Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/Z95M0xYaqG88vxFWVTNeS9sdPBs.roa
File: Z95M0xYaqG88vxFWVTNeS9sdPBs.roa (raw, json)
Hash identifier: OIWDRjggzYvatxQH+hE1CGU7lQDN+TA7u/ptNiOY8dQ=
Subject key identifier: 67:DE:4C:D3:16:1A:A8:6F:3C:BF:11:56:55:33:5E:4B:DB:1D:3C:1B
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 0194F3F35EC6EC99087A79F5A9F0E00008A8
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/Z95M0xYaqG88vxFWVTNeS9sdPBs.roa
Signing time: Tue 11 Feb 2025 07:40:00 +0000
ROA not before: Tue 11 Feb 2025 07:40:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 151552
IP address blocks: 140.150.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f3:f3:5e:c6:ec:99:08:7a:79:f5:a9:f0:e0:00:08:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Feb 11 07:40:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67de4cd3161aa86f3cbf115655335e4bdb1d3c1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6e:b2:b8:b2:ff:52:48:06:f6:cc:af:9b:4b:
95:51:2e:33:2f:e9:15:2d:f3:c8:72:eb:a9:e7:d6:
e7:aa:e8:30:94:de:d7:51:22:15:ad:3f:7a:ad:66:
f5:e4:c3:32:41:fc:b9:2c:70:83:db:61:37:28:04:
64:f8:4b:c1:df:f6:35:d0:39:c2:63:aa:6c:ae:96:
2b:ee:57:c6:05:04:26:53:67:13:7f:da:26:34:b8:
48:00:a9:1e:ca:3a:ee:7a:4a:17:a8:88:9b:4c:15:
f0:d5:f7:4c:38:62:a2:2a:e2:44:d9:9c:d5:fc:6f:
8d:f5:20:5a:1f:e4:62:f6:8c:79:2e:f7:46:4e:18:
59:e7:8a:67:9f:e1:61:3c:24:62:e2:98:55:2a:b1:
96:18:09:89:23:5c:42:f0:03:f4:50:10:9c:94:fa:
e4:f1:68:60:e3:cc:11:b1:b5:68:26:db:7b:8e:c2:
b0:20:91:7f:55:c8:4c:a2:6a:43:89:51:89:1b:1a:
ae:eb:73:12:28:9e:c4:67:72:0e:3f:c8:04:e8:f2:
ac:58:b5:e7:f8:91:39:70:73:2e:5e:f9:1e:2a:4f:
2d:61:25:89:f1:e9:cb:79:ef:42:8a:48:b8:6c:d1:
50:be:27:35:ca:d1:11:84:28:f1:c7:c6:35:f9:10:
59:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DE:4C:D3:16:1A:A8:6F:3C:BF:11:56:55:33:5E:4B:DB:1D:3C:1B
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/Z95M0xYaqG88vxFWVTNeS9sdPBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.16.0/24
Signature Algorithm: sha256WithRSAEncryption
94:cd:8c:f2:a4:ea:4e:37:c4:38:c3:ff:bb:ab:0e:e9:02:ad:
e3:7a:ee:b9:99:28:e2:74:00:d7:a1:1f:81:fb:5d:16:20:6f:
7a:89:f3:2b:27:66:3f:58:37:1e:46:a7:c4:4c:06:e2:ae:5c:
30:58:cb:60:bc:d8:62:5a:44:72:69:b2:13:12:de:b1:a2:9b:
b9:51:00:cb:cf:95:2c:ef:7e:24:a1:23:d1:0e:e3:fb:7e:2b:
91:7c:82:17:3c:2a:5d:78:e1:10:1a:84:01:18:b0:cb:c6:0b:
75:34:f9:07:ce:0b:18:30:4f:34:01:88:fb:6f:b9:21:09:4e:
c2:b0:43:ca:a7:ef:54:91:d5:92:d0:59:dd:04:6c:27:e3:08:
f6:cf:bf:1d:aa:b1:97:29:a3:be:6a:bb:eb:4b:96:62:e7:10:
cd:18:0e:c2:c6:5d:04:32:8e:85:82:bc:21:c6:37:f4:af:ea:
3f:cb:6d:62:5f:8b:52:bb:1d:67:a5:02:10:24:aa:60:a6:91:
ee:01:c9:e1:f0:42:88:2e:91:04:4b:08:a8:88:47:7a:d8:4d:
99:13:ae:8d:2c:62:8c:53:76:a1:99:37:ee:f6:8e:10:35:eb:
65:68:23:40:22:6e:70:f9:b8:80:2a:0f:0a:a9:fc:6f:8f:ac:
73:da:88:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTz817G7JkIenn1qfDgAAioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwMjExMDc0MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2RlNGNkMzE2MWFhODZmM2NiZjExNTY1NTMzNWU0YmRiMWQzYzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG6yuLL/UkgG9syvm0uVUS4zL+kV
LfPIcuup59bnqugwlN7XUSIVrT96rWb15MMyQfy5LHCD22E3KARk+EvB3/Y10DnC
Y6psrpYr7lfGBQQmU2cTf9omNLhIAKkeyjruekoXqIibTBXw1fdMOGKiKuJE2ZzV
/G+N9SBaH+Ri9ox5LvdGThhZ54pnn+FhPCRi4phVKrGWGAmJI1xC8AP0UBCclPrk
8Whg48wRsbVoJtt7jsKwIJF/VchMompDiVGJGxqu63MSKJ7EZ3IOP8gE6PKsWLXn
+JE5cHMuXvkeKk8tYSWJ8enLee9Ciki4bNFQvic1ytERhCjxx8Y1+RBZbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfeTNMWGqhvPL8RVlUzXkvbHTwbMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvWjk1TTB4WWFxRzg4dnhGV1ZUTmVTOXNkUEJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjJYQMA0G
CSqGSIb3DQEBCwUAA4IBAQCUzYzypOpON8Q4w/+7qw7pAq3jeu65mSjidADXoR+B
+10WIG96ifMrJ2Y/WDceRqfETAbirlwwWMtgvNhiWkRyabITEt6xopu5UQDLz5Us
734koSPRDuP7fiuRfIIXPCpdeOEQGoQBGLDLxgt1NPkHzgsYME80AYj7b7khCU7C
sEPKp+9UkdWS0FndBGwn4wj2z78dqrGXKaO+arvrS5Zi5xDNGA7Cxl0EMo6Fgrwh
xjf0r+o/y21iX4tSux1npQIQJKpgppHuAcnh8EKILpEESwioiEd62E2ZE66NLGKM
U3ahmTfu9o4QNetlaCNAIm5w+biAKg8Kqfxvj6xz2oit
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:29:20 2025 by rpki-client