Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/hnNCMqI9YyQmLVJaRmoHDg0oFJw.roa
File: hnNCMqI9YyQmLVJaRmoHDg0oFJw.roa (raw, json)
Hash identifier: 3WF8XBqeLBvMATAkTQCQPWs8yFZIPbFOVIgvg6VS8Ow=
Subject key identifier: 86:73:42:32:A2:3D:63:24:26:2D:52:5A:46:6A:07:0E:0D:28:14:9C
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 0194244566ABC82EA6277BD2928F93D3ABF1
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/hnNCMqI9YyQmLVJaRmoHDg0oFJw.roa
Signing time: Wed 01 Jan 2025 23:48:35 +0000
ROA not before: Wed 01 Jan 2025 23:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201976
IP address blocks: 195.53.40.0/23 maxlen: 23
195.53.40.0/24 maxlen: 24
195.53.41.0/24 maxlen: 24
195.53.42.0/23 maxlen: 23
195.53.42.0/24 maxlen: 24
195.53.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:66:ab:c8:2e:a6:27:7b:d2:92:8f:93:d3:ab:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 1 23:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86734232a23d6324262d525a466a070e0d28149c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6a:0f:71:3f:48:9d:fb:a0:92:a1:0d:d6:2d:
09:fc:53:bb:42:17:cf:d6:8c:60:33:11:55:da:bc:
43:a6:d3:1e:d1:50:61:56:af:d8:4a:6a:77:6c:af:
ca:47:29:4f:ea:76:a1:ed:10:9b:66:f6:62:54:a3:
0c:de:85:f6:0f:1a:de:3f:68:58:11:12:c7:41:ee:
db:e5:d7:ee:9d:38:44:5b:e3:26:96:3b:00:3c:2f:
6a:09:0c:d8:e7:ac:88:7c:b9:e4:1e:67:c8:d2:5a:
ea:04:a6:a9:58:4c:96:73:19:eb:8d:3c:61:f8:e2:
0c:d9:da:3f:de:58:87:68:26:43:96:85:a0:00:bf:
5a:67:82:da:53:89:90:dd:cd:c6:4c:54:8b:c4:9f:
e8:cd:81:4d:1b:cc:52:d6:97:5c:1e:97:39:4a:95:
51:6a:81:d9:22:65:18:c4:9f:00:47:28:08:7f:48:
c0:96:67:fe:59:75:de:d5:fd:fe:cc:18:36:45:b9:
42:64:ec:50:93:4f:73:3e:ea:ad:fe:29:f8:93:cf:
82:10:fe:90:75:72:7f:c4:da:53:95:7f:19:c2:a8:
f4:50:39:a4:c4:3a:ce:90:a0:bd:23:c2:07:17:0d:
1d:9e:ee:c3:d0:d6:b2:93:11:7a:89:fb:a2:0f:0e:
f3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:73:42:32:A2:3D:63:24:26:2D:52:5A:46:6A:07:0E:0D:28:14:9C
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/hnNCMqI9YyQmLVJaRmoHDg0oFJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.53.40.0/22
Signature Algorithm: sha256WithRSAEncryption
ee:3f:c8:eb:fa:18:47:78:77:ab:e0:b0:bf:58:86:c3:77:5a:
49:36:cd:dd:86:ec:c6:c6:d5:d9:3b:fa:b2:1c:e2:d8:33:bd:
ac:7d:1d:cf:a8:27:d3:e2:37:b3:9b:bf:b1:88:a2:c3:71:92:
06:54:bc:a8:c8:72:49:bc:31:35:9d:4c:5b:3d:65:58:12:14:
43:61:47:54:8d:d9:ec:07:34:50:cb:51:67:d4:2c:0a:b8:88:
67:a0:af:a5:8a:b8:40:77:2e:d4:47:18:96:0a:06:75:80:4d:
04:aa:3a:59:84:b8:82:12:94:ee:a2:5e:dd:d8:1c:ca:ed:a7:
74:8d:34:05:c5:ce:97:94:6f:95:7b:68:a2:49:5d:4f:1d:76:
92:cb:4f:75:a3:a3:15:2d:d1:b4:71:23:8d:80:62:10:fe:0d:
08:c0:fe:8a:da:4b:2f:71:1f:f7:9f:5b:be:9c:4c:e7:f3:20:
f2:2b:a2:41:e6:31:ef:81:f9:cc:44:c0:d2:02:5f:69:70:05:
c7:66:c6:c6:30:93:03:fd:c4:dd:dc:d4:24:c8:c8:42:6d:0b:
1e:32:1a:3e:5d:17:f2:ba:7e:8a:5a:30:32:3f:e7:ab:ab:4b:
1a:41:ca:4e:dd:ff:22:25:6c:57:8f:62:98:21:e8:10:6d:f8:
c0:ea:1b:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRWaryC6mJ3vSko+T06vxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjUwMTAxMjM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjczNDIzMmEyM2Q2MzI0MjYyZDUyNWE0NjZhMDcwZTBkMjgxNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGoPcT9InfugkqEN1i0J/FO7QhfP
1oxgMxFV2rxDptMe0VBhVq/YSmp3bK/KRylP6nah7RCbZvZiVKMM3oX2DxreP2hY
ERLHQe7b5dfunThEW+MmljsAPC9qCQzY56yIfLnkHmfI0lrqBKapWEyWcxnrjTxh
+OIM2do/3liHaCZDloWgAL9aZ4LaU4mQ3c3GTFSLxJ/ozYFNG8xS1pdcHpc5SpVR
aoHZImUYxJ8ARygIf0jAlmf+WXXe1f3+zBg2RblCZOxQk09zPuqt/in4k8+CEP6Q
dXJ/xNpTlX8Zwqj0UDmkxDrOkKC9I8IHFw0dnu7D0NaykxF6ifuiDw7ziwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZzQjKiPWMkJi1SWkZqBw4NKBScMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvaG5OQ01xSTlZeVFtTFZKYVJtb0hEZzBvRkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwzUoMA0G
CSqGSIb3DQEBCwUAA4IBAQDuP8jr+hhHeHer4LC/WIbDd1pJNs3dhuzGxtXZO/qy
HOLYM72sfR3PqCfT4jezm7+xiKLDcZIGVLyoyHJJvDE1nUxbPWVYEhRDYUdUjdns
BzRQy1Fn1CwKuIhnoK+lirhAdy7URxiWCgZ1gE0EqjpZhLiCEpTuol7d2BzK7ad0
jTQFxc6XlG+Ve2iiSV1PHXaSy091o6MVLdG0cSONgGIQ/g0IwP6K2ksvcR/3n1u+
nEzn8yDyK6JB5jHvgfnMRMDSAl9pcAXHZsbGMJMD/cTd3NQkyMhCbQseMho+XRfy
un6KWjAyP+erq0saQcpO3f8iJWxXj2KYIegQbfjA6htt
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:42:37 2025 by rpki-client