Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/5uoV4iXBKOHPftTz02DmU-CdsdA.roa
File: 5uoV4iXBKOHPftTz02DmU-CdsdA.roa (raw, json)
Hash identifier: 2mpqQFSXOUV6zOOM8zKnqxs62eDdoR9K/P9KflUVZuE=
Subject key identifier: E6:EA:15:E2:25:C1:28:E1:CF:7E:D4:F3:D3:60:E6:53:E0:9D:B1:D0
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C6E0A839C8DFCFD1B8AF12E032BAD
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/5uoV4iXBKOHPftTz02DmU-CdsdA.roa
Signing time: Wed 01 Jan 2025 01:48:04 +0000
ROA not before: Wed 01 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56862
IP address blocks: 195.91.140.0/23 maxlen: 23
195.91.144.0/23 maxlen: 23
195.91.146.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:6e:0a:83:9c:8d:fc:fd:1b:8a:f1:2e:03:2b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6ea15e225c128e1cf7ed4f3d360e653e09db1d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:36:f5:48:8b:8b:e0:d4:44:ce:2f:3f:61:3b:
31:e7:2a:f0:0d:30:29:02:90:07:25:05:46:ba:2a:
40:3d:d9:80:ff:2a:e1:78:1e:52:46:98:b1:bf:a3:
e2:13:ed:e3:c1:69:02:35:54:c5:83:1b:e2:d0:37:
cb:5d:ae:71:4a:75:63:27:d1:ba:19:db:ba:46:a1:
45:0a:b2:8f:3d:f8:85:1d:a1:8c:c2:e9:f9:6e:0c:
29:33:20:65:ac:d2:39:3d:f9:f4:9d:c9:35:b5:59:
cb:e1:c6:0a:66:76:70:87:92:69:79:30:d1:d8:69:
20:10:21:91:19:c1:62:f4:71:df:2a:18:22:8b:32:
2b:79:68:9c:23:6a:02:37:da:dc:d8:8a:b0:35:3a:
52:7f:17:44:a0:69:6e:d9:22:20:60:0b:4a:0b:a5:
8a:52:2d:15:ba:27:ca:8a:f6:28:58:ba:5d:39:4f:
1e:d2:05:81:bf:c5:bc:4d:20:2f:26:2c:e1:3d:f6:
a7:46:45:87:cc:59:1a:95:41:a8:f6:22:c1:de:6b:
d4:40:51:8e:9f:cc:53:44:b8:40:62:d6:01:a7:a4:
44:37:c6:76:bd:51:64:fd:81:00:b6:a4:44:22:8d:
41:0d:fe:16:7b:05:76:87:01:cd:1c:ac:2f:87:96:
66:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:EA:15:E2:25:C1:28:E1:CF:7E:D4:F3:D3:60:E6:53:E0:9D:B1:D0
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/5uoV4iXBKOHPftTz02DmU-CdsdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.91.140.0/23
195.91.144.0/22
Signature Algorithm: sha256WithRSAEncryption
15:57:81:db:83:c2:64:fe:44:d8:a2:a5:9c:89:47:0e:f8:a2:
be:99:df:24:9e:b9:fd:82:fc:1e:27:35:24:a4:be:50:61:65:
71:26:1b:eb:fc:cf:d4:5d:28:e6:56:cf:6d:78:16:59:a2:75:
d8:2e:a3:13:9e:36:75:2f:e0:33:0e:17:e7:b3:78:f9:d0:8e:
7a:16:4d:ec:6e:20:0e:6b:c0:fa:07:b7:a1:94:1a:42:3c:e5:
f3:e2:ed:19:97:ef:79:50:fe:c6:b0:0e:7d:f8:01:80:4e:9f:
d9:ff:e8:8a:57:a2:10:42:41:22:f0:fa:f5:7e:ef:fd:ac:e4:
9e:92:b7:7c:19:98:1a:54:03:d3:74:9f:cc:7e:22:d3:97:1f:
6e:7f:98:a7:04:1d:fe:39:8c:ac:20:55:88:83:ff:fd:1d:13:
83:b1:f2:c7:ef:2a:31:6e:a9:63:e1:3e:6c:87:e1:5e:fd:d4:
89:e9:b6:d5:ff:37:63:00:00:5e:52:f2:5a:3e:b8:05:a1:0c:
91:a6:8b:d0:e5:17:9e:95:d0:c3:a3:7b:7f:68:f2:5c:d5:dd:
6d:ee:3c:6e:42:60:b4:8d:8a:ca:86:43:a0:9f:92:ef:31:79:
bd:2f:09:e0:80:4f:29:c7:e1:8d:2e:6b:c7:13:4c:56:6f:0a:
ca:14:c6:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQfjG4Kg5yN/P0bivEuAyutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmVhMTVlMjI1YzEyOGUxY2Y3ZWQ0ZjNkMzYwZTY1M2UwOWRiMWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTb1SIuL4NREzi8/YTsx5yrwDTAp
ApAHJQVGuipAPdmA/yrheB5SRpixv6PiE+3jwWkCNVTFgxvi0DfLXa5xSnVjJ9G6
Gdu6RqFFCrKPPfiFHaGMwun5bgwpMyBlrNI5Pfn0nck1tVnL4cYKZnZwh5JpeTDR
2GkgECGRGcFi9HHfKhgiizIreWicI2oCN9rc2IqwNTpSfxdEoGlu2SIgYAtKC6WK
Ui0VuifKivYoWLpdOU8e0gWBv8W8TSAvJizhPfanRkWHzFkalUGo9iLB3mvUQFGO
n8xTRLhAYtYBp6REN8Z2vVFk/YEAtqREIo1BDf4WewV2hwHNHKwvh5ZmUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFObqFeIlwSjhz37U89Ng5lPgnbHQMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvNXVvVjRpWEJLT0hQZnRUejAyRG1VLUNkc2RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw1uMAwQC
w1uQMA0GCSqGSIb3DQEBCwUAA4IBAQAVV4Hbg8Jk/kTYoqWciUcO+KK+md8knrn9
gvweJzUkpL5QYWVxJhvr/M/UXSjmVs9teBZZonXYLqMTnjZ1L+AzDhfns3j50I56
Fk3sbiAOa8D6B7ehlBpCPOXz4u0Zl+95UP7GsA59+AGATp/Z/+iKV6IQQkEi8Pr1
fu/9rOSekrd8GZgaVAPTdJ/MfiLTlx9uf5inBB3+OYysIFWIg//9HRODsfLH7yox
bqlj4T5sh+Fe/dSJ6bbV/zdjAABeUvJaPrgFoQyRpovQ5ReeldDDo3t/aPJc1d1t
7jxuQmC0jYrKhkOgn5LvMXm9LwnggE8px+GNLmvHE0xWbwrKFMYv
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:32 2025 by rpki-client