Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/6aeda8-b75c-4bbb-8e7d-8feaafac7e89/1/cJOETGpzF01z2PB9BHQ2YdHB3Oo.roa
File: cJOETGpzF01z2PB9BHQ2YdHB3Oo.roa (raw, json)
Hash identifier: ddSAvoAgeQ9Rf29fTQhbhEaJlnO0oFB6dwFmZVNzK/g=
Subject key identifier: 70:93:84:4C:6A:73:17:4D:73:D8:F0:7D:04:74:36:61:D1:C1:DC:EA
Certificate issuer: /CN=7383fa438a6fae62b35f9091876c44dedb9c0da3
Certificate serial: 019424457DD3BD272E515FEC041DCAFEBA0A
Authority key identifier: 73:83:FA:43:8A:6F:AE:62:B3:5F:90:91:87:6C:44:DE:DB:9C:0D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c4P6Q4pvrmKzX5CRh2xE3tucDaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/6aeda8-b75c-4bbb-8e7d-8feaafac7e89/1/cJOETGpzF01z2PB9BHQ2YdHB3Oo.roa
Signing time: Wed 01 Jan 2025 23:48:41 +0000
ROA not before: Wed 01 Jan 2025 23:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42085
IP address blocks: 195.64.138.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:7d:d3:bd:27:2e:51:5f:ec:04:1d:ca:fe:ba:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7383fa438a6fae62b35f9091876c44dedb9c0da3
Validity
Not Before: Jan 1 23:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7093844c6a73174d73d8f07d04743661d1c1dcea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fc:68:b8:fb:99:64:4f:6e:06:7a:8d:94:bf:
a7:95:5a:38:38:0d:38:02:71:5e:36:9f:65:d3:23:
38:c9:31:6d:21:46:83:23:1c:ce:32:f7:d1:11:a2:
9d:d2:1d:bb:d5:c2:40:e2:6f:5d:c1:28:99:17:fc:
6a:26:45:81:3e:1a:67:82:f8:94:8f:87:57:0d:0e:
0e:bb:14:80:3c:94:b0:1d:5b:6f:c7:23:16:50:d1:
ec:60:0a:1b:3d:57:0d:ee:5e:a8:0e:69:98:74:20:
94:81:70:fa:c0:d3:2c:1b:82:21:73:60:b2:5b:d9:
ec:3c:1f:2c:b2:13:89:65:91:60:ec:16:c2:f6:7e:
6e:6c:80:78:0a:34:19:bb:86:e4:c0:fb:63:ad:5b:
2e:61:a4:85:92:ef:08:8f:eb:40:49:92:85:83:79:
23:cd:ea:b0:94:2a:cd:d0:4a:0f:1f:28:08:48:95:
81:e4:bb:b1:84:a0:49:17:e7:ec:9c:c4:13:a0:81:
fe:d9:aa:bc:7b:18:de:d1:50:cd:0b:73:73:77:e9:
dc:c0:c3:a1:3a:37:cb:05:94:ba:e9:60:ad:e4:31:
72:79:35:03:f2:91:ea:55:b8:81:6a:53:39:12:3d:
45:2d:d7:61:28:da:35:d1:a4:2a:a4:21:ca:fb:8f:
17:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:93:84:4C:6A:73:17:4D:73:D8:F0:7D:04:74:36:61:D1:C1:DC:EA
X509v3 Authority Key Identifier:
keyid:73:83:FA:43:8A:6F:AE:62:B3:5F:90:91:87:6C:44:DE:DB:9C:0D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4P6Q4pvrmKzX5CRh2xE3tucDaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6aeda8-b75c-4bbb-8e7d-8feaafac7e89/1/cJOETGpzF01z2PB9BHQ2YdHB3Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6aeda8-b75c-4bbb-8e7d-8feaafac7e89/1/c4P6Q4pvrmKzX5CRh2xE3tucDaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.138.0/23
Signature Algorithm: sha256WithRSAEncryption
34:46:4a:ce:9f:1a:90:7d:3e:45:4e:97:6c:cf:34:e3:d7:fc:
c8:c9:25:86:aa:de:a6:1f:a2:22:8b:65:bb:40:68:5b:86:4f:
8b:47:c0:53:0b:4c:e3:0c:e6:6d:0e:18:47:94:db:69:69:eb:
e7:a7:ea:56:e6:3e:a0:ea:1b:f0:32:68:dd:ff:31:a0:cd:c6:
5d:0f:ec:42:dc:f4:73:3c:ab:03:53:30:57:8b:4c:a9:d0:a0:
14:73:44:90:2c:e8:20:ca:61:44:35:bb:f2:5b:1b:65:ae:b4:
0d:23:5b:84:20:a8:fc:98:c6:4b:d6:6a:33:42:fb:7d:af:1c:
46:a4:9d:b5:8c:10:14:c8:32:f7:f8:8d:46:87:6e:c1:64:09:
5d:7f:09:22:e1:0a:2c:39:22:c5:3a:f6:7d:b0:f9:76:76:b2:
8a:88:b9:f4:95:5b:7f:d5:a4:02:02:ba:09:7a:93:2b:ed:9c:
9b:8d:23:6b:8a:d5:0b:49:4d:6c:77:45:8a:4c:c6:d3:5a:eb:
39:45:c0:63:0d:a1:b8:63:54:e9:d4:fd:61:ef:9c:6b:46:f5:
df:0b:1d:ef:50:bd:f8:7c:71:a6:9a:fe:71:da:2c:9d:7b:54:
f8:01:72:5c:3d:ea:b2:12:22:ee:c5:22:28:50:38:ba:27:05:
81:6f:30:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRX3TvScuUV/sBB3K/roKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczODNmYTQzOGE2ZmFlNjJiMzVmOTA5MTg3NmM0NGRlZGI5
YzBkYTMwHhcNMjUwMTAxMjM0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDkzODQ0YzZhNzMxNzRkNzNkOGYwN2QwNDc0MzY2MWQxYzFkY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/xouPuZZE9uBnqNlL+nlVo4OA04
AnFeNp9l0yM4yTFtIUaDIxzOMvfREaKd0h271cJA4m9dwSiZF/xqJkWBPhpngviU
j4dXDQ4OuxSAPJSwHVtvxyMWUNHsYAobPVcN7l6oDmmYdCCUgXD6wNMsG4Ihc2Cy
W9nsPB8sshOJZZFg7BbC9n5ubIB4CjQZu4bkwPtjrVsuYaSFku8Ij+tASZKFg3kj
zeqwlCrN0EoPHygISJWB5LuxhKBJF+fsnMQToIH+2aq8exje0VDNC3Nzd+ncwMOh
OjfLBZS66WCt5DFyeTUD8pHqVbiBalM5Ej1FLddhKNo10aQqpCHK+48XFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCThExqcxdNc9jwfQR0NmHRwdzqMB8GA1UdIwQY
MBaAFHOD+kOKb65is1+QkYdsRN7bnA2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzRQNlE0cHZybUt6WDVDUmgyeEUzdHVjRGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC82YWVkYTgtYjc1Yy00YmJiLThlN2Qt
OGZlYWFmYWM3ZTg5LzEvY0pPRVRHcHpGMDF6MlBCOUJIUTJZZEhCM09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC82YWVkYTgtYjc1Yy00YmJiLThlN2QtOGZlYWFmYWM3ZTg5
LzEvYzRQNlE0cHZybUt6WDVDUmgyeEUzdHVjRGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw0CKMA0G
CSqGSIb3DQEBCwUAA4IBAQA0RkrOnxqQfT5FTpdszzTj1/zIySWGqt6mH6Iii2W7
QGhbhk+LR8BTC0zjDOZtDhhHlNtpaevnp+pW5j6g6hvwMmjd/zGgzcZdD+xC3PRz
PKsDUzBXi0yp0KAUc0SQLOggymFENbvyWxtlrrQNI1uEIKj8mMZL1mozQvt9rxxG
pJ21jBAUyDL3+I1Gh27BZAldfwki4QosOSLFOvZ9sPl2drKKiLn0lVt/1aQCAroJ
epMr7ZybjSNritULSU1sd0WKTMbTWus5RcBjDaG4Y1Tp1P1h75xrRvXfCx3vUL34
fHGmmv5x2iyde1T4AXJcPeqyEiLuxSIoUDi6JwWBbzBV
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:13:33 2025 by rpki-client