Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ed94b1-b573-45e4-9e21-3f42c71780bc/1/KIolqJ5Rs9ZhvtnGtDf7moJJ2_E.roa
File: KIolqJ5Rs9ZhvtnGtDf7moJJ2_E.roa (raw, json)
Hash identifier: d0kz1GVWlhFBJRVBQyJqX/EmCfxG7jLUjxwkYTyT+k0=
Subject key identifier: 28:8A:25:A8:9E:51:B3:D6:61:BE:D9:C6:B4:37:FB:9A:82:49:DB:F1
Certificate issuer: /CN=851272e4e8186b9cf3d1eb42665c53ce714f4d4b
Certificate serial: 0194228D0E3DF522A876355145E5F3CE020E
Authority key identifier: 85:12:72:E4:E8:18:6B:9C:F3:D1:EB:42:66:5C:53:CE:71:4F:4D:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hRJy5OgYa5zz0etCZlxTznFPTUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ed94b1-b573-45e4-9e21-3f42c71780bc/1/KIolqJ5Rs9ZhvtnGtDf7moJJ2_E.roa
Signing time: Wed 01 Jan 2025 15:47:37 +0000
ROA not before: Wed 01 Jan 2025 15:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12337
IP address blocks: 195.190.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:0e:3d:f5:22:a8:76:35:51:45:e5:f3:ce:02:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851272e4e8186b9cf3d1eb42665c53ce714f4d4b
Validity
Not Before: Jan 1 15:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=288a25a89e51b3d661bed9c6b437fb9a8249dbf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6b:e9:c3:d5:0e:10:3d:fe:7b:52:31:6d:62:
0c:d1:89:08:16:28:50:38:dc:99:4c:49:b4:55:db:
13:ad:95:5c:f3:55:3d:7b:cc:0e:93:9e:ea:97:b7:
d1:6d:1f:3f:1e:bf:f1:63:62:90:61:59:67:34:7a:
9c:41:a1:e9:3e:d9:fc:58:4d:69:57:f4:71:0d:cb:
d2:7d:59:94:bb:d2:92:de:1f:6d:9c:6b:35:c4:8b:
5a:f3:13:f7:a0:a2:51:07:fb:b5:ab:b8:e5:d5:d5:
bc:da:67:36:6c:fb:6f:4b:4a:27:81:b5:69:69:35:
d1:b7:13:3b:0e:53:aa:a3:d9:3f:3a:1f:2f:d7:fe:
f0:6e:31:9e:4c:58:59:1d:a9:1f:9c:d8:1f:29:73:
fc:ca:bc:14:a4:ab:fe:ef:f0:3e:d7:f3:06:08:02:
a7:e1:aa:20:45:a9:32:50:29:dd:a4:f2:c5:10:28:
45:fa:d3:00:61:cf:b9:92:e3:e1:14:df:97:1a:5e:
62:65:58:be:dd:8f:3d:51:90:2a:f0:fb:ed:e7:b7:
7c:71:5c:f3:35:5c:40:5a:37:87:2e:e2:8d:a3:01:
33:ef:83:24:24:24:eb:92:3c:25:af:97:10:66:89:
3a:d7:7a:30:c4:a6:a8:cb:06:8e:fb:0a:9b:e1:42:
66:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:8A:25:A8:9E:51:B3:D6:61:BE:D9:C6:B4:37:FB:9A:82:49:DB:F1
X509v3 Authority Key Identifier:
keyid:85:12:72:E4:E8:18:6B:9C:F3:D1:EB:42:66:5C:53:CE:71:4F:4D:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRJy5OgYa5zz0etCZlxTznFPTUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed94b1-b573-45e4-9e21-3f42c71780bc/1/KIolqJ5Rs9ZhvtnGtDf7moJJ2_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed94b1-b573-45e4-9e21-3f42c71780bc/1/hRJy5OgYa5zz0etCZlxTznFPTUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.8.0/24
Signature Algorithm: sha256WithRSAEncryption
30:76:eb:7e:11:8e:14:75:92:c6:68:6c:4a:c5:e3:1a:bf:29:
02:fe:fb:d4:cb:b7:fd:94:43:b4:96:69:60:e3:61:d7:dc:21:
84:64:c8:53:d0:78:c3:19:c1:88:0e:39:9f:5c:a3:28:19:e9:
e4:6c:76:da:14:1e:14:39:6f:4b:d5:20:a0:e2:23:8d:1b:9c:
b7:09:9b:1b:7f:8f:c6:5b:8a:c6:a0:e2:c3:42:f1:49:f2:d5:
25:14:22:d8:32:84:bf:eb:af:5e:ae:e0:4a:9e:b1:a2:be:74:
36:fe:ad:cd:00:be:9d:03:48:e2:7c:66:da:89:ed:ea:86:14:
50:ac:23:22:92:51:59:1f:c5:61:ff:43:ed:c7:8b:90:ca:95:
79:b4:ab:89:77:c1:68:2b:ed:b3:dd:45:e7:d8:28:d2:2f:7c:
0c:46:b4:7d:ea:f7:3e:78:b1:0e:a1:17:a5:94:e2:45:1a:d9:
be:1c:b7:3a:ca:ad:ab:e9:8c:9a:3d:62:af:32:94:6e:45:7f:
79:3d:c8:5c:09:4c:49:b7:db:ab:c9:bd:39:72:65:35:26:11:
7f:52:4d:10:1a:02:99:32:cf:a0:86:e7:d8:82:b2:22:16:91:
19:2b:1b:2e:b0:3a:12:74:72:a4:de:d2:35:14:11:65:d8:c3:
ac:1e:7e:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijQ499SKodjVRReXzzgIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MTI3MmU0ZTgxODZiOWNmM2QxZWI0MjY2NWM1M2NlNzE0
ZjRkNGIwHhcNMjUwMTAxMTU0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODhhMjVhODllNTFiM2Q2NjFiZWQ5YzZiNDM3ZmI5YTgyNDlkYmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGvpw9UOED3+e1IxbWIM0YkIFihQ
ONyZTEm0VdsTrZVc81U9e8wOk57ql7fRbR8/Hr/xY2KQYVlnNHqcQaHpPtn8WE1p
V/RxDcvSfVmUu9KS3h9tnGs1xIta8xP3oKJRB/u1q7jl1dW82mc2bPtvS0ongbVp
aTXRtxM7DlOqo9k/Oh8v1/7wbjGeTFhZHakfnNgfKXP8yrwUpKv+7/A+1/MGCAKn
4aogRakyUCndpPLFEChF+tMAYc+5kuPhFN+XGl5iZVi+3Y89UZAq8Pvt57d8cVzz
NVxAWjeHLuKNowEz74MkJCTrkjwlr5cQZok613owxKaoywaO+wqb4UJmZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCiKJaieUbPWYb7ZxrQ3+5qCSdvxMB8GA1UdIwQY
MBaAFIUScuToGGuc89HrQmZcU85xT01LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJKeTVPZ1lhNXp6MGV0Q1pseFR6bkZQVFVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lZDk0YjEtYjU3My00NWU0LTllMjEt
M2Y0MmM3MTc4MGJjLzEvS0lvbHFKNVJzOVpodnRuR3REZjdtb0pKMl9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lZDk0YjEtYjU3My00NWU0LTllMjEtM2Y0MmM3MTc4MGJj
LzEvaFJKeTVPZ1lhNXp6MGV0Q1pseFR6bkZQVFVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw74IMA0G
CSqGSIb3DQEBCwUAA4IBAQAwdut+EY4UdZLGaGxKxeMavykC/vvUy7f9lEO0lmlg
42HX3CGEZMhT0HjDGcGIDjmfXKMoGenkbHbaFB4UOW9L1SCg4iONG5y3CZsbf4/G
W4rGoOLDQvFJ8tUlFCLYMoS/669eruBKnrGivnQ2/q3NAL6dA0jifGbaie3qhhRQ
rCMiklFZH8Vh/0Ptx4uQypV5tKuJd8FoK+2z3UXn2CjSL3wMRrR96vc+eLEOoRel
lOJFGtm+HLc6yq2r6YyaPWKvMpRuRX95PchcCUxJt9uryb05cmU1JhF/Uk0QGgKZ
Ms+ghufYgrIiFpEZKxsusDoSdHKk3tI1FBFl2MOsHn57
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:24:58 2025 by rpki-client