Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/260e24-2040-4a5c-92cf-ec58a3125ee5/1/kSQmmeExWfprcCDLfHI_OYJk0ms.roa
File: kSQmmeExWfprcCDLfHI_OYJk0ms.roa (raw, json)
Hash identifier: 4gXw5KLNPGHoJR1QDpTIZ93gsLn9MiktkPpQtwbbYxQ=
Subject key identifier: 91:24:26:99:E1:31:59:FA:6B:70:20:CB:7C:72:3F:39:82:64:D2:6B
Certificate issuer: /CN=c4b1b458abf797dedcc661e54a685f651834b5d1
Certificate serial: 019427479A64CA1DE5500BF7B756DE9443C6
Authority key identifier: C4:B1:B4:58:AB:F7:97:DE:DC:C6:61:E5:4A:68:5F:65:18:34:B5:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xLG0WKv3l97cxmHlSmhfZRg0tdE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/260e24-2040-4a5c-92cf-ec58a3125ee5/1/kSQmmeExWfprcCDLfHI_OYJk0ms.roa
Signing time: Thu 02 Jan 2025 13:49:51 +0000
ROA not before: Thu 02 Jan 2025 13:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196906
IP address blocks: 78.25.4.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:9a:64:ca:1d:e5:50:0b:f7:b7:56:de:94:43:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4b1b458abf797dedcc661e54a685f651834b5d1
Validity
Not Before: Jan 2 13:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91242699e13159fa6b7020cb7c723f398264d26b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e4:d0:29:e2:f1:36:89:52:e4:29:5d:c8:bb:
84:9d:6e:42:a8:b0:df:b2:bb:bf:9f:25:a4:9d:b6:
49:2b:a7:28:c1:74:e9:df:45:97:92:9f:e0:37:fa:
ed:51:8c:64:bb:a4:fe:8c:90:0d:72:66:8a:d9:4b:
66:c7:d7:76:cf:72:1b:1d:8f:5d:a8:c9:bc:6c:52:
74:9f:b3:73:72:6c:cc:d0:6d:cc:59:3d:a7:b4:f4:
52:6a:5e:1b:d6:c6:3c:0c:e6:1a:a7:5c:25:5c:d4:
b7:2a:a1:63:d3:74:1b:5b:6d:02:d6:4d:84:aa:fc:
6d:c7:9f:16:c4:aa:84:fe:80:3d:11:25:f0:e7:d0:
39:0f:6f:b9:78:90:f2:35:5e:67:3f:24:87:f5:01:
3b:3e:9a:7d:d3:66:78:51:21:51:02:a2:ca:3e:91:
bf:e8:66:c5:1e:d5:0e:15:c8:96:16:d8:da:65:b4:
d2:b2:96:17:3e:c1:f5:7f:65:21:f5:ef:13:e4:c8:
92:85:df:d7:1c:80:30:bb:b2:40:80:75:23:be:42:
2c:c4:78:32:df:0d:35:4c:7d:5c:ab:cb:5e:be:fb:
53:fb:03:da:39:a9:e2:59:6f:a9:61:f1:8a:b6:2a:
06:c6:91:7a:c8:c2:30:3a:61:01:b9:e6:0f:13:31:
86:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:24:26:99:E1:31:59:FA:6B:70:20:CB:7C:72:3F:39:82:64:D2:6B
X509v3 Authority Key Identifier:
keyid:C4:B1:B4:58:AB:F7:97:DE:DC:C6:61:E5:4A:68:5F:65:18:34:B5:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLG0WKv3l97cxmHlSmhfZRg0tdE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/260e24-2040-4a5c-92cf-ec58a3125ee5/1/kSQmmeExWfprcCDLfHI_OYJk0ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/260e24-2040-4a5c-92cf-ec58a3125ee5/1/xLG0WKv3l97cxmHlSmhfZRg0tdE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.25.4.0/23
Signature Algorithm: sha256WithRSAEncryption
59:4d:93:cd:64:dc:4e:9e:90:db:23:22:24:46:47:98:65:fa:
53:f2:83:78:f7:7d:f3:ff:8d:cb:d0:66:50:c0:c7:5d:9c:9e:
de:4e:ae:4e:79:45:fd:81:f2:97:91:e3:a3:bd:81:5e:1e:8d:
9f:47:c1:b6:e3:88:81:aa:94:ce:92:39:2b:d4:62:11:7a:bb:
21:bd:36:94:50:dc:11:d5:ce:61:61:81:53:d9:61:31:db:a8:
5f:6f:0c:c6:5a:0b:bd:49:c6:f8:38:4e:9b:73:5b:28:0a:c1:
ff:98:74:1c:8e:c0:a2:59:8e:1d:92:8e:b8:3e:cb:61:55:7d:
6a:cb:35:00:81:52:5a:4b:03:ec:ca:1d:05:38:ec:f6:e7:3a:
6f:9d:fb:e1:7e:22:23:4f:93:d8:c0:a7:eb:fd:64:09:09:f4:
41:53:ee:7a:ce:ed:3a:e0:f8:36:11:34:60:06:64:03:a7:06:
25:ec:cd:01:75:8f:63:b1:cb:cb:1a:93:3e:67:e9:b1:75:c1:
32:26:f8:d4:4f:f8:47:e2:aa:21:32:13:da:0a:8e:02:c1:45:
ec:1d:f7:50:2d:7a:ea:19:85:8b:47:b1:2e:db:08:37:b7:d0:
ca:b5:5b:b3:73:9c:4a:10:a6:c6:72:3c:5f:2c:fc:5d:06:02:
3e:6a:73:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR5pkyh3lUAv3t1belEPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YjFiNDU4YWJmNzk3ZGVkY2M2NjFlNTRhNjg1ZjY1MTgz
NGI1ZDEwHhcNMjUwMTAyMTM0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTI0MjY5OWUxMzE1OWZhNmI3MDIwY2I3YzcyM2YzOTgyNjRkMjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneTQKeLxNolS5CldyLuEnW5CqLDf
sru/nyWknbZJK6cowXTp30WXkp/gN/rtUYxku6T+jJANcmaK2Utmx9d2z3IbHY9d
qMm8bFJ0n7NzcmzM0G3MWT2ntPRSal4b1sY8DOYap1wlXNS3KqFj03QbW20C1k2E
qvxtx58WxKqE/oA9ESXw59A5D2+5eJDyNV5nPySH9QE7Ppp902Z4USFRAqLKPpG/
6GbFHtUOFciWFtjaZbTSspYXPsH1f2Uh9e8T5MiShd/XHIAwu7JAgHUjvkIsxHgy
3w01TH1cq8tevvtT+wPaOaniWW+pYfGKtioGxpF6yMIwOmEBueYPEzGGFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEkJpnhMVn6a3Agy3xyPzmCZNJrMB8GA1UdIwQY
MBaAFMSxtFir95fe3MZh5UpoX2UYNLXRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveExHMFdLdjNsOTdjeG1IbFNtaGZaUmcwdGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yNjBlMjQtMjA0MC00YTVjLTkyY2Yt
ZWM1OGEzMTI1ZWU1LzEva1NRbW1lRXhXZnByY0NETGZISV9PWUprMG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8yNjBlMjQtMjA0MC00YTVjLTkyY2YtZWM1OGEzMTI1ZWU1
LzEveExHMFdLdjNsOTdjeG1IbFNtaGZaUmcwdGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBThkEMA0G
CSqGSIb3DQEBCwUAA4IBAQBZTZPNZNxOnpDbIyIkRkeYZfpT8oN4933z/43L0GZQ
wMddnJ7eTq5OeUX9gfKXkeOjvYFeHo2fR8G244iBqpTOkjkr1GIRershvTaUUNwR
1c5hYYFT2WEx26hfbwzGWgu9Scb4OE6bc1soCsH/mHQcjsCiWY4dko64PsthVX1q
yzUAgVJaSwPsyh0FOOz25zpvnfvhfiIjT5PYwKfr/WQJCfRBU+56zu064Pg2ETRg
BmQDpwYl7M0BdY9jscvLGpM+Z+mxdcEyJvjUT/hH4qohMhPaCo4CwUXsHfdQLXrq
GYWLR7Eu2wg3t9DKtVuzc5xKEKbGcjxfLPxdBgI+anM6
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:20:20 2025 by rpki-client