUe+GzpuqYgdOHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jNzg3MWMtNTFkOS00NjNkLWFjYjgt
OWI5MzJlY2QyZWNjLzEva01Jb1BZajk5ZzJLNXNXWE5jRDBmc3hIa0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jNzg3MWMtNTFkOS00NjNkLWFjYjgtOWI5MzJlY2QyZWNj
LzEveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXn8oMA0G
CSqGSIb3DQEBCwUAA4IBAQA/mbGsuOSPcVXfxEhNocfRaqEAOrLOji7VFim8Tpi9
9SthBP9hT3aYG+I7Ao8iqG3t8IW7GRAmqV5odRLwPNhaB1aJwCL8RNqkI8kNIQuh
q3Xu7PzNXRPce5shsN+lpSnLrOdHp9b7VVBuW4UhD+z6sUqtQtBDfs3KqMXngfCf
Wa8ue/Hpu5lazbVSN+YAM/m25ZkXJsP20uiyzhuzhaI5iPDm3B/KIxaHmtpw+UT9
UrTSCHvnpvT94llZTf1spkPa/7Jg+un/L68tkQ2p3/CtK0rXVWNhzk0LYfq8Ogiz
79C3p63JKcinC30OhK+v/mmcyusidlAj6wJmnGGtTEPY
-----END CERTIFICATE-----
Generated at Wed Apr 9 11:46:22 2025 by rpki-client