Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/iknWvgSi4CDYkitFTohxm8iPXu8.roa
File: iknWvgSi4CDYkitFTohxm8iPXu8.roa (raw, json)
Hash identifier: pocpAlUfKHxHy/KMYbYR0Bx0+I29Yd90kmA48qIMexc=
Subject key identifier: 8A:49:D6:BE:04:A2:E0:20:D8:92:2B:45:4E:88:71:9B:C8:8F:5E:EF
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 019428280D9D5ECA14F70BD19EE6C4BFBB72
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/iknWvgSi4CDYkitFTohxm8iPXu8.roa
Signing time: Thu 02 Jan 2025 17:55:01 +0000
ROA not before: Thu 02 Jan 2025 17:55:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21337
IP address blocks: 195.34.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:0d:9d:5e:ca:14:f7:0b:d1:9e:e6:c4:bf:bb:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 17:55:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a49d6be04a2e020d8922b454e88719bc88f5eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c0:a7:9f:4e:8d:1c:c4:7e:ef:81:b1:f4:f8:
54:99:7d:ec:6a:54:6b:5a:b1:6b:f2:34:96:16:86:
f9:86:f2:c7:1e:df:2a:ac:e5:b0:99:32:b4:e5:72:
b0:f6:75:44:dc:e1:f3:4c:54:97:0d:7d:3f:95:4b:
ea:cc:38:57:8d:87:6f:65:fa:25:59:a2:32:8b:d5:
bc:e7:ee:81:52:b9:a7:af:0b:5e:ef:51:6b:88:4e:
05:1a:ce:e6:18:9e:c4:6b:8b:6c:7e:97:a2:ee:cd:
b1:27:e6:15:00:ba:1c:c0:90:68:e2:8e:e7:d3:f6:
16:57:fd:a3:64:69:6a:25:2c:21:f0:a1:52:73:a2:
86:51:b6:9d:c4:ae:96:86:bb:c1:bc:b4:f9:34:3f:
61:2e:65:40:62:36:f5:66:18:98:e5:e9:1b:8d:91:
ec:50:d2:dd:4d:c2:7b:e2:b1:6a:6f:cb:02:6a:a2:
c6:49:03:be:ff:1c:38:e6:38:65:b2:14:80:b9:33:
48:9c:37:bd:0e:dd:9e:20:d8:2a:90:48:fb:db:36:
f7:b7:34:7e:09:50:9e:87:1b:18:ce:6e:3d:0f:25:
9e:81:59:6a:90:d1:ed:74:13:7a:88:e0:50:a8:b0:
a2:74:69:96:ba:91:f6:ae:fb:95:df:9a:b3:46:01:
1e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:49:D6:BE:04:A2:E0:20:D8:92:2B:45:4E:88:71:9B:C8:8F:5E:EF
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/iknWvgSi4CDYkitFTohxm8iPXu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.34.112.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:bd:52:4c:a7:ee:2d:99:44:bb:ef:e0:ce:ab:83:19:e4:46:
ce:28:ce:c9:10:72:15:a6:97:b0:9c:4f:de:b5:48:e9:56:d5:
e9:9b:ea:89:0a:12:34:b1:2e:17:75:f0:a5:4c:03:0d:01:28:
16:de:ef:22:10:54:d9:86:64:ae:77:ee:40:da:53:a7:a5:03:
fe:aa:57:f0:49:20:bd:f4:3c:74:25:2d:09:d7:43:84:64:70:
3f:0e:9a:82:01:61:34:cf:98:e3:4d:aa:dd:7e:2b:5b:ed:af:
15:2e:ed:cc:0b:ab:38:5c:91:98:ab:6f:04:98:34:cc:eb:cb:
22:b6:8a:b1:72:bc:97:2e:99:ff:32:de:0e:9f:8e:0a:cd:5c:
4f:e3:dc:2e:78:ae:d4:2d:68:32:d6:77:88:d6:17:39:a4:ea:
00:52:4f:bc:75:ba:9a:05:8f:bf:97:fb:36:0c:41:40:ea:a7:
a7:8e:79:fc:44:96:df:2a:70:97:ff:18:65:b6:65:c0:ef:c0:
ce:f2:1c:2d:a6:d1:35:d8:b7:69:67:92:2b:0b:7a:e8:5c:52:
66:88:b1:1a:ea:e3:2e:68:24:9c:fd:bb:5d:f9:6d:3e:35:93:
04:fa:78:d6:cc:ba:bd:fc:98:07:fd:ca:8f:fd:88:d7:ce:aa:
c5:0e:c2:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoKA2dXsoU9wvRnubEv7tyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjUwMTAyMTc1NTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQ5ZDZiZTA0YTJlMDIwZDg5MjJiNDU0ZTg4NzE5YmM4OGY1ZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsCnn06NHMR+74Gx9PhUmX3salRr
WrFr8jSWFob5hvLHHt8qrOWwmTK05XKw9nVE3OHzTFSXDX0/lUvqzDhXjYdvZfol
WaIyi9W85+6BUrmnrwte71FriE4FGs7mGJ7Ea4tsfpei7s2xJ+YVALocwJBo4o7n
0/YWV/2jZGlqJSwh8KFSc6KGUbadxK6WhrvBvLT5ND9hLmVAYjb1ZhiY5ekbjZHs
UNLdTcJ74rFqb8sCaqLGSQO+/xw45jhlshSAuTNInDe9Dt2eINgqkEj72zb3tzR+
CVCehxsYzm49DyWegVlqkNHtdBN6iOBQqLCidGmWupH2rvuV35qzRgEeWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIpJ1r4EouAg2JIrRU6IcZvIj17vMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvaWtuV3ZnU2k0Q0RZa2l0RlRvaHhtOGlQWHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyJwMA0G
CSqGSIb3DQEBCwUAA4IBAQBPvVJMp+4tmUS77+DOq4MZ5EbOKM7JEHIVppewnE/e
tUjpVtXpm+qJChI0sS4XdfClTAMNASgW3u8iEFTZhmSud+5A2lOnpQP+qlfwSSC9
9Dx0JS0J10OEZHA/DpqCAWE0z5jjTardfitb7a8VLu3MC6s4XJGYq28EmDTM68si
toqxcryXLpn/Mt4On44KzVxP49wueK7ULWgy1neI1hc5pOoAUk+8dbqaBY+/l/s2
DEFA6qenjnn8RJbfKnCX/xhltmXA78DO8hwtptE12LdpZ5IrC3roXFJmiLEa6uMu
aCSc/btd+W0+NZME+njWzLq9/JgH/cqP/YjXzqrFDsLs
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:58:50 2025 by rpki-client