Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/148eca-c39f-4673-886f-ecf82302f726/1/TRfMCYgQom2qb1ltkPZ8pDFMPbw.roa
File: TRfMCYgQom2qb1ltkPZ8pDFMPbw.roa (raw, json)
Hash identifier: B/bZzAE30Cbi1NKH6O3ZfRrv6UmAF6KTnp6VWp5movg=
Subject key identifier: 4D:17:CC:09:88:10:A2:6D:AA:6F:59:6D:90:F6:7C:A4:31:4C:3D:BC
Certificate issuer: /CN=1bde70af153494354946648acd641163e2af1b1d
Certificate serial: 01941F8C9C6AF6EB7376FED818C729B99E4A
Authority key identifier: 1B:DE:70:AF:15:34:94:35:49:46:64:8A:CD:64:11:63:E2:AF:1B:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G95wrxU0lDVJRmSKzWQRY-KvGx0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/148eca-c39f-4673-886f-ecf82302f726/1/TRfMCYgQom2qb1ltkPZ8pDFMPbw.roa
Signing time: Wed 01 Jan 2025 01:48:16 +0000
ROA not before: Wed 01 Jan 2025 01:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 195.8.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:9c:6a:f6:eb:73:76:fe:d8:18:c7:29:b9:9e:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bde70af153494354946648acd641163e2af1b1d
Validity
Not Before: Jan 1 01:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d17cc098810a26daa6f596d90f67ca4314c3dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:66:de:80:78:70:3d:c7:a0:e5:47:9a:ca:7b:
f4:33:4b:22:b2:f0:de:2b:c7:a7:fa:c0:75:1c:f1:
2d:e3:dd:c0:12:9b:7f:ca:4b:dd:3c:51:7e:c6:d8:
51:35:b5:72:66:0b:43:27:e8:6c:77:96:fd:93:60:
09:d5:1a:3d:59:97:78:5f:7f:64:09:bb:93:64:de:
1b:8d:d0:5b:14:d3:bb:f1:9d:2e:02:f7:e3:cd:b8:
c0:a2:95:06:cd:b1:bf:eb:43:51:9e:f3:2e:3d:59:
f8:76:8a:93:ed:1e:f2:53:f7:a8:b5:48:d8:8c:eb:
5a:e2:1f:18:e5:22:13:fd:5b:63:7d:8a:95:17:28:
1c:90:35:3c:eb:44:25:57:1a:5f:c1:72:05:c3:c6:
cf:6c:4b:7c:d2:06:4a:4a:62:62:7c:90:2f:a2:00:
da:12:45:1d:cf:37:28:e5:4f:30:89:f4:f2:0a:62:
41:21:4e:fe:9c:40:d5:f3:a0:98:f8:b8:00:e2:30:
da:c1:c6:54:c0:d3:44:8f:d7:d4:74:53:75:35:07:
bc:d5:a7:ee:e3:00:4e:09:65:69:3c:3f:b6:a1:93:
62:0b:02:e8:0c:cf:a7:6d:f1:2c:0d:7a:d1:9b:ee:
7d:24:89:6b:e5:8f:63:0e:1f:ec:c7:6d:5e:00:1c:
68:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:17:CC:09:88:10:A2:6D:AA:6F:59:6D:90:F6:7C:A4:31:4C:3D:BC
X509v3 Authority Key Identifier:
keyid:1B:DE:70:AF:15:34:94:35:49:46:64:8A:CD:64:11:63:E2:AF:1B:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G95wrxU0lDVJRmSKzWQRY-KvGx0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/148eca-c39f-4673-886f-ecf82302f726/1/TRfMCYgQom2qb1ltkPZ8pDFMPbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/148eca-c39f-4673-886f-ecf82302f726/1/G95wrxU0lDVJRmSKzWQRY-KvGx0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.43.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:77:ea:7c:7a:42:e4:0c:e3:ef:38:da:b1:f4:d8:f7:a0:fe:
c4:9b:7e:5a:72:28:5a:05:9f:12:55:97:db:27:cc:fc:da:25:
d5:ab:34:67:23:c2:95:69:ce:cc:05:c8:fc:8c:bc:71:b5:4c:
3b:c0:66:b5:59:e9:69:f9:1b:ba:af:b5:0d:34:bf:31:14:5f:
ee:d7:95:9b:ad:70:48:56:39:0b:f2:ac:6b:6f:e4:ae:26:54:
ed:fb:59:63:cd:02:c5:5b:08:b7:de:28:ce:fd:81:48:4e:60:
3b:00:7b:29:93:73:03:13:7f:65:0b:72:45:99:63:04:ba:5d:
40:0d:fa:b2:b2:aa:7e:74:1e:53:6e:b6:5f:c2:93:e5:b7:aa:
7f:a4:58:3d:57:44:23:27:c9:8d:2f:f2:b4:5b:42:f3:4f:2c:
6f:93:9b:12:14:bd:66:80:a2:d3:12:0b:c9:e6:30:c3:01:80:
1f:66:ba:32:75:92:10:e5:fa:41:8c:31:e0:cb:bf:3b:a3:f3:
eb:44:e6:5c:ca:bb:79:50:85:1c:e0:e7:98:6e:9c:40:96:4c:
56:22:d7:a0:e0:4b:78:c4:c4:af:49:1e:77:75:39:25:02:43:
aa:48:27:a9:10:b0:58:63:ca:c1:ff:d1:98:86:d3:dd:be:f9:
0f:7e:26:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJxq9utzdv7YGMcpuZ5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZGU3MGFmMTUzNDk0MzU0OTQ2NjQ4YWNkNjQxMTYzZTJh
ZjFiMWQwHhcNMjUwMTAxMDE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDE3Y2MwOTg4MTBhMjZkYWE2ZjU5NmQ5MGY2N2NhNDMxNGMzZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mbegHhwPceg5Ueaynv0M0sisvDe
K8en+sB1HPEt493AEpt/ykvdPFF+xthRNbVyZgtDJ+hsd5b9k2AJ1Ro9WZd4X39k
CbuTZN4bjdBbFNO78Z0uAvfjzbjAopUGzbG/60NRnvMuPVn4doqT7R7yU/eotUjY
jOta4h8Y5SIT/VtjfYqVFygckDU860QlVxpfwXIFw8bPbEt80gZKSmJifJAvogDa
EkUdzzco5U8wifTyCmJBIU7+nEDV86CY+LgA4jDawcZUwNNEj9fUdFN1NQe81afu
4wBOCWVpPD+2oZNiCwLoDM+nbfEsDXrRm+59JIlr5Y9jDh/sx21eABxo9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0XzAmIEKJtqm9ZbZD2fKQxTD28MB8GA1UdIwQY
MBaAFBvecK8VNJQ1SUZkis1kEWPirxsdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzk1d3J4VTBsRFZKUm1TS3pXUVJZLUt2R3gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8xNDhlY2EtYzM5Zi00NjczLTg4NmYt
ZWNmODIzMDJmNzI2LzEvVFJmTUNZZ1FvbTJxYjFsdGtQWjhwREZNUGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8xNDhlY2EtYzM5Zi00NjczLTg4NmYtZWNmODIzMDJmNzI2
LzEvRzk1d3J4VTBsRFZKUm1TS3pXUVJZLUt2R3gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwgrMA0G
CSqGSIb3DQEBCwUAA4IBAQBLd+p8ekLkDOPvONqx9Nj3oP7Em35acihaBZ8SVZfb
J8z82iXVqzRnI8KVac7MBcj8jLxxtUw7wGa1Welp+Ru6r7UNNL8xFF/u15WbrXBI
VjkL8qxrb+SuJlTt+1ljzQLFWwi33ijO/YFITmA7AHspk3MDE39lC3JFmWMEul1A
Dfqysqp+dB5TbrZfwpPlt6p/pFg9V0QjJ8mNL/K0W0LzTyxvk5sSFL1mgKLTEgvJ
5jDDAYAfZroydZIQ5fpBjDHgy787o/PrROZcyrt5UIUc4OeYbpxAlkxWIteg4Et4
xMSvSR53dTklAkOqSCepELBYY8rB/9GYhtPdvvkPfia4
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:41:13 2025 by rpki-client