Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/pi0m8ItGQU_1KUziIzWipbWTZ1U.roa
File: pi0m8ItGQU_1KUziIzWipbWTZ1U.roa (raw, json)
Hash identifier: dNmRlkGp5JHgq9te/3UnftdEhJnuqvrIk2cLoA0C8Mo=
Subject key identifier: A6:2D:26:F0:8B:46:41:4F:F5:29:4C:E2:23:35:A2:A5:B5:93:67:55
Certificate issuer: /CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Certificate serial: 019427B6094338B2F3ACFC360B48305BBB0F
Authority key identifier: 36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/pi0m8ItGQU_1KUziIzWipbWTZ1U.roa
Signing time: Thu 02 Jan 2025 15:50:28 +0000
ROA not before: Thu 02 Jan 2025 15:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 195.66.224.0/19 maxlen: 19
2001:7f8:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:09:43:38:b2:f3:ac:fc:36:0b:48:30:5b:bb:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Validity
Not Before: Jan 2 15:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a62d26f08b46414ff5294ce22335a2a5b5936755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fc:c6:f3:ef:14:78:7c:35:46:42:84:c4:25:
e6:e6:b6:90:6f:60:ae:c0:3a:6d:37:a1:05:f1:ac:
0b:e9:59:2a:35:38:60:03:1b:19:83:cf:fe:e1:d3:
0b:a7:9f:ef:38:73:b8:fe:0b:fd:4f:3c:21:4d:c3:
f9:cb:4e:3f:35:a5:fa:94:2f:cc:f5:8e:b2:17:ab:
12:be:f1:45:17:90:75:64:ea:d4:04:11:0a:b7:60:
59:d5:f9:ad:61:27:b2:bf:bd:d6:39:b6:95:f2:91:
ea:ec:99:d4:92:48:d4:2a:6f:20:82:b5:34:58:24:
06:7f:a5:a8:75:89:8e:9a:47:b0:d0:e1:68:d1:80:
97:29:d9:38:55:09:34:7f:cb:b9:6a:74:85:45:1f:
81:69:d0:e8:57:87:09:72:5b:f4:25:16:9b:84:2c:
56:96:22:d1:63:da:84:86:79:b6:e7:44:95:59:f6:
d1:ec:1d:a6:a1:1f:5d:f0:5c:e3:d1:7c:b8:cb:72:
8a:40:dd:38:72:62:fa:61:d5:97:fd:45:d3:27:69:
6a:11:45:f4:2b:53:c7:03:a4:39:1e:59:31:d2:ba:
53:3a:5f:ac:0a:37:55:6a:cc:8b:57:75:4b:55:f6:
51:74:e7:73:c6:0f:55:40:3a:0b:eb:6d:0d:3e:06:
1f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:2D:26:F0:8B:46:41:4F:F5:29:4C:E2:23:35:A2:A5:B5:93:67:55
X509v3 Authority Key Identifier:
keyid:36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/pi0m8ItGQU_1KUziIzWipbWTZ1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.224.0/19
IPv6:
2001:7f8:4::/48
Signature Algorithm: sha256WithRSAEncryption
08:8a:37:24:99:d6:b4:a7:c8:e2:ab:51:ec:2a:f5:65:e4:eb:
81:fd:04:e1:a8:28:69:38:0b:40:89:21:62:b6:36:73:74:8a:
8e:8b:b0:b8:44:59:bb:5d:4f:5c:0e:20:f2:f7:d2:fc:82:70:
6f:7b:f9:a3:24:5f:02:a5:62:c8:47:55:42:c6:64:3b:b2:2f:
46:79:04:1c:09:09:3a:fa:12:38:04:0d:88:a9:61:01:61:04:
c4:e0:23:dd:54:96:0f:11:19:a9:5c:93:91:95:ac:d3:c2:53:
3f:b0:bc:44:d6:89:e7:cb:50:e3:ba:04:e9:42:77:b8:93:8e:
f6:1b:0b:56:64:de:da:cd:59:68:0f:53:8d:42:64:1b:08:d3:
c6:b0:c9:49:da:64:96:13:9c:5c:d9:bd:65:7e:90:bf:e7:35:
fc:78:20:a6:a1:69:aa:1b:53:70:a9:58:97:1f:98:cf:2d:94:
73:26:68:f3:ef:75:d7:0f:10:cf:97:e4:fe:f0:6f:71:79:f5:
d5:fa:e7:ed:ec:5f:58:31:26:52:ca:5d:ac:f5:4d:14:bb:df:
ca:53:0a:28:57:96:c4:ae:11:4d:a3:f4:08:e9:e2:b8:bd:32:
b4:51:71:75:ab:7d:ee:b7:56:3b:71:3a:87:97:47:ff:d9:50:
d0:88:a9:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQntglDOLLzrPw2C0gwW7sPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZWFhMDBlYTc3NzA5OGIxYmYwMzY3NTZkNjQwZTlkMzFk
NjNiM2IwHhcNMjUwMTAyMTU1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjJkMjZmMDhiNDY0MTRmZjUyOTRjZTIyMzM1YTJhNWI1OTM2NzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/zG8+8UeHw1RkKExCXm5raQb2Cu
wDptN6EF8awL6VkqNThgAxsZg8/+4dMLp5/vOHO4/gv9TzwhTcP5y04/NaX6lC/M
9Y6yF6sSvvFFF5B1ZOrUBBEKt2BZ1fmtYSeyv73WObaV8pHq7JnUkkjUKm8ggrU0
WCQGf6WodYmOmkew0OFo0YCXKdk4VQk0f8u5anSFRR+BadDoV4cJclv0JRabhCxW
liLRY9qEhnm250SVWfbR7B2moR9d8Fzj0Xy4y3KKQN04cmL6YdWX/UXTJ2lqEUX0
K1PHA6Q5Hlkx0rpTOl+sCjdVasyLV3VLVfZRdOdzxg9VQDoL620NPgYf7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKYtJvCLRkFP9SlM4iM1oqW1k2dVMB8GA1UdIwQY
MBaAFDbqoA6ndwmLG/A2dW1kDp0x1js7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQt
YmRiMjEzMTNjM2VjLzEvcGkwbThJdEdRVV8xS1V6aUl6V2lwYldUWjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQtYmRiMjEzMTNjM2Vj
LzEvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQFw0LgMA8E
AgACMAkDBwAgAQf4AAQwDQYJKoZIhvcNAQELBQADggEBAAiKNySZ1rSnyOKrUewq
9WXk64H9BOGoKGk4C0CJIWK2NnN0io6LsLhEWbtdT1wOIPL30vyCcG97+aMkXwKl
YshHVULGZDuyL0Z5BBwJCTr6EjgEDYipYQFhBMTgI91Ulg8RGalck5GVrNPCUz+w
vETWiefLUOO6BOlCd7iTjvYbC1Zk3trNWWgPU41CZBsI08awyUnaZJYTnFzZvWV+
kL/nNfx4IKahaaobU3CpWJcfmM8tlHMmaPPvddcPEM+X5P7wb3F59dX65+3sX1gx
JlLKXaz1TRS738pTCihXlsSuEU2j9Ajp4ri9MrRRcXWrfe63VjtxOoeXR//ZUNCI
qVA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:26 2025 by rpki-client