Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/1vvIkvJGRy621vVPsoLS7KLp9WQ.roa
File: 1vvIkvJGRy621vVPsoLS7KLp9WQ.roa (raw, json)
Hash identifier: AaLmkGEE5WFi/MsCmNoVGVjYg2GotUKYwJ8yvjW+a60=
Subject key identifier: D6:FB:C8:92:F2:46:47:2E:B6:D6:F5:4F:B2:82:D2:EC:A2:E9:F5:64
Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Certificate serial: 01942368EA423373E9DDFD8075E4B1467FE2
Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/1vvIkvJGRy621vVPsoLS7KLp9WQ.roa
Signing time: Wed 01 Jan 2025 19:47:45 +0000
ROA not before: Wed 01 Jan 2025 19:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 195.43.44.0/24 maxlen: 24
195.43.46.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:ea:42:33:73:e9:dd:fd:80:75:e4:b1:46:7f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Validity
Not Before: Jan 1 19:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6fbc892f246472eb6d6f54fb282d2eca2e9f564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:96:c9:e2:90:26:01:42:52:ed:71:79:58:15:
e6:90:61:43:56:a6:2b:fe:fe:43:a1:49:67:32:30:
b6:c5:57:88:98:0b:23:9b:03:b0:30:6e:c8:5b:32:
82:7a:77:72:12:90:89:52:d5:dc:52:9d:c6:78:73:
00:3e:0f:95:51:60:cc:59:33:9a:72:ed:b7:51:eb:
fb:9a:cb:9e:fd:00:dd:e3:d8:d1:11:2d:78:6a:4b:
63:e1:74:ca:05:f6:fb:ca:90:d3:d8:af:0a:82:c5:
6d:46:a7:dd:73:41:5e:e9:7b:bc:9e:0b:3e:c6:9d:
d5:4c:fe:73:29:87:62:07:a6:5d:b1:14:70:5d:b1:
bf:6e:81:cb:e7:72:02:53:a0:e3:e2:8e:06:0a:61:
51:c6:0f:8d:0d:fc:68:d7:56:96:02:6c:96:e9:fc:
ab:0b:9f:8b:d2:6c:b4:77:37:9b:ef:8c:1b:c0:12:
45:85:55:44:28:3e:36:a9:1e:55:56:98:2b:22:aa:
82:47:05:88:2d:43:46:54:cf:e5:76:4a:69:ff:c0:
65:24:e9:e8:39:4e:3a:9c:0f:09:6d:44:44:b6:5e:
96:f1:ab:a5:11:f3:48:b8:9e:09:39:d0:ca:52:26:
ba:5f:1f:0c:3a:8a:33:bf:82:d5:ee:26:91:db:66:
3c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:FB:C8:92:F2:46:47:2E:B6:D6:F5:4F:B2:82:D2:EC:A2:E9:F5:64
X509v3 Authority Key Identifier:
keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/1vvIkvJGRy621vVPsoLS7KLp9WQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.44.0/24
195.43.46.0/24
Signature Algorithm: sha256WithRSAEncryption
53:eb:98:06:20:b2:fe:fd:9a:4e:fb:bc:f0:2b:78:ce:01:78:
9f:55:1b:45:64:d4:d6:b9:2c:98:4f:52:7c:7b:c0:26:fe:e7:
74:a6:26:98:b2:86:ee:c3:37:ff:55:cb:5a:75:c6:4b:d7:72:
e5:0a:6a:be:5a:15:af:1f:4d:00:70:0f:c9:54:35:ca:10:79:
4e:0c:56:41:d9:24:6e:b6:06:b9:1f:b9:51:62:0c:3b:ed:3d:
ce:64:4b:f9:06:fe:1c:f1:2a:74:66:60:5b:00:87:f2:cf:33:
d7:d7:68:b3:2e:f6:a6:e0:7d:0d:d5:3e:a1:d6:61:f0:df:64:
30:38:5f:60:41:2f:d8:0c:34:da:be:a2:64:32:f4:11:56:d4:
99:27:aa:5e:dc:64:38:f5:c8:4d:6e:c7:d8:0a:39:23:f6:1d:
36:c8:22:f9:6e:95:84:69:2a:3f:7a:d9:a9:be:00:bf:d8:3d:
93:a7:a8:6a:d1:52:66:f9:bb:7b:f2:cd:eb:e9:dc:54:13:d0:
17:b9:fe:c1:29:dc:49:1d:5f:e3:60:32:d9:e8:da:f4:ab:22:
92:41:f6:1a:2e:d6:75:15:e2:09:a4:5a:0c:5e:ab:ef:10:34:
7c:01:0a:6e:93:83:c7:74:3b:c4:c6:d8:37:4b:39:44:ff:3e:
fa:3b:66:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjaOpCM3Pp3f2AdeSxRn/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz
ZTRhNDgwHhcNMjUwMTAxMTk0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmZiYzg5MmYyNDY0NzJlYjZkNmY1NGZiMjgyZDJlY2EyZTlmNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25bJ4pAmAUJS7XF5WBXmkGFDVqYr
/v5DoUlnMjC2xVeImAsjmwOwMG7IWzKCendyEpCJUtXcUp3GeHMAPg+VUWDMWTOa
cu23Uev7msue/QDd49jRES14aktj4XTKBfb7ypDT2K8KgsVtRqfdc0Fe6Xu8ngs+
xp3VTP5zKYdiB6ZdsRRwXbG/boHL53ICU6Dj4o4GCmFRxg+NDfxo11aWAmyW6fyr
C5+L0my0dzeb74wbwBJFhVVEKD42qR5VVpgrIqqCRwWILUNGVM/ldkpp/8BlJOno
OU46nA8JbUREtl6W8aulEfNIuJ4JOdDKUia6Xx8MOoozv4LV7iaR22Y8FwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNb7yJLyRkcuttb1T7KC0uyi6fVkMB8GA1UdIwQY
MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt
NTEwNTI1YzQ3NDRjLzEvMXZ2SWt2SkdSeTYyMXZWUHNvTFM3S0xwOVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj
LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwyssAwQA
wysuMA0GCSqGSIb3DQEBCwUAA4IBAQBT65gGILL+/ZpO+7zwK3jOAXifVRtFZNTW
uSyYT1J8e8Am/ud0piaYsobuwzf/VctadcZL13LlCmq+WhWvH00AcA/JVDXKEHlO
DFZB2SRutga5H7lRYgw77T3OZEv5Bv4c8Sp0ZmBbAIfyzzPX12izLvam4H0N1T6h
1mHw32QwOF9gQS/YDDTavqJkMvQRVtSZJ6pe3GQ49chNbsfYCjkj9h02yCL5bpWE
aSo/etmpvgC/2D2Tp6hq0VJm+bt78s3r6dxUE9AXuf7BKdxJHV/jYDLZ6Nr0qyKS
QfYaLtZ1FeIJpFoMXqvvEDR8AQpuk4PHdDvExtg3SzlE/z76O2aV
-----END CERTIFICATE-----
Generated at Thu Apr 10 18:37:19 2025 by rpki-client