Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/323ec7-582d-4c12-b723-297c4b33d541/1/J8AP6JRbrAhvEfUKC2d4Y1HWgT4.roa
File: J8AP6JRbrAhvEfUKC2d4Y1HWgT4.roa (raw, json)
Hash identifier: vZS30yHPPnHGwetxSUvDnexH3Ot/WxmgcDoS6LfEekw=
Subject key identifier: 27:C0:0F:E8:94:5B:AC:08:6F:11:F5:0A:0B:67:78:63:51:D6:81:3E
Certificate issuer: /CN=d305f8c033cc4c096c3953585c2689c9a75d3f18
Certificate serial: 018CC4922AD546FD9ACED24814E53622FEBB
Authority key identifier: D3:05:F8:C0:33:CC:4C:09:6C:39:53:58:5C:26:89:C9:A7:5D:3F:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0wX4wDPMTAlsOVNYXCaJyaddPxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/323ec7-582d-4c12-b723-297c4b33d541/1/J8AP6JRbrAhvEfUKC2d4Y1HWgT4.roa
Signing time: Mon 01 Jan 2024 10:29:22 +0000
ROA not before: Mon 01 Jan 2024 10:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28773
IP address blocks: 195.78.38.0/23 maxlen: 23
188.190.160.0/19 maxlen: 19
2001:67c:2ee4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:2a:d5:46:fd:9a:ce:d2:48:14:e5:36:22:fe:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d305f8c033cc4c096c3953585c2689c9a75d3f18
Validity
Not Before: Jan 1 10:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27c00fe8945bac086f11f50a0b67786351d6813e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:76:3f:a1:8e:7a:9b:d1:4b:db:f3:fc:a1:36:
06:d5:59:6e:e3:ca:b9:03:3a:5f:8c:4d:9a:39:7d:
a7:6e:0b:79:a8:ee:db:c0:55:84:0c:04:61:0c:b9:
1a:71:37:e4:ea:69:a0:12:c6:c2:64:7e:3a:97:0f:
b7:55:e5:7b:40:8e:03:85:08:a2:ff:17:3f:af:1c:
40:79:c5:7b:fb:4c:e9:5d:49:da:ce:0f:7e:69:63:
a3:59:68:44:17:14:d7:04:6f:31:09:26:89:b1:ee:
da:b5:97:44:d3:75:c0:8f:3f:3c:f0:3b:19:07:cc:
3b:dc:16:e8:f6:51:ea:a4:2f:e9:ba:a6:29:5d:8c:
48:dc:93:e8:e7:7b:39:67:17:a6:0e:58:ff:b2:ec:
9a:cb:05:04:ad:07:81:cf:25:13:da:d9:dc:e1:09:
d5:35:1c:b6:39:76:9b:53:5d:cd:0f:62:30:f2:b1:
11:ed:15:c1:6b:25:b3:b3:46:3e:bb:85:00:09:4e:
2a:4a:65:d7:88:98:24:8a:34:e4:81:bf:81:74:79:
a1:96:b6:05:94:67:88:da:a6:8a:29:d3:92:c4:f5:
99:be:de:81:3d:41:e0:6b:08:09:3e:51:8b:26:6a:
3c:0e:04:26:42:20:f1:39:35:84:04:cb:94:42:81:
f8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:C0:0F:E8:94:5B:AC:08:6F:11:F5:0A:0B:67:78:63:51:D6:81:3E
X509v3 Authority Key Identifier:
keyid:D3:05:F8:C0:33:CC:4C:09:6C:39:53:58:5C:26:89:C9:A7:5D:3F:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wX4wDPMTAlsOVNYXCaJyaddPxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/323ec7-582d-4c12-b723-297c4b33d541/1/J8AP6JRbrAhvEfUKC2d4Y1HWgT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/323ec7-582d-4c12-b723-297c4b33d541/1/0wX4wDPMTAlsOVNYXCaJyaddPxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.160.0/19
195.78.38.0/23
IPv6:
2001:67c:2ee4::/48
Signature Algorithm: sha256WithRSAEncryption
02:f4:64:e8:24:f1:a8:0b:2e:ca:88:53:ec:2b:d7:24:c9:32:
e3:6c:e5:3b:a2:e4:ec:e7:18:d1:c3:67:6f:c7:b8:9a:31:bb:
27:27:c6:d1:90:6d:4f:0f:0f:1d:fa:00:c1:bd:06:39:41:c3:
a8:1e:9f:d5:d6:f4:7c:50:12:ea:4e:f3:64:f4:75:88:6d:71:
a9:94:6c:95:94:4a:6c:04:c3:c6:4c:d5:4e:2b:7c:b0:8a:83:
47:58:17:bc:df:2c:e0:20:8c:c1:55:94:31:36:ac:c3:36:7a:
e5:d5:4c:65:50:a2:bc:7b:ab:6b:e9:22:64:ba:00:76:f5:23:
1a:98:b0:c1:d4:16:de:ab:58:33:c0:e6:54:58:b7:ff:15:f8:
e8:72:e2:17:2a:6b:a9:d3:0c:6b:f5:d9:1b:e6:69:62:bd:b8:
7a:59:40:45:22:9a:b9:da:e8:35:c5:4f:38:f1:5b:ec:0e:60:
d0:97:78:56:05:e6:30:80:fc:f0:e6:88:c5:89:ec:73:0f:ce:
fa:64:96:49:c3:05:e6:a7:28:a0:0e:f9:69:5e:7a:69:9e:7f:
08:4f:eb:f0:6f:51:d6:a6:91:f0:e5:eb:aa:b1:4f:50:65:b0:
37:c1:fd:2d:90:67:9f:7f:7e:94:95:44:16:9a:c1:21:c9:b6:
30:67:0f:29
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzEkirVRv2aztJIFOU2Iv67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMDVmOGMwMzNjYzRjMDk2YzM5NTM1ODVjMjY4OWM5YTc1
ZDNmMTgwHhcNMjQwMTAxMTAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2MwMGZlODk0NWJhYzA4NmYxMWY1MGEwYjY3Nzg2MzUxZDY4MTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHY/oY56m9FL2/P8oTYG1Vlu48q5
AzpfjE2aOX2nbgt5qO7bwFWEDARhDLkacTfk6mmgEsbCZH46lw+3VeV7QI4DhQii
/xc/rxxAecV7+0zpXUnazg9+aWOjWWhEFxTXBG8xCSaJse7atZdE03XAjz888DsZ
B8w73Bbo9lHqpC/puqYpXYxI3JPo53s5ZxemDlj/suyaywUErQeBzyUT2tnc4QnV
NRy2OXabU13ND2Iw8rER7RXBayWzs0Y+u4UACU4qSmXXiJgkijTkgb+BdHmhlrYF
lGeI2qaKKdOSxPWZvt6BPUHgawgJPlGLJmo8DgQmQiDxOTWEBMuUQoH4PwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCfAD+iUW6wIbxH1CgtneGNR1oE+MB8GA1UdIwQY
MBaAFNMF+MAzzEwJbDlTWFwmicmnXT8YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHdYNHdEUE1UQWxzT1ZOWVhDYUp5YWRkUHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zMjNlYzctNTgyZC00YzEyLWI3MjMt
Mjk3YzRiMzNkNTQxLzEvSjhBUDZKUmJyQWh2RWZVS0MyZDRZMUhXZ1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zMjNlYzctNTgyZC00YzEyLWI3MjMtMjk3YzRiMzNkNTQx
LzEvMHdYNHdEUE1UQWxzT1ZOWVhDYUp5YWRkUHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQFvL6gAwQB
w04mMA8EAgACMAkDBwAgAQZ8LuQwDQYJKoZIhvcNAQELBQADggEBAAL0ZOgk8agL
LsqIU+wr1yTJMuNs5Tui5OznGNHDZ2/HuJoxuycnxtGQbU8PDx36AMG9BjlBw6ge
n9XW9HxQEupO82T0dYhtcamUbJWUSmwEw8ZM1U4rfLCKg0dYF7zfLOAgjMFVlDE2
rMM2euXVTGVQorx7q2vpImS6AHb1IxqYsMHUFt6rWDPA5lRYt/8V+Ohy4hcqa6nT
DGv12RvmaWK9uHpZQEUimrna6DXFTzjxW+wOYNCXeFYF5jCA/PDmiMWJ7HMPzvpk
lknDBeanKKAO+WleemmefwhP6/BvUdamkfDl66qxT1BlsDfB/S2QZ59/fpSVRBaa
wSHJtjBnDyk=
-----END CERTIFICATE-----
Generated at Wed Apr 16 15:14:34 2025 by rpki-client