Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/a89b3c-972c-4bee-80f2-5c2919da8df3/1/st7UugSXha_zumczLwSMs_JMMGo.roa
File: st7UugSXha_zumczLwSMs_JMMGo.roa (raw, json)
Hash identifier: zW6BjWFPz0O6Tl0aYcPhSf3EE25VQRz5yPeKPIedYY8=
Subject key identifier: B2:DE:D4:BA:04:97:85:AF:F3:BA:67:33:2F:04:8C:B3:F2:4C:30:6A
Certificate issuer: /CN=82e22da9bf0a74171eebb4cd98fc25f3041add2f
Certificate serial: 019427483AB77EAC2318FC842BB1D02AF5E6
Authority key identifier: 82:E2:2D:A9:BF:0A:74:17:1E:EB:B4:CD:98:FC:25:F3:04:1A:DD:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/guItqb8KdBce67TNmPwl8wQa3S8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/a89b3c-972c-4bee-80f2-5c2919da8df3/1/st7UugSXha_zumczLwSMs_JMMGo.roa
Signing time: Thu 02 Jan 2025 13:50:32 +0000
ROA not before: Thu 02 Jan 2025 13:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29445
IP address blocks: 195.149.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:3a:b7:7e:ac:23:18:fc:84:2b:b1:d0:2a:f5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82e22da9bf0a74171eebb4cd98fc25f3041add2f
Validity
Not Before: Jan 2 13:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2ded4ba049785aff3ba67332f048cb3f24c306a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ab:6b:a6:ea:af:6b:2a:f5:f5:11:f3:53:e6:
52:40:d1:7f:c9:76:de:1d:ec:e0:f6:06:84:9a:1b:
99:21:7c:05:1b:63:3b:70:25:0a:c9:a0:c9:aa:05:
94:8b:f6:83:31:b5:c3:91:17:77:31:d2:4d:d6:94:
ca:62:1a:16:9b:7c:a1:fa:4c:6f:40:bd:7d:93:a0:
15:92:45:0d:46:91:f5:5d:53:4e:b2:39:60:ae:c3:
69:31:a4:f0:a9:55:0f:5f:71:34:38:f6:2b:a5:cb:
32:b5:0b:99:1e:ea:8c:6b:27:65:96:04:ec:83:dd:
72:53:5b:99:c9:99:7d:2e:fc:24:ec:17:4e:91:b9:
5a:2f:ed:01:8e:7d:3a:27:ed:58:2d:24:d2:92:84:
2d:51:5d:2b:18:36:52:f2:0a:9e:3f:09:83:1a:51:
0a:33:3d:59:41:fb:d0:af:f2:85:06:5b:06:3f:4d:
cc:c0:7b:c7:2f:a3:a3:2f:37:8c:78:d2:12:2f:46:
80:30:f8:90:ac:09:31:c2:da:9b:a3:66:b4:ff:7f:
f3:fb:6a:0f:41:fe:06:47:a7:39:85:1a:3d:76:6f:
e5:07:27:77:01:fc:35:22:bc:14:4b:e9:fa:b0:1c:
bd:82:e6:cd:1c:2f:de:8c:67:38:ac:5b:8f:2b:ed:
2e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DE:D4:BA:04:97:85:AF:F3:BA:67:33:2F:04:8C:B3:F2:4C:30:6A
X509v3 Authority Key Identifier:
keyid:82:E2:2D:A9:BF:0A:74:17:1E:EB:B4:CD:98:FC:25:F3:04:1A:DD:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/guItqb8KdBce67TNmPwl8wQa3S8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/a89b3c-972c-4bee-80f2-5c2919da8df3/1/st7UugSXha_zumczLwSMs_JMMGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/a89b3c-972c-4bee-80f2-5c2919da8df3/1/guItqb8KdBce67TNmPwl8wQa3S8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.149.95.0/24
Signature Algorithm: sha256WithRSAEncryption
49:d1:b2:8e:4e:08:cf:60:24:6c:e3:a3:2d:1e:3d:38:bf:7b:
f9:49:f7:0e:ab:be:58:18:64:e3:c2:91:cb:e8:a7:8e:4e:87:
bb:56:7b:d2:6e:0a:64:c4:0b:f1:53:f6:f9:01:eb:40:b9:ff:
f6:54:26:e2:56:ef:e1:18:05:fd:d4:15:3b:d4:b0:55:af:45:
ef:f7:5f:96:8e:db:fd:01:17:22:38:ba:40:d3:1c:92:03:9b:
cd:1c:d3:9a:b0:1a:60:4b:1a:e8:bf:18:1a:4e:e6:e9:07:a5:
ac:5f:e9:cc:40:07:99:b7:c0:3f:08:52:32:7b:e5:62:9a:7f:
78:19:d3:03:a5:d4:79:53:16:4b:c6:61:0a:ff:ae:05:ec:5c:
66:f3:c3:d9:fa:6a:c9:85:b5:41:9e:c5:d6:83:79:44:e9:ad:
12:4d:60:b9:ee:e1:aa:c3:13:d1:3c:f3:15:a5:17:06:71:c1:
3c:99:1e:35:7b:99:e9:97:99:c5:a7:18:ed:40:d4:1a:5c:ae:
37:27:5b:e0:42:e7:a9:b3:56:ad:56:b3:39:7e:52:27:12:7c:
8a:bf:d6:bb:d0:80:1c:27:73:f0:af:6f:33:53:d6:22:c0:4c:
6a:4a:2c:c1:e9:e1:de:de:f9:c0:3b:c7:aa:0a:8d:a5:12:a1:
c9:69:bf:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSDq3fqwjGPyEK7HQKvXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZTIyZGE5YmYwYTc0MTcxZWViYjRjZDk4ZmMyNWYzMDQx
YWRkMmYwHhcNMjUwMTAyMTM1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmRlZDRiYTA0OTc4NWFmZjNiYTY3MzMyZjA0OGNiM2YyNGMzMDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqtrpuqvayr19RHzU+ZSQNF/yXbe
Hezg9gaEmhuZIXwFG2M7cCUKyaDJqgWUi/aDMbXDkRd3MdJN1pTKYhoWm3yh+kxv
QL19k6AVkkUNRpH1XVNOsjlgrsNpMaTwqVUPX3E0OPYrpcsytQuZHuqMaydllgTs
g91yU1uZyZl9Lvwk7BdOkblaL+0Bjn06J+1YLSTSkoQtUV0rGDZS8gqePwmDGlEK
Mz1ZQfvQr/KFBlsGP03MwHvHL6OjLzeMeNISL0aAMPiQrAkxwtqbo2a0/3/z+2oP
Qf4GR6c5hRo9dm/lByd3Afw1IrwUS+n6sBy9gubNHC/ejGc4rFuPK+0uOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLLe1LoEl4Wv87pnMy8EjLPyTDBqMB8GA1UdIwQY
MBaAFILiLam/CnQXHuu0zZj8JfMEGt0vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3VJdHFiOEtkQmNlNjdUTm1Qd2w4d1FhM1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9hODliM2MtOTcyYy00YmVlLTgwZjIt
NWMyOTE5ZGE4ZGYzLzEvc3Q3VXVnU1hoYV96dW1jekx3U01zX0pNTUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9hODliM2MtOTcyYy00YmVlLTgwZjItNWMyOTE5ZGE4ZGYz
LzEvZ3VJdHFiOEtkQmNlNjdUTm1Qd2w4d1FhM1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5VfMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ0bKOTgjPYCRs46MtHj04v3v5SfcOq75YGGTjwpHL
6KeOToe7VnvSbgpkxAvxU/b5AetAuf/2VCbiVu/hGAX91BU71LBVr0Xv91+Wjtv9
ARciOLpA0xySA5vNHNOasBpgSxrovxgaTubpB6WsX+nMQAeZt8A/CFIye+Vimn94
GdMDpdR5UxZLxmEK/64F7Fxm88PZ+mrJhbVBnsXWg3lE6a0STWC57uGqwxPRPPMV
pRcGccE8mR41e5npl5nFpxjtQNQaXK43J1vgQueps1atVrM5flInEnyKv9a70IAc
J3Pwr28zU9YiwExqSizB6eHe3vnAO8eqCo2lEqHJab81
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:14:44 2025 by rpki-client