Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Dcl4o4Mo7N0s3M3iAQoKIPl9m2g.roa
File: Dcl4o4Mo7N0s3M3iAQoKIPl9m2g.roa (raw, json)
Hash identifier: SVwXdwnjQoGTLQZCk0CvIrT8UoqR6f7tYRnOAGH0NIA=
Subject key identifier: 0D:C9:78:A3:83:28:EC:DD:2C:DC:CD:E2:01:0A:0A:20:F9:7D:9B:68
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 01942445674EF7935AA92CCC753B8AE54789
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Dcl4o4Mo7N0s3M3iAQoKIPl9m2g.roa
Signing time: Wed 01 Jan 2025 23:48:35 +0000
ROA not before: Wed 01 Jan 2025 23:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204654
IP address blocks: 195.235.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:67:4e:f7:93:5a:a9:2c:cc:75:3b:8a:e5:47:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 1 23:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dc978a38328ecdd2cdccde2010a0a20f97d9b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:29:c1:76:fa:94:d0:c1:d3:26:ec:c2:8f:c2:
8d:2d:36:46:38:c4:b4:2c:2e:7c:83:7c:6f:33:7c:
9c:ee:87:49:03:83:f4:3d:43:b8:e0:13:11:e4:e8:
2f:1c:36:bd:82:8b:6b:ea:66:ca:40:d6:c4:ae:4d:
a4:be:ba:b9:02:d4:97:40:47:1f:54:d6:fd:63:df:
3f:de:2a:96:18:af:6c:a4:f9:5d:c8:53:04:a0:5a:
91:8e:6f:d2:e2:55:8e:92:cf:b5:d8:f0:33:9d:21:
a7:fe:db:b0:97:fa:07:77:0e:2d:c6:9f:c1:c2:4f:
fd:40:73:66:d3:14:3c:c8:75:1a:31:dc:e9:f0:6e:
6c:cb:5a:63:60:00:82:a2:99:0d:ba:05:01:f2:5e:
37:02:90:49:7b:0d:0d:c5:1a:56:7e:16:86:50:a7:
47:68:de:b1:f2:13:b3:e3:f8:d5:f1:a6:5d:44:15:
fa:a8:c9:2f:88:e5:36:d5:5d:e5:c8:f3:e1:39:6b:
ab:9e:d5:a5:3d:f2:50:b3:72:50:a4:f2:d8:0a:c2:
bd:c3:b8:7f:c4:9a:93:b1:47:4f:cf:93:56:98:a0:
ba:5f:87:d9:9d:8d:ee:6a:03:2d:23:fe:20:b5:9b:
dd:bc:cd:f6:14:3a:5d:56:30:3e:51:d6:73:d1:fa:
3d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:C9:78:A3:83:28:EC:DD:2C:DC:CD:E2:01:0A:0A:20:F9:7D:9B:68
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Dcl4o4Mo7N0s3M3iAQoKIPl9m2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.235.42.0/24
Signature Algorithm: sha256WithRSAEncryption
ec:b0:37:e7:4e:3e:67:78:60:ad:4d:10:48:6c:fc:4f:8f:62:
29:b7:ec:9d:f0:43:bb:4d:7e:34:c5:62:ba:5b:a6:c5:18:55:
6a:2a:72:8c:ca:ac:a2:fb:99:58:8b:fa:22:ba:a4:e3:5d:cc:
bd:af:3d:15:60:72:b1:45:26:55:53:b5:d6:cb:d6:59:81:d6:
f0:33:d0:38:09:9f:e0:77:fc:d2:b7:d9:87:6d:a7:61:4e:8c:
5d:b6:05:06:96:e0:35:89:0a:0d:5f:2a:3b:9b:bf:d5:30:bc:
fb:0d:9e:d2:fe:94:32:59:6c:66:76:05:2a:c9:b8:09:2b:72:
a3:57:59:88:fc:68:12:fd:ec:0c:3c:fe:e3:55:a7:11:e1:41:
f9:39:79:a9:4a:63:4c:c6:7f:dc:fb:90:a5:86:9e:fd:6b:26:
93:ba:01:11:c8:f7:3e:3e:d6:66:6d:eb:f2:cd:23:93:29:3d:
f9:7d:bc:26:e5:b0:87:dc:f3:d2:22:ab:cd:53:00:7e:96:35:
04:eb:fc:86:cb:84:c5:a7:2b:20:ad:2b:01:38:3d:d0:37:7f:
40:a0:a8:60:a2:e2:09:44:33:1c:c0:e4:70:d7:ff:08:2a:cd:
63:2d:23:87:fa:a4:8d:e5:bc:c9:1b:0c:2c:f4:81:9c:24:d1:
b4:1a:a4:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRWdO95NaqSzMdTuK5UeJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjUwMTAxMjM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGM5NzhhMzgzMjhlY2RkMmNkY2NkZTIwMTBhMGEyMGY5N2Q5YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsynBdvqU0MHTJuzCj8KNLTZGOMS0
LC58g3xvM3yc7odJA4P0PUO44BMR5OgvHDa9gotr6mbKQNbErk2kvrq5AtSXQEcf
VNb9Y98/3iqWGK9spPldyFMEoFqRjm/S4lWOks+12PAznSGn/tuwl/oHdw4txp/B
wk/9QHNm0xQ8yHUaMdzp8G5sy1pjYACCopkNugUB8l43ApBJew0NxRpWfhaGUKdH
aN6x8hOz4/jV8aZdRBX6qMkviOU21V3lyPPhOWurntWlPfJQs3JQpPLYCsK9w7h/
xJqTsUdPz5NWmKC6X4fZnY3uagMtI/4gtZvdvM32FDpdVjA+UdZz0fo9UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA3JeKODKOzdLNzN4gEKCiD5fZtoMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvRGNsNG80TW83TjBzM00zaUFRb0tJUGw5bTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+sqMA0G
CSqGSIb3DQEBCwUAA4IBAQDssDfnTj5neGCtTRBIbPxPj2Ipt+yd8EO7TX40xWK6
W6bFGFVqKnKMyqyi+5lYi/oiuqTjXcy9rz0VYHKxRSZVU7XWy9ZZgdbwM9A4CZ/g
d/zSt9mHbadhToxdtgUGluA1iQoNXyo7m7/VMLz7DZ7S/pQyWWxmdgUqybgJK3Kj
V1mI/GgS/ewMPP7jVacR4UH5OXmpSmNMxn/c+5Clhp79ayaTugERyPc+PtZmbevy
zSOTKT35fbwm5bCH3PPSIqvNUwB+ljUE6/yGy4TFpysgrSsBOD3QN39AoKhgouIJ
RDMcwORw1/8IKs1jLSOH+qSN5bzJGwws9IGcJNG0GqT/
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:38:22 2025 by rpki-client