Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/dbiwvrIUEB3DJnzikNFfso5iId8.roa
File: dbiwvrIUEB3DJnzikNFfso5iId8.roa (raw, json)
Hash identifier: iE+EP1DWoHf3NMKkX22W/jzavybl3y9slyLbgbFYb6M=
Subject key identifier: 75:B8:B0:BE:B2:14:10:1D:C3:26:7C:E2:90:D1:5F:B2:8E:62:21:DF
Certificate issuer: /CN=60325c21d2fafe743398dc1e5574433280110469
Certificate serial: 019426D98782C18B5D895C858F3D157C196A
Authority key identifier: 60:32:5C:21:D2:FA:FE:74:33:98:DC:1E:55:74:43:32:80:11:04:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YDJcIdL6_nQzmNweVXRDMoARBGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/dbiwvrIUEB3DJnzikNFfso5iId8.roa
Signing time: Thu 02 Jan 2025 11:49:37 +0000
ROA not before: Thu 02 Jan 2025 11:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59268
IP address blocks: 195.10.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:87:82:c1:8b:5d:89:5c:85:8f:3d:15:7c:19:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60325c21d2fafe743398dc1e5574433280110469
Validity
Not Before: Jan 2 11:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75b8b0beb214101dc3267ce290d15fb28e6221df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:cc:cc:f2:c7:d2:f0:a0:c2:83:c2:f0:78:57:
d7:b0:fb:da:46:04:66:92:9b:64:13:55:87:11:ee:
04:ea:a0:1e:27:97:87:3f:58:08:44:48:c8:9b:50:
35:b1:de:7b:29:10:31:db:05:3f:70:73:6c:18:1a:
25:1c:e3:82:02:75:3e:75:2f:79:12:61:e5:b2:fb:
5a:1d:49:40:65:21:ea:2e:25:bd:f1:d2:da:4d:d2:
84:1d:b5:f7:f9:ef:e5:c6:6f:47:28:28:06:5d:0e:
52:ad:3d:d4:dc:3c:b0:a9:4a:9e:59:70:b3:70:38:
a5:24:71:6a:27:82:40:6f:fd:8e:89:fe:7a:88:ba:
5e:d8:1c:88:16:dc:bf:58:67:d2:8f:48:b4:83:2f:
77:07:53:b0:d5:f0:6b:3b:0d:68:8e:fa:2a:d2:db:
db:23:f5:44:ba:6f:f6:c7:85:5b:b0:a4:18:9d:79:
f1:1a:9e:9e:14:d9:08:61:87:9a:64:64:95:bf:89:
63:9d:60:bd:4e:71:3f:c8:0c:23:b9:2d:97:21:c0:
50:64:13:e7:62:aa:ed:6c:03:42:8d:a9:5c:57:35:
8c:eb:7d:47:73:17:14:87:14:f1:6b:0a:b1:2e:ae:
2f:bb:73:ac:0f:e6:a3:4a:2e:46:06:56:58:e6:42:
6c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B8:B0:BE:B2:14:10:1D:C3:26:7C:E2:90:D1:5F:B2:8E:62:21:DF
X509v3 Authority Key Identifier:
keyid:60:32:5C:21:D2:FA:FE:74:33:98:DC:1E:55:74:43:32:80:11:04:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDJcIdL6_nQzmNweVXRDMoARBGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/dbiwvrIUEB3DJnzikNFfso5iId8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/YDJcIdL6_nQzmNweVXRDMoARBGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.10.217.0/24
Signature Algorithm: sha256WithRSAEncryption
41:f2:6b:61:7f:b1:cd:6b:98:13:71:f9:f3:90:3c:e3:a8:a5:
93:07:f2:66:94:c6:4a:c4:2a:79:61:28:c6:2f:05:4c:36:6a:
53:05:66:f7:09:c9:40:88:de:d7:21:8b:2c:02:56:b9:5a:2a:
70:79:d7:6d:27:27:db:97:40:2c:78:10:7a:d4:49:c4:56:ac:
4a:c9:af:0a:51:94:f0:e1:10:12:2f:9c:8c:95:83:b2:db:b8:
a4:9e:67:45:fd:1d:2b:0f:e0:dc:2c:f8:eb:c5:41:8d:6d:3d:
c5:27:81:d6:12:59:64:03:6f:3c:25:cb:bc:56:49:40:f7:1f:
77:71:e9:58:21:6a:28:8f:2b:67:bc:bc:ff:1c:c7:73:7e:83:
68:45:69:06:c1:ae:ce:96:66:37:83:41:64:ad:40:a8:db:00:
8a:f7:9a:31:4b:b0:b2:1f:9d:3d:dc:d8:3a:6f:ce:70:d6:04:
03:58:55:48:f0:19:0b:26:8a:d1:6d:6a:38:ad:1d:7d:7e:94:
62:c8:23:5e:5f:20:a8:a6:d7:aa:f4:34:ad:90:5c:68:08:6f:
fc:1e:d8:30:f0:a3:dc:6f:f0:af:5e:08:e9:e0:96:32:ba:70:
cc:6a:a1:06:0a:54:3f:a3:00:5d:59:8b:57:00:23:1a:f0:46:
f7:b2:d9:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2YeCwYtdiVyFjz0VfBlqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzI1YzIxZDJmYWZlNzQzMzk4ZGMxZTU1NzQ0MzMyODAx
MTA0NjkwHhcNMjUwMTAyMTE0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWI4YjBiZWIyMTQxMDFkYzMyNjdjZTI5MGQxNWZiMjhlNjIyMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMzM8sfS8KDCg8LweFfXsPvaRgRm
kptkE1WHEe4E6qAeJ5eHP1gIREjIm1A1sd57KRAx2wU/cHNsGBolHOOCAnU+dS95
EmHlsvtaHUlAZSHqLiW98dLaTdKEHbX3+e/lxm9HKCgGXQ5SrT3U3DywqUqeWXCz
cDilJHFqJ4JAb/2Oif56iLpe2ByIFty/WGfSj0i0gy93B1Ow1fBrOw1ojvoq0tvb
I/VEum/2x4VbsKQYnXnxGp6eFNkIYYeaZGSVv4ljnWC9TnE/yAwjuS2XIcBQZBPn
YqrtbANCjalcVzWM631HcxcUhxTxawqxLq4vu3OsD+ajSi5GBlZY5kJsrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHW4sL6yFBAdwyZ84pDRX7KOYiHfMB8GA1UdIwQY
MBaAFGAyXCHS+v50M5jcHlV0QzKAEQRpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURKY0lkTDZfblF6bU53ZVZYUkRNb0FSQkdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mMjc3MGItZGExOS00NzkwLWE0OTQt
YzU4ZTk1Y2Q0Mjc3LzEvZGJpd3ZySVVFQjNESm56aWtORmZzbzVpSWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mMjc3MGItZGExOS00NzkwLWE0OTQtYzU4ZTk1Y2Q0Mjc3
LzEvWURKY0lkTDZfblF6bU53ZVZYUkRNb0FSQkdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwrZMA0G
CSqGSIb3DQEBCwUAA4IBAQBB8mthf7HNa5gTcfnzkDzjqKWTB/JmlMZKxCp5YSjG
LwVMNmpTBWb3CclAiN7XIYssAla5WipweddtJyfbl0AseBB61EnEVqxKya8KUZTw
4RASL5yMlYOy27iknmdF/R0rD+DcLPjrxUGNbT3FJ4HWEllkA288Jcu8VklA9x93
celYIWoojytnvLz/HMdzfoNoRWkGwa7OlmY3g0FkrUCo2wCK95oxS7CyH5093Ng6
b85w1gQDWFVI8BkLJorRbWo4rR19fpRiyCNeXyCopteq9DStkFxoCG/8Htgw8KPc
b/CvXgjp4JYyunDMaqEGClQ/owBdWYtXACMa8Eb3stmH
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:25:53 2025 by rpki-client