Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/82f0f1-2147-49fd-a4d6-b7b574eedc33/1/rKdkd9SDKkVTIg6M8_7YnvTo6BM.roa
File: rKdkd9SDKkVTIg6M8_7YnvTo6BM.roa (raw, json)
Hash identifier: RSw4iTNpKsTaDjqixoC/QWQUSfsasWSVMsrVPJvs/EE=
Subject key identifier: AC:A7:64:77:D4:83:2A:45:53:22:0E:8C:F3:FE:D8:9E:F4:E8:E8:13
Certificate issuer: /CN=3ae145fe3b79b2bf68aadbe007def6d72aef2ac3
Certificate serial: 018CC94E4483EE94952744CD82B7047944AD
Authority key identifier: 3A:E1:45:FE:3B:79:B2:BF:68:AA:DB:E0:07:DE:F6:D7:2A:EF:2A:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OuFF_jt5sr9oqtvgB9721yrvKsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/82f0f1-2147-49fd-a4d6-b7b574eedc33/1/rKdkd9SDKkVTIg6M8_7YnvTo6BM.roa
Signing time: Tue 02 Jan 2024 08:33:18 +0000
ROA not before: Tue 02 Jan 2024 08:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31064
IP address blocks: 195.16.84.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:44:83:ee:94:95:27:44:cd:82:b7:04:79:44:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ae145fe3b79b2bf68aadbe007def6d72aef2ac3
Validity
Not Before: Jan 2 08:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aca76477d4832a4553220e8cf3fed89ef4e8e813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d3:8b:03:b0:4f:dd:e8:d9:37:3b:05:32:f0:
59:d4:6a:2a:79:21:72:7a:fc:7a:d0:85:24:18:81:
e2:dc:57:4a:51:46:44:4b:48:b7:08:83:69:e8:a3:
e5:2e:6c:f1:6c:31:ae:49:39:27:f8:07:e3:c5:36:
cc:52:1c:bb:8e:ee:f5:51:f5:f9:14:24:58:17:89:
f5:fe:37:b0:7e:47:a4:5a:0d:f7:11:f3:a0:a9:4a:
b6:96:d0:7f:1b:14:1d:2b:e4:7f:58:a9:60:27:7b:
da:86:77:f9:b2:41:d3:70:33:2b:ce:5d:07:81:a7:
c2:66:fd:b2:82:04:ec:78:3f:e7:e2:93:91:dd:03:
57:7f:55:1c:0b:81:3e:84:96:1d:83:04:3e:97:1e:
ff:4c:ee:8a:df:fb:66:62:a0:ba:83:16:15:1d:e7:
30:2b:86:da:1e:db:55:68:1c:97:6a:16:e0:42:26:
a2:b0:19:be:9f:d8:78:93:f4:6d:f5:74:71:32:4b:
6d:0f:5a:61:e0:58:ee:6d:dc:53:62:c3:57:8e:44:
34:85:cc:56:b2:36:ef:c2:b1:7e:1d:70:8f:80:11:
02:a8:b8:0b:14:4b:9b:01:0c:72:f9:ca:e9:e5:46:
9f:10:f3:54:e8:80:7b:c2:43:03:b6:9f:7f:df:eb:
e0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A7:64:77:D4:83:2A:45:53:22:0E:8C:F3:FE:D8:9E:F4:E8:E8:13
X509v3 Authority Key Identifier:
keyid:3A:E1:45:FE:3B:79:B2:BF:68:AA:DB:E0:07:DE:F6:D7:2A:EF:2A:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OuFF_jt5sr9oqtvgB9721yrvKsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/82f0f1-2147-49fd-a4d6-b7b574eedc33/1/rKdkd9SDKkVTIg6M8_7YnvTo6BM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/82f0f1-2147-49fd-a4d6-b7b574eedc33/1/OuFF_jt5sr9oqtvgB9721yrvKsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.16.84.0/22
Signature Algorithm: sha256WithRSAEncryption
88:d4:c1:95:ee:8c:ee:10:92:4c:e5:64:f8:41:fa:af:3a:59:
db:07:24:43:c3:e8:4d:47:e9:02:c8:5b:a1:35:a3:93:63:67:
ed:a1:ba:32:5a:52:f3:95:3d:4c:5c:9f:23:9f:4c:35:70:31:
ec:1d:43:64:78:bf:6e:fa:e8:40:c6:5e:86:ec:23:3c:55:b5:
e3:99:58:64:c8:8b:b1:67:92:04:b4:20:54:54:ef:10:ce:5f:
09:af:76:71:cf:13:d1:95:4e:89:8d:33:8e:70:66:3b:c0:0b:
94:44:54:f3:82:0f:c1:a4:58:54:a3:d7:f7:53:39:15:f8:dc:
c4:c9:94:3c:68:4c:6c:31:37:f7:a1:49:77:70:9b:fa:1a:22:
b1:f1:bb:8a:9b:60:62:fe:ab:94:a9:0f:b7:3a:ec:41:3d:f2:
0f:63:31:6e:7b:98:14:e9:6a:47:64:bf:ed:72:43:b0:af:9a:
e7:77:c4:5e:1a:3b:c8:49:dc:4c:0b:e4:ac:f1:68:65:58:b5:
3a:48:58:2f:ca:9a:f7:7a:32:e7:9a:e1:7b:ac:30:09:57:72:
75:63:56:6a:4b:81:3b:ab:3e:f3:40:04:23:6f:6a:4a:3e:ff:
91:35:80:f6:48:dc:5f:e1:0d:35:5c:6d:0a:1a:3e:9d:71:1d:
f0:16:89:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTkSD7pSVJ0TNgrcEeUStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZTE0NWZlM2I3OWIyYmY2OGFhZGJlMDA3ZGVmNmQ3MmFl
ZjJhYzMwHhcNMjQwMTAyMDgzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2E3NjQ3N2Q0ODMyYTQ1NTMyMjBlOGNmM2ZlZDg5ZWY0ZThlODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNOLA7BP3ejZNzsFMvBZ1GoqeSFy
evx60IUkGIHi3FdKUUZES0i3CINp6KPlLmzxbDGuSTkn+AfjxTbMUhy7ju71UfX5
FCRYF4n1/jewfkekWg33EfOgqUq2ltB/GxQdK+R/WKlgJ3vahnf5skHTcDMrzl0H
gafCZv2yggTseD/n4pOR3QNXf1UcC4E+hJYdgwQ+lx7/TO6K3/tmYqC6gxYVHecw
K4baHttVaByXahbgQiaisBm+n9h4k/Rt9XRxMkttD1ph4FjubdxTYsNXjkQ0hcxW
sjbvwrF+HXCPgBECqLgLFEubAQxy+crp5UafEPNU6IB7wkMDtp9/3+vgvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKynZHfUgypFUyIOjPP+2J706OgTMB8GA1UdIwQY
MBaAFDrhRf47ebK/aKrb4Afe9tcq7yrDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3VGRl9qdDVzcjlvcXR2Z0I5NzIxeXJ2S3NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84MmYwZjEtMjE0Ny00OWZkLWE0ZDYt
YjdiNTc0ZWVkYzMzLzEvcktka2Q5U0RLa1ZUSWc2TThfN1ludlRvNkJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84MmYwZjEtMjE0Ny00OWZkLWE0ZDYtYjdiNTc0ZWVkYzMz
LzEvT3VGRl9qdDVzcjlvcXR2Z0I5NzIxeXJ2S3NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwxBUMA0G
CSqGSIb3DQEBCwUAA4IBAQCI1MGV7ozuEJJM5WT4QfqvOlnbByRDw+hNR+kCyFuh
NaOTY2ftoboyWlLzlT1MXJ8jn0w1cDHsHUNkeL9u+uhAxl6G7CM8VbXjmVhkyIux
Z5IEtCBUVO8Qzl8Jr3ZxzxPRlU6JjTOOcGY7wAuURFTzgg/BpFhUo9f3UzkV+NzE
yZQ8aExsMTf3oUl3cJv6GiKx8buKm2Bi/quUqQ+3OuxBPfIPYzFue5gU6WpHZL/t
ckOwr5rnd8ReGjvISdxMC+Ss8WhlWLU6SFgvypr3ejLnmuF7rDAJV3J1Y1ZqS4E7
qz7zQAQjb2pKPv+RNYD2SNxf4Q01XG0KGj6dcR3wFonH
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:03:54 2025 by rpki-client