Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/4cffef-9a97-4546-bddd-bb3cc7c944ad/1/KALMVhqVFo0O99VrdECDqSH5Z6g.roa
File: KALMVhqVFo0O99VrdECDqSH5Z6g.roa (raw, json)
Hash identifier: vjDA6l8MH7MrWb72G2c81lHoX5Ci2HwmnVXmzEUbWMI=
Subject key identifier: 28:02:CC:56:1A:95:16:8D:0E:F7:D5:6B:74:40:83:A9:21:F9:67:A8
Certificate issuer: /CN=0bd7e70c005f556a8254e7b12b0eb3d3314d45e2
Certificate serial: 01941F8C4A04A95D3529A1F0E2061074E96F
Authority key identifier: 0B:D7:E7:0C:00:5F:55:6A:82:54:E7:B1:2B:0E:B3:D3:31:4D:45:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C9fnDABfVWqCVOexKw6z0zFNReI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/4cffef-9a97-4546-bddd-bb3cc7c944ad/1/KALMVhqVFo0O99VrdECDqSH5Z6g.roa
Signing time: Wed 01 Jan 2025 01:47:55 +0000
ROA not before: Wed 01 Jan 2025 01:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35024
IP address blocks: 195.225.34.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:4a:04:a9:5d:35:29:a1:f0:e2:06:10:74:e9:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bd7e70c005f556a8254e7b12b0eb3d3314d45e2
Validity
Not Before: Jan 1 01:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2802cc561a95168d0ef7d56b744083a921f967a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:50:79:4d:18:2a:29:4f:01:6d:4f:27:c9:f6:
da:69:0a:bd:0b:78:eb:85:96:0c:cd:10:78:ab:6d:
17:bd:3d:87:a7:cf:b7:0a:a2:1d:5d:6d:91:3d:89:
85:79:c0:72:9a:ef:23:0d:7f:ee:d8:0b:ad:73:07:
28:f6:b1:55:7b:a9:14:53:90:3d:dc:6c:24:66:e1:
fc:fb:f3:b2:f9:12:56:fa:3e:2b:81:87:86:17:50:
5f:58:01:7d:97:a9:15:58:5b:86:f2:30:5c:a3:3b:
a3:0b:c9:bb:88:f9:6e:39:05:5a:b3:df:1d:5d:b2:
8a:bb:af:0a:16:bb:8f:1e:0d:ad:a2:36:ae:be:3c:
1d:4c:f6:00:7c:5b:e7:6d:02:a5:65:e7:c7:e3:96:
69:97:a5:90:b1:a6:69:15:18:f2:57:d0:76:57:81:
6d:a0:6c:c7:8e:27:a3:f2:db:6b:04:12:a6:b1:c3:
b5:d5:6a:12:e8:a9:b4:f4:8a:4a:a9:e4:0c:32:d1:
8a:c7:0f:3f:3d:19:60:1d:e7:88:eb:58:b3:1c:26:
2d:ca:ce:f2:86:25:e2:d5:b1:f1:64:d1:a7:fb:aa:
19:31:fa:50:56:9c:72:30:e9:08:b5:86:6f:e8:3a:
6c:ea:b6:52:a6:91:f2:57:79:b3:91:ba:6d:42:56:
71:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:02:CC:56:1A:95:16:8D:0E:F7:D5:6B:74:40:83:A9:21:F9:67:A8
X509v3 Authority Key Identifier:
keyid:0B:D7:E7:0C:00:5F:55:6A:82:54:E7:B1:2B:0E:B3:D3:31:4D:45:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C9fnDABfVWqCVOexKw6z0zFNReI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/4cffef-9a97-4546-bddd-bb3cc7c944ad/1/KALMVhqVFo0O99VrdECDqSH5Z6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/4cffef-9a97-4546-bddd-bb3cc7c944ad/1/C9fnDABfVWqCVOexKw6z0zFNReI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.34.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:d7:b8:2d:45:51:e3:19:ec:45:8e:5a:67:80:8c:ac:58:94:
ba:31:43:98:fb:4c:95:3c:2b:20:71:d8:73:55:09:38:5f:86:
51:8a:d9:a1:54:60:8f:48:e2:1e:7e:cd:59:cd:04:59:17:83:
89:6c:c1:42:80:fe:1c:cf:7d:5d:cb:45:82:0b:f6:80:dc:a5:
57:7a:c7:d0:f2:e1:b2:8e:51:b0:15:e2:3b:61:e0:ac:61:bf:
0e:84:69:d9:05:3c:cd:d8:00:da:a7:e4:44:27:1e:21:bb:ab:
22:82:fc:a2:83:15:2d:14:42:ff:86:7d:20:43:38:46:cb:db:
9a:8c:e2:34:b5:f6:70:e3:e2:35:72:5e:70:4e:7e:77:0f:63:
d5:3d:8a:5b:10:3d:ac:26:92:30:07:4f:70:19:cc:70:f2:4a:
c6:3a:ae:1d:40:a3:f6:f5:26:19:57:92:f5:a3:4e:58:52:2c:
e8:c7:9a:c9:06:32:90:67:48:d4:b6:00:61:db:2b:95:9a:27:
2b:a1:3f:a9:3d:90:c4:63:55:12:46:23:ee:2b:b4:e6:1d:5f:
a7:de:e5:51:e4:fa:4a:bb:25:85:0c:ba:2f:39:32:06:44:73:
aa:7b:c8:f6:02:ef:d0:9e:d7:9f:e0:d6:1d:76:2b:f7:1f:d1:
a0:4f:be:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjEoEqV01KaHw4gYQdOlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZDdlNzBjMDA1ZjU1NmE4MjU0ZTdiMTJiMGViM2QzMzE0
ZDQ1ZTIwHhcNMjUwMTAxMDE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODAyY2M1NjFhOTUxNjhkMGVmN2Q1NmI3NDQwODNhOTIxZjk2N2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlB5TRgqKU8BbU8nyfbaaQq9C3jr
hZYMzRB4q20XvT2Hp8+3CqIdXW2RPYmFecBymu8jDX/u2Autcwco9rFVe6kUU5A9
3GwkZuH8+/Oy+RJW+j4rgYeGF1BfWAF9l6kVWFuG8jBcozujC8m7iPluOQVas98d
XbKKu68KFruPHg2tojauvjwdTPYAfFvnbQKlZefH45Zpl6WQsaZpFRjyV9B2V4Ft
oGzHjiej8ttrBBKmscO11WoS6Km09IpKqeQMMtGKxw8/PRlgHeeI61izHCYtys7y
hiXi1bHxZNGn+6oZMfpQVpxyMOkItYZv6Dps6rZSppHyV3mzkbptQlZx7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgCzFYalRaNDvfVa3RAg6kh+WeoMB8GA1UdIwQY
MBaAFAvX5wwAX1VqglTnsSsOs9MxTUXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzlmbkRBQmZWV3FDVk9leEt3NnowekZOUmVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi80Y2ZmZWYtOWE5Ny00NTQ2LWJkZGQt
YmIzY2M3Yzk0NGFkLzEvS0FMTVZocVZGbzBPOTlWcmRFQ0RxU0g1WjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi80Y2ZmZWYtOWE5Ny00NTQ2LWJkZGQtYmIzY2M3Yzk0NGFk
LzEvQzlmbkRBQmZWV3FDVk9leEt3NnowekZOUmVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw+EiMA0G
CSqGSIb3DQEBCwUAA4IBAQCf17gtRVHjGexFjlpngIysWJS6MUOY+0yVPCsgcdhz
VQk4X4ZRitmhVGCPSOIefs1ZzQRZF4OJbMFCgP4cz31dy0WCC/aA3KVXesfQ8uGy
jlGwFeI7YeCsYb8OhGnZBTzN2ADap+REJx4hu6sigvyigxUtFEL/hn0gQzhGy9ua
jOI0tfZw4+I1cl5wTn53D2PVPYpbED2sJpIwB09wGcxw8krGOq4dQKP29SYZV5L1
o05YUizox5rJBjKQZ0jUtgBh2yuVmicroT+pPZDEY1USRiPuK7TmHV+n3uVR5PpK
uyWFDLovOTIGRHOqe8j2Au/Qntef4NYddiv3H9GgT75J
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:39 2025 by rpki-client