Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/a3b8cd-56fa-43a1-8dc1-2e5af5b68781/1/IGaAmqWaXDC8Jd-8Qa85p2QBKSs.roa
File: IGaAmqWaXDC8Jd-8Qa85p2QBKSs.roa (raw, json)
Hash identifier: m3bXj57F8BUs8aS9v6HaMmQ2fB5Rx7CSbbCBnNNdBUY=
Subject key identifier: 20:66:80:9A:A5:9A:5C:30:BC:25:DF:BC:41:AF:39:A7:64:01:29:2B
Certificate issuer: /CN=c128165f8eee185faaf9aa33875f4ee412b10f8c
Certificate serial: 01941F8BFEC55E9D1F832B7DD4474717183B
Authority key identifier: C1:28:16:5F:8E:EE:18:5F:AA:F9:AA:33:87:5F:4E:E4:12:B1:0F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSgWX47uGF-q-aozh19O5BKxD4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/a3b8cd-56fa-43a1-8dc1-2e5af5b68781/1/IGaAmqWaXDC8Jd-8Qa85p2QBKSs.roa
Signing time: Wed 01 Jan 2025 01:47:35 +0000
ROA not before: Wed 01 Jan 2025 01:47:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25541
IP address blocks: 195.245.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8b:fe:c5:5e:9d:1f:83:2b:7d:d4:47:47:17:18:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c128165f8eee185faaf9aa33875f4ee412b10f8c
Validity
Not Before: Jan 1 01:47:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2066809aa59a5c30bc25dfbc41af39a76401292b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:22:19:bd:92:bc:2a:dd:0d:22:f1:b7:38:5f:
b2:5f:1e:89:6f:fc:ea:31:f5:53:10:ed:19:31:5a:
d5:eb:33:e3:4b:52:04:be:84:51:fc:0a:11:45:9c:
ae:a3:16:ac:cb:b7:59:a2:14:d3:1a:09:e0:6d:3d:
ea:6b:1d:59:8f:14:df:e3:74:d3:2d:11:12:e1:a6:
cd:c3:de:85:ee:80:15:e6:59:75:a4:9c:85:32:27:
b4:da:f8:6d:f6:a9:bb:28:3f:bd:6d:2e:39:55:f8:
96:30:7e:3d:23:8d:63:16:00:68:b2:e8:55:bc:8d:
25:2d:51:a4:d1:df:f5:e0:63:36:50:6f:04:2e:65:
2e:f0:a3:08:08:df:82:11:15:84:dd:b3:9b:bf:3e:
2a:9e:a2:d1:e6:fd:3d:4d:6a:55:33:ab:06:24:ea:
05:ba:af:f5:f6:dc:5d:7b:56:b8:d5:b3:3c:9b:71:
3b:e5:98:0b:28:80:42:cf:9b:c5:7e:80:e6:80:50:
a3:98:8b:84:97:41:c5:50:ff:35:1f:f6:66:b2:58:
bf:4b:05:52:ee:7c:9a:f3:b1:85:0c:86:76:0b:82:
0a:0f:7e:f5:6c:7c:e4:f2:cd:5b:c5:0e:6d:a4:aa:
8b:f6:44:ab:0c:6d:2d:1d:f7:54:60:e6:fd:0c:bd:
46:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:66:80:9A:A5:9A:5C:30:BC:25:DF:BC:41:AF:39:A7:64:01:29:2B
X509v3 Authority Key Identifier:
keyid:C1:28:16:5F:8E:EE:18:5F:AA:F9:AA:33:87:5F:4E:E4:12:B1:0F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSgWX47uGF-q-aozh19O5BKxD4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a3b8cd-56fa-43a1-8dc1-2e5af5b68781/1/IGaAmqWaXDC8Jd-8Qa85p2QBKSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a3b8cd-56fa-43a1-8dc1-2e5af5b68781/1/wSgWX47uGF-q-aozh19O5BKxD4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.245.216.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:4d:c5:d4:5c:aa:85:59:4c:47:1d:3a:dd:19:28:fd:df:73:
63:e9:24:bc:19:e1:19:9b:63:65:d8:d6:48:09:57:05:eb:e8:
34:18:ec:12:87:39:30:a2:f5:47:58:87:48:17:73:6b:42:dc:
d6:ca:83:db:35:84:02:67:e9:be:fa:67:a1:83:64:4d:44:44:
e0:23:1b:92:34:04:f9:9b:10:84:a7:8c:c4:aa:9e:84:af:bf:
78:ea:6f:4f:88:89:2d:38:16:ad:50:e2:5a:27:11:a5:fb:26:
b7:17:f6:7b:28:d4:91:2f:68:b7:bd:a3:13:4f:61:8e:6e:e0:
aa:74:de:d8:cd:0e:07:90:f9:cd:20:b3:7b:e6:fa:5c:dc:b2:
4c:ac:d8:bd:d5:91:3d:ed:27:f2:52:c1:44:de:6e:d9:e6:fe:
fa:7e:2c:74:1d:8c:e0:4c:7b:81:d2:17:54:67:dc:1d:36:41:
34:de:7f:72:33:59:f7:d7:78:4c:02:dd:b6:9c:16:54:6d:ae:
86:f7:95:86:33:01:0f:50:a0:ec:ae:fc:46:21:e4:a3:da:bb:
eb:d1:b7:c4:02:44:5b:f4:13:28:5b:b7:67:2a:2f:0f:3e:23:
29:3b:20:68:2c:30:b3:e6:8b:ad:29:f4:1d:b7:3e:24:30:c8:
4b:ad:25:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfi/7FXp0fgyt91EdHFxg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMjgxNjVmOGVlZTE4NWZhYWY5YWEzMzg3NWY0ZWU0MTJi
MTBmOGMwHhcNMjUwMTAxMDE0NzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDY2ODA5YWE1OWE1YzMwYmMyNWRmYmM0MWFmMzlhNzY0MDEyOTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyIZvZK8Kt0NIvG3OF+yXx6Jb/zq
MfVTEO0ZMVrV6zPjS1IEvoRR/AoRRZyuoxasy7dZohTTGgngbT3qax1ZjxTf43TT
LRES4abNw96F7oAV5ll1pJyFMie02vht9qm7KD+9bS45VfiWMH49I41jFgBosuhV
vI0lLVGk0d/14GM2UG8ELmUu8KMICN+CERWE3bObvz4qnqLR5v09TWpVM6sGJOoF
uq/19txde1a41bM8m3E75ZgLKIBCz5vFfoDmgFCjmIuEl0HFUP81H/Zmsli/SwVS
7nya87GFDIZ2C4IKD371bHzk8s1bxQ5tpKqL9kSrDG0tHfdUYOb9DL1G7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCBmgJqlmlwwvCXfvEGvOadkASkrMB8GA1UdIwQY
MBaAFMEoFl+O7hhfqvmqM4dfTuQSsQ+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NnV1g0N3VHRi1xLWFvemgxOU81Qkt4RDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9hM2I4Y2QtNTZmYS00M2ExLThkYzEt
MmU1YWY1YjY4NzgxLzEvSUdhQW1xV2FYREM4SmQtOFFhODVwMlFCS1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9hM2I4Y2QtNTZmYS00M2ExLThkYzEtMmU1YWY1YjY4Nzgx
LzEvd1NnV1g0N3VHRi1xLWFvemgxOU81Qkt4RDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/XYMA0G
CSqGSIb3DQEBCwUAA4IBAQBOTcXUXKqFWUxHHTrdGSj933Nj6SS8GeEZm2Nl2NZI
CVcF6+g0GOwShzkwovVHWIdIF3NrQtzWyoPbNYQCZ+m++mehg2RNRETgIxuSNAT5
mxCEp4zEqp6Er7946m9PiIktOBatUOJaJxGl+ya3F/Z7KNSRL2i3vaMTT2GObuCq
dN7YzQ4HkPnNILN75vpc3LJMrNi91ZE97SfyUsFE3m7Z5v76fix0HYzgTHuB0hdU
Z9wdNkE03n9yM1n313hMAt22nBZUba6G95WGMwEPUKDsrvxGIeSj2rvr0bfEAkRb
9BMoW7dnKi8PPiMpOyBoLDCz5outKfQdtz4kMMhLrSUr
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:53 2025 by rpki-client