Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/DrZpY6t_Z34aPnka8mlfxbcLul4.roa
File: DrZpY6t_Z34aPnka8mlfxbcLul4.roa (raw, json)
Hash identifier: ArUDkHPBl4MihbzSvZGcRbPkxSIlgTU5MGX9tL6hwUo=
Subject key identifier: 0E:B6:69:63:AB:7F:67:7E:1A:3E:79:1A:F2:69:5F:C5:B7:0B:BA:5E
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0194221FD9F95607C2B61BF2540823CBF27D
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/DrZpY6t_Z34aPnka8mlfxbcLul4.roa
Signing time: Wed 01 Jan 2025 13:48:20 +0000
ROA not before: Wed 01 Jan 2025 13:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 95.111.128.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d9:f9:56:07:c2:b6:1b:f2:54:08:23:cb:f2:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 1 13:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0eb66963ab7f677e1a3e791af2695fc5b70bba5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b7:bf:70:a6:34:a6:c3:43:c5:3d:6d:a3:fb:
68:6e:d8:0a:46:d9:3f:26:dc:e8:89:e8:bd:69:d2:
05:55:12:40:cb:b7:bd:0a:2d:71:65:37:26:67:42:
21:4a:9b:db:06:96:b0:5f:06:a9:c5:82:3c:43:00:
2f:0d:bd:74:95:ad:a4:ba:99:7b:79:e7:a7:eb:22:
f4:a7:1f:b5:55:5b:56:56:59:cb:08:a3:2b:d8:06:
38:ab:0e:06:23:68:06:58:cf:df:de:d0:5b:48:74:
60:c4:cf:8e:a2:c5:83:c2:64:ad:67:c4:8e:9b:36:
2d:7e:4f:d9:97:7c:48:ae:30:ca:be:8b:b3:d7:e8:
cd:4e:b0:89:00:c1:f0:a3:ac:c8:a3:56:b6:2a:3f:
29:f1:bf:77:25:46:7d:0d:dc:2b:2d:be:79:f9:12:
9d:6c:1c:75:8e:43:b5:49:75:7f:5a:3d:2c:9e:b4:
e8:cd:1b:05:a9:5c:61:78:57:6f:9a:3e:a3:0c:11:
e6:cb:2c:34:d1:5a:f2:e5:a0:69:14:50:16:bd:42:
d3:91:bb:b7:7b:09:b0:de:64:36:40:b1:cf:0a:90:
b6:7e:5e:45:40:19:2b:4c:d0:c9:22:8f:7d:d8:f8:
6d:0a:38:ed:c5:ca:3d:d4:d3:2a:dd:9a:37:67:05:
6d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B6:69:63:AB:7F:67:7E:1A:3E:79:1A:F2:69:5F:C5:B7:0B:BA:5E
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/DrZpY6t_Z34aPnka8mlfxbcLul4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.111.128.0/19
Signature Algorithm: sha256WithRSAEncryption
00:f4:78:1f:10:3c:bd:c7:fd:5c:f3:bd:c3:5b:b6:d5:de:14:
78:64:93:b7:a8:94:bf:0d:8c:56:be:67:c2:ef:b2:34:16:ac:
54:46:08:75:8c:3a:d7:5e:b6:c6:34:18:28:3c:d0:b0:71:2f:
30:9d:00:52:67:2a:3f:c0:32:b4:99:7b:44:f6:51:ad:02:36:
ce:e7:3b:30:ff:1d:12:8b:e0:28:05:85:b4:6e:09:51:a7:83:
c5:e5:95:ef:39:0d:a8:97:45:ee:dc:68:66:4e:be:24:6a:5e:
88:78:d4:11:1f:91:63:65:b3:b6:3f:af:a0:d9:69:f0:4c:87:
28:1e:cb:e8:e3:0a:31:1b:ff:07:3b:10:b4:f3:eb:6c:c5:92:
7f:d8:5b:1e:9c:ce:76:95:22:b4:5c:f5:c9:69:7c:4d:9e:35:
ee:b8:f0:3b:3d:e6:9e:4a:65:6a:cb:d0:a3:29:93:5c:30:0e:
b4:7e:44:d0:ad:e1:8e:98:e7:9d:05:d9:63:e4:e0:c3:15:d7:
75:3e:79:2f:af:be:3d:fa:8a:0c:ae:7a:b5:04:53:65:7d:74:
f3:7c:d1:8b:53:02:63:ee:3c:a1:8c:8a:88:fa:cf:59:7b:5d:
dd:b6:e6:30:1e:24:90:fe:c6:3c:4d:bc:1e:bf:64:91:5d:e1:
51:dd:fd:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH9n5VgfCthvyVAgjy/J9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjUwMTAxMTM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWI2Njk2M2FiN2Y2NzdlMWEzZTc5MWFmMjY5NWZjNWI3MGJiYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLe/cKY0psNDxT1to/tobtgKRtk/
Jtzoiei9adIFVRJAy7e9Ci1xZTcmZ0IhSpvbBpawXwapxYI8QwAvDb10la2kupl7
eeen6yL0px+1VVtWVlnLCKMr2AY4qw4GI2gGWM/f3tBbSHRgxM+OosWDwmStZ8SO
mzYtfk/Zl3xIrjDKvouz1+jNTrCJAMHwo6zIo1a2Kj8p8b93JUZ9DdwrLb55+RKd
bBx1jkO1SXV/Wj0snrTozRsFqVxheFdvmj6jDBHmyyw00Vry5aBpFFAWvULTkbu3
ewmw3mQ2QLHPCpC2fl5FQBkrTNDJIo992PhtCjjtxco91NMq3Zo3ZwVtUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA62aWOrf2d+Gj55GvJpX8W3C7peMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvRHJacFk2dF9aMzRhUG5rYThtbGZ4YmNMdWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFX2+AMA0G
CSqGSIb3DQEBCwUAA4IBAQAA9HgfEDy9x/1c873DW7bV3hR4ZJO3qJS/DYxWvmfC
77I0FqxURgh1jDrXXrbGNBgoPNCwcS8wnQBSZyo/wDK0mXtE9lGtAjbO5zsw/x0S
i+AoBYW0bglRp4PF5ZXvOQ2ol0Xu3GhmTr4kal6IeNQRH5FjZbO2P6+g2WnwTIco
Hsvo4woxG/8HOxC08+tsxZJ/2FsenM52lSK0XPXJaXxNnjXuuPA7PeaeSmVqy9Cj
KZNcMA60fkTQreGOmOedBdlj5ODDFdd1Pnkvr749+ooMrnq1BFNlfXTzfNGLUwJj
7jyhjIqI+s9Ze13dtuYwHiSQ/sY8Tbwev2SRXeFR3f0p
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:09:04 2025 by rpki-client