Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/JgnkWIw228i4HQjMfnwN_P9uAEA.roa
File: JgnkWIw228i4HQjMfnwN_P9uAEA.roa (raw, json)
Hash identifier: LESUzATCT3c5Q4Rd0nb+4+/N906ezy0GQDW6sfJ82Qk=
Subject key identifier: 26:09:E4:58:8C:36:DB:C8:B8:1D:08:CC:7E:7C:0D:FC:FF:6E:00:40
Certificate issuer: /CN=05ae5f23db983fd136ae9d71e87e1e5130bcf6d4
Certificate serial: 01928E88532AB54CCCF7BE3757223FEE6A1F
Authority key identifier: 05:AE:5F:23:DB:98:3F:D1:36:AE:9D:71:E8:7E:1E:51:30:BC:F6:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/JgnkWIw228i4HQjMfnwN_P9uAEA.roa
Signing time: Tue 15 Oct 2024 04:55:51 +0000
ROA not before: Tue 15 Oct 2024 04:55:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48840
IP address blocks: 95.129.8.0/21 maxlen: 21
95.129.8.0/24 maxlen: 24
95.129.9.0/24 maxlen: 24
95.129.10.0/24 maxlen: 24
95.129.11.0/24 maxlen: 24
95.129.12.0/24 maxlen: 24
95.129.13.0/24 maxlen: 24
95.129.14.0/24 maxlen: 24
95.129.15.0/24 maxlen: 24
2a05:e940::/29 maxlen: 29
2a05:e940::/48 maxlen: 48
2a05:e940:120::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8e:88:53:2a:b5:4c:cc:f7:be:37:57:22:3f:ee:6a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05ae5f23db983fd136ae9d71e87e1e5130bcf6d4
Validity
Not Before: Oct 15 04:55:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2609e4588c36dbc8b81d08cc7e7c0dfcff6e0040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:78:dc:c1:e1:c5:9e:9b:a3:6a:5b:15:fd:52:
4e:2d:b0:7d:51:22:fb:f2:72:f8:22:9b:04:32:e5:
d3:dc:93:6f:b9:6d:d2:de:27:fc:19:e1:f2:8d:0a:
e0:ba:de:b7:5b:85:bf:42:b0:a7:16:f2:ed:80:1f:
92:b7:14:60:83:73:b0:1c:7b:6e:a6:34:35:c4:41:
d7:d7:f0:7c:9c:35:ad:2a:d4:b6:c0:14:6f:d3:b4:
b0:f5:e2:36:6f:43:f2:9f:6d:99:72:4e:57:5a:53:
11:6e:78:d9:77:96:59:8f:76:b9:0d:d3:4d:49:91:
4a:fe:8b:5c:05:ad:24:cc:be:8d:53:2e:bb:06:5c:
9b:1e:5f:0a:4a:5c:3e:91:47:81:06:0d:1f:6a:68:
0c:54:5a:42:13:5e:9a:66:fc:da:0e:47:9b:35:4b:
fd:4f:49:92:c0:cb:3c:88:dc:8b:7d:84:9e:3b:d2:
ce:a3:64:62:5a:0b:f6:58:79:6b:62:13:e1:c0:dd:
07:e8:28:bd:2b:8e:06:f3:84:fb:14:f8:28:33:17:
67:18:59:4f:39:d4:8a:66:63:4e:57:8a:6a:80:79:
17:8f:67:48:4b:ca:c1:a9:b8:46:44:2c:4b:60:42:
02:1f:4d:a0:6a:f4:c2:03:74:f1:04:7a:64:fb:9e:
6f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:09:E4:58:8C:36:DB:C8:B8:1D:08:CC:7E:7C:0D:FC:FF:6E:00:40
X509v3 Authority Key Identifier:
keyid:05:AE:5F:23:DB:98:3F:D1:36:AE:9D:71:E8:7E:1E:51:30:BC:F6:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/JgnkWIw228i4HQjMfnwN_P9uAEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.8.0/21
IPv6:
2a05:e940::/29
Signature Algorithm: sha256WithRSAEncryption
37:e3:1e:11:dc:86:46:e4:89:f5:36:8d:97:45:69:4e:c3:8b:
27:79:fb:1d:13:01:1a:64:65:7c:77:0b:43:b1:3a:c2:87:40:
99:0f:14:09:fc:84:a0:6d:7b:eb:a0:1f:1c:bf:b1:bd:3f:05:
e2:1f:64:85:92:34:fe:57:57:c4:5a:b7:73:46:7d:ae:b4:3b:
49:15:bf:ad:20:2b:65:38:2f:21:41:af:e6:5d:51:2c:82:20:
3c:31:19:ee:f3:7a:61:8a:69:8b:4a:ea:b9:f0:7d:e4:40:26:
f7:d7:f4:c6:3c:7f:1e:bb:bb:b1:ad:03:c5:c8:56:68:87:d8:
ae:cf:63:f4:34:e8:f3:f7:bc:04:2e:a3:4f:e3:ec:b0:a8:bd:
44:73:ce:d6:34:26:15:13:10:80:8f:1b:a0:71:b9:c1:ca:b4:
a6:0a:84:37:84:bf:e5:71:a3:57:79:1b:18:ee:a5:06:13:a4:
7d:66:3d:c6:48:a4:ec:d7:b1:fb:25:26:87:b1:1d:cc:16:80:
5d:1b:db:5c:f0:00:71:e1:ce:1a:a1:61:87:1f:b7:22:63:b7:
57:cb:b6:46:b0:15:bf:11:44:cd:f6:6c:ea:6a:bc:e8:7c:92:
95:53:8a:47:33:80:31:6a:1a:68:63:8a:19:8a:5f:a3:5f:35:
1f:98:b9:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKOiFMqtUzM9743VyI/7mofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YWU1ZjIzZGI5ODNmZDEzNmFlOWQ3MWU4N2UxZTUxMzBi
Y2Y2ZDQwHhcNMjQxMDE1MDQ1NTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjA5ZTQ1ODhjMzZkYmM4YjgxZDA4Y2M3ZTdjMGRmY2ZmNmUwMDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA53jcweHFnpujalsV/VJOLbB9USL7
8nL4IpsEMuXT3JNvuW3S3if8GeHyjQrgut63W4W/QrCnFvLtgB+StxRgg3OwHHtu
pjQ1xEHX1/B8nDWtKtS2wBRv07Sw9eI2b0Pyn22Zck5XWlMRbnjZd5ZZj3a5DdNN
SZFK/otcBa0kzL6NUy67BlybHl8KSlw+kUeBBg0famgMVFpCE16aZvzaDkebNUv9
T0mSwMs8iNyLfYSeO9LOo2RiWgv2WHlrYhPhwN0H6Ci9K44G84T7FPgoMxdnGFlP
OdSKZmNOV4pqgHkXj2dIS8rBqbhGRCxLYEICH02gavTCA3TxBHpk+55vQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCYJ5FiMNtvIuB0IzH58Dfz/bgBAMB8GA1UdIwQY
MBaAFAWuXyPbmD/RNq6dceh+HlEwvPbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NDVmY2ItZjQ3Mi00MDM5LThiMWQt
NDRlZmQxMzA2NTljLzEvSmdua1dJdzIyOGk0SFFqTWZud05fUDl1QUVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NDVmY2ItZjQ3Mi00MDM5LThiMWQtNDRlZmQxMzA2NTlj
LzEvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDX4EIMA0E
AgACMAcDBQMqBelAMA0GCSqGSIb3DQEBCwUAA4IBAQA34x4R3IZG5In1No2XRWlO
w4snefsdEwEaZGV8dwtDsTrCh0CZDxQJ/ISgbXvroB8cv7G9PwXiH2SFkjT+V1fE
WrdzRn2utDtJFb+tICtlOC8hQa/mXVEsgiA8MRnu83phimmLSuq58H3kQCb31/TG
PH8eu7uxrQPFyFZoh9iuz2P0NOjz97wELqNP4+ywqL1Ec87WNCYVExCAjxugcbnB
yrSmCoQ3hL/lcaNXeRsY7qUGE6R9Zj3GSKTs17H7JSaHsR3MFoBdG9tc8ABx4c4a
oWGHH7ciY7dXy7ZGsBW/EUTN9mzqarzofJKVU4pHM4AxahpoY4oZil+jXzUfmLkS
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:27:59 2025 by rpki-client