Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/ac0694-1e22-436d-82c9-17ce620e74f1/1/qVpN4Y8KxLODwpDOgLN11KilqHg.roa
File: qVpN4Y8KxLODwpDOgLN11KilqHg.roa (raw, json)
Hash identifier: 09hTebOsoFtxumaEhzqwE7uj7IeLGjUIKeNrykM3gp8=
Subject key identifier: A9:5A:4D:E1:8F:0A:C4:B3:83:C2:90:CE:80:B3:75:D4:A8:A5:A8:78
Certificate issuer: /CN=204d7d8652a99fc17fff2d7decc49e556aa0eb80
Certificate serial: 019426D8CA8C93FEACAE97D97D1B25EC538C
Authority key identifier: 20:4D:7D:86:52:A9:9F:C1:7F:FF:2D:7D:EC:C4:9E:55:6A:A0:EB:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IE19hlKpn8F__y197MSeVWqg64A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/ac0694-1e22-436d-82c9-17ce620e74f1/1/qVpN4Y8KxLODwpDOgLN11KilqHg.roa
Signing time: Thu 02 Jan 2025 11:48:49 +0000
ROA not before: Thu 02 Jan 2025 11:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 195.242.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:ca:8c:93:fe:ac:ae:97:d9:7d:1b:25:ec:53:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204d7d8652a99fc17fff2d7decc49e556aa0eb80
Validity
Not Before: Jan 2 11:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a95a4de18f0ac4b383c290ce80b375d4a8a5a878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:02:e2:24:e4:07:0c:0e:5f:60:eb:a5:18:ad:
18:c1:50:9a:88:59:2b:f9:f2:3c:2b:85:02:a1:6f:
28:0b:63:1d:bc:97:ae:ab:e9:49:ba:b5:4e:2d:42:
dd:56:38:cf:40:4f:06:a9:8d:f8:01:0a:8e:f0:19:
d9:f7:70:af:58:16:c4:c3:43:95:e0:89:9d:6d:32:
eb:24:34:19:66:71:9a:27:65:b4:d1:98:0a:8a:1d:
93:fb:26:e7:79:f6:7f:09:10:f1:2a:02:ae:75:6f:
8f:ff:ba:ad:41:1a:5f:5e:9a:86:ed:8f:e4:b2:d8:
f1:2c:f7:84:fc:23:1a:75:1f:7f:46:3f:1c:a2:27:
76:f4:18:c9:07:da:d1:08:34:84:04:7d:cb:2d:eb:
6a:41:49:5d:ce:21:21:5b:4b:0c:48:e6:44:69:1e:
21:ec:b4:e7:1a:6c:16:35:a5:ce:06:2a:84:f1:ce:
8a:06:7d:eb:55:68:a3:e1:af:9e:6e:4e:63:c1:ea:
53:56:c2:d3:44:e6:95:9a:62:88:14:59:ab:11:91:
a0:5b:d7:c7:a9:40:84:90:80:74:8c:32:c3:89:e8:
b0:d8:98:4f:ca:71:fe:8c:c3:a2:43:62:8d:fb:1c:
c9:b2:02:a0:ef:29:c7:7c:04:e1:07:56:14:80:f1:
3b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:5A:4D:E1:8F:0A:C4:B3:83:C2:90:CE:80:B3:75:D4:A8:A5:A8:78
X509v3 Authority Key Identifier:
keyid:20:4D:7D:86:52:A9:9F:C1:7F:FF:2D:7D:EC:C4:9E:55:6A:A0:EB:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IE19hlKpn8F__y197MSeVWqg64A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ac0694-1e22-436d-82c9-17ce620e74f1/1/qVpN4Y8KxLODwpDOgLN11KilqHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ac0694-1e22-436d-82c9-17ce620e74f1/1/IE19hlKpn8F__y197MSeVWqg64A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.170.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:58:ab:a6:bd:8f:a0:e5:08:32:47:5c:de:26:22:db:a5:7b:
4e:d6:61:85:fa:03:9a:9a:9f:9f:96:2d:a9:a6:2e:2f:49:ae:
cb:3e:db:f5:a9:c7:92:20:63:97:c8:7b:24:96:18:a0:62:f2:
35:a1:0a:24:9d:66:e9:e0:a9:87:e1:cc:f9:65:b9:ea:a4:c2:
43:a5:cd:f0:86:a5:e0:ad:be:9c:6d:a3:95:85:df:6c:29:a4:
82:db:cf:3b:18:73:de:8b:97:a1:2e:b8:bf:9f:ae:ab:4c:73:
73:33:3e:03:66:90:bd:04:4a:fe:d3:d2:a3:6e:9a:4d:67:34:
97:43:bb:a4:d7:c0:e4:4a:74:61:4a:7e:6f:9c:d9:c4:2f:be:
a3:26:d0:11:a0:bc:d2:71:49:5a:bf:69:1f:bd:0b:c0:9d:2f:
bf:dc:cc:d8:3c:1a:47:1a:ea:e7:0e:78:58:37:0c:58:ee:fe:
6e:78:8a:43:b8:55:96:6b:b5:af:ed:7b:3c:fd:cc:85:3f:4a:
7c:87:c6:8d:17:64:de:4b:3f:da:da:d8:7b:a3:27:c4:2b:1c:
f4:8b:69:ee:24:e8:c8:88:27:5f:e8:9f:9d:1a:64:d4:3b:51:
e8:18:9a:6c:c1:e3:ff:ec:8f:d2:db:9d:c1:8e:8d:48:10:43:
45:51:70:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2MqMk/6srpfZfRsl7FOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNGQ3ZDg2NTJhOTlmYzE3ZmZmMmQ3ZGVjYzQ5ZTU1NmFh
MGViODAwHhcNMjUwMTAyMTE0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTVhNGRlMThmMGFjNGIzODNjMjkwY2U4MGIzNzVkNGE4YTVhODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygLiJOQHDA5fYOulGK0YwVCaiFkr
+fI8K4UCoW8oC2MdvJeuq+lJurVOLULdVjjPQE8GqY34AQqO8BnZ93CvWBbEw0OV
4ImdbTLrJDQZZnGaJ2W00ZgKih2T+ybnefZ/CRDxKgKudW+P/7qtQRpfXpqG7Y/k
stjxLPeE/CMadR9/Rj8coid29BjJB9rRCDSEBH3LLetqQUldziEhW0sMSOZEaR4h
7LTnGmwWNaXOBiqE8c6KBn3rVWij4a+ebk5jwepTVsLTROaVmmKIFFmrEZGgW9fH
qUCEkIB0jDLDieiw2JhPynH+jMOiQ2KN+xzJsgKg7ynHfAThB1YUgPE7WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKlaTeGPCsSzg8KQzoCzddSopah4MB8GA1UdIwQY
MBaAFCBNfYZSqZ/Bf/8tfezEnlVqoOuAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUUxOWhsS3BuOEZfX3kxOTdNU2VWV3FnNjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hYzA2OTQtMWUyMi00MzZkLTgyYzkt
MTdjZTYyMGU3NGYxLzEvcVZwTjRZOEt4TE9Ed3BET2dMTjExS2lscUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hYzA2OTQtMWUyMi00MzZkLTgyYzktMTdjZTYyMGU3NGYx
LzEvSUUxOWhsS3BuOEZfX3kxOTdNU2VWV3FnNjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/KqMA0G
CSqGSIb3DQEBCwUAA4IBAQDOWKumvY+g5QgyR1zeJiLbpXtO1mGF+gOamp+fli2p
pi4vSa7LPtv1qceSIGOXyHsklhigYvI1oQoknWbp4KmH4cz5ZbnqpMJDpc3whqXg
rb6cbaOVhd9sKaSC2887GHPei5ehLri/n66rTHNzMz4DZpC9BEr+09KjbppNZzSX
Q7uk18DkSnRhSn5vnNnEL76jJtARoLzScUlav2kfvQvAnS+/3MzYPBpHGurnDnhY
NwxY7v5ueIpDuFWWa7Wv7Xs8/cyFP0p8h8aNF2TeSz/a2th7oyfEKxz0i2nuJOjI
iCdf6J+dGmTUO1HoGJpsweP/7I/S253Bjo1IEENFUXBw
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:20:33 2025 by rpki-client