Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/VQEhZHRI_51L-qPYAqsPHPNhngo.roa
File: VQEhZHRI_51L-qPYAqsPHPNhngo.roa (raw, json)
Hash identifier: x+W3XCRbSsqe5EAx2dK2PnCFHJSGnsA8p+6YOIwEtcI=
Subject key identifier: 55:01:21:64:74:48:FF:9D:4B:FA:A3:D8:02:AB:0F:1C:F3:61:9E:0A
Certificate issuer: /CN=33b1b31396083ce9ed51e462898e294ed8215ae7
Certificate serial: 01942445A0199168F45E04E83A83A7CD20AF
Authority key identifier: 33:B1:B3:13:96:08:3C:E9:ED:51:E4:62:89:8E:29:4E:D8:21:5A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7GzE5YIPOntUeRiiY4pTtghWuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/VQEhZHRI_51L-qPYAqsPHPNhngo.roa
Signing time: Wed 01 Jan 2025 23:48:50 +0000
ROA not before: Wed 01 Jan 2025 23:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44092
IP address blocks: 195.36.16.0/20 maxlen: 20
195.36.16.0/24 maxlen: 24
195.36.17.0/24 maxlen: 24
195.36.18.0/24 maxlen: 24
195.36.19.0/24 maxlen: 24
195.36.20.0/22 maxlen: 22
195.36.20.0/24 maxlen: 24
195.36.21.0/24 maxlen: 24
195.36.22.0/24 maxlen: 24
195.36.23.0/24 maxlen: 24
195.36.24.0/22 maxlen: 22
195.36.24.0/24 maxlen: 24
195.36.25.0/24 maxlen: 24
195.36.26.0/24 maxlen: 24
195.36.27.0/24 maxlen: 24
195.36.28.0/24 maxlen: 24
195.36.29.0/24 maxlen: 24
195.36.30.0/24 maxlen: 24
195.36.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:a0:19:91:68:f4:5e:04:e8:3a:83:a7:cd:20:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b1b31396083ce9ed51e462898e294ed8215ae7
Validity
Not Before: Jan 1 23:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=550121647448ff9d4bfaa3d802ab0f1cf3619e0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:eb:38:0a:2d:de:81:a9:3c:89:c9:43:64:75:
03:9e:fa:6e:2c:e7:5c:4a:e3:d3:73:6e:6e:c0:08:
76:c2:d1:ae:ee:bf:3b:9a:8d:c7:06:24:14:37:76:
ac:2d:be:1a:4d:29:89:42:5f:a7:13:ec:ab:2f:e1:
27:94:76:9f:9b:29:11:69:5e:f5:a6:31:55:91:19:
22:44:06:31:81:d7:bc:1d:ea:d2:92:de:a2:3a:3c:
7c:1f:18:8a:12:2e:cb:46:b5:83:83:c3:6e:55:6b:
8f:79:4c:72:18:e4:c9:1b:85:4c:44:2a:78:a8:e7:
d9:cf:78:e4:b5:14:c9:21:fe:60:fb:70:5f:31:1a:
90:71:09:af:5d:3b:c4:26:e7:49:19:8c:bb:f1:19:
b4:f0:13:83:29:ed:4a:59:02:5e:eb:66:0f:82:e0:
4d:8d:d2:65:aa:c1:6d:0d:d3:a9:60:82:7c:59:e9:
d9:41:3c:1d:f2:be:aa:c8:8a:00:08:42:3c:b4:66:
24:14:cd:e2:da:c0:47:6d:54:fb:31:99:9b:02:1f:
8d:e4:8b:04:83:de:19:23:94:80:27:e7:c7:6d:a1:
34:67:74:b6:00:0b:ed:0a:75:45:52:50:ec:97:7a:
12:f9:da:b2:1b:cc:6a:2b:0f:1e:83:40:68:40:5d:
52:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:01:21:64:74:48:FF:9D:4B:FA:A3:D8:02:AB:0F:1C:F3:61:9E:0A
X509v3 Authority Key Identifier:
keyid:33:B1:B3:13:96:08:3C:E9:ED:51:E4:62:89:8E:29:4E:D8:21:5A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7GzE5YIPOntUeRiiY4pTtghWuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/VQEhZHRI_51L-qPYAqsPHPNhngo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/M7GzE5YIPOntUeRiiY4pTtghWuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.36.16.0/20
Signature Algorithm: sha256WithRSAEncryption
22:61:84:3d:aa:0a:55:36:8a:69:37:57:08:47:e7:78:c2:d0:
0e:a7:5e:88:2a:41:92:02:1b:61:06:34:b7:45:a6:f8:65:61:
38:ec:f0:ac:23:5b:35:9b:0f:1e:d4:cf:51:7d:7a:ed:6d:da:
77:8a:e6:bb:45:93:7a:7f:15:28:df:a5:05:3c:37:32:07:fc:
33:bd:56:e5:cc:a3:e2:51:14:8c:2b:94:d4:41:cb:bf:11:0d:
3f:6d:3e:30:d5:36:e9:51:76:a1:5b:ac:52:54:1f:5b:6e:dd:
b2:4c:49:be:65:47:24:7e:9e:55:cb:cc:d0:9e:73:36:92:ee:
c0:a0:7f:51:01:ad:21:55:db:bd:5a:1d:bb:cf:28:5c:ac:24:
97:bf:83:60:2b:6c:25:ad:d3:23:70:95:3f:0b:cc:7e:ee:6d:
48:31:53:87:ae:17:f2:d5:e2:94:7a:f9:0b:95:ce:f5:17:b6:
8e:25:e5:26:61:39:e6:69:a9:8d:76:ae:b2:e0:90:ba:b0:b5:
f5:07:ba:e0:1f:00:ae:a6:c4:82:a9:86:9b:27:79:3e:2b:d6:
31:90:90:cb:d3:9e:16:f4:27:a3:c9:15:94:8b:25:8a:1d:90:
34:5e:eb:3b:65:8d:13:89:2d:94:1e:46:a6:af:cb:81:91:a9:
c0:55:a1:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRaAZkWj0XgToOoOnzSCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYjFiMzEzOTYwODNjZTllZDUxZTQ2Mjg5OGUyOTRlZDgy
MTVhZTcwHhcNMjUwMTAxMjM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTAxMjE2NDc0NDhmZjlkNGJmYWEzZDgwMmFiMGYxY2YzNjE5ZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOs4Ci3egak8iclDZHUDnvpuLOdc
SuPTc25uwAh2wtGu7r87mo3HBiQUN3asLb4aTSmJQl+nE+yrL+EnlHafmykRaV71
pjFVkRkiRAYxgde8HerSkt6iOjx8HxiKEi7LRrWDg8NuVWuPeUxyGOTJG4VMRCp4
qOfZz3jktRTJIf5g+3BfMRqQcQmvXTvEJudJGYy78Rm08BODKe1KWQJe62YPguBN
jdJlqsFtDdOpYIJ8WenZQTwd8r6qyIoACEI8tGYkFM3i2sBHbVT7MZmbAh+N5IsE
g94ZI5SAJ+fHbaE0Z3S2AAvtCnVFUlDsl3oS+dqyG8xqKw8eg0BoQF1SGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFUBIWR0SP+dS/qj2AKrDxzzYZ4KMB8GA1UdIwQY
MBaAFDOxsxOWCDzp7VHkYomOKU7YIVrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTdHekU1WUlQT250VWVSaWlZNHBUdGdoV3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8xY2MxZmEtMjhkZC00NGQ0LTk4YTAt
MzNlNjFiZDkxMmVhLzEvVlFFaFpIUklfNTFMLXFQWUFxc1BIUE5obmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8xY2MxZmEtMjhkZC00NGQ0LTk4YTAtMzNlNjFiZDkxMmVh
LzEvTTdHekU1WUlQT250VWVSaWlZNHBUdGdoV3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwyQQMA0G
CSqGSIb3DQEBCwUAA4IBAQAiYYQ9qgpVNoppN1cIR+d4wtAOp16IKkGSAhthBjS3
Rab4ZWE47PCsI1s1mw8e1M9RfXrtbdp3iua7RZN6fxUo36UFPDcyB/wzvVblzKPi
URSMK5TUQcu/EQ0/bT4w1TbpUXahW6xSVB9bbt2yTEm+ZUckfp5Vy8zQnnM2ku7A
oH9RAa0hVdu9Wh27zyhcrCSXv4NgK2wlrdMjcJU/C8x+7m1IMVOHrhfy1eKUevkL
lc71F7aOJeUmYTnmaamNdq6y4JC6sLX1B7rgHwCupsSCqYabJ3k+K9YxkJDL054W
9CejyRWUiyWKHZA0Xus7ZY0TiS2UHkamr8uBkanAVaGx
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:43:08 2025 by rpki-client