Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/0a0e4d-4e75-49a5-bd0c-1a5c7635588b/1/1-6tgApGzi84jUfnnO4hR3VcZnhw.roa
File: 1-6tgApGzi84jUfnnO4hR3VcZnhw.roa (raw, json)
Hash identifier: HVjUDSjbZacQo7V9+9zKGEkK9aQQLCss0l6qBdFGXKw=
Subject key identifier: FB:AB:60:02:91:B3:8B:CE:23:51:F9:E7:3B:88:51:DD:57:19:9E:1C
Certificate issuer: /CN=1b623dba62b857ca73d8a80a11990f71e04e7db6
Certificate serial: 019427477896F4A6CCEC042F447D8BB59DC9
Authority key identifier: 1B:62:3D:BA:62:B8:57:CA:73:D8:A8:0A:11:99:0F:71:E0:4E:7D:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2I9umK4V8pz2KgKEZkPceBOfbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/0a0e4d-4e75-49a5-bd0c-1a5c7635588b/1/1-6tgApGzi84jUfnnO4hR3VcZnhw.roa
Signing time: Thu 02 Jan 2025 13:49:42 +0000
ROA not before: Thu 02 Jan 2025 13:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6730
IP address blocks: 195.43.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:78:96:f4:a6:cc:ec:04:2f:44:7d:8b:b5:9d:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b623dba62b857ca73d8a80a11990f71e04e7db6
Validity
Not Before: Jan 2 13:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbab600291b38bce2351f9e73b8851dd57199e1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cb:f2:76:d4:6f:e2:ba:b5:4f:b8:4c:72:25:
50:47:06:ad:ed:66:59:d3:2e:9b:3f:7d:12:f2:62:
31:3d:b1:45:b6:96:6a:ae:2a:1a:cd:78:d6:18:e2:
7a:04:89:aa:c4:0d:5a:ed:4d:37:63:5e:98:74:b8:
30:c7:ac:43:58:8d:9f:14:10:bb:31:f7:1b:9c:54:
a1:c8:ff:cc:96:56:d6:2d:27:b2:30:d8:6a:50:60:
a4:15:09:4a:dc:57:fd:18:58:55:ae:4f:0d:c6:cc:
88:49:fc:2c:3e:f7:eb:c3:2f:d2:e8:97:6d:c2:93:
f1:92:9e:bd:7e:08:e0:87:47:d4:a2:95:c6:36:05:
5b:4b:57:ad:23:46:33:86:cd:08:c6:8a:29:c4:d3:
e6:ab:32:53:dc:72:31:a2:de:69:1e:b5:81:44:21:
2e:2b:a4:bf:d6:d0:6f:44:88:83:72:16:e2:ec:af:
39:8e:b5:d6:75:6d:c6:81:fa:5a:ec:0b:55:6a:f4:
9d:b8:ad:cd:d9:80:49:bb:8d:5b:a9:0d:53:43:fd:
19:8d:67:22:a0:c5:40:42:d7:e8:1b:87:49:8a:02:
83:26:ed:41:7a:9a:12:25:34:44:42:f8:65:a3:09:
4b:b0:c7:51:1f:a2:89:15:61:6c:a2:54:13:ed:90:
45:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:AB:60:02:91:B3:8B:CE:23:51:F9:E7:3B:88:51:DD:57:19:9E:1C
X509v3 Authority Key Identifier:
keyid:1B:62:3D:BA:62:B8:57:CA:73:D8:A8:0A:11:99:0F:71:E0:4E:7D:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2I9umK4V8pz2KgKEZkPceBOfbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/0a0e4d-4e75-49a5-bd0c-1a5c7635588b/1/1-6tgApGzi84jUfnnO4hR3VcZnhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/0a0e4d-4e75-49a5-bd0c-1a5c7635588b/1/G2I9umK4V8pz2KgKEZkPceBOfbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.153.0/24
Signature Algorithm: sha256WithRSAEncryption
13:55:bf:e4:1a:7b:f8:49:bc:30:7b:2d:b0:06:4b:2d:e5:09:
e9:5b:46:0d:0c:b0:8c:80:3b:d9:c1:62:71:8b:57:19:38:14:
05:fd:74:9e:98:0d:c2:1f:ca:9d:f7:6f:e3:9c:3f:cb:88:54:
60:58:7b:bd:74:5d:a0:a8:cb:80:be:a8:76:34:b2:7d:2c:24:
42:c1:4f:f4:b0:fe:3f:13:23:66:58:85:7e:93:90:92:6c:58:
b4:35:de:f3:18:ae:5f:25:09:98:bf:b6:bd:ae:e6:fe:42:f7:
fe:74:be:0f:b1:99:bb:21:49:1e:e4:f4:8e:01:f8:92:93:df:
42:33:c1:6b:2e:28:e4:c4:2a:cc:52:62:39:ba:ee:38:31:89:
75:22:a8:7f:a9:4d:21:b8:8b:58:c5:a3:ec:d9:cf:91:18:9e:
4c:17:ad:90:85:df:60:b9:23:08:2e:17:96:0b:a2:32:0c:a0:
ca:c9:c8:75:d9:bb:9b:4b:39:68:1f:d2:b4:28:31:77:4e:e4:
b6:b5:9a:9f:14:5d:f9:88:c4:38:5f:b9:d3:48:bf:da:49:84:
d9:19:d1:05:bb:f6:65:3c:03:36:e2:29:33:c5:50:ab:98:4c:
7d:6d:b9:d3:64:8c:03:6c:b4:c8:99:da:51:50:f1:f3:a5:1f:
30:76:5c:28
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnR3iW9KbM7AQvRH2LtZ3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjIzZGJhNjJiODU3Y2E3M2Q4YTgwYTExOTkwZjcxZTA0
ZTdkYjYwHhcNMjUwMTAyMTM0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmFiNjAwMjkxYjM4YmNlMjM1MWY5ZTczYjg4NTFkZDU3MTk5ZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMvydtRv4rq1T7hMciVQRwat7WZZ
0y6bP30S8mIxPbFFtpZqrioazXjWGOJ6BImqxA1a7U03Y16YdLgwx6xDWI2fFBC7
MfcbnFShyP/MllbWLSeyMNhqUGCkFQlK3Ff9GFhVrk8NxsyISfwsPvfrwy/S6Jdt
wpPxkp69fgjgh0fUopXGNgVbS1etI0Yzhs0IxoopxNPmqzJT3HIxot5pHrWBRCEu
K6S/1tBvRIiDchbi7K85jrXWdW3Ggfpa7AtVavSduK3N2YBJu41bqQ1TQ/0ZjWci
oMVAQtfoG4dJigKDJu1BepoSJTREQvhlowlLsMdRH6KJFWFsolQT7ZBFHQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPurYAKRs4vOI1H55zuIUd1XGZ4cMB8GA1UdIwQY
MBaAFBtiPbpiuFfKc9ioChGZD3HgTn22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJJOXVtSzRWOHB6MktnS0Vaa1BjZUJPZmJZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8wYTBlNGQtNGU3NS00OWE1LWJkMGMt
MWE1Yzc2MzU1ODhiLzEvMS02dGdBcEd6aTg0alVmbm5PNGhSM1ZjWm5ody5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjQvMGEwZTRkLTRlNzUtNDlhNS1iZDBjLTFhNWM3NjM1NTg4
Yi8xL0cySTl1bUs0VjhwejJLZ0tFWmtQY2VCT2ZiWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMrmTAN
BgkqhkiG9w0BAQsFAAOCAQEAE1W/5Bp7+Em8MHstsAZLLeUJ6VtGDQywjIA72cFi
cYtXGTgUBf10npgNwh/Knfdv45w/y4hUYFh7vXRdoKjLgL6odjSyfSwkQsFP9LD+
PxMjZliFfpOQkmxYtDXe8xiuXyUJmL+2va7m/kL3/nS+D7GZuyFJHuT0jgH4kpPf
QjPBay4o5MQqzFJiObruODGJdSKof6lNIbiLWMWj7NnPkRieTBetkIXfYLkjCC4X
lguiMgygysnIddm7m0s5aB/StCgxd07ktrWanxRd+YjEOF+500i/2kmE2RnRBbv2
ZTwDNuIpM8VQq5hMfW2502SMA2y0yJnaUVDx86UfMHZcKA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:15 2025 by rpki-client