Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/CkBRqOo4nHpiMZCMmHhlMyMyMW8.roa
File: CkBRqOo4nHpiMZCMmHhlMyMyMW8.roa (raw, json)
Hash identifier: QqiQ/A2UMFrHNJ7zFLbdbwUvQQ7O2J6ld5ZejB7+vXI=
Subject key identifier: 0A:40:51:A8:EA:38:9C:7A:62:31:90:8C:98:78:65:33:23:32:31:6F
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0194F1762A8AFEC688A134581DACC7E94E96
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/CkBRqOo4nHpiMZCMmHhlMyMyMW8.roa
Signing time: Mon 10 Feb 2025 20:04:00 +0000
ROA not before: Mon 10 Feb 2025 20:04:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395793
IP address blocks: 195.216.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f1:76:2a:8a:fe:c6:88:a1:34:58:1d:ac:c7:e9:4e:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Feb 10 20:04:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a4051a8ea389c7a6231908c987865332332316f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:61:cb:91:71:e9:78:94:c8:93:ea:2a:c8:d7:
84:15:ac:24:02:a0:56:70:2c:eb:50:8e:0c:d2:bc:
76:42:a7:8c:b0:27:c2:dd:40:a4:40:17:51:ec:03:
c2:d7:1b:d7:c9:ac:32:e2:1b:a8:32:4b:9a:2a:14:
05:ea:f0:be:56:f0:8f:a3:cc:88:e2:64:01:fc:a1:
85:d6:90:be:d0:13:27:a7:a1:b3:8a:bd:fc:8f:64:
7e:e3:1b:33:00:4e:23:1d:2d:39:7c:d9:d4:53:41:
24:58:73:51:41:6f:3a:d6:6f:7c:1a:aa:d9:d4:b6:
3a:4f:35:c2:5b:ba:2e:92:98:78:c7:87:55:ca:d0:
a0:8f:b6:37:da:1d:12:92:b4:09:f2:a5:4b:6f:96:
6d:e8:0d:83:0e:43:3a:f0:29:12:bd:04:9e:8e:13:
98:e2:d4:dc:5e:7e:9e:95:e1:02:2d:11:f5:64:23:
01:b6:28:23:c5:94:d8:16:b6:1c:62:04:46:ef:1f:
bb:d2:f1:e5:a3:e5:45:79:6a:3c:31:66:ff:71:e6:
73:21:a2:cd:c2:ce:55:4f:b6:4f:b6:90:b9:84:f8:
c8:8a:4a:4e:3f:09:48:cb:dc:42:6b:7d:0c:fe:60:
07:ad:65:7c:ef:0d:a2:2c:84:7e:47:f1:f1:3a:9b:
2f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:40:51:A8:EA:38:9C:7A:62:31:90:8C:98:78:65:33:23:32:31:6F
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/CkBRqOo4nHpiMZCMmHhlMyMyMW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.191.0/24
Signature Algorithm: sha256WithRSAEncryption
60:eb:81:1a:8d:f6:75:a3:2b:b1:b7:ab:38:d1:95:0f:1a:74:
1c:b7:c4:ff:56:4e:96:08:65:c0:9d:3f:0e:f3:90:4a:44:0a:
00:2b:2d:f9:f8:9f:af:95:b8:30:6e:df:49:9a:c4:a1:a3:71:
f3:0d:45:c5:b7:96:20:c0:b3:63:f4:8f:85:8a:c2:2c:80:29:
60:f0:a4:b0:c1:66:ff:e4:df:ac:df:04:89:cc:a9:3a:c4:19:
36:ea:73:18:f2:de:ac:09:cb:56:1a:cd:e9:8a:bc:05:74:b3:
08:d8:f6:8a:ed:3e:a0:96:ea:ec:71:b5:0c:0e:ce:fb:d3:80:
fc:74:7c:af:af:64:c4:cc:be:fb:ed:aa:b9:85:7c:6c:46:80:
09:48:69:48:bc:6b:68:20:78:d2:db:06:06:42:09:1f:c5:54:
b6:ac:df:e0:f2:61:09:13:c4:e9:90:2b:a6:5d:86:b4:8b:cd:
8e:37:5d:e2:4a:77:89:1b:64:2f:63:28:ab:3e:98:f4:39:05:
9f:3a:c6:1a:a2:68:b5:ca:c1:b4:19:d1:59:db:33:24:76:61:
22:d9:7e:c0:44:36:b1:ad:9d:7c:2b:df:50:4b:18:ab:59:5b:
0e:b0:26:f6:a2:be:54:65:71:b2:09:ab:e2:ef:4c:79:7d:fc:
99:b6:38:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTxdiqK/saIoTRYHazH6U6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwMjEwMjAwNDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQwNTFhOGVhMzg5YzdhNjIzMTkwOGM5ODc4NjUzMzIzMzIzMTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGHLkXHpeJTIk+oqyNeEFawkAqBW
cCzrUI4M0rx2QqeMsCfC3UCkQBdR7APC1xvXyawy4huoMkuaKhQF6vC+VvCPo8yI
4mQB/KGF1pC+0BMnp6Gzir38j2R+4xszAE4jHS05fNnUU0EkWHNRQW861m98GqrZ
1LY6TzXCW7oukph4x4dVytCgj7Y32h0SkrQJ8qVLb5Zt6A2DDkM68CkSvQSejhOY
4tTcXn6eleECLRH1ZCMBtigjxZTYFrYcYgRG7x+70vHlo+VFeWo8MWb/ceZzIaLN
ws5VT7ZPtpC5hPjIikpOPwlIy9xCa30M/mAHrWV87w2iLIR+R/HxOpsv3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFApAUajqOJx6YjGQjJh4ZTMjMjFvMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvQ2tCUnFPbzRuSHBpTVpDTW1IaGxNeU15TVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9i/MA0G
CSqGSIb3DQEBCwUAA4IBAQBg64EajfZ1oyuxt6s40ZUPGnQct8T/Vk6WCGXAnT8O
85BKRAoAKy35+J+vlbgwbt9JmsSho3HzDUXFt5YgwLNj9I+FisIsgClg8KSwwWb/
5N+s3wSJzKk6xBk26nMY8t6sCctWGs3pirwFdLMI2PaK7T6glurscbUMDs7704D8
dHyvr2TEzL777aq5hXxsRoAJSGlIvGtoIHjS2wYGQgkfxVS2rN/g8mEJE8TpkCum
XYa0i82ON13iSneJG2QvYyirPpj0OQWfOsYaomi1ysG0GdFZ2zMkdmEi2X7ARDax
rZ18K99QSxirWVsOsCb2or5UZXGyCavi70x5ffyZtjjZ
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:27:56 2025 by rpki-client