Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/0a0e4d-4e75-49a5-bd0c-1a5c7635588b/1/9xgZErddyKytbUnn_bXoPXSZxBo.roa
File: 9xgZErddyKytbUnn_bXoPXSZxBo.roa (raw, json)
Hash identifier: lz/7jvkrOD0GB/yHUcge9P2FdOmIq2uWhBcr3Wtaz4Y=
Subject key identifier: F7:18:19:12:B7:5D:C8:AC:AD:6D:49:E7:FD:B5:E8:3D:74:99:C4:1A
Certificate issuer: /CN=1b623dba62b857ca73d8a80a11990f71e04e7db6
Certificate serial: 018B9478071C289C0E106090F339A7450DB8
Authority key identifier: 1B:62:3D:BA:62:B8:57:CA:73:D8:A8:0A:11:99:0F:71:E0:4E:7D:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2I9umK4V8pz2KgKEZkPceBOfbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/0a0e4d-4e75-49a5-bd0c-1a5c7635588b/1/9xgZErddyKytbUnn_bXoPXSZxBo.roa
Signing time: Fri 03 Nov 2023 09:16:15 +0000
ROA not before: Fri 03 Nov 2023 09:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6730
IP address blocks: 195.43.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:78:07:1c:28:9c:0e:10:60:90:f3:39:a7:45:0d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b623dba62b857ca73d8a80a11990f71e04e7db6
Validity
Not Before: Nov 3 09:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7181912b75dc8acad6d49e7fdb5e83d7499c41a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:bd:d6:d7:fc:8a:f3:d7:61:c1:9e:99:f2:1f:
c0:11:a8:42:02:bc:e9:03:33:dd:be:1f:d7:54:6f:
b2:06:9b:0d:1d:5f:1b:86:f1:06:3f:28:da:d0:74:
fd:89:5f:76:b7:16:36:f8:e9:e4:bf:b5:0d:15:43:
04:86:4e:ce:1b:5e:cc:9b:34:8e:5c:71:67:23:0b:
ac:02:04:58:5c:48:5a:42:ce:7d:73:69:39:13:e3:
e8:22:43:73:4a:26:5a:19:e2:37:30:ea:b9:72:bd:
61:07:b7:d4:e2:de:a1:65:e3:73:45:4d:ef:07:8f:
62:f4:25:68:11:82:7e:a7:31:0a:ae:7f:72:b4:7d:
ea:ee:16:51:2b:72:cf:ba:82:be:d6:2b:6a:cc:9f:
13:d8:ae:1d:75:6a:55:3d:ef:8e:c5:42:7c:5a:71:
18:31:20:b8:b6:df:1c:6f:17:4f:97:2a:b7:ca:c2:
31:fc:c1:35:de:69:f6:94:d5:2a:71:19:88:91:ca:
0c:71:aa:45:83:94:af:fb:68:99:a2:6d:bd:e9:00:
2f:c5:6f:ef:ef:bf:93:35:b7:34:9a:0c:3c:37:d4:
f4:3e:4c:a6:71:77:c4:d6:70:ff:7f:e6:0d:d6:5c:
96:ca:17:e6:b7:a1:c1:98:84:65:d9:72:72:cb:e3:
25:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:18:19:12:B7:5D:C8:AC:AD:6D:49:E7:FD:B5:E8:3D:74:99:C4:1A
X509v3 Authority Key Identifier:
keyid:1B:62:3D:BA:62:B8:57:CA:73:D8:A8:0A:11:99:0F:71:E0:4E:7D:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2I9umK4V8pz2KgKEZkPceBOfbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/0a0e4d-4e75-49a5-bd0c-1a5c7635588b/1/9xgZErddyKytbUnn_bXoPXSZxBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/0a0e4d-4e75-49a5-bd0c-1a5c7635588b/1/G2I9umK4V8pz2KgKEZkPceBOfbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.153.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:70:4f:85:a6:0f:a2:19:85:12:8e:ae:8a:cf:f9:51:ed:da:
cf:a0:04:d7:43:fc:a6:89:e6:3d:cb:dd:43:1c:12:65:62:03:
6b:81:04:bf:86:3f:a1:4b:7e:73:e0:2f:a3:cb:1a:1f:32:35:
b3:d3:ca:88:84:89:41:36:f1:2d:93:7e:7a:3d:a2:de:17:73:
ef:83:1a:6a:4f:d9:dc:77:c0:8f:03:7a:ff:c2:d7:fb:76:88:
e5:75:34:9e:91:f3:b8:a0:e0:cd:37:96:a4:32:30:4c:f2:28:
ea:80:3c:ad:4f:3c:ff:81:56:a4:ea:13:ce:98:29:e3:82:b6:
e9:26:d1:11:c1:03:35:ca:ef:f1:86:d7:83:3a:af:1c:6e:f6:
62:49:06:de:a8:15:50:f5:b1:19:ae:0a:80:99:8a:d2:9b:82:
6a:01:34:4a:96:5f:8e:23:81:89:8e:d1:57:88:ec:87:d0:7d:
57:9f:42:c4:7e:e6:cd:5b:ca:b4:29:c5:a4:91:3d:5d:6d:4d:
13:a8:31:10:27:35:db:71:db:a4:94:13:13:dc:f1:6d:71:4c:
b1:2e:04:2a:8b:8b:96:a7:a3:d4:d2:c1:2f:2d:ac:36:5a:a8:
d9:a7:75:e9:f1:48:62:24:ca:92:aa:8c:f7:69:d0:b5:ad:b9:
2a:d0:11:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuUeAccKJwOEGCQ8zmnRQ24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjIzZGJhNjJiODU3Y2E3M2Q4YTgwYTExOTkwZjcxZTA0
ZTdkYjYwHhcNMjMxMTAzMDkxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzE4MTkxMmI3NWRjOGFjYWQ2ZDQ5ZTdmZGI1ZTgzZDc0OTljNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiL3W1/yK89dhwZ6Z8h/AEahCArzp
AzPdvh/XVG+yBpsNHV8bhvEGPyja0HT9iV92txY2+Onkv7UNFUMEhk7OG17MmzSO
XHFnIwusAgRYXEhaQs59c2k5E+PoIkNzSiZaGeI3MOq5cr1hB7fU4t6hZeNzRU3v
B49i9CVoEYJ+pzEKrn9ytH3q7hZRK3LPuoK+1itqzJ8T2K4ddWpVPe+OxUJ8WnEY
MSC4tt8cbxdPlyq3ysIx/ME13mn2lNUqcRmIkcoMcapFg5Sv+2iZom296QAvxW/v
77+TNbc0mgw8N9T0PkymcXfE1nD/f+YN1lyWyhfmt6HBmIRl2XJyy+Ml3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPcYGRK3XcisrW1J5/216D10mcQaMB8GA1UdIwQY
MBaAFBtiPbpiuFfKc9ioChGZD3HgTn22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJJOXVtSzRWOHB6MktnS0Vaa1BjZUJPZmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8wYTBlNGQtNGU3NS00OWE1LWJkMGMt
MWE1Yzc2MzU1ODhiLzEvOXhnWkVyZGR5S3l0YlVubl9iWG9QWFNaeEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8wYTBlNGQtNGU3NS00OWE1LWJkMGMtMWE1Yzc2MzU1ODhi
LzEvRzJJOXVtSzRWOHB6MktnS0Vaa1BjZUJPZmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyuZMA0G
CSqGSIb3DQEBCwUAA4IBAQC5cE+Fpg+iGYUSjq6Kz/lR7drPoATXQ/ymieY9y91D
HBJlYgNrgQS/hj+hS35z4C+jyxofMjWz08qIhIlBNvEtk356PaLeF3PvgxpqT9nc
d8CPA3r/wtf7dojldTSekfO4oODNN5akMjBM8ijqgDytTzz/gVak6hPOmCnjgrbp
JtERwQM1yu/xhteDOq8cbvZiSQbeqBVQ9bEZrgqAmYrSm4JqATRKll+OI4GJjtFX
iOyH0H1Xn0LEfubNW8q0KcWkkT1dbU0TqDEQJzXbcduklBMT3PFtcUyxLgQqi4uW
p6PU0sEvLaw2WqjZp3Xp8UhiJMqSqoz3adC1rbkq0BHB
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:32:22 2025 by rpki-client