Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/rIGw4rvANHfOuMx5NCLXbIqwca4.roa
File: rIGw4rvANHfOuMx5NCLXbIqwca4.roa (raw, json)
Hash identifier: Ax9z9G2JPoeUmfYGQQfPW9WibNiDAosH5QsVz6vOEcs=
Subject key identifier: AC:81:B0:E2:BB:C0:34:77:CE:B8:CC:79:34:22:D7:6C:8A:B0:71:AE
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01941FFA51170C72A7D91093E1766A3D9B8F
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/rIGw4rvANHfOuMx5NCLXbIqwca4.roa
Signing time: Wed 01 Jan 2025 03:48:05 +0000
ROA not before: Wed 01 Jan 2025 03:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209637
IP address blocks: 195.74.65.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:51:17:0c:72:a7:d9:10:93:e1:76:6a:3d:9b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 03:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac81b0e2bbc03477ceb8cc793422d76c8ab071ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:38:5c:13:16:fb:12:71:3d:e0:03:95:43:f5:
10:7f:be:d5:a2:42:34:33:91:42:d9:0e:04:63:1d:
ea:94:f6:83:a0:a1:1b:5c:98:6e:d0:a6:a3:25:0f:
2a:3f:d6:93:8a:4e:1f:57:c5:d2:1b:ae:b6:ba:e6:
e7:d9:b7:f5:49:6b:6e:c0:7f:ed:f3:64:d4:24:51:
44:bc:5d:0c:fb:80:a4:fb:e4:f9:b9:b9:43:7c:fb:
aa:de:a3:87:ab:bc:45:81:18:10:b9:33:40:de:71:
13:ca:bb:96:c8:02:a2:6e:13:f5:65:04:88:73:f2:
d8:71:58:9b:3b:23:ea:25:19:31:3e:cd:d0:80:bf:
17:25:5e:b4:42:58:35:10:62:31:aa:ee:1e:e1:24:
69:65:38:29:24:cf:9a:c3:5e:5a:f8:a4:e7:ad:6c:
68:46:81:07:40:c8:a0:b0:44:01:47:c4:0c:4b:37:
0c:ed:6d:45:14:8b:e6:bd:ef:34:47:6d:2d:ba:ba:
45:6f:85:ee:1b:bf:be:27:83:13:1c:f6:b2:ec:20:
fa:1f:0a:7a:86:eb:25:15:f7:72:3a:90:d3:65:2f:
7f:5e:00:90:60:89:01:c0:1f:ae:f2:89:67:0d:d0:
21:41:9f:22:7f:0e:96:43:a1:68:40:c2:48:87:e5:
39:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:81:B0:E2:BB:C0:34:77:CE:B8:CC:79:34:22:D7:6C:8A:B0:71:AE
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/rIGw4rvANHfOuMx5NCLXbIqwca4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.74.65.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:af:b5:29:c6:28:44:b6:b8:81:db:70:3c:bb:70:0f:af:77:
ac:09:91:3d:15:d1:4f:a5:a8:53:93:3e:bf:e6:8d:52:b3:27:
aa:c6:9e:f3:8d:af:8f:b9:65:cf:2d:c3:f3:d4:62:89:86:ca:
cd:54:5a:5e:34:51:1b:9b:79:43:f7:27:07:0f:9b:66:e0:76:
16:91:a6:d5:1f:78:23:9a:b0:24:e8:07:f2:41:9a:13:b1:4e:
ef:db:c2:89:49:93:6c:74:9c:bf:a1:7f:a5:a5:ec:d3:07:1e:
8e:35:5f:df:02:cf:00:e4:75:14:b1:87:6a:1c:ab:00:15:2e:
a8:9a:00:ca:3d:22:f5:d1:37:ba:cf:72:cf:6b:03:11:a0:a4:
b4:6c:5d:67:38:71:d7:9c:62:f0:b1:6d:04:05:15:1c:75:32:
7b:24:74:67:ba:08:42:fc:cd:e4:36:a0:51:e4:93:2b:34:91:
10:df:eb:2b:f7:f2:3d:dc:e7:a1:0f:d4:17:78:ee:60:2f:1d:
0d:6e:06:fd:6d:ae:a4:7d:28:bd:53:35:8d:79:02:1b:2a:34:
f7:f9:6d:c0:35:ab:1f:61:13:48:ce:73:34:ab:5c:6c:2e:72:
05:54:e7:46:1e:e1:79:36:57:97:bb:72:1c:ac:0c:94:47:c7:
81:52:3e:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+lEXDHKn2RCT4XZqPZuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjUwMTAxMDM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzgxYjBlMmJiYzAzNDc3Y2ViOGNjNzkzNDIyZDc2YzhhYjA3MWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzhcExb7EnE94AOVQ/UQf77VokI0
M5FC2Q4EYx3qlPaDoKEbXJhu0KajJQ8qP9aTik4fV8XSG662uubn2bf1SWtuwH/t
82TUJFFEvF0M+4Ck++T5ublDfPuq3qOHq7xFgRgQuTNA3nETyruWyAKibhP1ZQSI
c/LYcVibOyPqJRkxPs3QgL8XJV60Qlg1EGIxqu4e4SRpZTgpJM+aw15a+KTnrWxo
RoEHQMigsEQBR8QMSzcM7W1FFIvmve80R20turpFb4XuG7++J4MTHPay7CD6Hwp6
huslFfdyOpDTZS9/XgCQYIkBwB+u8olnDdAhQZ8ifw6WQ6FoQMJIh+U5UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKyBsOK7wDR3zrjMeTQi12yKsHGuMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvcklHdzRydkFOSGZPdU14NU5DTFhiSXF3Y2E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0pBMA0G
CSqGSIb3DQEBCwUAA4IBAQAKr7UpxihEtriB23A8u3APr3esCZE9FdFPpahTkz6/
5o1Ssyeqxp7zja+PuWXPLcPz1GKJhsrNVFpeNFEbm3lD9ycHD5tm4HYWkabVH3gj
mrAk6AfyQZoTsU7v28KJSZNsdJy/oX+lpezTBx6ONV/fAs8A5HUUsYdqHKsAFS6o
mgDKPSL10Te6z3LPawMRoKS0bF1nOHHXnGLwsW0EBRUcdTJ7JHRnughC/M3kNqBR
5JMrNJEQ3+sr9/I93OehD9QXeO5gLx0Nbgb9ba6kfSi9UzWNeQIbKjT3+W3ANasf
YRNIznM0q1xsLnIFVOdGHuF5NleXu3IcrAyUR8eBUj4l
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:55:26 2025 by rpki-client