Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/ME6mP9mrbxwHR5S4F3OCz9U5yzg.roa
File: ME6mP9mrbxwHR5S4F3OCz9U5yzg.roa (raw, json)
Hash identifier: B0lo7q7MKtTWcFEIGH7ANdnvuQ66zBWEDZb1sVpRujE=
Subject key identifier: 30:4E:A6:3F:D9:AB:6F:1C:07:47:94:B8:17:73:82:CF:D5:39:CB:38
Certificate issuer: /CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Certificate serial: 018570B982C829B47AFC585A72F0BDAA7242
Authority key identifier: A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/ME6mP9mrbxwHR5S4F3OCz9U5yzg.roa
Signing time: Mon 02 Jan 2023 04:24:43 +0000
ROA not before: Mon 02 Jan 2023 04:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9989
IP address blocks: 176.121.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:82:c8:29:b4:7a:fc:58:5a:72:f0:bd:aa:72:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Validity
Not Before: Jan 2 04:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=304ea63fd9ab6f1c074794b8177382cfd539cb38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0f:ed:a5:53:c0:d1:cb:a8:8d:8e:b0:2c:38:
f2:7e:d6:68:db:9c:8a:68:cb:b0:05:53:2d:1d:68:
8e:95:97:48:a1:19:90:81:13:f6:b1:60:6b:35:54:
cd:e4:9d:f1:ae:60:3b:52:51:6b:d5:3e:b4:7d:b3:
a3:24:1e:bd:0a:0e:a1:ed:28:0f:96:0f:b9:ad:e2:
6e:8f:cf:93:c6:9a:a4:e3:01:06:39:2c:5e:99:ad:
38:9e:93:6f:6e:2d:c8:b1:ef:b9:2a:47:3e:7a:6b:
74:e9:2b:0e:62:56:0a:85:5f:a7:53:1e:9f:51:a5:
f6:4d:20:60:15:27:dd:83:ff:a8:0d:8b:ac:98:91:
28:4d:37:e9:51:65:71:fe:53:99:4f:4e:cc:12:cc:
e4:05:ef:3f:5b:3e:d0:05:0f:78:e9:e3:ce:a1:02:
a2:f9:81:e7:a6:37:f6:ae:25:c8:0d:ae:7a:7b:e9:
70:0f:1c:e2:84:4c:9c:95:76:91:69:ae:57:71:31:
a3:ed:e4:4e:9f:fa:b2:76:76:b9:8c:1a:7a:ae:ba:
56:99:84:49:f7:a0:e1:bb:df:f3:e4:56:7d:62:9e:
d3:c5:c4:d1:a5:7c:66:28:7e:13:da:6b:5d:b2:6a:
8d:41:4e:19:5c:82:38:be:08:7b:c3:de:a3:03:b7:
9e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:4E:A6:3F:D9:AB:6F:1C:07:47:94:B8:17:73:82:CF:D5:39:CB:38
X509v3 Authority Key Identifier:
keyid:A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/ME6mP9mrbxwHR5S4F3OCz9U5yzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.121.95.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:1d:3a:8b:a8:84:2c:8b:c2:ea:69:a8:3e:9e:06:79:ce:4b:
5b:e6:e7:01:9f:a6:6d:73:67:c0:45:d8:a7:93:49:97:18:a6:
8c:37:4f:00:93:52:3a:b6:d4:d9:24:67:ca:8b:fc:0d:1f:25:
af:da:50:1d:bf:6d:5c:27:64:ed:f0:84:56:d1:4d:79:30:c3:
59:14:d2:4b:b4:a4:32:46:94:61:27:af:f5:d3:df:ca:85:ab:
5c:9c:0c:02:46:07:9b:8c:80:4d:f4:72:fe:2c:c9:fb:c2:a6:
ee:4d:08:a6:77:53:b7:77:72:cd:0d:bc:2a:fe:06:2b:b4:24:
b7:25:2b:54:5c:1d:98:89:9b:24:12:d4:3e:7b:41:e5:8c:8b:
cd:4e:6d:cb:c6:b3:31:ac:6d:0e:1b:d9:71:3f:89:3e:c5:17:
eb:fe:07:69:dc:ad:1b:1f:46:55:ad:f9:ff:55:f6:7b:14:ef:
e7:e7:ef:a4:0c:bf:dd:91:32:a4:09:34:d4:7b:b4:b5:8b:3c:
81:cd:68:23:50:d5:2e:4a:38:fa:25:66:73:4e:fa:38:0b:0a:
4c:a5:bf:90:85:cd:50:1b:b3:91:86:ad:47:dd:00:c5:eb:d5:
c6:75:bd:80:8f:ce:b6:41:13:62:56:41:61:7c:84:c9:89:7b:
b9:ec:9e:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwuYLIKbR6/FhacvC9qnJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzODllNzAzNWIwOGUxODFhMzQxZjM3ZWRhNzM0M2QyM2Yx
Y2FmYTQwHhcNMjMwMTAyMDQyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDRlYTYzZmQ5YWI2ZjFjMDc0Nzk0YjgxNzczODJjZmQ1MzljYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiw/tpVPA0cuojY6wLDjyftZo25yK
aMuwBVMtHWiOlZdIoRmQgRP2sWBrNVTN5J3xrmA7UlFr1T60fbOjJB69Cg6h7SgP
lg+5reJuj8+Txpqk4wEGOSxema04npNvbi3Ise+5Kkc+emt06SsOYlYKhV+nUx6f
UaX2TSBgFSfdg/+oDYusmJEoTTfpUWVx/lOZT07MEszkBe8/Wz7QBQ946ePOoQKi
+YHnpjf2riXIDa56e+lwDxzihEyclXaRaa5XcTGj7eROn/qydna5jBp6rrpWmYRJ
96Dhu9/z5FZ9Yp7TxcTRpXxmKH4T2mtdsmqNQU4ZXII4vgh7w96jA7ee9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBOpj/Zq28cB0eUuBdzgs/VOcs4MB8GA1UdIwQY
MBaAFKOJ5wNbCOGBo0HzftpzQ9I/HK+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWIt
MGU3MjQxNmI0ZGM3LzEvTUU2bVA5bXJieHdIUjVTNEYzT0N6OVU1eXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWItMGU3MjQxNmI0ZGM3
LzEvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHlfMA0G
CSqGSIb3DQEBCwUAA4IBAQCaHTqLqIQsi8Lqaag+ngZ5zktb5ucBn6Ztc2fARdin
k0mXGKaMN08Ak1I6ttTZJGfKi/wNHyWv2lAdv21cJ2Tt8IRW0U15MMNZFNJLtKQy
RpRhJ6/109/KhatcnAwCRgebjIBN9HL+LMn7wqbuTQimd1O3d3LNDbwq/gYrtCS3
JStUXB2YiZskEtQ+e0HljIvNTm3LxrMxrG0OG9lxP4k+xRfr/gdp3K0bH0ZVrfn/
VfZ7FO/n5++kDL/dkTKkCTTUe7S1izyBzWgjUNUuSjj6JWZzTvo4CwpMpb+Qhc1Q
G7ORhq1H3QDF69XGdb2Aj862QRNiVkFhfITJiXu57J4K
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:56:08 2025 by rpki-client