Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/h8TFx7LySk9G9awVrMrjFHblEYQ.roa
File: h8TFx7LySk9G9awVrMrjFHblEYQ.roa (raw, json)
Hash identifier: jkpS9ke0q9EXP5S35iE/9oGgCF2PK+eX0C8XKuqgRNM=
Subject key identifier: 87:C4:C5:C7:B2:F2:4A:4F:46:F5:AC:15:AC:CA:E3:14:76:E5:11:84
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0194222006CBC00642BD9F409AA0DEC311E0
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/h8TFx7LySk9G9awVrMrjFHblEYQ.roa
Signing time: Wed 01 Jan 2025 13:48:31 +0000
ROA not before: Wed 01 Jan 2025 13:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213296
IP address blocks: 185.95.100.0/23 maxlen: 24
185.95.102.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:06:cb:c0:06:42:bd:9f:40:9a:a0:de:c3:11:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 1 13:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87c4c5c7b2f24a4f46f5ac15accae31476e51184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f5:56:4e:15:0e:4b:82:80:7a:5c:c8:f1:ee:
d3:2b:3b:2d:54:e9:0f:f7:9a:79:96:48:36:a9:a2:
db:74:57:38:79:d9:79:6d:06:61:5f:4f:58:d7:57:
19:bb:5a:1a:c6:5d:c4:62:b7:52:84:02:51:54:6b:
b9:e8:19:40:a4:de:5e:4b:74:2d:d2:56:c1:0e:80:
c3:1c:56:19:5c:15:0c:2d:c7:e8:77:d6:88:a9:25:
1c:2c:fc:d6:5d:36:f6:e3:05:72:42:09:02:4c:cf:
96:02:1c:96:ec:8e:8a:9c:51:7d:32:90:ce:97:ad:
19:cc:8f:b5:1f:54:d2:a4:70:d0:af:21:f9:49:b6:
b8:1c:7c:6d:94:d9:b6:8a:77:ce:5d:d9:a5:41:c4:
ca:e0:a8:66:7d:63:ed:f0:bc:0e:35:36:fd:59:64:
59:96:b5:25:a3:58:4d:5e:35:d0:49:2a:36:a2:b3:
49:03:80:b8:a8:89:36:07:64:cc:b5:09:80:0e:0e:
03:d0:1f:16:c6:f1:5a:39:d3:c4:24:1d:53:ed:0e:
51:4c:19:9f:9e:79:b5:4f:e8:88:e8:48:e1:7b:56:
a7:5f:45:3b:33:aa:d8:73:5a:e2:6c:c2:47:60:23:
8a:3c:76:9a:99:07:9b:67:71:14:87:d3:2d:ac:f5:
14:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C4:C5:C7:B2:F2:4A:4F:46:F5:AC:15:AC:CA:E3:14:76:E5:11:84
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/h8TFx7LySk9G9awVrMrjFHblEYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.100.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:74:6c:65:be:f3:04:23:d9:e5:29:2e:18:c4:81:5c:4a:81:
e9:26:1d:ce:4a:fd:04:35:46:36:8e:9c:27:0c:3a:27:74:50:
3d:f8:b6:5f:3a:72:fd:28:12:b5:7c:bc:11:a6:7b:51:07:30:
da:57:63:f6:92:19:a3:76:a8:6a:4d:a5:87:ef:16:e9:01:71:
f6:95:6e:10:6f:aa:2a:b4:83:a6:50:b8:5b:c9:df:cc:83:e7:
da:15:97:7b:3c:99:3a:ed:d1:0e:af:e1:67:e4:cb:0f:df:ff:
06:9d:54:f4:5b:92:9d:07:cc:bf:4e:04:87:ad:53:e3:d3:f1:
a7:34:5c:24:f2:0e:78:e8:a1:78:33:20:af:23:a6:14:9b:58:
6e:bd:de:47:bf:bc:07:eb:3c:ac:0a:62:55:96:6f:2e:1f:43:
fe:18:dd:fc:4d:9c:2c:9d:2d:a2:00:25:6a:82:88:df:6a:48:
28:16:2e:b2:89:64:6e:01:43:c7:fc:57:61:b0:8d:2f:ec:e9:
04:05:84:6a:78:ff:69:3f:f3:49:a2:60:83:f8:c6:56:2e:76:
1c:1e:55:f5:ed:af:d4:11:4e:88:b9:f6:c4:f3:dd:b7:9c:1c:
1a:23:8f:eb:1b:74:71:2b:62:25:55:55:14:7b:df:d5:5f:00:
d3:61:3c:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIAbLwAZCvZ9AmqDewxHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwMTAxMTM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2M0YzVjN2IyZjI0YTRmNDZmNWFjMTVhY2NhZTMxNDc2ZTUxMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/VWThUOS4KAelzI8e7TKzstVOkP
95p5lkg2qaLbdFc4edl5bQZhX09Y11cZu1oaxl3EYrdShAJRVGu56BlApN5eS3Qt
0lbBDoDDHFYZXBUMLcfod9aIqSUcLPzWXTb24wVyQgkCTM+WAhyW7I6KnFF9MpDO
l60ZzI+1H1TSpHDQryH5Sba4HHxtlNm2infOXdmlQcTK4KhmfWPt8LwONTb9WWRZ
lrUlo1hNXjXQSSo2orNJA4C4qIk2B2TMtQmADg4D0B8WxvFaOdPEJB1T7Q5RTBmf
nnm1T+iI6Ejhe1anX0U7M6rYc1ribMJHYCOKPHaamQebZ3EUh9MtrPUU1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfExcey8kpPRvWsFazK4xR25RGEMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvaDhURng3THlTazlHOWF3VnJNcmpGSGJsRVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV9kMA0G
CSqGSIb3DQEBCwUAA4IBAQCkdGxlvvMEI9nlKS4YxIFcSoHpJh3OSv0ENUY2jpwn
DDondFA9+LZfOnL9KBK1fLwRpntRBzDaV2P2khmjdqhqTaWH7xbpAXH2lW4Qb6oq
tIOmULhbyd/Mg+faFZd7PJk67dEOr+Fn5MsP3/8GnVT0W5KdB8y/TgSHrVPj0/Gn
NFwk8g546KF4MyCvI6YUm1huvd5Hv7wH6zysCmJVlm8uH0P+GN38TZwsnS2iACVq
gojfakgoFi6yiWRuAUPH/FdhsI0v7OkEBYRqeP9pP/NJomCD+MZWLnYcHlX17a/U
EU6IufbE8923nBwaI4/rG3RxK2IlVVUUe9/VXwDTYTw6
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:50:23 2025 by rpki-client