Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/9c9f28-4f41-472d-a63e-a10a3a4963fb/1/dmWwMKmVtBjrQ943YS9mH5Wi3ME.roa
File: dmWwMKmVtBjrQ943YS9mH5Wi3ME.roa (raw, json)
Hash identifier: prLT1d+yXEMIyzM51qGGgQHR5qaRcSsmNt9aZioq8kg=
Subject key identifier: 76:65:B0:30:A9:95:B4:18:EB:43:DE:37:61:2F:66:1F:95:A2:DC:C1
Certificate issuer: /CN=40d5591a75bd693e9d3b766834bf074f7b1eee3a
Certificate serial: 0194236A15566CF338D650DC93CC8E92BCAA
Authority key identifier: 40:D5:59:1A:75:BD:69:3E:9D:3B:76:68:34:BF:07:4F:7B:1E:EE:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QNVZGnW9aT6dO3ZoNL8HT3se7jo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/9c9f28-4f41-472d-a63e-a10a3a4963fb/1/dmWwMKmVtBjrQ943YS9mH5Wi3ME.roa
Signing time: Wed 01 Jan 2025 19:49:02 +0000
ROA not before: Wed 01 Jan 2025 19:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13195
IP address blocks: 193.201.107.0/24 maxlen: 24
2001:678:c28::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:15:56:6c:f3:38:d6:50:dc:93:cc:8e:92:bc:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40d5591a75bd693e9d3b766834bf074f7b1eee3a
Validity
Not Before: Jan 1 19:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7665b030a995b418eb43de37612f661f95a2dcc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:39:f4:a7:b5:6f:75:31:f3:6e:b9:c2:da:98:
45:3a:aa:8b:f9:d6:62:9d:1e:14:3c:95:03:22:75:
98:b8:be:2b:a1:2a:22:51:c6:7c:07:08:e0:fe:26:
06:6c:57:6b:f2:ab:d5:26:91:a3:49:37:a9:10:79:
e9:9f:10:19:ae:c5:0c:66:2d:b4:4e:94:b7:0b:d6:
b2:a9:15:62:e3:99:fa:f6:37:70:dd:de:bd:cd:d9:
32:1e:9d:57:06:bb:ff:28:75:be:1a:0d:6d:7a:05:
a8:03:a6:14:cd:63:3d:51:0c:df:46:b3:29:20:1c:
65:58:5f:22:27:69:f0:4b:7c:b4:fb:a9:85:e5:e5:
b0:f3:03:c2:5f:3e:ae:9f:96:cc:f5:66:85:bb:cd:
2b:33:de:2d:2c:dc:3b:5f:d4:18:c4:8b:ed:3f:f4:
58:68:ac:d7:35:d5:f6:f1:62:db:45:2e:f9:e5:e4:
a7:54:aa:eb:93:1f:0e:e2:a4:41:20:0b:5f:2f:b3:
ed:da:c3:65:12:59:8e:3c:38:34:9a:fe:f6:6e:38:
2c:67:1c:d4:3a:ac:ca:ad:f3:02:ee:09:79:7a:f9:
29:4f:15:e6:54:50:b5:c9:a9:68:26:db:ea:e4:49:
26:5c:0e:bd:1b:9c:52:5b:da:9f:29:2d:2c:9b:f7:
e4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:65:B0:30:A9:95:B4:18:EB:43:DE:37:61:2F:66:1F:95:A2:DC:C1
X509v3 Authority Key Identifier:
keyid:40:D5:59:1A:75:BD:69:3E:9D:3B:76:68:34:BF:07:4F:7B:1E:EE:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QNVZGnW9aT6dO3ZoNL8HT3se7jo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9c9f28-4f41-472d-a63e-a10a3a4963fb/1/dmWwMKmVtBjrQ943YS9mH5Wi3ME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9c9f28-4f41-472d-a63e-a10a3a4963fb/1/QNVZGnW9aT6dO3ZoNL8HT3se7jo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.107.0/24
IPv6:
2001:678:c28::/48
Signature Algorithm: sha256WithRSAEncryption
c0:d1:25:7c:a6:30:fb:0c:71:d8:33:65:bc:8e:c3:45:28:c2:
42:c4:64:74:4e:fc:61:37:cd:1e:8f:b3:0a:a4:40:0c:4c:d8:
19:95:db:d0:de:c1:1d:e7:79:72:db:be:7a:09:37:6d:bb:85:
f4:d9:fa:7b:d4:5b:3f:1a:10:b2:6f:1d:69:a2:77:f0:d9:88:
b1:70:7b:65:98:62:39:b7:5e:86:02:94:43:4a:d2:bb:a7:ad:
2c:7c:a1:ff:2f:f7:06:58:9c:2a:cd:bc:b6:24:4d:89:0e:d0:
b6:0d:65:95:16:e3:b3:2c:b4:4e:d5:7d:f2:0f:7b:a3:f0:71:
58:81:30:04:09:dc:a1:eb:9c:2e:db:17:87:ed:ad:3b:4b:27:
f4:aa:ef:8a:6c:3b:28:e0:4b:93:85:45:b2:b4:e4:3f:33:31:
a1:ce:df:ef:54:f3:30:68:ed:7e:ef:84:c9:9e:39:08:c5:cc:
63:0e:f4:23:0f:dc:fb:ab:df:0e:6e:e8:2c:14:2e:47:a1:28:
08:76:de:e5:d3:4b:0c:c0:5f:59:80:cb:87:2c:f1:9f:0c:2c:
83:51:74:1e:54:91:50:5d:ac:07:02:c2:c1:0e:d5:cb:23:a8:
90:50:86:b3:7d:43:c2:57:62:00:a1:27:a7:03:20:c7:61:5e:
eb:a9:cb:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQjahVWbPM41lDck8yOkryqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZDU1OTFhNzViZDY5M2U5ZDNiNzY2ODM0YmYwNzRmN2Ix
ZWVlM2EwHhcNMjUwMTAxMTk0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjY1YjAzMGE5OTViNDE4ZWI0M2RlMzc2MTJmNjYxZjk1YTJkY2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zn0p7VvdTHzbrnC2phFOqqL+dZi
nR4UPJUDInWYuL4roSoiUcZ8Bwjg/iYGbFdr8qvVJpGjSTepEHnpnxAZrsUMZi20
TpS3C9ayqRVi45n69jdw3d69zdkyHp1XBrv/KHW+Gg1tegWoA6YUzWM9UQzfRrMp
IBxlWF8iJ2nwS3y0+6mF5eWw8wPCXz6un5bM9WaFu80rM94tLNw7X9QYxIvtP/RY
aKzXNdX28WLbRS755eSnVKrrkx8O4qRBIAtfL7Pt2sNlElmOPDg0mv72bjgsZxzU
OqzKrfMC7gl5evkpTxXmVFC1yaloJtvq5EkmXA69G5xSW9qfKS0sm/fklwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHZlsDCplbQY60PeN2EvZh+VotzBMB8GA1UdIwQY
MBaAFEDVWRp1vWk+nTt2aDS/B097Hu46MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU5WWkduVzlhVDZkTzNab05MOEhUM3NlN2pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85YzlmMjgtNGY0MS00NzJkLWE2M2Ut
YTEwYTNhNDk2M2ZiLzEvZG1Xd01LbVZ0QmpyUTk0M1lTOW1INVdpM01FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy85YzlmMjgtNGY0MS00NzJkLWE2M2UtYTEwYTNhNDk2M2Zi
LzEvUU5WWkduVzlhVDZkTzNab05MOEhUM3NlN2pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwclrMA8E
AgACMAkDBwAgAQZ4DCgwDQYJKoZIhvcNAQELBQADggEBAMDRJXymMPsMcdgzZbyO
w0UowkLEZHRO/GE3zR6PswqkQAxM2BmV29DewR3neXLbvnoJN227hfTZ+nvUWz8a
ELJvHWmid/DZiLFwe2WYYjm3XoYClENK0runrSx8of8v9wZYnCrNvLYkTYkO0LYN
ZZUW47MstE7VffIPe6PwcViBMAQJ3KHrnC7bF4ftrTtLJ/Sq74psOyjgS5OFRbK0
5D8zMaHO3+9U8zBo7X7vhMmeOQjFzGMO9CMP3Pur3w5u6CwULkehKAh23uXTSwzA
X1mAy4cs8Z8MLINRdB5UkVBdrAcCwsEO1csjqJBQhrN9Q8JXYgChJ6cDIMdhXuup
yy4=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:24 2025 by rpki-client