Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/fb618e-a4cc-4e83-b188-5afe5d237f1e/1/0cGFvAGEUOBndphMmFuwDdd0bJQ.roa
File: 0cGFvAGEUOBndphMmFuwDdd0bJQ.roa (raw, json)
Hash identifier: at0GW5r8ykdlNTmLelzhjplITQ6Rxb3jkNP3IKfKkkQ=
Subject key identifier: D1:C1:85:BC:01:84:50:E0:67:76:98:4C:98:5B:B0:0D:D7:74:6C:94
Certificate issuer: /CN=f5541f8a3dddc58d5cff42b60f8e7d29cd761ba5
Certificate serial: 018CC50084503C68E07822398EA373EDF194
Authority key identifier: F5:54:1F:8A:3D:DD:C5:8D:5C:FF:42:B6:0F:8E:7D:29:CD:76:1B:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9VQfij3dxY1c_0K2D459Kc12G6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/fb618e-a4cc-4e83-b188-5afe5d237f1e/1/0cGFvAGEUOBndphMmFuwDdd0bJQ.roa
Signing time: Mon 01 Jan 2024 12:29:54 +0000
ROA not before: Mon 01 Jan 2024 12:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8775
IP address blocks: 195.69.157.0/24 maxlen: 24
195.69.156.0/22 maxlen: 22
195.69.156.0/24 maxlen: 24
195.69.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:84:50:3c:68:e0:78:22:39:8e:a3:73:ed:f1:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5541f8a3dddc58d5cff42b60f8e7d29cd761ba5
Validity
Not Before: Jan 1 12:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1c185bc018450e06776984c985bb00dd7746c94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:30:3e:24:9b:54:8a:4b:3e:6e:91:e0:6e:80:
49:f4:98:5a:be:e9:e9:2f:4e:d7:74:48:b3:a2:0c:
c2:a0:8c:26:f1:20:86:11:9b:98:9b:f1:2f:25:ae:
27:39:39:2f:aa:07:32:69:f4:d9:ed:52:ac:0d:c4:
e1:23:8b:2b:76:72:da:50:08:bc:99:d4:a3:b4:b0:
dc:88:3f:00:d8:21:3b:99:32:88:22:4f:97:c1:e5:
a9:2d:86:b8:b8:7f:59:34:9c:88:db:53:15:f7:0c:
f3:5c:8b:27:6b:1d:0a:06:2a:f9:d4:06:72:7a:20:
e5:bf:b7:e1:16:92:91:8c:1f:6a:db:98:f5:7f:64:
7f:6a:0d:ba:fb:56:db:16:66:0a:33:4f:20:a7:78:
a2:c1:6f:cd:7e:a0:6b:e6:bb:10:b3:41:e5:8f:f1:
39:c6:57:01:4f:c2:c2:13:75:11:2e:c9:41:0c:a1:
47:e7:a5:c4:5f:34:3f:8c:69:4f:c5:2f:6e:59:27:
5c:9e:62:30:57:99:6c:f8:68:2c:fd:aa:7c:e2:15:
c5:68:09:dd:88:93:26:44:bb:5e:f9:74:72:20:c1:
16:4b:54:ae:4b:c9:df:b8:70:9d:4d:53:3d:06:60:
3d:c0:a2:11:2b:bd:41:2b:e3:4d:ca:7f:8f:ec:3e:
a6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C1:85:BC:01:84:50:E0:67:76:98:4C:98:5B:B0:0D:D7:74:6C:94
X509v3 Authority Key Identifier:
keyid:F5:54:1F:8A:3D:DD:C5:8D:5C:FF:42:B6:0F:8E:7D:29:CD:76:1B:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9VQfij3dxY1c_0K2D459Kc12G6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/fb618e-a4cc-4e83-b188-5afe5d237f1e/1/0cGFvAGEUOBndphMmFuwDdd0bJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/fb618e-a4cc-4e83-b188-5afe5d237f1e/1/9VQfij3dxY1c_0K2D459Kc12G6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.69.156.0/22
Signature Algorithm: sha256WithRSAEncryption
50:89:e8:7d:ef:24:7b:15:a9:03:6c:ae:52:2b:8b:10:6f:e5:
df:b8:5d:38:6b:8c:8b:23:f0:f5:96:86:37:d6:4a:17:c8:f4:
40:36:cb:94:ad:bd:9d:fb:74:b4:ae:84:95:fc:6b:7e:1e:30:
26:72:18:c5:47:a4:54:d8:79:fc:88:f7:36:93:00:49:3d:25:
ed:07:dc:6a:b9:ee:83:e6:a2:e3:f7:f2:ae:e5:9b:cb:dc:b5:
db:1e:0b:e8:25:fd:1e:02:8e:3f:b7:b4:3a:03:b4:2a:44:19:
39:36:36:83:11:f9:8a:29:fa:2b:b7:a2:49:25:b3:8b:87:be:
27:11:18:a7:3f:df:df:27:b2:4c:07:0c:ca:26:00:3b:97:92:
ed:71:a6:6a:c6:7b:3f:3c:46:b1:64:8b:8e:03:56:2c:08:99:
b5:2c:4e:f7:fc:c9:e0:df:df:6a:5b:1f:0e:92:ad:0f:9f:91:
d1:0d:54:8c:60:12:f5:cf:6e:18:e6:bd:64:c9:83:a7:de:7e:
c5:c3:b6:a0:a5:f6:53:14:f3:05:96:9e:38:4e:c2:4d:2c:e7:
f6:12:8a:0e:45:27:d4:4c:bd:0f:1f:f1:6e:d6:be:3a:12:83:
1d:5a:6e:15:ac:f1:8d:74:fe:6a:49:85:4f:49:ed:da:10:9d:
6d:91:1e:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAIRQPGjgeCI5jqNz7fGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NTQxZjhhM2RkZGM1OGQ1Y2ZmNDJiNjBmOGU3ZDI5Y2Q3
NjFiYTUwHhcNMjQwMTAxMTIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWMxODViYzAxODQ1MGUwNjc3Njk4NGM5ODViYjAwZGQ3NzQ2Yzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zA+JJtUiks+bpHgboBJ9Jhavunp
L07XdEizogzCoIwm8SCGEZuYm/EvJa4nOTkvqgcyafTZ7VKsDcThI4srdnLaUAi8
mdSjtLDciD8A2CE7mTKIIk+XweWpLYa4uH9ZNJyI21MV9wzzXIsnax0KBir51AZy
eiDlv7fhFpKRjB9q25j1f2R/ag26+1bbFmYKM08gp3iiwW/NfqBr5rsQs0Hlj/E5
xlcBT8LCE3URLslBDKFH56XEXzQ/jGlPxS9uWSdcnmIwV5ls+Ggs/ap84hXFaAnd
iJMmRLte+XRyIMEWS1SuS8nfuHCdTVM9BmA9wKIRK71BK+NNyn+P7D6mUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHBhbwBhFDgZ3aYTJhbsA3XdGyUMB8GA1UdIwQY
MBaAFPVUH4o93cWNXP9Ctg+OfSnNdhulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVZRZmlqM2R4WTFjXzBLMkQ0NTlLYzEyRzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9mYjYxOGUtYTRjYy00ZTgzLWIxODgt
NWFmZTVkMjM3ZjFlLzEvMGNHRnZBR0VVT0JuZHBoTW1GdXdEZGQwYkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9mYjYxOGUtYTRjYy00ZTgzLWIxODgtNWFmZTVkMjM3ZjFl
LzEvOVZRZmlqM2R4WTFjXzBLMkQ0NTlLYzEyRzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw0WcMA0G
CSqGSIb3DQEBCwUAA4IBAQBQieh97yR7FakDbK5SK4sQb+XfuF04a4yLI/D1loY3
1koXyPRANsuUrb2d+3S0roSV/Gt+HjAmchjFR6RU2Hn8iPc2kwBJPSXtB9xque6D
5qLj9/Ku5ZvL3LXbHgvoJf0eAo4/t7Q6A7QqRBk5NjaDEfmKKfort6JJJbOLh74n
ERinP9/fJ7JMBwzKJgA7l5LtcaZqxns/PEaxZIuOA1YsCJm1LE73/Mng399qWx8O
kq0Pn5HRDVSMYBL1z24Y5r1kyYOn3n7Fw7agpfZTFPMFlp44TsJNLOf2EooORSfU
TL0PH/Fu1r46EoMdWm4VrPGNdP5qSYVPSe3aEJ1tkR4v
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:08:58 2025 by rpki-client