Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/6dlgGhMO4HaNIO71jk09HsnD_U8.roa
File: 6dlgGhMO4HaNIO71jk09HsnD_U8.roa (raw, json)
Hash identifier: rj9RQKo3m78HA0PAnuFA+kkz49Hjm0QW9NbvdyFvUnM=
Subject key identifier: E9:D9:60:1A:13:0E:E0:76:8D:20:EE:F5:8E:4D:3D:1E:C9:C3:FD:4F
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 019425FCB8FDB322126FDB223A8F63E74B1F
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/6dlgGhMO4HaNIO71jk09HsnD_U8.roa
Signing time: Thu 02 Jan 2025 07:48:26 +0000
ROA not before: Thu 02 Jan 2025 07:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206838
IP address blocks: 195.167.148.0/24 maxlen: 24
195.167.149.0/24 maxlen: 24
2001:1a68:2a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:b8:fd:b3:22:12:6f:db:22:3a:8f:63:e7:4b:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 07:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9d9601a130ee0768d20eef58e4d3d1ec9c3fd4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:dc:f8:fe:4e:37:9a:68:51:01:72:11:5d:b8:
24:fb:f6:8b:56:50:0a:86:72:77:77:26:c6:98:cf:
43:d6:71:8c:a7:61:00:f7:18:4d:93:8a:6f:bb:b8:
82:38:33:2f:c0:8e:22:2b:b9:55:16:1d:3c:f3:c6:
70:15:57:28:46:c1:dd:a2:0c:ff:70:ef:a6:c3:e1:
02:7d:63:b4:e6:2c:d3:91:2c:76:fa:a0:a5:9a:65:
bc:71:ed:56:e7:55:06:47:6b:77:e7:e5:ea:0c:38:
5e:4a:1e:e1:78:ef:41:e4:4b:b4:15:5a:e4:c1:59:
5e:5a:0a:c2:a9:63:08:56:46:26:6f:f7:3c:77:e7:
50:25:96:bc:c9:50:38:6c:1d:17:48:91:8d:d1:d5:
9e:7b:b0:a4:17:59:39:b1:7c:90:52:20:d4:46:9f:
3c:40:97:51:b5:6f:04:88:a5:27:8d:3e:11:5e:9c:
ba:a5:49:3c:25:59:8b:c5:fd:7c:2f:ab:58:28:6e:
13:f1:3c:86:8b:e7:08:fb:0e:ef:46:c7:0f:82:0e:
53:e1:30:2d:c6:97:66:53:85:e9:f3:7c:ff:fd:4f:
f0:10:58:84:fc:08:fe:62:b0:6f:02:26:45:21:06:
90:4d:04:e8:64:0e:9e:5d:eb:11:a8:9e:ae:4a:58:
88:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:D9:60:1A:13:0E:E0:76:8D:20:EE:F5:8E:4D:3D:1E:C9:C3:FD:4F
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/6dlgGhMO4HaNIO71jk09HsnD_U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.167.148.0/23
IPv6:
2001:1a68:2a::/48
Signature Algorithm: sha256WithRSAEncryption
72:6f:5c:fe:c7:7f:1c:00:a2:6e:64:b1:5f:b0:05:78:82:f9:
d7:7f:42:3d:3f:fe:19:48:e2:96:fc:b6:56:14:cf:9d:dc:58:
75:34:3d:eb:e6:29:7f:e2:ec:51:92:5d:46:a4:cb:04:f0:3c:
f5:74:e7:77:d1:d7:4d:25:d9:3e:bb:47:9a:4a:a5:3e:d8:0a:
49:ba:77:4a:eb:a2:1b:d2:a0:63:f1:93:bb:e0:6b:70:43:4b:
3c:fb:d3:16:3d:09:90:ca:95:32:92:a6:57:2e:82:05:e5:68:
85:c4:7f:b1:f7:de:aa:c9:5a:35:e8:bc:25:f6:89:e6:c7:b7:
da:50:64:cd:d3:53:d7:9e:0f:5a:8e:0a:c7:07:bf:5d:71:a9:
74:e3:11:d2:31:5a:46:5d:31:87:04:94:7a:65:56:9b:72:07:
79:1e:0d:d7:ca:3a:38:69:c6:2e:a1:52:aa:a1:b2:18:e1:f8:
d5:5e:d8:8b:ff:d6:4a:58:9c:ba:15:b4:a7:79:6d:ab:b6:2d:
1a:12:df:b7:8a:32:58:10:08:aa:4a:de:ab:06:be:3e:b0:ef:
61:10:3d:9a:b5:c2:70:7d:ca:59:b6:75:c1:fc:bc:51:f8:cd:
c2:13:52:de:67:c1:ba:c1:47:7b:24:4a:1f:7b:ac:60:37:15:
15:eb:3f:85
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQl/Lj9syISb9siOo9j50sfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjUwMTAyMDc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWQ5NjAxYTEzMGVlMDc2OGQyMGVlZjU4ZTRkM2QxZWM5YzNmZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstz4/k43mmhRAXIRXbgk+/aLVlAK
hnJ3dybGmM9D1nGMp2EA9xhNk4pvu7iCODMvwI4iK7lVFh0888ZwFVcoRsHdogz/
cO+mw+ECfWO05izTkSx2+qClmmW8ce1W51UGR2t35+XqDDheSh7heO9B5Eu0FVrk
wVleWgrCqWMIVkYmb/c8d+dQJZa8yVA4bB0XSJGN0dWee7CkF1k5sXyQUiDURp88
QJdRtW8EiKUnjT4RXpy6pUk8JVmLxf18L6tYKG4T8TyGi+cI+w7vRscPgg5T4TAt
xpdmU4Xp83z//U/wEFiE/Aj+YrBvAiZFIQaQTQToZA6eXesRqJ6uSliIEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOnZYBoTDuB2jSDu9Y5NPR7Jw/1PMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvNmRsZ0doTU80SGFOSU83MWprMDlIc25EX1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw6eUMA8E
AgACMAkDBwAgARpoACowDQYJKoZIhvcNAQELBQADggEBAHJvXP7HfxwAom5ksV+w
BXiC+dd/Qj0//hlI4pb8tlYUz53cWHU0PevmKX/i7FGSXUakywTwPPV053fR100l
2T67R5pKpT7YCkm6d0rrohvSoGPxk7vga3BDSzz70xY9CZDKlTKSplcuggXlaIXE
f7H33qrJWjXovCX2iebHt9pQZM3TU9eeD1qOCscHv11xqXTjEdIxWkZdMYcElHpl
VptyB3keDdfKOjhpxi6hUqqhshjh+NVe2Iv/1kpYnLoVtKd5bau2LRoS37eKMlgQ
CKpK3qsGvj6w72EQPZq1wnB9ylm2dcH8vFH4zcITUt5nwbrBR3skSh97rGA3FRXr
P4U=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:12 2025 by rpki-client