Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/7fb381-fc44-44f6-a385-f8a469d4e2b2/1/PeD0qOPxUYxeVA81pP9--xNVIzU.roa
File: PeD0qOPxUYxeVA81pP9--xNVIzU.roa (raw, json)
Hash identifier: fJvgODfg2m2y6FUhDf+GL6D88mfLwM4rg59sQSq2L84=
Subject key identifier: 3D:E0:F4:A8:E3:F1:51:8C:5E:54:0F:35:A4:FF:7E:FB:13:55:23:35
Certificate issuer: /CN=21a717361309d2939351c9d8ba2173db8319a88f
Certificate serial: 019425FD33C4E4DC5B420ED75D0CB38B0CE4
Authority key identifier: 21:A7:17:36:13:09:D2:93:93:51:C9:D8:BA:21:73:DB:83:19:A8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IacXNhMJ0pOTUcnYuiFz24MZqI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/7fb381-fc44-44f6-a385-f8a469d4e2b2/1/PeD0qOPxUYxeVA81pP9--xNVIzU.roa
Signing time: Thu 02 Jan 2025 07:48:58 +0000
ROA not before: Thu 02 Jan 2025 07:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29480
IP address blocks: 195.149.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:33:c4:e4:dc:5b:42:0e:d7:5d:0c:b3:8b:0c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21a717361309d2939351c9d8ba2173db8319a88f
Validity
Not Before: Jan 2 07:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3de0f4a8e3f1518c5e540f35a4ff7efb13552335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0b:b4:03:af:fe:cd:38:7c:68:75:07:b8:21:
ed:56:32:71:bd:4c:1f:4b:a2:7b:22:43:69:eb:06:
37:4d:31:72:ef:c3:9a:4e:13:c2:fb:87:7f:4f:14:
53:cc:b0:81:63:6d:44:5e:dc:53:bc:11:e8:1e:8d:
c4:7b:29:d5:38:e0:d8:96:d9:ce:4a:c2:13:7e:20:
f8:9a:92:d5:82:ea:54:b9:6a:ad:aa:c1:13:ee:68:
a4:44:58:60:c4:44:02:9e:b9:49:0f:de:15:7d:1c:
59:9d:98:56:ee:11:51:ee:a6:ee:cc:d8:90:06:cb:
ed:05:14:99:e9:88:03:19:1c:25:2a:77:d1:c1:c4:
72:51:2b:ed:60:b9:b4:17:60:1f:68:e8:a6:dc:39:
cb:4e:df:09:2e:7b:80:d7:4a:82:72:bc:c0:fa:d8:
52:30:09:ac:d9:f7:d6:30:8c:be:7c:77:c0:8d:03:
37:e1:2d:42:74:17:19:29:63:14:93:0e:0b:b7:62:
b3:46:85:fc:ca:e0:7d:35:be:1d:58:b5:c5:49:89:
78:7b:7d:51:d3:0a:67:46:0c:b1:63:3c:13:cb:af:
ee:13:39:a6:77:20:09:6a:44:0d:cd:26:c7:bf:75:
db:8d:97:c1:22:55:15:49:d9:01:a1:a1:6a:cc:62:
1b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E0:F4:A8:E3:F1:51:8C:5E:54:0F:35:A4:FF:7E:FB:13:55:23:35
X509v3 Authority Key Identifier:
keyid:21:A7:17:36:13:09:D2:93:93:51:C9:D8:BA:21:73:DB:83:19:A8:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IacXNhMJ0pOTUcnYuiFz24MZqI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7fb381-fc44-44f6-a385-f8a469d4e2b2/1/PeD0qOPxUYxeVA81pP9--xNVIzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7fb381-fc44-44f6-a385-f8a469d4e2b2/1/IacXNhMJ0pOTUcnYuiFz24MZqI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.149.126.0/24
Signature Algorithm: sha256WithRSAEncryption
92:dd:d5:fc:ce:ab:c9:7c:e9:0c:6c:18:89:27:eb:9c:17:bb:
7f:8e:64:05:7b:f0:e6:1c:ac:01:02:03:39:c6:36:ef:5a:31:
ef:9c:9c:88:bc:45:8f:52:72:4c:c0:d3:87:41:c1:21:47:55:
72:7e:1a:80:40:46:42:93:59:5d:ae:08:92:fa:30:7d:65:8f:
3b:ff:96:ae:ff:51:c6:d0:08:be:0b:a0:09:7b:63:93:59:9f:
36:b9:9d:c5:90:a8:e6:40:50:c0:29:37:60:7e:7a:0f:43:d2:
3c:8e:f9:d2:5c:30:40:3a:c0:09:de:b5:84:3f:51:ae:d2:9d:
21:bc:e5:2d:ca:07:ea:e7:5a:0e:8e:d0:a0:bb:03:f2:41:92:
c9:c8:09:11:27:65:0d:16:3a:9d:20:b2:55:8a:79:8c:e3:0d:
37:59:bb:9c:58:bf:8c:0f:17:3f:31:e5:ad:8d:bb:6e:be:0d:
24:3f:66:1f:b1:81:b6:26:76:0b:10:70:b0:85:9c:d3:25:69:
01:25:4f:35:56:11:b5:17:3a:e6:d4:65:9e:e8:df:bb:65:02:
a2:01:52:1d:10:92:30:49:a6:9c:ba:33:14:cc:ef:7a:27:81:
d0:50:de:e4:ec:6a:a3:07:45:06:5a:f7:1a:11:c0:79:24:56:
83:d4:3d:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/TPE5NxbQg7XXQyziwzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYTcxNzM2MTMwOWQyOTM5MzUxYzlkOGJhMjE3M2RiODMx
OWE4OGYwHhcNMjUwMTAyMDc0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGUwZjRhOGUzZjE1MThjNWU1NDBmMzVhNGZmN2VmYjEzNTUyMzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgu0A6/+zTh8aHUHuCHtVjJxvUwf
S6J7IkNp6wY3TTFy78OaThPC+4d/TxRTzLCBY21EXtxTvBHoHo3EeynVOODYltnO
SsITfiD4mpLVgupUuWqtqsET7mikRFhgxEQCnrlJD94VfRxZnZhW7hFR7qbuzNiQ
BsvtBRSZ6YgDGRwlKnfRwcRyUSvtYLm0F2AfaOim3DnLTt8JLnuA10qCcrzA+thS
MAms2ffWMIy+fHfAjQM34S1CdBcZKWMUkw4Lt2KzRoX8yuB9Nb4dWLXFSYl4e31R
0wpnRgyxYzwTy6/uEzmmdyAJakQNzSbHv3XbjZfBIlUVSdkBoaFqzGIbrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3g9Kjj8VGMXlQPNaT/fvsTVSM1MB8GA1UdIwQY
MBaAFCGnFzYTCdKTk1HJ2Lohc9uDGaiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFjWE5oTUowcE9UVWNuWXVpRnoyNE1acUk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83ZmIzODEtZmM0NC00NGY2LWEzODUt
ZjhhNDY5ZDRlMmIyLzEvUGVEMHFPUHhVWXhlVkE4MXBQOS0teE5WSXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83ZmIzODEtZmM0NC00NGY2LWEzODUtZjhhNDY5ZDRlMmIy
LzEvSWFjWE5oTUowcE9UVWNuWXVpRnoyNE1acUk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5V+MA0G
CSqGSIb3DQEBCwUAA4IBAQCS3dX8zqvJfOkMbBiJJ+ucF7t/jmQFe/DmHKwBAgM5
xjbvWjHvnJyIvEWPUnJMwNOHQcEhR1VyfhqAQEZCk1ldrgiS+jB9ZY87/5au/1HG
0Ai+C6AJe2OTWZ82uZ3FkKjmQFDAKTdgfnoPQ9I8jvnSXDBAOsAJ3rWEP1Gu0p0h
vOUtygfq51oOjtCguwPyQZLJyAkRJ2UNFjqdILJVinmM4w03WbucWL+MDxc/MeWt
jbtuvg0kP2YfsYG2JnYLEHCwhZzTJWkBJU81VhG1Fzrm1GWe6N+7ZQKiAVIdEJIw
SaacujMUzO96J4HQUN7k7GqjB0UGWvcaEcB5JFaD1D2Y
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:35:56 2025 by rpki-client