Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/KeNSVcNIveDRNN0Eoyb056mMz44.roa
File: KeNSVcNIveDRNN0Eoyb056mMz44.roa (raw, json)
Hash identifier: KxKJclC3t7SyZCwcHAS4oMcneZIsejj+HibsNh2NOPM=
Subject key identifier: 29:E3:52:55:C3:48:BD:E0:D1:34:DD:04:A3:26:F4:E7:A9:8C:CF:8E
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 019427B679A72CBB67503EE94C75F901D7F0
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/KeNSVcNIveDRNN0Eoyb056mMz44.roa
Signing time: Thu 02 Jan 2025 15:50:57 +0000
ROA not before: Thu 02 Jan 2025 15:50:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9050
IP address blocks: 95.100.220.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:79:a7:2c:bb:67:50:3e:e9:4c:75:f9:01:d7:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 2 15:50:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29e35255c348bde0d134dd04a326f4e7a98ccf8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:64:7c:9c:3a:c0:1e:86:38:52:cb:12:32:ec:
67:de:61:54:73:f1:b6:4d:a0:e6:d9:f8:f1:0d:1d:
a9:ed:05:e9:b3:19:34:ce:3c:30:3a:fd:7c:cb:36:
57:50:47:18:0f:18:c2:8a:ad:2c:dd:80:e8:b0:e7:
9f:18:cf:5f:5a:6e:49:21:36:55:59:91:53:c9:3b:
17:09:1b:c9:09:de:9d:ac:c1:71:35:b8:5a:a9:04:
73:3e:3a:9e:8b:d4:75:21:14:12:19:3f:e9:5e:29:
8f:5f:ed:2a:e4:a0:a5:64:ad:43:07:70:c7:ea:4e:
16:6f:69:41:39:ce:b1:76:eb:1f:26:d5:94:16:9e:
68:3b:47:9c:7c:a8:a4:b3:5b:25:80:77:c0:0c:80:
6e:50:13:27:ae:80:97:42:bb:03:af:70:dd:37:6e:
51:97:8f:fc:3b:fe:b3:1f:6b:7f:2f:f2:77:a7:55:
79:16:42:66:4f:84:d4:9f:f9:b1:60:88:64:9c:8f:
9c:61:f7:6a:7d:1f:1d:3b:14:84:0f:50:9f:48:32:
43:51:21:19:df:0c:87:f5:57:ac:88:45:58:c4:79:
3c:6b:96:93:8b:cb:db:7a:c1:69:1c:00:11:e8:7f:
9a:75:24:05:21:3d:c7:fc:23:e3:96:4f:3a:8f:a0:
d9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E3:52:55:C3:48:BD:E0:D1:34:DD:04:A3:26:F4:E7:A9:8C:CF:8E
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/KeNSVcNIveDRNN0Eoyb056mMz44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.100.220.0/22
Signature Algorithm: sha256WithRSAEncryption
72:04:a5:5d:12:1c:e8:3c:d6:4a:97:20:a4:fc:d8:4f:3b:be:
fb:34:03:53:c6:9c:3e:37:c2:f9:b0:6f:bb:7b:c4:7d:ea:c7:
fc:ba:9f:d4:a4:c8:8f:46:0d:14:38:e9:a6:bd:4f:53:0f:f5:
e1:ed:6b:90:f7:fd:f2:d1:d4:fe:86:b8:3a:dc:b4:34:32:4c:
47:aa:53:85:51:f9:7f:a8:3a:2b:06:d1:ac:4e:ae:17:60:aa:
53:96:7d:63:1b:75:8c:e5:e8:d4:80:9a:f5:b4:f0:dd:e9:57:
a6:d9:bb:92:17:53:24:76:5e:f3:3c:41:77:7e:c2:91:a9:98:
0f:35:19:91:46:95:ac:d0:47:0b:1d:70:aa:23:08:e1:23:cc:
5a:c7:b5:b0:67:74:bb:d4:fe:7e:d8:6c:3c:01:45:36:4b:61:
42:9a:6c:1d:e6:4e:3e:ce:de:11:9f:4b:ad:fd:60:95:b5:e7:
1d:ec:d1:76:aa:3a:79:17:03:6f:ff:6c:ec:49:15:ee:56:19:
bf:b3:3c:b1:64:de:5b:83:08:1b:53:a0:30:cb:92:b0:ec:78:
e5:df:a2:8a:82:94:df:1a:cc:22:58:4b:d0:26:57:83:37:f6:
91:b6:a9:83:56:9e:78:2e:ca:75:34:a7:3f:d5:1d:e2:65:7a:
c1:b2:5c:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntnmnLLtnUD7pTHX5AdfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjUwMTAyMTU1MDU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWUzNTI1NWMzNDhiZGUwZDEzNGRkMDRhMzI2ZjRlN2E5OGNjZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGR8nDrAHoY4UssSMuxn3mFUc/G2
TaDm2fjxDR2p7QXpsxk0zjwwOv18yzZXUEcYDxjCiq0s3YDosOefGM9fWm5JITZV
WZFTyTsXCRvJCd6drMFxNbhaqQRzPjqei9R1IRQSGT/pXimPX+0q5KClZK1DB3DH
6k4Wb2lBOc6xdusfJtWUFp5oO0ecfKiks1slgHfADIBuUBMnroCXQrsDr3DdN25R
l4/8O/6zH2t/L/J3p1V5FkJmT4TUn/mxYIhknI+cYfdqfR8dOxSED1CfSDJDUSEZ
3wyH9VesiEVYxHk8a5aTi8vbesFpHAAR6H+adSQFIT3H/CPjlk86j6DZEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnjUlXDSL3g0TTdBKMm9OepjM+OMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvS2VOU1ZjTkl2ZURSTk4wRW95YjA1Nm1NejQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX2TcMA0G
CSqGSIb3DQEBCwUAA4IBAQByBKVdEhzoPNZKlyCk/NhPO777NANTxpw+N8L5sG+7
e8R96sf8up/UpMiPRg0UOOmmvU9TD/Xh7WuQ9/3y0dT+hrg63LQ0MkxHqlOFUfl/
qDorBtGsTq4XYKpTln1jG3WM5ejUgJr1tPDd6Vem2buSF1Mkdl7zPEF3fsKRqZgP
NRmRRpWs0EcLHXCqIwjhI8xax7WwZ3S71P5+2Gw8AUU2S2FCmmwd5k4+zt4Rn0ut
/WCVtecd7NF2qjp5FwNv/2zsSRXuVhm/szyxZN5bgwgbU6Awy5Kw7Hjl36KKgpTf
GswiWEvQJleDN/aRtqmDVp54Lsp1NKc/1R3iZXrBslwa
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:16:23 2025 by rpki-client