Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/AakZT8or1GzInGy_tZL_isQHHpA.roa
File: AakZT8or1GzInGy_tZL_isQHHpA.roa (raw, json)
Hash identifier: rRCm9/MqXVvaZCgh1nfobAIEngUpqyrVoic6KsvUUnw=
Subject key identifier: 01:A9:19:4F:CA:2B:D4:6C:C8:9C:6C:BF:B5:92:FF:8A:C4:07:1E:90
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019424B3B3056851FDC3FFC6EFFD79ED2796
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/AakZT8or1GzInGy_tZL_isQHHpA.roa
Signing time: Thu 02 Jan 2025 01:49:04 +0000
ROA not before: Thu 02 Jan 2025 01:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59692
IP address blocks: 95.164.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b3:05:68:51:fd:c3:ff:c6:ef:fd:79:ed:27:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 2 01:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01a9194fca2bd46cc89c6cbfb592ff8ac4071e90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b5:38:4d:1e:9b:58:eb:5b:d3:80:4f:76:c5:
0d:86:e5:b1:9d:6a:fc:ff:67:20:8a:d6:fc:7c:84:
f9:f5:07:f9:b8:05:2b:3d:78:f9:e4:19:67:70:a3:
49:f3:d6:a3:45:1a:09:e4:a0:ef:c8:73:bb:92:09:
5c:b1:df:72:9c:91:f1:ea:4c:28:17:30:ef:84:6f:
6b:cd:da:3c:7c:4d:e2:2e:df:aa:20:43:52:95:50:
d7:d5:34:ef:f1:7c:ec:03:01:8b:9f:2d:77:43:da:
3c:fc:58:a1:38:d4:33:2b:e0:7d:39:a7:b4:f3:5a:
66:3b:f7:a3:5b:eb:30:7c:58:d5:7f:54:c3:b4:2c:
72:d9:fb:bd:46:b1:55:7f:c1:28:6f:19:2c:b7:88:
08:9c:ea:a5:b9:4f:05:d0:14:3a:4a:11:f6:92:ed:
e7:88:b4:48:7d:74:ce:d2:e8:94:18:c5:72:f7:07:
85:41:44:eb:09:78:94:8b:97:22:0b:ff:f6:ac:31:
42:da:dd:84:df:3d:2b:2e:a9:3f:c0:53:3c:3c:92:
92:1d:b4:9c:22:d5:86:fb:33:9f:28:33:07:59:1e:
3d:31:8c:18:fa:46:30:51:74:f9:6b:d7:a5:1f:08:
e5:2b:c0:57:bf:c1:70:3b:f3:71:e9:80:e4:17:41:
96:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A9:19:4F:CA:2B:D4:6C:C8:9C:6C:BF:B5:92:FF:8A:C4:07:1E:90
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/AakZT8or1GzInGy_tZL_isQHHpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.60.0/24
Signature Algorithm: sha256WithRSAEncryption
61:1e:4c:ea:20:c9:fc:44:7a:86:37:b2:14:5d:f9:2b:0b:ea:
5d:a8:99:81:53:f3:2f:50:e2:05:56:e5:6a:49:66:35:b9:ed:
f6:c9:0a:7f:23:16:2f:14:f1:f0:3f:0c:7f:fc:ee:92:93:33:
cc:11:55:4e:78:86:be:16:4d:8b:3c:73:5c:23:95:af:4a:58:
d9:c2:46:ba:c4:69:1c:55:7c:f8:4a:a3:10:6b:7b:ed:c1:7d:
0b:4b:9c:e1:21:22:3d:bc:f9:c3:04:7a:57:a1:1c:0b:85:7d:
28:00:d0:f8:89:d0:f3:c5:ed:da:d2:57:52:56:f0:ef:9b:22:
ab:74:0f:51:e8:76:80:f4:03:01:cb:81:67:7b:84:fa:e3:35:
7f:5b:48:bf:e5:fd:08:d2:2b:06:5c:1e:88:dd:2e:a9:b4:9e:
c2:d6:ad:c0:cd:72:0d:c3:d4:ae:e1:bc:01:94:fb:4e:6e:36:
fc:0a:65:0c:dd:5a:af:f8:68:06:7e:38:62:3d:a5:c2:19:91:
a2:fe:9e:26:66:3d:2c:77:1c:c7:48:5f:06:9b:59:45:3c:98:
cb:b4:7b:ed:33:e9:67:5c:37:dd:d1:08:b6:9e:0b:3e:5b:38:
6d:79:35:d5:6e:c7:a0:eb:92:65:bc:fd:22:4f:46:3a:60:71:
f0:78:62:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks7MFaFH9w//G7/157SeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMTAyMDE0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWE5MTk0ZmNhMmJkNDZjYzg5YzZjYmZiNTkyZmY4YWM0MDcxZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrU4TR6bWOtb04BPdsUNhuWxnWr8
/2cgitb8fIT59Qf5uAUrPXj55BlncKNJ89ajRRoJ5KDvyHO7kglcsd9ynJHx6kwo
FzDvhG9rzdo8fE3iLt+qIENSlVDX1TTv8XzsAwGLny13Q9o8/FihONQzK+B9Oae0
81pmO/ejW+swfFjVf1TDtCxy2fu9RrFVf8Eobxkst4gInOqluU8F0BQ6ShH2ku3n
iLRIfXTO0uiUGMVy9weFQUTrCXiUi5ciC//2rDFC2t2E3z0rLqk/wFM8PJKSHbSc
ItWG+zOfKDMHWR49MYwY+kYwUXT5a9elHwjlK8BXv8FwO/Nx6YDkF0GWeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAGpGU/KK9RsyJxsv7WS/4rEBx6QMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvQWFrWlQ4b3IxR3pJbkd5X3RaTF9pc1FISHBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6Q8MA0G
CSqGSIb3DQEBCwUAA4IBAQBhHkzqIMn8RHqGN7IUXfkrC+pdqJmBU/MvUOIFVuVq
SWY1ue32yQp/IxYvFPHwPwx//O6SkzPMEVVOeIa+Fk2LPHNcI5WvSljZwka6xGkc
VXz4SqMQa3vtwX0LS5zhISI9vPnDBHpXoRwLhX0oAND4idDzxe3a0ldSVvDvmyKr
dA9R6HaA9AMBy4Fne4T64zV/W0i/5f0I0isGXB6I3S6ptJ7C1q3AzXINw9Su4bwB
lPtObjb8CmUM3Vqv+GgGfjhiPaXCGZGi/p4mZj0sdxzHSF8Gm1lFPJjLtHvtM+ln
XDfd0Qi2ngs+WzhteTXVbseg65JlvP0iT0Y6YHHweGJe
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:19 2025 by rpki-client