Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/6JSS-KrBs6Yqw6gX0_excaV8mik.roa
File: 6JSS-KrBs6Yqw6gX0_excaV8mik.roa (raw, json)
Hash identifier: DX4Jt/llE5ZgoLSzlo+jbWwMMSWiYxeZw76o/uT/uPY=
Subject key identifier: E8:94:92:F8:AA:C1:B3:A6:2A:C3:A8:17:D3:F7:B1:71:A5:7C:9A:29
Certificate issuer: /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Certificate serial: 019426D9E69CF0EEC73400D149C28AD34DA4
Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/6JSS-KrBs6Yqw6gX0_excaV8mik.roa
Signing time: Thu 02 Jan 2025 11:50:02 +0000
ROA not before: Thu 02 Jan 2025 11:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59642
IP address blocks: 195.189.96.0/22 maxlen: 32
2a02:ae01::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:e6:9c:f0:ee:c7:34:00:d1:49:c2:8a:d3:4d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Validity
Not Before: Jan 2 11:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e89492f8aac1b3a62ac3a817d3f7b171a57c9a29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2b:c2:e7:76:07:65:0e:7a:e5:fe:1d:a5:cb:
c8:a9:e4:89:06:0f:8f:8d:c6:d8:e9:b7:0d:ea:3b:
86:13:c9:59:73:da:9b:45:2d:2b:bd:6e:17:12:ea:
c1:b3:d1:01:6c:a1:07:12:57:26:23:89:d8:44:e9:
8d:c5:b0:b6:bd:10:b2:26:66:47:92:4a:c9:3d:10:
bc:7e:02:4a:30:a3:9d:b4:e7:3d:37:d0:46:68:4e:
35:a6:e5:00:23:dd:0c:0d:c7:fd:5d:2d:ea:c5:fb:
06:8f:c6:1a:ec:5c:e9:9e:9f:bb:84:93:05:f1:74:
bb:87:97:b0:27:90:4a:24:bb:bb:7e:77:5a:d6:c0:
8e:c0:df:57:95:bb:06:0e:04:2d:5e:ce:e5:d8:17:
50:34:9e:f6:f5:3e:57:d8:58:a2:cc:18:f6:1f:e5:
01:17:88:0a:70:33:c6:1d:77:25:41:01:9b:a1:7c:
62:33:35:19:e5:1e:25:e2:02:ac:75:d5:cf:81:92:
4a:aa:55:6a:d7:f4:f6:a8:67:e0:d6:9e:fc:37:55:
09:0f:ab:d1:cd:05:65:fc:a1:14:63:e5:03:80:78:
9b:7b:75:55:7c:be:5a:e6:12:10:bb:0d:76:88:49:
1c:89:80:7b:44:f6:31:31:32:55:36:60:10:59:cb:
df:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:94:92:F8:AA:C1:B3:A6:2A:C3:A8:17:D3:F7:B1:71:A5:7C:9A:29
X509v3 Authority Key Identifier:
keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/6JSS-KrBs6Yqw6gX0_excaV8mik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.96.0/22
IPv6:
2a02:ae01::/36
Signature Algorithm: sha256WithRSAEncryption
a5:ae:9f:31:49:48:7d:84:9b:9c:49:42:05:a4:d2:69:a3:91:
f4:db:5d:4b:7e:38:30:72:dc:3e:8b:bf:fe:a7:4a:3b:0a:fc:
58:39:d5:b5:21:95:00:78:c2:7a:95:93:83:b6:5a:5c:d7:d1:
a3:24:39:cf:2e:96:04:ff:f1:67:3c:8d:9a:10:ec:50:91:1b:
fd:17:df:e0:4c:fe:c5:b2:89:97:ed:60:96:f5:04:5e:cb:96:
ea:d2:7d:71:b3:16:9b:8d:32:b8:79:10:9b:c8:32:eb:fb:b8:
9d:a9:13:22:ee:f5:96:5d:ff:96:0f:31:27:b1:4e:52:f9:ab:
f5:e3:0f:aa:21:ad:14:a9:46:f5:e7:48:39:0c:42:68:13:f0:
95:d9:24:c4:76:42:11:8f:b0:c3:da:25:b1:a0:9d:d4:44:e1:
20:dc:80:90:c3:14:a7:db:a4:1f:b1:d2:7a:9d:73:ae:6e:ca:
a2:0a:97:c5:e5:40:f3:fe:de:e3:52:dd:a6:95:ac:b7:7f:5d:
22:10:f7:62:df:87:98:6f:97:35:5c:78:34:43:90:16:61:3c:
8e:c9:02:5e:59:7f:a3:7d:29:9f:44:de:bd:ef:a3:bb:f1:7a:
48:49:ca:48:ef:29:6d:24:d2:60:e3:b5:e0:33:18:08:6f:a5:
c7:6d:4e:f0
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQm2eac8O7HNADRScKK002kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzNhZTFjNjA2NzJjNzU5MWE4Zjk3ZDY4Zjc5ZmIyYTVl
ZThkYTcwHhcNMjUwMTAyMTE1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODk0OTJmOGFhYzFiM2E2MmFjM2E4MTdkM2Y3YjE3MWE1N2M5YTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSvC53YHZQ565f4dpcvIqeSJBg+P
jcbY6bcN6juGE8lZc9qbRS0rvW4XEurBs9EBbKEHElcmI4nYROmNxbC2vRCyJmZH
kkrJPRC8fgJKMKOdtOc9N9BGaE41puUAI90MDcf9XS3qxfsGj8Ya7Fzpnp+7hJMF
8XS7h5ewJ5BKJLu7fnda1sCOwN9XlbsGDgQtXs7l2BdQNJ729T5X2FiizBj2H+UB
F4gKcDPGHXclQQGboXxiMzUZ5R4l4gKsddXPgZJKqlVq1/T2qGfg1p78N1UJD6vR
zQVl/KEUY+UDgHibe3VVfL5a5hIQuw12iEkciYB7RPYxMTJVNmAQWcvfSQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOiUkviqwbOmKsOoF9P3sXGlfJopMB8GA1UdIwQY
MBaAFDQzrhxgZyx1kaj5fWj3n7Kl7o2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYt
MzBjZTgzNzAxYjM5LzEvNkpTUy1LckJzNllxdzZnWDBfZXhjYVY4bWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYtMzBjZTgzNzAxYjM5
LzEvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCw71gMA4E
AgACMAgDBgQqAq4BADANBgkqhkiG9w0BAQsFAAOCAQEApa6fMUlIfYSbnElCBaTS
aaOR9NtdS344MHLcPou//qdKOwr8WDnVtSGVAHjCepWTg7ZaXNfRoyQ5zy6WBP/x
ZzyNmhDsUJEb/Rff4Ez+xbKJl+1glvUEXsuW6tJ9cbMWm40yuHkQm8gy6/u4nakT
Iu71ll3/lg8xJ7FOUvmr9eMPqiGtFKlG9edIOQxCaBPwldkkxHZCEY+ww9olsaCd
1EThINyAkMMUp9ukH7HSep1zrm7KogqXxeVA8/7e41LdppWst39dIhD3Yt+HmG+X
NVx4NEOQFmE8jskCXll/o30pn0Teve+ju/F6SEnKSO8pbSTSYOO14DMYCG+lx21O
8A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:28:09 2025 by rpki-client