Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ff0bfc-26fe-4412-a232-31999f3add36/1/Dw9LWwQEkFlvEEtQubiLXetc3pc.roa
File: Dw9LWwQEkFlvEEtQubiLXetc3pc.roa (raw, json)
Hash identifier: jU2F3DfrdPn0GZZk1xUCaPCNuSats7670fToq4AErzE=
Subject key identifier: 0F:0F:4B:5B:04:04:90:59:6F:10:4B:50:B9:B8:8B:5D:EB:5C:DE:97
Certificate issuer: /CN=7a938a935f8baf9cd933906416590d782e7287c7
Certificate serial: 019425215BEF90FAC7A1AE74D089903855FA
Authority key identifier: 7A:93:8A:93:5F:8B:AF:9C:D9:33:90:64:16:59:0D:78:2E:72:87:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/epOKk1-Lr5zZM5BkFlkNeC5yh8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ff0bfc-26fe-4412-a232-31999f3add36/1/Dw9LWwQEkFlvEEtQubiLXetc3pc.roa
Signing time: Thu 02 Jan 2025 03:48:50 +0000
ROA not before: Thu 02 Jan 2025 03:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 192.195.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:5b:ef:90:fa:c7:a1:ae:74:d0:89:90:38:55:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a938a935f8baf9cd933906416590d782e7287c7
Validity
Not Before: Jan 2 03:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f0f4b5b040490596f104b50b9b88b5deb5cde97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cb:ce:51:7b:2d:ab:ec:76:0c:aa:bd:db:ab:
7e:41:cc:26:c1:16:52:4e:40:d7:e0:44:05:a3:85:
6d:44:77:80:a3:a9:31:a9:9a:a6:2e:4b:48:d5:89:
9f:89:2a:57:d0:67:9a:15:16:a3:6d:e8:43:e3:13:
08:5b:f1:8f:c1:4e:c8:eb:c8:fd:54:f8:13:94:6d:
c8:ac:4f:a0:f1:f3:c9:a8:ba:3f:e5:ed:25:38:4a:
80:b2:92:ec:52:f1:7d:3f:db:26:45:a3:bd:1b:9e:
16:2d:36:cb:2d:1c:dd:55:a6:5a:af:48:27:93:e1:
a4:31:54:fc:2d:b5:e9:39:6a:6d:1e:f8:aa:7e:8b:
41:bf:62:72:c6:1d:a7:04:44:73:01:9f:66:69:fc:
49:b1:4a:5e:1a:ef:d4:ca:0f:e2:cd:03:b7:80:7b:
b3:1c:4c:2d:1e:89:eb:ad:65:4a:f1:57:df:16:2a:
cf:64:ad:81:2b:c5:f7:45:d2:a1:4b:a9:e1:e4:e7:
6f:cb:58:ed:76:ab:44:b6:6a:6f:2c:ab:a4:27:79:
c8:2a:30:a0:47:bd:37:98:b8:3c:78:79:a8:6b:c3:
ae:95:98:0e:7c:73:44:66:18:31:6b:aa:ee:40:e6:
02:5c:e4:a0:45:97:cc:1d:48:fa:1d:3a:15:04:37:
a6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:0F:4B:5B:04:04:90:59:6F:10:4B:50:B9:B8:8B:5D:EB:5C:DE:97
X509v3 Authority Key Identifier:
keyid:7A:93:8A:93:5F:8B:AF:9C:D9:33:90:64:16:59:0D:78:2E:72:87:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/epOKk1-Lr5zZM5BkFlkNeC5yh8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ff0bfc-26fe-4412-a232-31999f3add36/1/Dw9LWwQEkFlvEEtQubiLXetc3pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ff0bfc-26fe-4412-a232-31999f3add36/1/epOKk1-Lr5zZM5BkFlkNeC5yh8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.195.98.0/24
Signature Algorithm: sha256WithRSAEncryption
17:0a:45:fd:f1:83:07:f7:79:74:88:1b:8d:0c:fc:1a:f8:84:
6a:47:cd:a0:bd:82:88:81:7e:bc:a5:15:ae:4d:ef:66:e3:78:
8f:93:0b:62:c7:0b:cf:8b:5d:5b:58:03:a7:f2:42:cd:0f:c5:
de:f4:8a:49:c6:d6:42:99:e0:23:00:fb:b7:63:76:0d:d7:f4:
21:fd:78:6a:43:93:bb:2f:0b:79:71:56:67:0c:7e:a6:50:fc:
60:a0:a9:a7:0c:0e:a1:2c:6b:cf:79:80:51:5a:d5:2e:d9:e6:
72:18:8d:16:bd:75:ff:d7:f5:1f:ca:3d:c6:b8:30:2b:9f:8e:
0e:92:a9:85:34:ac:af:da:bb:a9:7a:84:91:62:bb:bf:c1:43:
2a:f1:bd:13:94:1f:3a:73:c3:7b:0e:5a:39:9c:2a:7d:5f:43:
49:c3:bd:ab:25:36:90:b9:c3:45:1e:3c:49:fd:67:29:58:40:
77:9c:75:a2:dc:d9:bd:6f:fb:e7:12:fb:d8:e6:4c:fa:4d:9c:
63:49:ce:0c:ac:13:c5:97:ae:ba:b5:79:89:d3:63:99:7e:e8:
49:b1:41:b6:2a:2d:da:3d:58:a9:e3:cd:cd:04:c4:75:cf:fd:
8c:4c:0e:c9:6c:2a:2f:0e:8a:09:c4:7e:a8:fd:76:8b:0e:c8:
9a:df:79:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIVvvkPrHoa500ImQOFX6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOTM4YTkzNWY4YmFmOWNkOTMzOTA2NDE2NTkwZDc4MmU3
Mjg3YzcwHhcNMjUwMTAyMDM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjBmNGI1YjA0MDQ5MDU5NmYxMDRiNTBiOWI4OGI1ZGViNWNkZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8vOUXstq+x2DKq926t+QcwmwRZS
TkDX4EQFo4VtRHeAo6kxqZqmLktI1YmfiSpX0GeaFRajbehD4xMIW/GPwU7I68j9
VPgTlG3IrE+g8fPJqLo/5e0lOEqAspLsUvF9P9smRaO9G54WLTbLLRzdVaZar0gn
k+GkMVT8LbXpOWptHviqfotBv2Jyxh2nBERzAZ9mafxJsUpeGu/Uyg/izQO3gHuz
HEwtHonrrWVK8VffFirPZK2BK8X3RdKhS6nh5Odvy1jtdqtEtmpvLKukJ3nIKjCg
R703mLg8eHmoa8OulZgOfHNEZhgxa6ruQOYCXOSgRZfMHUj6HToVBDemtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA8PS1sEBJBZbxBLULm4i13rXN6XMB8GA1UdIwQY
MBaAFHqTipNfi6+c2TOQZBZZDXgucofHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXBPS2sxLUxyNXpaTTVCa0Zsa05lQzV5aDhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mZjBiZmMtMjZmZS00NDEyLWEyMzIt
MzE5OTlmM2FkZDM2LzEvRHc5TFd3UUVrRmx2RUV0UXViaUxYZXRjM3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mZjBiZmMtMjZmZS00NDEyLWEyMzItMzE5OTlmM2FkZDM2
LzEvZXBPS2sxLUxyNXpaTTVCa0Zsa05lQzV5aDhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwMNiMA0G
CSqGSIb3DQEBCwUAA4IBAQAXCkX98YMH93l0iBuNDPwa+IRqR82gvYKIgX68pRWu
Te9m43iPkwtixwvPi11bWAOn8kLND8Xe9IpJxtZCmeAjAPu3Y3YN1/Qh/XhqQ5O7
Lwt5cVZnDH6mUPxgoKmnDA6hLGvPeYBRWtUu2eZyGI0WvXX/1/Ufyj3GuDArn44O
kqmFNKyv2rupeoSRYru/wUMq8b0TlB86c8N7Dlo5nCp9X0NJw72rJTaQucNFHjxJ
/WcpWEB3nHWi3Nm9b/vnEvvY5kz6TZxjSc4MrBPFl666tXmJ02OZfuhJsUG2Ki3a
PVip483NBMR1z/2MTA7JbCovDooJxH6o/XaLDsia33kq
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:00:56 2025 by rpki-client