Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/pqeswSPzOYIGbj3m4ga1QN0zclw.roa
File: pqeswSPzOYIGbj3m4ga1QN0zclw.roa (raw, json)
Hash identifier: JWEFQBYzaweQCBKdsfsQdNK/XPIek43ySsJlP1S7/7w=
Subject key identifier: A6:A7:AC:C1:23:F3:39:82:06:6E:3D:E6:E2:06:B5:40:DD:33:72:5C
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019421B228DB023C7B4E0230AA1BC2DB94CA
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/pqeswSPzOYIGbj3m4ga1QN0zclw.roa
Signing time: Wed 01 Jan 2025 11:48:31 +0000
ROA not before: Wed 01 Jan 2025 11:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198984
IP address blocks: 195.136.172.0/24 maxlen: 24
195.136.175.0/24 maxlen: 24
195.136.184.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:28:db:02:3c:7b:4e:02:30:aa:1b:c2:db:94:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 11:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6a7acc123f33982066e3de6e206b540dd33725c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ad:eb:73:e3:48:1f:02:86:c9:c1:73:37:b0:
0d:67:df:9d:45:58:54:b7:44:4e:2d:fa:2c:48:c3:
f8:9a:6e:1d:38:d9:bc:3f:47:9f:44:c4:23:14:f6:
f7:80:24:22:b3:4c:21:cd:d4:3a:3c:bd:d3:7a:1f:
ab:52:97:07:7a:86:27:23:d9:22:52:45:1f:d3:bf:
0f:02:fa:f9:a6:ee:6a:e0:04:81:37:69:6f:ed:0c:
9a:79:82:31:29:e1:a3:ab:89:de:71:f1:04:03:ad:
bf:4d:9c:be:7c:66:06:9a:9f:b0:02:03:81:b8:d0:
94:03:71:72:fc:d8:d4:c4:8f:80:a5:d0:5e:99:47:
cc:b7:2d:8e:3b:c1:ee:c4:d1:ac:a9:7e:fc:c0:ef:
1f:66:66:90:57:3b:97:ad:d4:c2:59:33:da:ff:e5:
84:95:dc:30:dd:c1:fb:b9:cd:dc:7a:bf:d0:39:71:
86:86:a6:54:63:d2:66:6f:d4:d2:fd:ba:8c:24:df:
ee:16:47:e9:87:dc:c1:9d:7a:db:7f:dc:30:55:c6:
3e:a1:a5:bd:ee:d8:b4:94:74:2d:0a:39:a5:90:d7:
a5:fc:4c:45:80:7f:7c:45:cc:4e:a8:9e:f4:de:49:
34:22:d9:d9:26:67:e7:55:49:ca:82:b2:f0:04:04:
bf:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A7:AC:C1:23:F3:39:82:06:6E:3D:E6:E2:06:B5:40:DD:33:72:5C
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/pqeswSPzOYIGbj3m4ga1QN0zclw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.172.0/24
195.136.175.0/24
195.136.184.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:28:c6:e4:bd:b3:5f:98:2b:a6:3d:b1:fd:0b:80:ed:7c:3c:
99:dd:9b:ab:e6:e3:73:81:43:23:22:d7:04:18:74:98:b3:dd:
b5:d9:a7:45:d4:66:5b:46:ff:d9:ce:e0:0a:82:99:58:71:e2:
e2:c7:4f:11:6a:a5:d3:1b:19:3b:59:72:3e:c5:09:fa:00:0d:
58:59:65:89:27:b5:c3:c7:e5:7f:10:3a:72:f4:27:41:3f:75:
53:81:dc:23:e2:be:eb:b3:99:08:e4:44:dd:c2:96:43:59:40:
c6:bb:a3:06:66:7f:c9:e1:74:89:fc:8e:04:16:59:8d:8f:b1:
00:9d:46:f4:94:f9:c1:b2:9d:cb:47:87:36:a5:dc:d2:42:e1:
e7:1d:39:b5:c0:1e:e7:04:2c:18:27:8d:02:21:95:2c:be:e6:
e0:d1:84:f6:1f:f7:3c:19:04:cb:ee:da:d0:37:34:d8:22:7e:
d8:98:34:b4:f0:e7:fa:5c:1f:c4:2c:30:02:e4:e6:3f:43:71:
0e:0c:96:93:84:af:db:c9:89:21:d3:59:f4:ee:76:50:b5:87:
6a:76:cb:47:d4:50:79:3f:b4:79:12:69:f6:32:35:2d:42:6c:
7f:fb:2c:f7:dd:f5:b3:2c:fa:41:0f:14:cf:1b:ac:74:61:5b:
68:c0:42:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhsijbAjx7TgIwqhvC25TKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwMTAxMTE0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmE3YWNjMTIzZjMzOTgyMDY2ZTNkZTZlMjA2YjU0MGRkMzM3MjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlK3rc+NIHwKGycFzN7ANZ9+dRVhU
t0ROLfosSMP4mm4dONm8P0efRMQjFPb3gCQis0whzdQ6PL3Teh+rUpcHeoYnI9ki
UkUf078PAvr5pu5q4ASBN2lv7QyaeYIxKeGjq4necfEEA62/TZy+fGYGmp+wAgOB
uNCUA3Fy/NjUxI+ApdBemUfMty2OO8HuxNGsqX78wO8fZmaQVzuXrdTCWTPa/+WE
ldww3cH7uc3cer/QOXGGhqZUY9Jmb9TS/bqMJN/uFkfph9zBnXrbf9wwVcY+oaW9
7ti0lHQtCjmlkNel/ExFgH98RcxOqJ703kk0ItnZJmfnVUnKgrLwBAS/EwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKanrMEj8zmCBm495uIGtUDdM3JcMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvcHFlc3dTUHpPWUlHYmozbTRnYTFRTjB6Y2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAw4isAwQA
w4ivAwQBw4i4MA0GCSqGSIb3DQEBCwUAA4IBAQCiKMbkvbNfmCumPbH9C4DtfDyZ
3Zur5uNzgUMjItcEGHSYs9212adF1GZbRv/ZzuAKgplYceLix08RaqXTGxk7WXI+
xQn6AA1YWWWJJ7XDx+V/EDpy9CdBP3VTgdwj4r7rs5kI5ETdwpZDWUDGu6MGZn/J
4XSJ/I4EFlmNj7EAnUb0lPnBsp3LR4c2pdzSQuHnHTm1wB7nBCwYJ40CIZUsvubg
0YT2H/c8GQTL7trQNzTYIn7YmDS08Of6XB/ELDAC5OY/Q3EODJaThK/byYkh01n0
7nZQtYdqdstH1FB5P7R5Emn2MjUtQmx/+yz33fWzLPpBDxTPG6x0YVtowEJg
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:14 2025 by rpki-client