Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8b5f7c-b3ae-4b58-81bb-25a40c075f12/1/K-1cBvMFbalkBJFw0sJ7i1WTZEs.roa
File: K-1cBvMFbalkBJFw0sJ7i1WTZEs.roa (raw, json)
Hash identifier: 3Ikel/xplePBRCnzN26gvmaI2UYrfX6N2d00Q4SBcaQ=
Subject key identifier: 2B:ED:5C:06:F3:05:6D:A9:64:04:91:70:D2:C2:7B:8B:55:93:64:4B
Certificate issuer: /CN=463f917077f8f3d0e338c742ea21d64358d19d52
Certificate serial: 01942521ABAD20F9CDB42D9AB72BD805B531
Authority key identifier: 46:3F:91:70:77:F8:F3:D0:E3:38:C7:42:EA:21:D6:43:58:D1:9D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rj-RcHf489DjOMdC6iHWQ1jRnVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/8b5f7c-b3ae-4b58-81bb-25a40c075f12/1/K-1cBvMFbalkBJFw0sJ7i1WTZEs.roa
Signing time: Thu 02 Jan 2025 03:49:10 +0000
ROA not before: Thu 02 Jan 2025 03:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 195.2.202.0/23 maxlen: 24
195.93.132.0/24 maxlen: 24
195.93.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ab:ad:20:f9:cd:b4:2d:9a:b7:2b:d8:05:b5:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=463f917077f8f3d0e338c742ea21d64358d19d52
Validity
Not Before: Jan 2 03:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bed5c06f3056da964049170d2c27b8b5593644b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:2d:2f:73:f2:23:f9:a0:ca:5a:30:5e:0a:fe:
0b:73:53:49:48:91:87:52:a3:ea:76:e6:1e:0d:2f:
a3:85:e1:a3:63:30:26:e5:cb:63:b9:46:a9:c7:b8:
bf:3f:9f:c7:ae:00:a8:10:b1:8c:52:ed:30:7b:ed:
38:58:70:cd:e2:fe:e5:02:3f:e8:ef:60:d0:35:92:
77:b3:7f:94:83:b7:5a:2d:db:33:dc:c9:b1:9b:bb:
ac:7d:f0:9b:66:cc:d2:26:c0:df:75:64:1f:c7:97:
6a:12:eb:c5:c2:67:63:fa:91:aa:19:9b:48:07:0b:
c4:87:b9:fb:54:be:11:64:ca:46:5d:32:10:22:e3:
64:5e:22:41:fd:cc:bd:bd:c3:12:e8:ba:c4:e1:59:
b0:c3:df:f6:ff:6c:0e:89:62:6e:c7:d7:89:93:e9:
1b:f6:76:7a:bf:00:78:22:4e:fa:e1:37:2f:7c:a7:
7b:d0:81:08:9e:1f:02:43:66:86:be:5a:4c:a2:ac:
fe:66:bc:d0:66:f8:41:61:88:47:5c:73:28:34:80:
14:a8:31:1e:86:30:8d:ca:fe:be:c5:d6:af:a8:71:
ab:de:dd:34:e7:2b:38:20:9b:42:98:c8:f7:6d:38:
4a:17:37:c9:1f:ff:08:3c:e5:69:8b:92:10:bd:fd:
70:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:ED:5C:06:F3:05:6D:A9:64:04:91:70:D2:C2:7B:8B:55:93:64:4B
X509v3 Authority Key Identifier:
keyid:46:3F:91:70:77:F8:F3:D0:E3:38:C7:42:EA:21:D6:43:58:D1:9D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rj-RcHf489DjOMdC6iHWQ1jRnVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8b5f7c-b3ae-4b58-81bb-25a40c075f12/1/K-1cBvMFbalkBJFw0sJ7i1WTZEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8b5f7c-b3ae-4b58-81bb-25a40c075f12/1/Rj-RcHf489DjOMdC6iHWQ1jRnVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.2.202.0/23
195.93.132.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:84:d4:3a:e9:04:ad:22:3f:bd:7b:d5:a8:d5:3d:54:1b:0d:
7f:e0:82:0a:4b:a5:85:79:ad:e1:f5:2e:ed:6c:6e:d3:be:72:
ab:12:ba:a1:f2:1d:38:49:a3:a9:10:0b:b5:99:f0:63:02:aa:
c4:7d:7c:de:d1:f9:3b:a4:4e:2e:d2:7f:1b:9a:04:df:11:fb:
e2:44:14:a4:99:fd:05:81:e4:5a:4e:20:d1:b0:5d:61:b8:98:
ad:6e:dd:a5:8f:d8:e7:9a:cc:a8:c5:6d:96:9d:51:37:a7:e1:
39:97:d1:3f:f7:82:4e:cb:cf:ea:45:3c:d5:55:2f:18:97:2f:
3e:f3:28:0f:f1:91:23:d4:7d:39:22:f4:c6:69:8a:a0:0b:b9:
fc:b5:26:25:54:47:a6:05:c3:cb:64:39:28:70:73:07:4e:80:
65:34:45:c1:9c:4c:a7:f7:96:ef:46:7b:80:dd:a8:b6:e1:72:
37:76:11:68:68:fc:ab:38:a8:62:ef:a5:15:cd:be:8b:e6:c4:
c7:33:13:bc:f2:55:51:bb:08:ac:b6:be:4d:2b:a5:ef:de:d9:
31:b5:74:5c:0b:52:b4:98:50:ce:59:53:77:c5:1c:08:2c:b7:
d6:57:29:f3:d3:d6:0f:7f:cb:b7:cc:19:b3:88:66:a9:cf:fc:
ab:c4:17:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIautIPnNtC2atyvYBbUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2M2Y5MTcwNzdmOGYzZDBlMzM4Yzc0MmVhMjFkNjQzNThk
MTlkNTIwHhcNMjUwMTAyMDM0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmVkNWMwNmYzMDU2ZGE5NjQwNDkxNzBkMmMyN2I4YjU1OTM2NDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6i0vc/Ij+aDKWjBeCv4Lc1NJSJGH
UqPqduYeDS+jheGjYzAm5ctjuUapx7i/P5/HrgCoELGMUu0we+04WHDN4v7lAj/o
72DQNZJ3s3+Ug7daLdsz3Mmxm7usffCbZszSJsDfdWQfx5dqEuvFwmdj+pGqGZtI
BwvEh7n7VL4RZMpGXTIQIuNkXiJB/cy9vcMS6LrE4Vmww9/2/2wOiWJux9eJk+kb
9nZ6vwB4Ik764TcvfKd70IEInh8CQ2aGvlpMoqz+ZrzQZvhBYYhHXHMoNIAUqDEe
hjCNyv6+xdavqHGr3t005ys4IJtCmMj3bThKFzfJH/8IPOVpi5IQvf1wRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCvtXAbzBW2pZASRcNLCe4tVk2RLMB8GA1UdIwQY
MBaAFEY/kXB3+PPQ4zjHQuoh1kNY0Z1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmotUmNIZjQ4OURqT01kQzZpSFdRMWpSblZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84YjVmN2MtYjNhZS00YjU4LTgxYmIt
MjVhNDBjMDc1ZjEyLzEvSy0xY0J2TUZiYWxrQkpGdzBzSjdpMVdUWkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84YjVmN2MtYjNhZS00YjU4LTgxYmItMjVhNDBjMDc1ZjEy
LzEvUmotUmNIZjQ4OURqT01kQzZpSFdRMWpSblZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwwLKAwQB
w12EMA0GCSqGSIb3DQEBCwUAA4IBAQCbhNQ66QStIj+9e9Wo1T1UGw1/4IIKS6WF
ea3h9S7tbG7TvnKrErqh8h04SaOpEAu1mfBjAqrEfXze0fk7pE4u0n8bmgTfEfvi
RBSkmf0FgeRaTiDRsF1huJitbt2lj9jnmsyoxW2WnVE3p+E5l9E/94JOy8/qRTzV
VS8Yly8+8ygP8ZEj1H05IvTGaYqgC7n8tSYlVEemBcPLZDkocHMHToBlNEXBnEyn
95bvRnuA3ai24XI3dhFoaPyrOKhi76UVzb6L5sTHMxO88lVRuwistr5NK6Xv3tkx
tXRcC1K0mFDOWVN3xRwILLfWVynz09YPf8u3zBmziGapz/yrxBc8
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:30:15 2025 by rpki-client