Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/JZ0aaYFj7IVaH2VzvyP-hrd5WRY.roa
File: JZ0aaYFj7IVaH2VzvyP-hrd5WRY.roa (raw, json)
Hash identifier: NFZatP5QzAykkG+QnrkI9HiICUER0h9e0EtlC/fbFpE=
Subject key identifier: 25:9D:1A:69:81:63:EC:85:5A:1F:65:73:BF:23:FE:86:B7:79:59:16
Certificate issuer: /CN=c255989d579c4b5eade852f97f62e9bf2cfbde3c
Certificate serial: 019420D627049383A299138D772EB193EAD1
Authority key identifier: C2:55:98:9D:57:9C:4B:5E:AD:E8:52:F9:7F:62:E9:BF:2C:FB:DE:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wlWYnVecS16t6FL5f2Lpvyz73jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/JZ0aaYFj7IVaH2VzvyP-hrd5WRY.roa
Signing time: Wed 01 Jan 2025 07:48:13 +0000
ROA not before: Wed 01 Jan 2025 07:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 188.95.140.0/24 maxlen: 24
188.95.141.0/24 maxlen: 24
188.95.142.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:27:04:93:83:a2:99:13:8d:77:2e:b1:93:ea:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c255989d579c4b5eade852f97f62e9bf2cfbde3c
Validity
Not Before: Jan 1 07:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=259d1a698163ec855a1f6573bf23fe86b7795916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:43:d7:47:a2:ba:36:8b:b7:ec:1b:28:99:3d:
40:b0:03:5f:ef:aa:9e:26:28:7a:11:8d:2d:9a:72:
2a:43:5f:dd:2c:f7:96:70:21:b5:a5:10:64:af:d2:
05:f9:62:67:89:37:13:d7:ba:07:55:c6:97:fa:8b:
51:25:bf:79:e2:b8:30:e7:20:03:f6:44:33:26:f2:
de:85:b1:64:ae:e1:ce:1b:8d:44:4d:36:df:e7:e6:
b3:fd:0d:71:f1:e7:9a:28:61:f7:2e:57:9f:3f:ed:
4d:a4:7d:52:9c:08:6c:fc:2c:66:b7:98:bd:28:61:
10:60:1c:c1:1e:f9:bf:e6:e8:1a:88:92:44:86:70:
c2:f0:1a:3e:84:19:39:97:30:d0:a1:d2:10:71:88:
7c:e6:6d:22:40:eb:eb:86:1b:34:1d:9e:c5:da:61:
6f:22:04:1f:d8:66:f6:5f:29:88:e0:e0:1e:2a:ab:
d7:60:74:f0:4d:3d:55:fc:d3:f7:04:8f:64:d5:e2:
5b:7f:96:24:de:70:66:05:39:05:f4:8a:96:1d:bf:
9f:6b:10:5f:e1:10:5e:3e:ae:b2:d0:ad:ac:04:6a:
ab:90:dd:29:fa:d3:51:75:c9:46:f8:ac:86:ed:16:
16:6b:79:67:aa:00:30:9e:68:49:6e:58:cc:9e:63:
13:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:9D:1A:69:81:63:EC:85:5A:1F:65:73:BF:23:FE:86:B7:79:59:16
X509v3 Authority Key Identifier:
keyid:C2:55:98:9D:57:9C:4B:5E:AD:E8:52:F9:7F:62:E9:BF:2C:FB:DE:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wlWYnVecS16t6FL5f2Lpvyz73jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/JZ0aaYFj7IVaH2VzvyP-hrd5WRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/wlWYnVecS16t6FL5f2Lpvyz73jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.140.0-188.95.142.255
Signature Algorithm: sha256WithRSAEncryption
1b:36:8c:47:55:b9:07:45:d9:66:8d:d0:3a:85:dd:99:5f:18:
29:1f:ad:a9:06:8f:aa:ff:2b:16:51:30:ba:cf:8f:da:21:f7:
ec:9b:8b:46:af:79:91:41:5f:1d:b8:74:ec:33:15:35:b0:d1:
ce:48:dd:6b:db:d4:18:6d:85:e7:56:63:32:17:f4:53:93:60:
9d:7e:4b:5a:e2:cb:b5:02:e3:e5:91:b2:26:72:09:c7:26:24:
83:0d:9b:1e:ac:9a:a9:24:21:3f:f6:47:9b:02:4b:d2:dc:94:
a9:c9:5c:0a:24:bc:4a:67:3d:8e:25:b2:70:a0:f5:aa:99:6e:
2e:6c:ec:42:54:27:dd:4c:63:93:d1:6a:13:90:30:2a:93:88:
ae:f7:09:13:ab:92:a7:23:73:50:95:e9:74:ec:53:aa:f5:6f:
13:7b:5b:b0:aa:4b:33:db:c9:79:3e:68:59:97:02:be:f0:62:
a8:4a:41:9c:31:d0:00:c5:d2:8f:d2:22:2b:22:68:46:3a:84:
e8:bd:4a:bb:f3:44:a4:48:2f:63:69:9e:99:05:2c:f1:98:17:
95:3c:08:7d:72:d2:9d:81:ed:9b:ed:30:d6:c3:f1:65:48:6c:
2c:d9:e8:b2:f0:2d:5c:12:ed:fa:b6:2f:87:6a:4e:6a:a9:88:
a5:6a:2f:27
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQg1icEk4OimRONdy6xk+rRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNTU5ODlkNTc5YzRiNWVhZGU4NTJmOTdmNjJlOWJmMmNm
YmRlM2MwHhcNMjUwMTAxMDc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTlkMWE2OTgxNjNlYzg1NWExZjY1NzNiZjIzZmU4NmI3Nzk1OTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkPXR6K6Nou37BsomT1AsANf76qe
Jih6EY0tmnIqQ1/dLPeWcCG1pRBkr9IF+WJniTcT17oHVcaX+otRJb954rgw5yAD
9kQzJvLehbFkruHOG41ETTbf5+az/Q1x8eeaKGH3LlefP+1NpH1SnAhs/Cxmt5i9
KGEQYBzBHvm/5ugaiJJEhnDC8Bo+hBk5lzDQodIQcYh85m0iQOvrhhs0HZ7F2mFv
IgQf2Gb2XymI4OAeKqvXYHTwTT1V/NP3BI9k1eJbf5Yk3nBmBTkF9IqWHb+faxBf
4RBePq6y0K2sBGqrkN0p+tNRdclG+KyG7RYWa3lnqgAwnmhJbljMnmMTjwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCWdGmmBY+yFWh9lc78j/oa3eVkWMB8GA1UdIwQY
MBaAFMJVmJ1XnEterehS+X9i6b8s+948MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2xXWW5WZWNTMTZ0NkZMNWYyTHB2eXo3M2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83MjAzOTQtY2Y3MS00MGEzLWE1Mzgt
ZWQwMWVkN2MxMjliLzEvSlowYWFZRmo3SVZhSDJWenZ5UC1ocmQ1V1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83MjAzOTQtY2Y3MS00MGEzLWE1MzgtZWQwMWVkN2MxMjli
LzEvd2xXWW5WZWNTMTZ0NkZMNWYyTHB2eXo3M2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK8X4wD
BAC8X44wDQYJKoZIhvcNAQELBQADggEBABs2jEdVuQdF2WaN0DqF3ZlfGCkfrakG
j6r/KxZRMLrPj9oh9+ybi0aveZFBXx24dOwzFTWw0c5I3Wvb1BhthedWYzIX9FOT
YJ1+S1riy7UC4+WRsiZyCccmJIMNmx6smqkkIT/2R5sCS9LclKnJXAokvEpnPY4l
snCg9aqZbi5s7EJUJ91MY5PRahOQMCqTiK73CROrkqcjc1CV6XTsU6r1bxN7W7Cq
SzPbyXk+aFmXAr7wYqhKQZwx0ADF0o/SIisiaEY6hOi9SrvzRKRIL2NpnpkFLPGY
F5U8CH1y0p2B7ZvtMNbD8WVIbCzZ6LLwLVwS7fq2L4dqTmqpiKVqLyc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:42:14 2025 by rpki-client