Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/9a10c3-212f-4c5e-97bb-e0d576a5450e/1/izKyNN07Ux3U5xT_e0LwmSxlm3g.roa
File: izKyNN07Ux3U5xT_e0LwmSxlm3g.roa (raw, json)
Hash identifier: 5sHxaNHhFHbIzK2JB6pJOwwX7f4oOth8b9V4EgOV6Mc=
Subject key identifier: 8B:32:B2:34:DD:3B:53:1D:D4:E7:14:FF:7B:42:F0:99:2C:65:9B:78
Certificate issuer: /CN=71986731925be8551a53091afe6d0972dfa3807e
Certificate serial: 019425FC4F1178EA265E90C1720992E896C2
Authority key identifier: 71:98:67:31:92:5B:E8:55:1A:53:09:1A:FE:6D:09:72:DF:A3:80:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZhnMZJb6FUaUwka_m0Jct-jgH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/9a10c3-212f-4c5e-97bb-e0d576a5450e/1/izKyNN07Ux3U5xT_e0LwmSxlm3g.roa
Signing time: Thu 02 Jan 2025 07:47:59 +0000
ROA not before: Thu 02 Jan 2025 07:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211007
IP address blocks: 195.85.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:4f:11:78:ea:26:5e:90:c1:72:09:92:e8:96:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71986731925be8551a53091afe6d0972dfa3807e
Validity
Not Before: Jan 2 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b32b234dd3b531dd4e714ff7b42f0992c659b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b1:53:98:d7:77:fa:ff:60:dd:dd:0f:43:5b:
c4:3b:35:d3:94:d8:3e:52:1e:8a:4f:96:a4:1e:7c:
27:02:5f:d8:0e:03:ad:e7:2b:9d:e6:61:d8:f7:03:
74:2a:ce:90:eb:20:0c:0e:c4:4b:b4:b3:fa:d4:24:
c3:4e:a5:ee:9f:cc:89:63:cb:a9:b6:fa:0d:e5:2f:
03:30:bb:43:35:17:f3:d0:85:90:04:13:c3:a3:92:
5c:01:16:e6:90:c3:7d:1a:a0:87:e0:97:d1:a8:33:
e7:27:2d:f2:23:90:5c:35:a4:bf:d1:ff:84:09:c7:
6d:01:bc:b4:f0:04:5e:1d:11:73:a8:f1:54:1a:7c:
d0:51:45:6d:2b:54:95:c0:41:cb:93:b0:a3:98:a4:
ea:3a:24:e1:27:2b:4e:b4:45:9b:7a:f1:bc:f9:c1:
f2:1d:6b:82:1e:79:ef:4b:9b:62:75:18:cb:2b:5a:
d3:18:ad:9a:9d:05:24:cd:c7:ac:45:2f:b9:f0:05:
65:ed:3d:62:aa:50:18:5e:3e:09:70:06:ff:1d:75:
c4:87:fd:17:b6:85:0f:69:8c:d3:52:0a:f9:35:e5:
fb:b6:f2:fb:44:a5:36:08:a5:2b:44:a2:ce:fd:8f:
41:1c:03:41:3d:cd:74:22:04:d4:bc:94:3d:b5:4e:
ed:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:32:B2:34:DD:3B:53:1D:D4:E7:14:FF:7B:42:F0:99:2C:65:9B:78
X509v3 Authority Key Identifier:
keyid:71:98:67:31:92:5B:E8:55:1A:53:09:1A:FE:6D:09:72:DF:A3:80:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZhnMZJb6FUaUwka_m0Jct-jgH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/9a10c3-212f-4c5e-97bb-e0d576a5450e/1/izKyNN07Ux3U5xT_e0LwmSxlm3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/9a10c3-212f-4c5e-97bb-e0d576a5450e/1/cZhnMZJb6FUaUwka_m0Jct-jgH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.222.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:e8:aa:40:07:93:68:06:37:9d:87:9f:92:88:97:a4:5c:2d:
0b:83:0c:cf:3b:94:cd:ca:06:46:d3:1b:6b:76:71:42:b8:bf:
07:9b:a4:5e:e7:19:4a:12:47:50:41:86:28:0e:f6:01:3c:cc:
7c:a6:75:96:4a:48:a4:9b:68:97:92:e0:e7:60:c7:43:09:7f:
a3:bc:cb:1e:4e:69:10:8f:67:5d:40:8f:df:e5:ca:3d:21:8b:
6c:40:ea:62:a8:f3:1f:e3:69:a9:37:c3:c7:c7:17:55:a5:ae:
93:65:3e:8d:ff:08:d6:f1:5b:e3:ca:38:c8:a1:29:33:a8:d6:
60:d9:8c:23:b2:13:5b:7c:b7:9a:e3:4e:3d:ef:6a:4e:ae:a0:
b3:ff:23:50:16:6d:8a:d5:13:f3:85:f1:75:78:05:53:a8:9a:
70:6b:53:ff:5c:28:3b:23:a0:9d:88:ec:78:66:51:09:1c:43:
72:6b:32:5d:fc:70:b3:c1:ef:b0:aa:a6:3a:ae:2d:bd:8f:be:
60:b0:e4:bd:e9:a3:5b:5b:05:13:54:1e:04:4a:c6:a2:fe:44:
ab:71:01:62:bb:89:34:d6:49:77:c2:57:f1:56:34:75:87:72:
21:5c:08:95:2d:58:a2:b5:b2:1d:5e:ac:05:a8:13:a6:d1:2a:
c3:4f:d0:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/E8ReOomXpDBcgmS6JbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTg2NzMxOTI1YmU4NTUxYTUzMDkxYWZlNmQwOTcyZGZh
MzgwN2UwHhcNMjUwMTAyMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjMyYjIzNGRkM2I1MzFkZDRlNzE0ZmY3YjQyZjA5OTJjNjU5Yjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7FTmNd3+v9g3d0PQ1vEOzXTlNg+
Uh6KT5akHnwnAl/YDgOt5yud5mHY9wN0Ks6Q6yAMDsRLtLP61CTDTqXun8yJY8up
tvoN5S8DMLtDNRfz0IWQBBPDo5JcARbmkMN9GqCH4JfRqDPnJy3yI5BcNaS/0f+E
CcdtAby08AReHRFzqPFUGnzQUUVtK1SVwEHLk7CjmKTqOiThJytOtEWbevG8+cHy
HWuCHnnvS5tidRjLK1rTGK2anQUkzcesRS+58AVl7T1iqlAYXj4JcAb/HXXEh/0X
toUPaYzTUgr5NeX7tvL7RKU2CKUrRKLO/Y9BHANBPc10IgTUvJQ9tU7twQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIsysjTdO1Md1OcU/3tC8JksZZt4MB8GA1UdIwQY
MBaAFHGYZzGSW+hVGlMJGv5tCXLfo4B+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pobk1aSmI2RlVhVXdrYV9tMEpjdC1qZ0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85YTEwYzMtMjEyZi00YzVlLTk3YmIt
ZTBkNTc2YTU0NTBlLzEvaXpLeU5OMDdVeDNVNXhUX2UwTHdtU3hsbTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi85YTEwYzMtMjEyZi00YzVlLTk3YmItZTBkNTc2YTU0NTBl
LzEvY1pobk1aSmI2RlVhVXdrYV9tMEpjdC1qZ0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1XeMA0G
CSqGSIb3DQEBCwUAA4IBAQBv6KpAB5NoBjedh5+SiJekXC0LgwzPO5TNygZG0xtr
dnFCuL8Hm6Re5xlKEkdQQYYoDvYBPMx8pnWWSkikm2iXkuDnYMdDCX+jvMseTmkQ
j2ddQI/f5co9IYtsQOpiqPMf42mpN8PHxxdVpa6TZT6N/wjW8VvjyjjIoSkzqNZg
2YwjshNbfLea404972pOrqCz/yNQFm2K1RPzhfF1eAVTqJpwa1P/XCg7I6CdiOx4
ZlEJHENyazJd/HCzwe+wqqY6ri29j75gsOS96aNbWwUTVB4ESsai/kSrcQFiu4k0
1kl3wlfxVjR1h3IhXAiVLViitbIdXqwFqBOm0SrDT9C3
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:31:10 2025 by rpki-client