Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/xH_26XIR8lPG36a6e_UAuv1nVvs.roa
File: xH_26XIR8lPG36a6e_UAuv1nVvs.roa (raw, json)
Hash identifier: skoMmZjq1jRGHL/wRavlOMxLKJaRep20S4gGa/juF00=
Subject key identifier: C4:7F:F6:E9:72:11:F2:53:C6:DF:A6:BA:7B:F5:00:BA:FD:67:56:FB
Certificate issuer: /CN=9a7b9a8cd819f4a920334d7e72ec2340870d7749
Certificate serial: 019421B215112AF1488AC99B8AB43DA8B967
Authority key identifier: 9A:7B:9A:8C:D8:19:F4:A9:20:33:4D:7E:72:EC:23:40:87:0D:77:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnuajNgZ9KkgM01-cuwjQIcNd0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/xH_26XIR8lPG36a6e_UAuv1nVvs.roa
Signing time: Wed 01 Jan 2025 11:48:26 +0000
ROA not before: Wed 01 Jan 2025 11:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57306
IP address blocks: 195.114.104.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:15:11:2a:f1:48:8a:c9:9b:8a:b4:3d:a8:b9:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a7b9a8cd819f4a920334d7e72ec2340870d7749
Validity
Not Before: Jan 1 11:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c47ff6e97211f253c6dfa6ba7bf500bafd6756fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:09:08:ab:aa:d1:9a:f4:8a:33:18:31:e2:22:
86:a5:1d:62:62:56:a5:5c:60:83:b4:5f:4a:94:45:
bc:06:de:da:24:46:ae:ce:80:4b:1f:cf:a8:7a:08:
1f:d9:a6:59:1b:c0:70:f2:d9:9e:b3:97:05:cd:77:
02:44:68:e1:0b:a6:da:0e:73:a9:83:49:33:ef:fc:
a1:a7:29:13:ff:5a:dc:05:19:7b:3c:5a:3d:dc:dc:
11:b3:9e:99:5a:63:ab:03:b0:fd:5b:f3:92:fb:79:
9b:15:98:4e:49:25:75:b1:ec:be:51:02:e7:2a:81:
65:2c:3d:93:1c:f0:4f:a9:ed:6e:f9:9c:8f:52:7f:
47:d5:67:0f:64:4a:a6:32:fd:db:35:a8:8c:5d:df:
d4:37:e1:c8:dc:54:84:e3:51:57:1b:5a:b9:cc:81:
67:58:f2:2b:bc:d4:4c:05:17:97:38:23:70:d0:a1:
c9:c7:1b:8a:1e:72:05:81:50:77:5e:e6:dc:c8:aa:
ff:56:9b:79:8b:12:f7:cd:b9:e6:5c:2b:68:68:cb:
fe:2e:8d:2a:3b:fa:8c:f2:ce:e1:4a:ea:93:c8:35:
e0:1b:5a:39:98:0f:43:73:b7:5a:1c:f4:b2:e2:2a:
d9:3e:ec:f8:12:31:38:18:75:21:63:75:1d:6e:3b:
aa:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:7F:F6:E9:72:11:F2:53:C6:DF:A6:BA:7B:F5:00:BA:FD:67:56:FB
X509v3 Authority Key Identifier:
keyid:9A:7B:9A:8C:D8:19:F4:A9:20:33:4D:7E:72:EC:23:40:87:0D:77:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnuajNgZ9KkgM01-cuwjQIcNd0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/xH_26XIR8lPG36a6e_UAuv1nVvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/mnuajNgZ9KkgM01-cuwjQIcNd0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.104.0/23
Signature Algorithm: sha256WithRSAEncryption
59:7f:fb:2a:82:54:d1:c7:4b:04:b2:a2:a2:80:6e:50:b8:07:
03:77:95:68:4c:01:85:22:0b:8e:ba:cb:21:20:95:3b:bb:dc:
3d:09:91:0e:ef:49:20:85:2c:d1:ef:9f:db:e9:b5:ed:41:5f:
dd:a3:35:33:21:00:34:98:6d:59:34:57:c6:00:11:01:52:6a:
7e:27:d3:28:be:83:ad:fd:40:44:5d:9b:8f:02:fd:00:eb:08:
a0:02:2e:8c:f1:7c:ec:b9:88:73:09:82:3a:ae:3c:65:3e:12:
ae:89:fb:d0:d1:a5:b5:28:f1:f8:a3:2b:e6:12:d6:fa:8a:f1:
e5:b0:00:52:cf:82:49:87:3f:bf:f9:73:70:a2:36:e3:eb:a6:
75:be:9a:35:6b:f4:44:14:a6:8d:13:fb:8e:ad:3a:00:97:d3:
cd:53:b5:af:7a:05:42:26:79:41:df:c8:64:2d:d4:48:c4:1d:
8e:34:38:39:51:1d:05:e9:72:a5:45:fb:36:40:55:1d:19:f9:
03:91:ce:4f:b7:3a:dc:f7:60:cf:db:ca:65:86:e8:ae:4c:f0:
74:5f:fe:52:4b:d0:ac:fc:d6:ad:83:e7:53:95:10:ed:55:4d:
6c:26:2e:bd:f9:95:56:2f:22:03:ee:3a:6b:35:90:8d:94:87:
c1:44:37:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhshURKvFIismbirQ9qLlnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhN2I5YThjZDgxOWY0YTkyMDMzNGQ3ZTcyZWMyMzQwODcw
ZDc3NDkwHhcNMjUwMTAxMTE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDdmZjZlOTcyMTFmMjUzYzZkZmE2YmE3YmY1MDBiYWZkNjc1NmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwkIq6rRmvSKMxgx4iKGpR1iYlal
XGCDtF9KlEW8Bt7aJEauzoBLH8+oeggf2aZZG8Bw8tmes5cFzXcCRGjhC6baDnOp
g0kz7/yhpykT/1rcBRl7PFo93NwRs56ZWmOrA7D9W/OS+3mbFZhOSSV1sey+UQLn
KoFlLD2THPBPqe1u+ZyPUn9H1WcPZEqmMv3bNaiMXd/UN+HI3FSE41FXG1q5zIFn
WPIrvNRMBReXOCNw0KHJxxuKHnIFgVB3XubcyKr/Vpt5ixL3zbnmXCtoaMv+Lo0q
O/qM8s7hSuqTyDXgG1o5mA9Dc7daHPSy4irZPuz4EjE4GHUhY3UdbjuqHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMR/9ulyEfJTxt+munv1ALr9Z1b7MB8GA1UdIwQY
MBaAFJp7mozYGfSpIDNNfnLsI0CHDXdJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW51YWpOZ1o5S2tnTTAxLWN1d2pRSWNOZDBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83ZTBlYmItNDY4Ni00MDZlLWI5OWYt
MjFmYWYxNDRjYjYyLzEveEhfMjZYSVI4bFBHMzZhNmVfVUF1djFuVnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83ZTBlYmItNDY4Ni00MDZlLWI5OWYtMjFmYWYxNDRjYjYy
LzEvbW51YWpOZ1o5S2tnTTAxLWN1d2pRSWNOZDBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw3JoMA0G
CSqGSIb3DQEBCwUAA4IBAQBZf/sqglTRx0sEsqKigG5QuAcDd5VoTAGFIguOussh
IJU7u9w9CZEO70kghSzR75/b6bXtQV/dozUzIQA0mG1ZNFfGABEBUmp+J9MovoOt
/UBEXZuPAv0A6wigAi6M8XzsuYhzCYI6rjxlPhKuifvQ0aW1KPH4oyvmEtb6ivHl
sABSz4JJhz+/+XNwojbj66Z1vpo1a/REFKaNE/uOrToAl9PNU7WvegVCJnlB38hk
LdRIxB2ONDg5UR0F6XKlRfs2QFUdGfkDkc5Ptzrc92DP28plhuiuTPB0X/5SS9Cs
/Natg+dTlRDtVU1sJi69+ZVWLyID7jprNZCNlIfBRDfg
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:05:07 2025 by rpki-client