Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/0e3d64-f290-4893-9a40-c9e141333d58/1/P4_VmIDFfqYiDiPBdVVMzIA4LMY.roa
File: P4_VmIDFfqYiDiPBdVVMzIA4LMY.roa (raw, json)
Hash identifier: fbL8P+MktK6PkeO1KtnH7o+BeC/FNslw8AAfJjr38OY=
Subject key identifier: 3F:8F:D5:98:80:C5:7E:A6:22:0E:23:C1:75:55:4C:CC:80:38:2C:C6
Certificate issuer: /CN=b53d9f1bc3f0d90b6dcd1e9f6fd1e506188ea7c2
Certificate serial: 019424454EACEDFD1041BEA3427B06F3EC0F
Authority key identifier: B5:3D:9F:1B:C3:F0:D9:0B:6D:CD:1E:9F:6F:D1:E5:06:18:8E:A7:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tT2fG8Pw2QttzR6fb9HlBhiOp8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/0e3d64-f290-4893-9a40-c9e141333d58/1/P4_VmIDFfqYiDiPBdVVMzIA4LMY.roa
Signing time: Wed 01 Jan 2025 23:48:29 +0000
ROA not before: Wed 01 Jan 2025 23:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199560
IP address blocks: 185.95.208.0/22 maxlen: 24
185.95.210.0/23 maxlen: 23
2a05:fc00::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:4e:ac:ed:fd:10:41:be:a3:42:7b:06:f3:ec:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b53d9f1bc3f0d90b6dcd1e9f6fd1e506188ea7c2
Validity
Not Before: Jan 1 23:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f8fd59880c57ea6220e23c175554ccc80382cc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:63:8d:a2:39:bc:33:d4:4e:b2:6f:11:60:d9:
3e:57:cd:97:4f:8e:70:37:eb:16:da:72:99:5b:7e:
9a:44:08:3d:38:c8:c4:90:64:a1:bb:da:dd:67:d9:
85:71:65:62:25:d0:7b:1d:cb:a0:a3:ce:d9:6e:a2:
e7:98:24:cc:f9:0a:a7:4e:b7:7f:e0:be:b0:76:5a:
a1:88:66:f2:f2:fc:35:27:11:fa:e8:c0:1e:b2:d9:
9e:59:f3:1b:07:6c:0b:e8:6b:5e:1c:6d:f0:b5:e2:
dd:46:dc:8a:29:76:42:38:48:58:76:3f:e3:dd:d0:
9f:50:34:13:ad:47:39:2a:b5:60:44:ea:e7:be:70:
63:0e:c6:da:84:1a:84:2e:44:92:79:3b:34:b4:62:
64:2d:77:a8:56:0f:1c:03:d1:36:f6:90:eb:6f:6b:
09:78:75:43:c4:b1:e6:e8:b1:43:9b:9e:f4:97:6d:
c8:07:b5:37:dd:af:d6:71:03:a5:79:dc:f0:86:43:
ad:4e:b2:a5:95:fe:52:81:5d:6f:d0:28:3b:2f:e8:
da:f0:df:3e:1a:57:ae:93:37:51:01:b6:8a:45:48:
4e:b0:09:7d:8e:62:1e:47:0b:e4:37:6b:62:0c:a5:
47:73:6c:33:f7:54:0e:8c:0c:89:63:e2:28:f2:7d:
c9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:8F:D5:98:80:C5:7E:A6:22:0E:23:C1:75:55:4C:CC:80:38:2C:C6
X509v3 Authority Key Identifier:
keyid:B5:3D:9F:1B:C3:F0:D9:0B:6D:CD:1E:9F:6F:D1:E5:06:18:8E:A7:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tT2fG8Pw2QttzR6fb9HlBhiOp8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0e3d64-f290-4893-9a40-c9e141333d58/1/P4_VmIDFfqYiDiPBdVVMzIA4LMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0e3d64-f290-4893-9a40-c9e141333d58/1/tT2fG8Pw2QttzR6fb9HlBhiOp8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.208.0/22
IPv6:
2a05:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
37:da:75:10:63:a2:aa:ee:50:1d:23:e9:2e:bb:bf:72:b2:00:
43:9e:3e:84:f8:e8:a5:fc:59:7a:be:27:28:b0:5a:b4:f6:41:
e7:63:ae:e4:2b:10:43:a3:15:86:68:4a:0a:8d:12:50:d1:33:
61:10:5a:58:ff:f7:2c:6a:dc:18:38:58:5c:bd:72:3f:8f:14:
58:a2:b2:9b:08:76:f5:24:8d:75:ee:e3:79:71:97:13:e4:12:
e5:f0:f6:f4:a1:7c:53:ef:6f:cc:0d:8f:b0:79:47:34:67:bf:
e2:c3:67:f5:30:c1:32:25:ad:fc:5e:93:d1:87:18:95:8b:ed:
22:3e:0b:6d:74:09:a6:9f:9a:df:a7:d5:4c:b0:4a:4c:ac:6d:
8a:9c:39:00:36:eb:2f:3b:3f:93:7f:db:7e:f3:98:f7:41:2c:
59:f1:9b:24:c9:ee:ec:87:e3:e0:0a:9d:47:89:d6:cd:64:78:
37:21:65:b0:a6:1e:6d:67:18:03:8b:53:29:e4:c9:a7:e0:c8:
ea:b1:81:0f:26:55:5f:85:19:10:f3:f3:c5:3e:16:55:1d:e2:
40:ac:ed:65:3c:a0:7c:da:f0:b5:54:46:84:5d:8c:a7:39:f5:
d7:d6:e0:47:86:b8:c7:b6:e9:0a:2c:df:bc:5a:3a:3a:b1:11:
64:63:69:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRU6s7f0QQb6jQnsG8+wPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1M2Q5ZjFiYzNmMGQ5MGI2ZGNkMWU5ZjZmZDFlNTA2MTg4
ZWE3YzIwHhcNMjUwMTAxMjM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjhmZDU5ODgwYzU3ZWE2MjIwZTIzYzE3NTU1NGNjYzgwMzgyY2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WONojm8M9ROsm8RYNk+V82XT45w
N+sW2nKZW36aRAg9OMjEkGShu9rdZ9mFcWViJdB7Hcugo87ZbqLnmCTM+QqnTrd/
4L6wdlqhiGby8vw1JxH66MAestmeWfMbB2wL6GteHG3wteLdRtyKKXZCOEhYdj/j
3dCfUDQTrUc5KrVgROrnvnBjDsbahBqELkSSeTs0tGJkLXeoVg8cA9E29pDrb2sJ
eHVDxLHm6LFDm570l23IB7U33a/WcQOledzwhkOtTrKllf5SgV1v0Cg7L+ja8N8+
GleukzdRAbaKRUhOsAl9jmIeRwvkN2tiDKVHc2wz91QOjAyJY+Io8n3JBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD+P1ZiAxX6mIg4jwXVVTMyAOCzGMB8GA1UdIwQY
MBaAFLU9nxvD8NkLbc0en2/R5QYYjqfCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFQyZkc4UHcyUXR0elI2ZmI5SGxCaGlPcDhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wZTNkNjQtZjI5MC00ODkzLTlhNDAt
YzllMTQxMzMzZDU4LzEvUDRfVm1JREZmcVlpRGlQQmRWVk16SUE0TE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wZTNkNjQtZjI5MC00ODkzLTlhNDAtYzllMTQxMzMzZDU4
LzEvdFQyZkc4UHcyUXR0elI2ZmI5SGxCaGlPcDhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV/QMA0E
AgACMAcDBQMqBfwAMA0GCSqGSIb3DQEBCwUAA4IBAQA32nUQY6Kq7lAdI+kuu79y
sgBDnj6E+Oil/Fl6vicosFq09kHnY67kKxBDoxWGaEoKjRJQ0TNhEFpY//csatwY
OFhcvXI/jxRYorKbCHb1JI117uN5cZcT5BLl8Pb0oXxT72/MDY+weUc0Z7/iw2f1
MMEyJa38XpPRhxiVi+0iPgttdAmmn5rfp9VMsEpMrG2KnDkANusvOz+Tf9t+85j3
QSxZ8Zskye7sh+PgCp1HidbNZHg3IWWwph5tZxgDi1Mp5Mmn4MjqsYEPJlVfhRkQ
8/PFPhZVHeJArO1lPKB82vC1VEaEXYynOfXX1uBHhrjHtukKLN+8Wjo6sRFkY2l3
-----END CERTIFICATE-----
Generated at Sat Feb 22 04:27:02 2025 by rpki-client