Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/cHDBlBO6N0ca9YSLdLpALyyHWaI.roa
File: cHDBlBO6N0ca9YSLdLpALyyHWaI.roa (raw, json)
Hash identifier: o2xngpUpZnDRvPeXgXjlZjCICvbC/BE21jFOWmBqYGA=
Subject key identifier: 70:70:C1:94:13:BA:37:47:1A:F5:84:8B:74:BA:40:2F:2C:87:59:A2
Certificate issuer: /CN=f440e5eba2f8bfc8fe8fe56cc88a4289652390ba
Certificate serial: 019423696A3AC9C7415A79A8923C3635A386
Authority key identifier: F4:40:E5:EB:A2:F8:BF:C8:FE:8F:E5:6C:C8:8A:42:89:65:23:90:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9EDl66L4v8j-j-VsyIpCiWUjkLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/cHDBlBO6N0ca9YSLdLpALyyHWaI.roa
Signing time: Wed 01 Jan 2025 19:48:18 +0000
ROA not before: Wed 01 Jan 2025 19:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 195.225.128.0/23 maxlen: 23
195.225.130.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:6a:3a:c9:c7:41:5a:79:a8:92:3c:36:35:a3:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f440e5eba2f8bfc8fe8fe56cc88a4289652390ba
Validity
Not Before: Jan 1 19:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7070c19413ba37471af5848b74ba402f2c8759a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7d:f0:3b:c7:a8:d6:f5:cb:07:65:24:76:80:
c7:de:2d:f6:7b:67:7b:b9:6a:5b:e5:20:0f:f7:58:
ae:1f:ba:1a:ce:80:96:dc:ae:4d:c6:95:22:d8:20:
80:b1:38:ff:e7:5c:51:af:f1:2d:a5:ef:bf:fa:68:
c8:f0:24:d2:56:51:df:eb:38:02:6d:d3:d5:96:22:
59:ed:c3:56:ce:95:53:9f:6b:53:bc:94:f2:7c:48:
16:9c:10:34:48:47:0b:1d:88:df:a5:b5:ea:67:58:
bb:8e:01:5c:1e:20:1a:1e:f7:86:7e:0e:8e:48:e5:
1f:61:b5:0b:29:e4:28:8f:fd:77:ed:90:91:e4:bf:
1e:4c:37:40:4d:79:e2:08:97:db:58:11:ed:14:94:
39:9b:07:b1:92:79:71:b4:0a:99:bf:d9:0c:c8:ed:
17:5a:ff:7d:fe:c3:d8:7f:c9:3f:be:ef:2f:57:1f:
ba:e4:5d:35:86:d7:11:9a:e9:39:ae:1c:d7:fd:41:
11:0b:50:03:a7:e3:ed:72:6a:bc:7a:7f:44:1c:4d:
37:93:17:0b:e2:c1:14:7f:d1:ff:d6:f3:d7:80:d6:
40:d7:67:3d:f2:97:05:00:e0:99:d0:97:8c:f4:e1:
02:4a:0b:93:05:b9:06:77:ec:f6:7e:70:77:9f:c2:
72:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:70:C1:94:13:BA:37:47:1A:F5:84:8B:74:BA:40:2F:2C:87:59:A2
X509v3 Authority Key Identifier:
keyid:F4:40:E5:EB:A2:F8:BF:C8:FE:8F:E5:6C:C8:8A:42:89:65:23:90:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9EDl66L4v8j-j-VsyIpCiWUjkLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/cHDBlBO6N0ca9YSLdLpALyyHWaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/9EDl66L4v8j-j-VsyIpCiWUjkLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.128.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:e6:54:ae:cb:c2:0f:f0:bb:f2:56:bc:fe:54:8d:41:e0:b2:
66:68:c7:df:61:88:78:01:2a:8c:11:3f:21:1d:77:fa:dc:77:
30:c4:04:76:2c:ec:f1:63:40:ca:e4:bb:0e:14:80:d8:47:56:
7a:bc:81:fe:15:ce:07:3b:15:8f:24:93:8f:47:dd:cf:69:c7:
d3:1d:43:37:0c:35:77:d6:43:1d:27:20:de:fe:fd:66:1e:1e:
dd:9f:4b:fd:1a:f3:e6:18:cb:2f:44:ba:0d:fa:6a:0e:83:ff:
34:49:61:7a:54:67:4f:0c:94:f5:2d:4c:03:1a:1c:5a:c7:15:
2b:44:c1:bb:e4:70:46:47:ee:82:4a:09:fc:07:fe:93:a2:b7:
4c:a4:9c:0b:dc:24:b9:a6:c8:b8:54:e5:b3:d0:4d:4e:2e:2d:
c7:a1:d0:e9:b3:5a:26:9f:51:21:f1:c0:22:48:fb:bc:c9:96:
64:3b:bb:17:e9:4e:c8:8e:c1:7c:76:b4:a4:f1:ba:19:e4:48:
66:71:3e:13:a7:56:ea:e4:31:56:d7:28:71:94:90:e1:9c:5f:
0e:30:37:af:5d:e1:8d:dd:a3:66:9b:70:6c:54:02:49:8f:89:
3c:21:2b:7c:49:2c:38:31:44:46:3c:89:6a:3b:67:3c:d4:c8:
ef:89:ff:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaWo6ycdBWnmokjw2NaOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NDBlNWViYTJmOGJmYzhmZThmZTU2Y2M4OGE0Mjg5NjUy
MzkwYmEwHhcNMjUwMTAxMTk0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDcwYzE5NDEzYmEzNzQ3MWFmNTg0OGI3NGJhNDAyZjJjODc1OWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvn3wO8eo1vXLB2UkdoDH3i32e2d7
uWpb5SAP91iuH7oazoCW3K5NxpUi2CCAsTj/51xRr/Etpe+/+mjI8CTSVlHf6zgC
bdPVliJZ7cNWzpVTn2tTvJTyfEgWnBA0SEcLHYjfpbXqZ1i7jgFcHiAaHveGfg6O
SOUfYbULKeQoj/137ZCR5L8eTDdATXniCJfbWBHtFJQ5mwexknlxtAqZv9kMyO0X
Wv99/sPYf8k/vu8vVx+65F01htcRmuk5rhzX/UERC1ADp+Ptcmq8en9EHE03kxcL
4sEUf9H/1vPXgNZA12c98pcFAOCZ0JeM9OECSguTBbkGd+z2fnB3n8Jy/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBwwZQTujdHGvWEi3S6QC8sh1miMB8GA1UdIwQY
MBaAFPRA5eui+L/I/o/lbMiKQollI5C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUVEbDY2TDR2OGotai1Wc3lJcENpV1Vqa0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kZTg2NjItOTkzZi00N2Y3LWEyN2Yt
MDBiOTJjMWMxZWY0LzEvY0hEQmxCTzZOMGNhOVlTTGRMcEFMeXlIV2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kZTg2NjItOTkzZi00N2Y3LWEyN2YtMDBiOTJjMWMxZWY0
LzEvOUVEbDY2TDR2OGotai1Wc3lJcENpV1Vqa0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw+GAMA0G
CSqGSIb3DQEBCwUAA4IBAQBd5lSuy8IP8LvyVrz+VI1B4LJmaMffYYh4ASqMET8h
HXf63HcwxAR2LOzxY0DK5LsOFIDYR1Z6vIH+Fc4HOxWPJJOPR93PacfTHUM3DDV3
1kMdJyDe/v1mHh7dn0v9GvPmGMsvRLoN+moOg/80SWF6VGdPDJT1LUwDGhxaxxUr
RMG75HBGR+6CSgn8B/6TordMpJwL3CS5psi4VOWz0E1OLi3HodDps1omn1Eh8cAi
SPu8yZZkO7sX6U7IjsF8drSk8boZ5EhmcT4Tp1bq5DFW1yhxlJDhnF8OMDevXeGN
3aNmm3BsVAJJj4k8ISt8SSw4MURGPIlqO2c81Mjvif90
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:48:29 2025 by rpki-client