Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/fb618e-a4cc-4e83-b188-5afe5d237f1e/1/1-hghSvdWDJ4cgklfEHJCmH-i2HY.roa
File: 1-hghSvdWDJ4cgklfEHJCmH-i2HY.roa (raw, json)
Hash identifier: 9gnsVG36wbZ3pUIR+DkcphTBC5ibiqw8wibStl0C6yA=
Subject key identifier: FA:18:21:4A:F7:56:0C:9E:1C:82:49:5F:10:72:42:98:7F:A2:D8:76
Certificate issuer: /CN=f5541f8a3dddc58d5cff42b60f8e7d29cd761ba5
Certificate serial: 018CC50084B050702675CED92D75659ED957
Authority key identifier: F5:54:1F:8A:3D:DD:C5:8D:5C:FF:42:B6:0F:8E:7D:29:CD:76:1B:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9VQfij3dxY1c_0K2D459Kc12G6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/fb618e-a4cc-4e83-b188-5afe5d237f1e/1/1-hghSvdWDJ4cgklfEHJCmH-i2HY.roa
Signing time: Mon 01 Jan 2024 12:29:54 +0000
ROA not before: Mon 01 Jan 2024 12:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31656
IP address blocks: 195.69.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:84:b0:50:70:26:75:ce:d9:2d:75:65:9e:d9:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5541f8a3dddc58d5cff42b60f8e7d29cd761ba5
Validity
Not Before: Jan 1 12:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa18214af7560c9e1c82495f107242987fa2d876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:17:0b:c5:15:97:49:5c:36:1d:bf:2e:55:31:
b8:2e:a1:3e:37:92:dc:0f:a4:66:98:44:87:68:b6:
6e:1e:c6:19:ea:63:8a:da:75:21:59:ab:8a:37:29:
eb:ef:97:54:e9:a8:b6:36:23:81:0c:aa:d5:03:69:
4c:bf:0d:92:e4:b8:c0:ef:44:04:5c:c7:6a:c1:03:
12:ff:04:71:de:6a:13:4e:9a:63:65:c0:46:f0:07:
24:50:18:8f:de:86:b6:15:9b:ad:da:58:10:a7:0b:
1c:4c:d6:22:58:65:c9:bf:4f:c0:f8:b0:f5:f5:0e:
b9:ab:af:fe:86:c6:96:87:32:11:1d:6a:14:8d:f5:
d3:d6:7f:92:a3:f1:f6:a6:f4:9a:ed:6d:d1:ee:ee:
fa:c9:b1:ae:cd:7e:d3:af:37:a0:7e:02:a6:43:0e:
5a:43:8f:b9:a4:93:df:05:c9:7b:64:eb:0a:1b:fb:
70:ba:50:0e:8b:e7:1d:70:8f:45:19:25:7d:0c:1b:
6e:7f:e0:c1:48:fb:50:94:77:ae:be:c4:a5:12:ff:
3a:92:0a:eb:b3:28:68:a6:1d:7e:95:74:8c:99:10:
1b:e5:9a:e1:a7:d0:03:3d:fb:70:3a:9f:60:ab:ba:
8e:18:f4:00:75:9b:c8:38:18:f0:ae:e2:e3:38:d1:
6f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:18:21:4A:F7:56:0C:9E:1C:82:49:5F:10:72:42:98:7F:A2:D8:76
X509v3 Authority Key Identifier:
keyid:F5:54:1F:8A:3D:DD:C5:8D:5C:FF:42:B6:0F:8E:7D:29:CD:76:1B:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9VQfij3dxY1c_0K2D459Kc12G6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/fb618e-a4cc-4e83-b188-5afe5d237f1e/1/1-hghSvdWDJ4cgklfEHJCmH-i2HY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/fb618e-a4cc-4e83-b188-5afe5d237f1e/1/9VQfij3dxY1c_0K2D459Kc12G6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.69.158.0/24
Signature Algorithm: sha256WithRSAEncryption
59:0f:76:72:c5:8f:b6:34:5a:30:1c:87:26:10:70:0f:8a:e8:
55:78:16:91:fd:df:8b:51:37:f6:d9:43:c6:9f:81:73:07:ea:
33:74:f5:d8:de:08:3e:79:31:c8:2b:44:c9:11:3b:f6:9e:a7:
f3:88:43:85:2e:fb:bb:6f:b4:ff:93:b1:7c:ae:24:4b:03:c7:
c5:41:19:96:96:ac:36:d1:7b:8a:71:d0:a8:15:bd:c1:46:2c:
14:f9:17:46:8e:51:a7:57:72:e4:fe:53:8e:52:cb:d4:ee:7e:
5c:bd:9e:a7:7a:3f:0f:99:95:c9:56:18:66:73:91:e6:17:18:
97:70:37:bb:d3:d5:b5:87:12:84:61:ca:50:5d:fb:0e:ff:4c:
77:6e:a6:0c:02:9b:7d:e2:ed:8b:69:15:4f:59:89:57:ba:37:
cd:1e:67:f2:16:2f:8e:01:5a:86:c4:90:4d:72:ef:5d:1c:b9:
50:05:d5:5d:f4:49:2b:0b:71:57:ec:4d:8e:d8:0a:92:18:34:
f0:45:2c:77:ad:a4:9d:ce:37:a4:0b:59:c8:f7:19:2e:57:4c:
85:1f:0b:5d:66:1e:79:02:21:f2:04:9b:11:c1:d3:16:db:22:
51:78:dc:12:73:86:12:75:1b:21:54:d0:d3:46:67:32:eb:2d:
b5:f2:fa:4a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFAISwUHAmdc7ZLXVlntlXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NTQxZjhhM2RkZGM1OGQ1Y2ZmNDJiNjBmOGU3ZDI5Y2Q3
NjFiYTUwHhcNMjQwMTAxMTIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTE4MjE0YWY3NTYwYzllMWM4MjQ5NWYxMDcyNDI5ODdmYTJkODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRcLxRWXSVw2Hb8uVTG4LqE+N5Lc
D6RmmESHaLZuHsYZ6mOK2nUhWauKNynr75dU6ai2NiOBDKrVA2lMvw2S5LjA70QE
XMdqwQMS/wRx3moTTppjZcBG8AckUBiP3oa2FZut2lgQpwscTNYiWGXJv0/A+LD1
9Q65q6/+hsaWhzIRHWoUjfXT1n+So/H2pvSa7W3R7u76ybGuzX7TrzegfgKmQw5a
Q4+5pJPfBcl7ZOsKG/twulAOi+cdcI9FGSV9DBtuf+DBSPtQlHeuvsSlEv86kgrr
syhoph1+lXSMmRAb5Zrhp9ADPftwOp9gq7qOGPQAdZvIOBjwruLjONFv6QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPoYIUr3VgyeHIJJXxByQph/oth2MB8GA1UdIwQY
MBaAFPVUH4o93cWNXP9Ctg+OfSnNdhulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVZRZmlqM2R4WTFjXzBLMkQ0NTlLYzEyRzZVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9mYjYxOGUtYTRjYy00ZTgzLWIxODgt
NWFmZTVkMjM3ZjFlLzEvMS1oZ2hTdmRXREo0Y2drbGZFSEpDbUgtaTJIWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjcvZmI2MThlLWE0Y2MtNGU4My1iMTg4LTVhZmU1ZDIzN2Yx
ZS8xLzlWUWZpajNkeFkxY18wSzJENDU5S2MxMkc2VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMNFnjAN
BgkqhkiG9w0BAQsFAAOCAQEAWQ92csWPtjRaMByHJhBwD4roVXgWkf3fi1E39tlD
xp+BcwfqM3T12N4IPnkxyCtEyRE79p6n84hDhS77u2+0/5OxfK4kSwPHxUEZlpas
NtF7inHQqBW9wUYsFPkXRo5Rp1dy5P5TjlLL1O5+XL2ep3o/D5mVyVYYZnOR5hcY
l3A3u9PVtYcShGHKUF37Dv9Md26mDAKbfeLti2kVT1mJV7o3zR5n8hYvjgFahsSQ
TXLvXRy5UAXVXfRJKwtxV+xNjtgKkhg08EUsd62knc43pAtZyPcZLldMhR8LXWYe
eQIh8gSbEcHTFtsiUXjcEnOGEnUbIVTQ00ZnMusttfL6Sg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:16:00 2025 by rpki-client