Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/mT5XdiJPI19ln2ZgOh5j1_qj_To.roa
File: mT5XdiJPI19ln2ZgOh5j1_qj_To.roa (raw, json)
Hash identifier: rLmk8D83cefHrq0nomoxNQe+vCKhi3IbD/Yaao7A7Mc=
Subject key identifier: 99:3E:57:76:22:4F:23:5F:65:9F:66:60:3A:1E:63:D7:FA:A3:FD:3A
Certificate issuer: /CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Certificate serial: 01870DC0B84900F8614BC91B0BA4776C9B51
Authority key identifier: A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/mT5XdiJPI19ln2ZgOh5j1_qj_To.roa
Signing time: Thu 23 Mar 2023 09:15:46 +0000
ROA not before: Thu 23 Mar 2023 09:15:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15557
IP address blocks: 194.88.223.0/25 maxlen: 25
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:c0:b8:49:00:f8:61:4b:c9:1b:0b:a4:77:6c:9b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Validity
Not Before: Mar 23 09:15:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=993e5776224f235f659f66603a1e63d7faa3fd3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6e:04:c2:61:e5:66:df:4f:5d:c7:c4:20:70:
46:89:c4:f4:7c:36:e3:83:34:c9:4b:08:54:da:30:
5a:40:54:99:42:18:0b:2d:fe:14:35:9c:a5:1d:59:
e5:42:25:03:e1:d2:84:0d:29:45:10:b0:14:50:ec:
ae:5d:d1:8e:ef:13:bb:5c:51:4f:71:24:2e:e1:53:
c0:59:90:73:5f:0c:88:0e:41:53:ab:41:1a:c2:d8:
7c:9b:1c:e3:8c:d7:f7:19:47:41:20:5c:5a:72:2d:
d4:b7:52:39:af:8e:02:01:7b:24:b5:aa:c9:5c:3d:
ce:9b:21:54:e0:ec:a8:da:74:20:8c:4f:65:0a:da:
e6:bb:8c:07:35:c1:dc:e1:c5:6c:f4:b5:29:fc:95:
8b:ad:89:a7:07:42:c2:4f:e5:bd:af:4a:54:d9:48:
5a:0a:74:1e:6c:80:50:b7:ec:af:e0:8e:db:45:9a:
fb:ee:e8:a1:57:9b:5d:3c:7d:20:7a:03:b5:68:12:
86:50:f5:ba:3e:bb:4f:59:95:c0:c8:7d:ec:44:87:
e7:99:b2:0a:22:27:13:18:22:32:c2:04:ec:74:41:
53:78:c5:39:03:11:91:e4:9e:c0:b5:01:e0:ac:69:
cd:1f:13:04:d6:c5:4a:55:a0:7e:4b:a9:8c:9a:60:
72:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:3E:57:76:22:4F:23:5F:65:9F:66:60:3A:1E:63:D7:FA:A3:FD:3A
X509v3 Authority Key Identifier:
keyid:A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/mT5XdiJPI19ln2ZgOh5j1_qj_To.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.88.223.0/25
Signature Algorithm: sha256WithRSAEncryption
a2:77:33:1f:26:f8:92:5b:e9:8e:bc:89:ae:2f:98:6f:69:3f:
47:57:9b:fd:3f:13:b3:b6:b1:8b:1d:6e:c2:76:88:45:77:ec:
8c:4e:68:b0:38:71:4f:ac:d6:4b:c4:9b:1b:2d:dc:fd:d4:71:
a3:d0:0d:b2:e1:d6:8a:ab:76:5a:f7:82:a9:5d:2a:7b:8c:30:
53:c7:d4:c9:7b:a4:78:4c:eb:4a:c6:20:dc:f8:a7:20:bc:9a:
80:c2:63:e8:9b:e5:b7:96:97:56:c3:d9:12:b9:6b:e3:fb:01:
02:e3:bc:90:77:d7:65:02:69:25:ac:b8:e3:06:5b:ee:d0:f2:
92:75:d2:89:ec:d1:90:7c:69:bd:34:aa:95:92:bf:84:4e:07:
a1:b6:fd:c4:7c:b3:7d:13:7a:b5:b6:bf:58:12:8c:7b:7d:7a:
3b:00:ab:1a:34:6f:d6:c9:92:7c:51:f6:d9:1b:2b:e4:54:83:
ae:ed:09:fe:a6:3f:aa:bb:6c:aa:4c:97:ce:6d:a4:77:46:7b:
eb:9f:41:8a:54:e1:d1:68:ef:c1:a3:be:74:fc:da:1b:07:3f:
90:a5:02:14:73:97:3f:3f:45:4c:dc:70:5b:a5:d0:17:eb:bd:
a4:4a:ab:0c:b7:77:c5:32:03:75:86:a3:87:a4:70:52:9e:41:
77:43:44:53
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYcNwLhJAPhhS8kbC6R3bJtRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MmYyZDNjMjY5ZDkzNTIyNzY5MGIyOGI3ZmJkZDk1M2Ux
ZTllZGMwHhcNMjMwMzIzMDkxNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTNlNTc3NjIyNGYyMzVmNjU5ZjY2NjAzYTFlNjNkN2ZhYTNmZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwG4EwmHlZt9PXcfEIHBGicT0fDbj
gzTJSwhU2jBaQFSZQhgLLf4UNZylHVnlQiUD4dKEDSlFELAUUOyuXdGO7xO7XFFP
cSQu4VPAWZBzXwyIDkFTq0Eawth8mxzjjNf3GUdBIFxaci3Ut1I5r44CAXsktarJ
XD3OmyFU4Oyo2nQgjE9lCtrmu4wHNcHc4cVs9LUp/JWLrYmnB0LCT+W9r0pU2Uha
CnQebIBQt+yv4I7bRZr77uihV5tdPH0gegO1aBKGUPW6PrtPWZXAyH3sRIfnmbIK
IicTGCIywgTsdEFTeMU5AxGR5J7AtQHgrGnNHxME1sVKVaB+S6mMmmByMQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJk+V3YiTyNfZZ9mYDoeY9f6o/06MB8GA1UdIwQY
MBaAFKYvLTwmnZNSJ2kLKLf73ZU+Hp7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMt
MTAwZWVkODEyYzQwLzEvbVQ1WGRpSlBJMTlsbjJaZ09oNWoxX3FqX1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMtMTAwZWVkODEyYzQw
LzEvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUHwljfADAN
BgkqhkiG9w0BAQsFAAOCAQEAonczHyb4klvpjryJri+Yb2k/R1eb/T8Ts7axix1u
wnaIRXfsjE5osDhxT6zWS8SbGy3c/dRxo9ANsuHWiqt2WveCqV0qe4wwU8fUyXuk
eEzrSsYg3PinILyagMJj6Jvlt5aXVsPZErlr4/sBAuO8kHfXZQJpJay44wZb7tDy
knXSiezRkHxpvTSqlZK/hE4Hobb9xHyzfRN6tba/WBKMe316OwCrGjRv1smSfFH2
2Rsr5FSDru0J/qY/qrtsqkyXzm2kd0Z7659BilTh0WjvwaO+dPzaGwc/kKUCFHOX
Pz9FTNxwW6XQF+u9pEqrDLd3xTIDdYajh6RwUp5Bd0NEUw==
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:45:11 2025 by rpki-client