Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/27d4f2-d1dc-41bd-b8e6-9545b133c4e3/1/AJyo0Y_dkx8QIuv2wonF4ZgqCIY.roa
File: AJyo0Y_dkx8QIuv2wonF4ZgqCIY.roa (raw, json)
Hash identifier: VbZWKd4Qc9WJMZdVpVeJUfIGnbxFjvIKLnN4MDAAhzI=
Subject key identifier: 00:9C:A8:D1:8F:DD:93:1F:10:22:EB:F6:C2:89:C5:E1:98:2A:08:86
Certificate issuer: /CN=d9f349d6906ed1edd3c89e756e6a8ce4c1910054
Certificate serial: 018572BA67DEF921CC107FD62594D0BF8893
Authority key identifier: D9:F3:49:D6:90:6E:D1:ED:D3:C8:9E:75:6E:6A:8C:E4:C1:91:00:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fNJ1pBu0e3TyJ51bmqM5MGRAFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/27d4f2-d1dc-41bd-b8e6-9545b133c4e3/1/AJyo0Y_dkx8QIuv2wonF4ZgqCIY.roa
Signing time: Mon 02 Jan 2023 13:44:56 +0000
ROA not before: Mon 02 Jan 2023 13:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 195.64.117.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:67:de:f9:21:cc:10:7f:d6:25:94:d0:bf:88:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f349d6906ed1edd3c89e756e6a8ce4c1910054
Validity
Not Before: Jan 2 13:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=009ca8d18fdd931f1022ebf6c289c5e1982a0886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:04:a6:a6:78:34:12:23:f3:78:d2:9d:52:c4:
b5:fe:55:ec:d2:5d:1f:90:40:8e:ad:82:24:c2:d1:
c7:8f:23:68:7e:f0:c0:d8:bd:41:5a:e9:7b:a9:56:
78:7e:48:0d:c3:ad:c5:cd:29:71:e5:bd:b7:46:0b:
df:cb:c1:0d:2d:cb:f9:d7:94:25:f3:40:be:e0:64:
17:f9:29:7d:c0:e6:f7:c0:00:42:d1:bb:88:45:95:
9f:38:0c:ee:06:49:cc:64:ac:79:1d:6f:cb:fe:89:
50:27:00:b6:23:35:cd:ba:00:95:cb:33:fb:1b:1b:
1f:cb:eb:52:c7:bb:cb:9c:87:a0:e8:cb:41:64:c8:
20:2b:25:cf:18:b4:e3:a7:30:81:89:2b:41:4a:ec:
93:86:d0:84:77:6f:ee:71:82:7e:1d:c5:08:e8:ab:
dc:12:c4:a0:09:3f:d9:39:ea:41:95:db:db:39:cb:
32:58:b0:72:d8:6b:b0:e9:a9:fd:b6:1a:80:48:07:
a2:fb:f6:73:d4:75:ea:e0:5d:17:86:c4:03:61:c9:
e9:71:10:45:14:89:2b:f0:21:1f:10:62:0b:b2:66:
df:ad:f1:b1:78:4e:e1:70:04:b5:f3:5c:c7:6e:ce:
86:59:29:00:c7:21:cd:f1:8d:9c:ed:6f:60:4d:af:
1a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:9C:A8:D1:8F:DD:93:1F:10:22:EB:F6:C2:89:C5:E1:98:2A:08:86
X509v3 Authority Key Identifier:
keyid:D9:F3:49:D6:90:6E:D1:ED:D3:C8:9E:75:6E:6A:8C:E4:C1:91:00:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fNJ1pBu0e3TyJ51bmqM5MGRAFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/27d4f2-d1dc-41bd-b8e6-9545b133c4e3/1/AJyo0Y_dkx8QIuv2wonF4ZgqCIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/27d4f2-d1dc-41bd-b8e6-9545b133c4e3/1/2fNJ1pBu0e3TyJ51bmqM5MGRAFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.117.0/24
Signature Algorithm: sha256WithRSAEncryption
58:d7:94:19:c1:f1:14:3a:6c:82:90:94:c0:9e:83:21:40:65:
09:bd:ed:ff:9b:57:47:ce:3a:3e:ba:0c:d1:65:c7:d3:29:8d:
5a:93:47:1c:21:a6:d3:22:d2:b1:71:cc:55:43:95:6a:10:a5:
61:ac:26:79:ea:78:88:3b:27:9d:43:f7:dd:b0:6c:32:69:db:
ac:2f:ca:ee:77:ac:db:3f:b5:7f:a0:3c:9f:c0:d0:cd:05:66:
e0:e0:4b:4f:46:d4:8f:17:73:f9:ad:f9:71:e1:b8:d5:5e:07:
6a:7e:77:bf:ee:0b:ef:6a:27:df:c0:1d:aa:f7:a5:df:b6:03:
d7:29:e5:79:fa:ea:b2:d7:2d:c2:ef:8e:c9:b9:e4:16:86:f8:
c1:1d:cb:4f:a7:28:d8:05:d1:82:5e:31:7d:27:d8:6f:48:47:
67:27:76:1d:88:c2:c5:92:67:a0:2e:3f:54:6e:d5:f7:35:cc:
6e:b2:0f:e0:d5:2b:60:3d:23:d7:9d:2e:d8:4a:bf:8d:a3:ec:
75:35:df:58:9e:dd:dc:1c:04:a9:da:49:17:fe:c7:74:30:b8:
e5:96:e7:27:88:e9:b1:f2:d7:0e:8c:1e:6e:b4:88:da:12:5f:
86:5b:70:6c:e1:24:eb:a6:13:9a:a8:43:eb:71:8e:32:72:76:
2c:88:9d:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyumfe+SHMEH/WJZTQv4iTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjM0OWQ2OTA2ZWQxZWRkM2M4OWU3NTZlNmE4Y2U0YzE5
MTAwNTQwHhcNMjMwMTAyMTM0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDljYThkMThmZGQ5MzFmMTAyMmViZjZjMjg5YzVlMTk4MmEwODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgSmpng0EiPzeNKdUsS1/lXs0l0f
kECOrYIkwtHHjyNofvDA2L1BWul7qVZ4fkgNw63FzSlx5b23Rgvfy8ENLcv515Ql
80C+4GQX+Sl9wOb3wABC0buIRZWfOAzuBknMZKx5HW/L/olQJwC2IzXNugCVyzP7
Gxsfy+tSx7vLnIeg6MtBZMggKyXPGLTjpzCBiStBSuyThtCEd2/ucYJ+HcUI6Kvc
EsSgCT/ZOepBldvbOcsyWLBy2Guw6an9thqASAei+/Zz1HXq4F0XhsQDYcnpcRBF
FIkr8CEfEGILsmbfrfGxeE7hcAS181zHbs6GWSkAxyHN8Y2c7W9gTa8azQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACcqNGP3ZMfECLr9sKJxeGYKgiGMB8GA1UdIwQY
MBaAFNnzSdaQbtHt08iedW5qjOTBkQBUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZOSjFwQnUwZTNUeUo1MWJtcU01TUdSQUZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8yN2Q0ZjItZDFkYy00MWJkLWI4ZTYt
OTU0NWIxMzNjNGUzLzEvQUp5bzBZX2RreDhRSXV2MndvbkY0WmdxQ0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8yN2Q0ZjItZDFkYy00MWJkLWI4ZTYtOTU0NWIxMzNjNGUz
LzEvMmZOSjFwQnUwZTNUeUo1MWJtcU01TUdSQUZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0B1MA0G
CSqGSIb3DQEBCwUAA4IBAQBY15QZwfEUOmyCkJTAnoMhQGUJve3/m1dHzjo+ugzR
ZcfTKY1ak0ccIabTItKxccxVQ5VqEKVhrCZ56niIOyedQ/fdsGwyadusL8rud6zb
P7V/oDyfwNDNBWbg4EtPRtSPF3P5rflx4bjVXgdqfne/7gvvaiffwB2q96XftgPX
KeV5+uqy1y3C747JueQWhvjBHctPpyjYBdGCXjF9J9hvSEdnJ3YdiMLFkmegLj9U
btX3Ncxusg/g1StgPSPXnS7YSr+No+x1Nd9Ynt3cHASp2kkX/sd0MLjllucniOmx
8tcOjB5utIjaEl+GW3Bs4STrphOaqEPrcY4ycnYsiJ3/
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:31:41 2025 by rpki-client