Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/mm2sLdm3Ci3nySsnIMNPJSmUyA0.roa
File: mm2sLdm3Ci3nySsnIMNPJSmUyA0.roa (raw, json)
Hash identifier: 43TegAHBHBerogm1ABmnvKv6AvzkKlq7nZVNU15KNys=
Subject key identifier: 9A:6D:AC:2D:D9:B7:0A:2D:E7:C9:2B:27:20:C3:4F:25:29:94:C8:0D
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 019427B68561CB156AF2EE84115FBD9D2474
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/mm2sLdm3Ci3nySsnIMNPJSmUyA0.roa
Signing time: Thu 02 Jan 2025 15:51:00 +0000
ROA not before: Thu 02 Jan 2025 15:51:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216062
IP address blocks: 195.211.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:85:61:cb:15:6a:f2:ee:84:11:5f:bd:9d:24:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 15:51:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a6dac2dd9b70a2de7c92b2720c34f252994c80d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:05:98:c0:2b:22:07:d4:34:7b:6a:4f:10:1a:
7c:a6:a6:8c:f1:be:7d:59:30:0f:6b:66:2e:c4:b1:
9c:a1:72:cf:2d:bb:d5:11:4f:54:aa:94:3b:3f:17:
10:ad:6b:73:54:14:b8:29:a9:4f:5b:94:02:0f:9f:
35:5d:11:a9:33:6b:8f:02:5f:ac:1d:29:71:ff:ca:
b6:01:77:2c:a7:f6:22:7a:94:68:90:45:59:7c:3d:
60:3c:3e:78:ac:83:9d:34:4e:b7:b0:48:ea:c5:58:
b0:0c:7b:e3:6f:7c:ea:b3:19:bd:14:d7:39:66:9c:
8a:5a:7c:f5:d0:25:2f:f0:e9:d7:8f:c1:3f:6d:c2:
d4:0f:6a:a8:a3:c9:d3:bf:e2:17:35:14:a5:cf:5f:
f1:5b:61:5c:c1:21:ad:b8:0a:57:a7:18:7b:55:23:
cd:64:f2:97:a7:6c:f0:9f:32:10:98:bc:a2:ed:41:
be:15:05:c0:01:34:ef:8e:d3:df:77:e8:8d:22:43:
57:9c:f0:3c:a6:a8:e9:1e:da:ef:ae:1d:05:9e:0b:
fd:da:f8:5d:e8:1f:36:c8:68:be:a1:15:42:19:54:
87:ac:6e:30:74:07:9d:0a:4e:be:8b:be:4a:ad:32:
35:d3:34:02:b1:e6:bd:9e:e0:e0:fe:64:84:16:3c:
5f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:6D:AC:2D:D9:B7:0A:2D:E7:C9:2B:27:20:C3:4F:25:29:94:C8:0D
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/mm2sLdm3Ci3nySsnIMNPJSmUyA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.163.0/24
Signature Algorithm: sha256WithRSAEncryption
72:cd:60:9d:99:05:e2:9b:48:70:58:0b:28:74:f4:b7:19:b4:
bc:69:85:24:44:18:e0:66:29:79:09:59:9d:8b:0d:d7:ba:66:
eb:f4:b4:bd:05:3b:2c:ae:bc:5b:82:c2:cf:68:ad:4f:d9:f9:
17:0c:22:a1:3c:4e:c5:5b:23:e1:91:1e:39:d9:f7:4a:8c:e0:
f7:cd:58:dc:04:3d:0f:7d:8d:dd:6e:6c:1d:19:12:cf:89:6b:
ae:1d:b7:69:f0:cd:87:75:65:b5:d8:e6:d6:40:30:9f:be:17:
ba:5d:b3:be:5c:03:47:2e:94:c3:de:ba:82:87:a8:4a:74:3f:
38:28:af:e3:7d:9b:d0:2d:75:ba:15:b2:40:9a:7e:61:11:60:
d0:54:01:fe:3a:cb:08:2e:51:c6:90:bd:3f:31:1a:ae:bb:68:
2e:d5:d0:0e:55:62:57:7a:7b:6b:fd:30:c8:60:cc:f7:83:20:
c9:b9:2c:49:56:b6:37:3e:d1:c8:70:9e:3e:22:3c:91:2a:a3:
b9:16:a6:b5:45:14:1d:cf:cc:49:b8:9d:58:b7:84:e8:87:de:
1b:7c:4f:78:38:ec:39:05:40:a8:c8:f9:43:8f:c5:5c:e6:96:
54:a9:a6:ee:8f:28:8b:66:10:36:ed:7d:99:ea:bc:11:a7:d1:
87:fe:2c:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntoVhyxVq8u6EEV+9nSR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjUwMTAyMTU1MTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTZkYWMyZGQ5YjcwYTJkZTdjOTJiMjcyMGMzNGYyNTI5OTRjODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AWYwCsiB9Q0e2pPEBp8pqaM8b59
WTAPa2YuxLGcoXLPLbvVEU9UqpQ7PxcQrWtzVBS4KalPW5QCD581XRGpM2uPAl+s
HSlx/8q2AXcsp/YiepRokEVZfD1gPD54rIOdNE63sEjqxViwDHvjb3zqsxm9FNc5
ZpyKWnz10CUv8OnXj8E/bcLUD2qoo8nTv+IXNRSlz1/xW2FcwSGtuApXpxh7VSPN
ZPKXp2zwnzIQmLyi7UG+FQXAATTvjtPfd+iNIkNXnPA8pqjpHtrvrh0Fngv92vhd
6B82yGi+oRVCGVSHrG4wdAedCk6+i75KrTI10zQCsea9nuDg/mSEFjxfDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJptrC3Ztwot58krJyDDTyUplMgNMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvbW0yc0xkbTNDaTNueVNzbklNTlBKU21VeUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9OjMA0G
CSqGSIb3DQEBCwUAA4IBAQByzWCdmQXim0hwWAsodPS3GbS8aYUkRBjgZil5CVmd
iw3Xumbr9LS9BTssrrxbgsLPaK1P2fkXDCKhPE7FWyPhkR452fdKjOD3zVjcBD0P
fY3dbmwdGRLPiWuuHbdp8M2HdWW12ObWQDCfvhe6XbO+XANHLpTD3rqCh6hKdD84
KK/jfZvQLXW6FbJAmn5hEWDQVAH+OssILlHGkL0/MRquu2gu1dAOVWJXentr/TDI
YMz3gyDJuSxJVrY3PtHIcJ4+IjyRKqO5Fqa1RRQdz8xJuJ1Yt4Toh94bfE94OOw5
BUCoyPlDj8Vc5pZUqabujyiLZhA27X2Z6rwRp9GH/izW
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:21 2025 by rpki-client