Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/x03nJasG_44xnG7Wsul_PuIHbzA.roa
File: x03nJasG_44xnG7Wsul_PuIHbzA.roa (raw, json)
Hash identifier: p1NmFznsIeEophP+vp+QYrPdHwtx8h6ut1x4wXvQ7yE=
Subject key identifier: C7:4D:E7:25:AB:06:FF:8E:31:9C:6E:D6:B2:E9:7F:3E:E2:07:6F:30
Certificate issuer: /CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Certificate serial: 09AD228C
Authority key identifier: 38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/x03nJasG_44xnG7Wsul_PuIHbzA.roa
Signing time: Sat 01 Jan 2022 05:05:33 +0000
ROA not before: Sat 01 Jan 2022 05:05:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64493
IP address blocks: 195.128.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162341516 (0x9ad228c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Validity
Not Before: Jan 1 05:05:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c74de725ab06ff8e319c6ed6b2e97f3ee2076f30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:73:f1:7e:f6:fe:1d:b4:8c:1d:6b:25:e7:ab:
d9:50:ae:b4:df:98:d6:d6:25:82:a7:5c:7a:7a:e4:
64:a2:53:01:dd:6a:1b:f7:01:8d:88:55:6d:ba:50:
ab:df:3d:95:96:fb:da:0b:c6:fd:18:ec:17:57:eb:
80:42:86:b0:c3:89:bf:d8:62:a5:d0:62:91:32:53:
39:7e:ab:e4:44:20:73:16:0a:1b:27:e0:21:64:d9:
ff:42:79:ff:af:1a:82:33:83:d1:b4:b3:0e:5f:93:
c7:34:b0:ff:4c:fa:3f:34:e7:35:a1:88:f2:b5:ce:
38:5a:45:41:4c:a2:87:96:1e:e5:4e:ca:c3:36:3c:
61:71:6f:f7:27:dc:b3:e9:16:64:82:f9:46:e5:77:
89:3a:08:22:a8:48:5a:a8:99:0c:d2:d6:4a:e0:43:
16:3a:37:85:be:42:2b:ba:0a:26:98:cf:72:70:33:
7a:71:f7:5a:4a:05:10:d7:30:35:89:e3:b4:30:94:
d2:78:a4:07:78:12:c8:c7:e6:74:cd:1a:6f:e2:e9:
c4:c9:a9:e4:a5:20:a9:8c:9e:ae:39:c5:ae:4c:2a:
9a:6c:1f:92:71:35:45:2f:7d:aa:0f:8e:17:53:d7:
45:13:26:64:8e:89:34:fb:44:46:20:c6:8e:75:d8:
74:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:4D:E7:25:AB:06:FF:8E:31:9C:6E:D6:B2:E9:7F:3E:E2:07:6F:30
X509v3 Authority Key Identifier:
keyid:38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/x03nJasG_44xnG7Wsul_PuIHbzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/OEAeWIkL8jDcrl0DBRGf8sK41DM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.133.0/24
Signature Algorithm: sha256WithRSAEncryption
92:5c:c6:08:82:d3:f8:50:17:fd:d6:46:75:35:59:83:d4:cf:
a2:d6:9a:6b:1b:24:b7:07:04:2f:5b:06:6e:0a:14:33:50:65:
76:bf:00:dd:2e:4c:84:40:07:41:8a:69:39:d4:50:58:ac:59:
89:bc:f9:46:84:f2:01:36:3b:2d:94:79:85:1f:5e:14:11:e0:
7a:19:d0:b4:27:2e:d0:19:3f:c5:6a:95:1d:39:b7:6b:5a:88:
1d:3d:3b:4e:fb:fe:aa:0a:eb:ae:7a:31:9e:4a:0c:9e:2a:ea:
7e:c1:70:a3:bc:eb:21:92:cf:c9:53:14:db:79:2a:02:84:55:
4e:85:7f:34:d6:49:a1:1b:6a:5a:5a:48:21:f9:20:77:19:82:
b6:6c:ee:20:c9:e7:f8:1a:d1:30:48:4a:db:41:f6:67:8f:00:
a9:cf:b9:fd:46:58:df:95:af:1f:dc:ec:2e:43:76:6e:f6:dc:
b4:10:ca:16:59:89:e3:5a:db:c5:a7:04:1c:3c:87:09:dd:b4:
0f:d4:17:1b:db:05:f0:ad:a0:c7:e3:e9:fb:0b:39:79:3e:88:
e8:4a:0f:49:45:41:f9:ca:5c:38:0c:56:96:df:45:b0:7d:c7:
d0:46:6f:fa:8d:54:e4:4b:4b:76:5f:aa:ee:3e:55:2e:5a:4a:
92:9d:1e:a7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECa0ijDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODQwMWU1ODg5MGJmMjMwZGNhZTVkMDMwNTExOWZmMmMyYjhkNDMzMB4XDTIyMDEw
MTA1MDUzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzc0ZGU3MjVhYjA2
ZmY4ZTMxOWM2ZWQ2YjJlOTdmM2VlMjA3NmYzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRz8X72/h20jB1rJeer2VCutN+Y1tYlgqdcenrkZKJTAd1q
G/cBjYhVbbpQq989lZb72gvG/RjsF1frgEKGsMOJv9hipdBikTJTOX6r5EQgcxYK
GyfgIWTZ/0J5/68agjOD0bSzDl+TxzSw/0z6PzTnNaGI8rXOOFpFQUyih5Ye5U7K
wzY8YXFv9yfcs+kWZIL5RuV3iToIIqhIWqiZDNLWSuBDFjo3hb5CK7oKJpjPcnAz
enH3WkoFENcwNYnjtDCU0nikB3gSyMfmdM0ab+LpxMmp5KUgqYyerjnFrkwqmmwf
knE1RS99qg+OF1PXRRMmZI6JNPtERiDGjnXYdCMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTHTeclqwb/jjGcbtay6X8+4gdvMDAfBgNVHSMEGDAWgBQ4QB5YiQvyMNyu
XQMFEZ/ywrjUMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09FQWVXSWtMOGpEY3JsMERCUkdmOHNLNDFETS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvNjdkM2I4LWM0M2QtNDRiNy1hZmE2LThiOWNkZGI3MzQwOC8x
L3gwM25KYXNHXzQ0eG5HN1dzdWxfUHVJSGJ6QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
NjdkM2I4LWM0M2QtNDRiNy1hZmE2LThiOWNkZGI3MzQwOC8xL09FQWVXSWtMOGpE
Y3JsMERCUkdmOHNLNDFETS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMOAhTANBgkqhkiG9w0BAQsFAAOC
AQEAklzGCILT+FAX/dZGdTVZg9TPotaaaxsktwcEL1sGbgoUM1Bldr8A3S5MhEAH
QYppOdRQWKxZibz5RoTyATY7LZR5hR9eFBHgehnQtCcu0Bk/xWqVHTm3a1qIHT07
Tvv+qgrrrnoxnkoMnirqfsFwo7zrIZLPyVMU23kqAoRVToV/NNZJoRtqWlpIIfkg
dxmCtmzuIMnn+BrRMEhK20H2Z48Aqc+5/UZY35WvH9zsLkN2bvbctBDKFlmJ41rb
xacEHDyHCd20D9QXG9sF8K2gx+Pp+ws5eT6I6EoPSUVB+cpcOAxWlt9FsH3H0EZv
+o1U5EtLdl+q7j5VLlpKkp0epw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:17:51 2025 by rpki-client