Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/vD-mF7E6r7KyjgN_T_CVAIBjNas.roa
File: vD-mF7E6r7KyjgN_T_CVAIBjNas.roa (raw, json)
Hash identifier: XWRSFlo8pb29QrWa8GrMoK7ZaAvDJU5TeNucNBr4rtg=
Subject key identifier: BC:3F:A6:17:B1:3A:AF:B2:B2:8E:03:7F:4F:F0:95:00:80:63:35:AB
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01942067E0506A08BF78DACF49019E706D2D
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/vD-mF7E6r7KyjgN_T_CVAIBjNas.roa
Signing time: Wed 01 Jan 2025 05:47:45 +0000
ROA not before: Wed 01 Jan 2025 05:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212920
IP address blocks: 195.65.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e0:50:6a:08:bf:78:da:cf:49:01:9e:70:6d:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 05:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc3fa617b13aafb2b28e037f4ff09500806335ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:33:4c:cd:b5:5b:61:05:99:5b:66:2d:b8:77:
41:e5:b1:2b:76:23:0f:cc:4a:21:4d:42:ca:9d:a6:
7d:d3:0a:aa:f1:60:20:87:86:87:49:36:83:6e:57:
31:ce:1a:30:ae:79:8f:d4:52:48:3e:6a:c8:40:40:
57:65:0a:6b:ec:c1:ef:9f:9d:fd:03:93:b1:b5:99:
43:e0:a2:b4:f5:11:a9:08:68:83:59:19:bd:b2:4e:
34:60:96:03:39:ad:53:43:d8:0e:33:8f:e4:e0:d5:
1a:ae:f1:ee:3d:37:c5:23:6a:ba:2b:2a:d4:c3:ad:
e0:30:e8:b5:4b:88:48:b6:fc:fb:4d:1b:bb:db:2c:
a9:52:8b:7a:12:0f:c1:23:d1:5c:b9:2d:f7:0d:91:
2c:e8:17:4f:d5:c6:be:ad:8f:14:28:6d:d8:9e:a0:
80:cc:85:1e:cc:32:0a:6f:8d:b8:d8:a8:9f:96:56:
51:2f:c4:62:eb:f1:f5:d0:62:58:05:4b:d2:7d:24:
22:02:9b:72:22:9d:fb:49:bc:bc:85:35:2b:d7:c6:
7f:f0:bb:a9:a3:4c:8f:cd:38:9e:13:ef:7c:6f:4b:
04:58:61:24:f7:50:eb:40:dc:e2:56:05:54:5d:9f:
04:07:88:fa:99:ee:f9:9a:7a:7d:23:7f:d3:5e:76:
5c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:3F:A6:17:B1:3A:AF:B2:B2:8E:03:7F:4F:F0:95:00:80:63:35:AB
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/vD-mF7E6r7KyjgN_T_CVAIBjNas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.65.91.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:d7:9b:78:72:38:2a:64:90:c2:50:6d:12:a7:e4:cb:72:c7:
f2:d0:22:f0:4b:32:dc:5d:5d:f2:07:fe:1e:ab:c0:52:fb:3b:
12:f2:34:68:df:34:e6:65:cf:b3:24:6f:ef:c2:41:e3:21:80:
ec:bd:70:31:a4:a1:f4:b6:04:91:bf:62:6b:74:c9:cd:38:2b:
ff:c6:ae:38:54:39:6f:b4:91:7d:06:35:b2:0e:a7:da:0f:d8:
52:ec:9e:33:10:71:5a:24:0a:d9:ac:21:da:bb:a3:e4:14:bf:
d0:26:f0:b9:ed:42:46:ef:7f:dc:11:7c:49:25:f5:77:a3:04:
2c:50:35:71:7f:5e:1f:fa:65:f1:22:5e:b6:ac:f9:39:89:c8:
89:f6:f6:03:92:79:5d:a5:95:b7:bc:94:c5:3d:0a:82:36:b0:
97:d3:59:d6:7e:81:a9:0a:1d:76:b0:55:e0:a2:0b:93:66:58:
c5:8a:3f:b4:f0:55:2f:98:c2:2f:d0:63:55:83:7d:a6:d6:f0:
20:83:cb:a4:bc:39:7a:cd:27:1a:88:45:ce:c6:fb:93:25:d6:
59:9a:c8:a0:be:0e:54:6c:5f:97:08:77:ac:24:68:d3:f0:ea:
e2:1c:4e:37:ef:9f:ab:c9:88:ab:30:75:1e:47:15:f4:d9:70:
b1:b0:58:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ+BQagi/eNrPSQGecG0tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjUwMTAxMDU0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzNmYTYxN2IxM2FhZmIyYjI4ZTAzN2Y0ZmYwOTUwMDgwNjMzNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTNMzbVbYQWZW2YtuHdB5bErdiMP
zEohTULKnaZ90wqq8WAgh4aHSTaDblcxzhowrnmP1FJIPmrIQEBXZQpr7MHvn539
A5OxtZlD4KK09RGpCGiDWRm9sk40YJYDOa1TQ9gOM4/k4NUarvHuPTfFI2q6KyrU
w63gMOi1S4hItvz7TRu72yypUot6Eg/BI9FcuS33DZEs6BdP1ca+rY8UKG3YnqCA
zIUezDIKb4242KifllZRL8Ri6/H10GJYBUvSfSQiAptyIp37Sby8hTUr18Z/8Lup
o0yPzTieE+98b0sEWGEk91DrQNziVgVUXZ8EB4j6me75mnp9I3/TXnZcoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLw/phexOq+yso4Df0/wlQCAYzWrMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvdkQtbUY3RTZyN0t5amdOX1RfQ1ZBSUJqTmFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0FbMA0G
CSqGSIb3DQEBCwUAA4IBAQCy15t4cjgqZJDCUG0Sp+TLcsfy0CLwSzLcXV3yB/4e
q8BS+zsS8jRo3zTmZc+zJG/vwkHjIYDsvXAxpKH0tgSRv2JrdMnNOCv/xq44VDlv
tJF9BjWyDqfaD9hS7J4zEHFaJArZrCHau6PkFL/QJvC57UJG73/cEXxJJfV3owQs
UDVxf14f+mXxIl62rPk5iciJ9vYDknldpZW3vJTFPQqCNrCX01nWfoGpCh12sFXg
oguTZljFij+08FUvmMIv0GNVg32m1vAgg8ukvDl6zScaiEXOxvuTJdZZmsigvg5U
bF+XCHesJGjT8OriHE4375+ryYirMHUeRxX02XCxsFje
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:36:43 2025 by rpki-client