Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/1-COYrNmS4Yj9DuD0Iitd9unCCQQ.roa
File: 1-COYrNmS4Yj9DuD0Iitd9unCCQQ.roa (raw, json)
Hash identifier: JYNBrYFYnRoWLArFqkMLwPLI1r5eBOC15oN7aK1rASQ=
Subject key identifier: F8:23:98:AC:D9:92:E1:88:FD:0E:E0:F4:22:2B:5D:F6:E9:C2:09:04
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 01942445658A552550CD925EAD821955E998
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/1-COYrNmS4Yj9DuD0Iitd9unCCQQ.roa
Signing time: Wed 01 Jan 2025 23:48:35 +0000
ROA not before: Wed 01 Jan 2025 23:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197397
IP address blocks: 195.76.0.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:65:8a:55:25:50:cd:92:5e:ad:82:19:55:e9:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 1 23:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f82398acd992e188fd0ee0f4222b5df6e9c20904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7b:b6:53:03:13:13:7e:78:51:b6:bd:45:54:
72:78:03:88:28:03:71:90:22:dc:88:ea:52:16:2a:
42:dc:8c:c3:d7:fb:c1:96:ea:93:d6:9a:3d:16:aa:
9b:03:71:cd:e8:fd:56:bd:0d:6b:2c:14:aa:31:3d:
af:dc:85:a0:b9:2c:3b:e9:3c:d5:04:9f:cd:33:11:
57:0b:ac:ec:34:f1:8d:8f:af:8c:22:a5:c4:3f:46:
50:da:30:81:24:62:05:67:a5:db:db:64:94:a8:c0:
0f:2c:1e:92:c7:88:d4:0b:1e:ac:d0:77:f3:c4:c0:
ac:0d:95:98:22:7c:f7:7e:fd:f5:a9:89:71:3e:a2:
89:cc:83:09:12:91:57:36:ba:de:ce:b7:81:92:26:
65:eb:e7:35:04:5f:b4:55:24:9e:50:51:2a:9e:55:
18:f0:0b:94:6a:63:95:c3:1b:71:8f:19:28:e6:e7:
ec:63:c7:05:c0:52:e9:ac:88:be:32:43:de:71:04:
b5:e8:20:4e:45:23:84:69:e4:03:bf:ce:9c:8c:23:
c4:9b:61:c1:6c:1c:9b:f5:5c:0c:d0:1d:3e:40:df:
69:2e:1e:d5:d5:9c:72:d2:de:a5:40:f6:d4:65:0b:
4e:0c:cc:59:9f:30:dc:91:c4:95:4c:7a:4a:88:78:
2b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:23:98:AC:D9:92:E1:88:FD:0E:E0:F4:22:2B:5D:F6:E9:C2:09:04
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/1-COYrNmS4Yj9DuD0Iitd9unCCQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.76.0.0/22
Signature Algorithm: sha256WithRSAEncryption
06:16:6e:a6:53:73:67:10:1b:01:c3:98:e3:63:ef:cc:9f:05:
a2:99:b9:28:d0:7b:10:48:2e:1b:d4:14:16:2c:e2:00:a0:61:
eb:c5:fc:98:1b:bc:96:e2:e3:e0:50:12:a3:6b:62:bf:95:c0:
a5:0f:13:21:8d:e8:fa:9c:be:a1:3c:74:0f:2f:1e:b2:b3:70:
77:3c:6b:ee:fc:7b:54:f9:e2:81:f8:71:69:06:81:e1:df:bd:
cd:e1:fc:f4:2d:31:dc:19:9b:4f:47:c5:c3:fe:cc:45:3a:5d:
ac:31:7d:bd:98:ba:4d:a5:ca:17:a0:93:15:44:91:52:36:e3:
53:d9:eb:ea:3c:b7:70:66:63:bb:eb:9b:12:df:67:dd:36:9a:
df:8e:de:af:99:7c:cd:f6:1e:c7:91:2e:df:60:2a:b0:5c:42:
cc:4f:f1:a0:23:4f:c7:1e:4e:1c:b7:90:39:09:57:c9:29:74:
2e:c0:61:a0:6e:3a:1f:67:2e:09:45:93:77:d4:b5:37:e8:0f:
71:dd:1e:d9:cc:79:7b:8b:7f:2a:50:17:17:af:b2:2b:90:3e:
3a:82:9d:6a:a6:45:17:f7:2a:f3:af:96:b6:12:c0:bf:96:ed:
b3:39:08:f9:36:8f:2a:2e:9b:a7:06:14:a2:4e:8a:00:b1:ac:
bf:89:f9:dd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQkRWWKVSVQzZJerYIZVemYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjUwMTAxMjM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODIzOThhY2Q5OTJlMTg4ZmQwZWUwZjQyMjJiNWRmNmU5YzIwOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nu2UwMTE354Uba9RVRyeAOIKANx
kCLciOpSFipC3IzD1/vBluqT1po9FqqbA3HN6P1WvQ1rLBSqMT2v3IWguSw76TzV
BJ/NMxFXC6zsNPGNj6+MIqXEP0ZQ2jCBJGIFZ6Xb22SUqMAPLB6Sx4jUCx6s0Hfz
xMCsDZWYInz3fv31qYlxPqKJzIMJEpFXNrrezreBkiZl6+c1BF+0VSSeUFEqnlUY
8AuUamOVwxtxjxko5ufsY8cFwFLprIi+MkPecQS16CBORSOEaeQDv86cjCPEm2HB
bByb9VwM0B0+QN9pLh7V1Zxy0t6lQPbUZQtODMxZnzDckcSVTHpKiHgrGwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPgjmKzZkuGI/Q7g9CIrXfbpwgkEMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvMS1DT1lyTm1TNFlqOUR1RDBJaXRkOXVuQ0NRUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjcvZGNmZDQ4LWM1NGEtNGM3OC1hNGVkLTRiYTJmOGYxZjgz
Yi8xL01IOWY0blFLSzIza3czQ2RLV1FSV3p5V2ZhRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsNMADAN
BgkqhkiG9w0BAQsFAAOCAQEABhZuplNzZxAbAcOY42PvzJ8Fopm5KNB7EEguG9QU
FiziAKBh68X8mBu8luLj4FASo2tiv5XApQ8TIY3o+py+oTx0Dy8esrNwdzxr7vx7
VPnigfhxaQaB4d+9zeH89C0x3BmbT0fFw/7MRTpdrDF9vZi6TaXKF6CTFUSRUjbj
U9nr6jy3cGZju+ubEt9n3Taa347er5l8zfYex5Eu32AqsFxCzE/xoCNPxx5OHLeQ
OQlXySl0LsBhoG46H2cuCUWTd9S1N+gPcd0e2cx5e4t/KlAXF6+yK5A+OoKdaqZF
F/cq86+WthLAv5btszkI+TaPKi6bpwYUok6KALGsv4n53Q==
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:49:25 2025 by rpki-client