Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/6a48a7-0c01-4aca-b431-6cedcf234975/1/rVsJQEO-mj7mvcsXxH5VgaTW6zg.roa
File: rVsJQEO-mj7mvcsXxH5VgaTW6zg.roa (raw, json)
Hash identifier: ua7+fmWA2GW1yW/CrUv0CTWRd4x0VpX6E9M5m//M8gk=
Subject key identifier: AD:5B:09:40:43:BE:9A:3E:E6:BD:CB:17:C4:7E:55:81:A4:D6:EB:38
Certificate issuer: /CN=1ff2cf1a6230cd62cb3ca8a1bc1d4a4bb4337c1d
Certificate serial: 0194228E36C04D3CF504BADECB81AE8884CC
Authority key identifier: 1F:F2:CF:1A:62:30:CD:62:CB:3C:A8:A1:BC:1D:4A:4B:B4:33:7C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H_LPGmIwzWLLPKihvB1KS7QzfB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/6a48a7-0c01-4aca-b431-6cedcf234975/1/rVsJQEO-mj7mvcsXxH5VgaTW6zg.roa
Signing time: Wed 01 Jan 2025 15:48:53 +0000
ROA not before: Wed 01 Jan 2025 15:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62000
IP address blocks: 195.246.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:36:c0:4d:3c:f5:04:ba:de:cb:81:ae:88:84:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ff2cf1a6230cd62cb3ca8a1bc1d4a4bb4337c1d
Validity
Not Before: Jan 1 15:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad5b094043be9a3ee6bdcb17c47e5581a4d6eb38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:46:c0:d3:7d:fc:bb:02:22:72:f7:be:d6:57:
6b:d8:7a:62:39:f8:ad:e1:16:59:f1:43:97:be:44:
8e:9c:a7:c8:2a:28:61:e7:9d:7b:51:ab:00:9e:13:
0c:2b:4f:a5:59:e7:d3:ad:fc:10:dd:c3:57:d3:e4:
14:55:27:c1:80:16:1e:d0:d2:6e:13:aa:7e:61:bb:
9d:e4:05:3f:53:b6:e5:ed:64:e2:92:58:cc:02:96:
e8:6d:a2:30:08:7b:a4:00:53:d1:ed:21:d2:86:2b:
75:d9:7a:f1:9b:02:57:42:0c:41:2c:45:6a:8e:c9:
b9:d9:83:77:5f:33:69:7e:31:f9:5a:9b:47:5b:b4:
3f:ae:22:50:30:ee:8a:ec:98:19:c9:1f:33:22:37:
be:15:49:b8:51:df:1d:16:cd:3f:cc:7d:97:66:38:
99:20:ac:00:c8:ff:0c:83:68:83:2f:40:ba:4e:10:
9e:b0:73:c8:e1:cb:4a:f2:4c:21:aa:bb:c0:b7:30:
72:b7:09:9f:6c:24:b7:be:ee:75:42:2e:c4:4c:13:
34:31:bb:3e:fe:5a:12:d1:2c:8e:c1:26:06:89:4d:
59:b2:26:b1:2f:c7:10:83:e8:e5:f9:fb:2c:55:a9:
b0:9c:38:1e:87:d8:2b:e1:7c:86:28:52:57:0a:d8:
b9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:5B:09:40:43:BE:9A:3E:E6:BD:CB:17:C4:7E:55:81:A4:D6:EB:38
X509v3 Authority Key Identifier:
keyid:1F:F2:CF:1A:62:30:CD:62:CB:3C:A8:A1:BC:1D:4A:4B:B4:33:7C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H_LPGmIwzWLLPKihvB1KS7QzfB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6a48a7-0c01-4aca-b431-6cedcf234975/1/rVsJQEO-mj7mvcsXxH5VgaTW6zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6a48a7-0c01-4aca-b431-6cedcf234975/1/H_LPGmIwzWLLPKihvB1KS7QzfB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.246.112.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:86:71:98:d4:31:39:ba:35:1b:df:c2:2a:6f:f7:1e:17:3c:
72:f5:19:a8:62:b5:68:68:e3:c7:d6:fe:d6:41:40:47:f5:b2:
9d:ce:0b:95:b7:12:b8:15:6d:f8:27:ef:aa:b9:4b:75:32:f8:
57:22:9a:d7:8d:8b:22:d6:5c:1b:ca:33:5c:53:f9:55:4f:c4:
e3:61:2d:4f:34:86:ba:40:1c:48:d3:26:42:04:c0:9b:b0:5e:
85:91:f7:64:b6:5f:11:f7:7e:e7:66:29:2c:fe:95:23:af:d3:
66:ae:86:64:ee:96:4c:4f:3e:ca:3c:81:ab:65:fb:87:47:0f:
30:23:99:cb:a2:38:09:74:88:51:53:06:fe:7b:07:5c:5b:46:
2b:da:6d:72:a3:4f:ab:df:3b:37:a7:1a:97:91:ec:ab:38:8c:
75:4c:23:4d:a6:e0:c1:be:a9:aa:74:d1:b1:4e:5e:31:1a:ed:
dd:e8:80:06:6d:66:77:3c:8d:e6:f6:65:36:10:79:72:8e:00:
93:df:43:a3:ed:37:e7:89:36:0a:24:49:14:9c:d8:6e:71:a5:
f4:ac:e1:9f:89:d1:f1:2e:12:dc:48:14:4a:f9:2b:00:e1:de:
28:4f:ec:1e:d9:d6:5f:5f:5f:9c:4b:db:90:fa:6d:36:c9:2b:
c6:08:28:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijjbATTz1BLrey4GuiITMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZjJjZjFhNjIzMGNkNjJjYjNjYThhMWJjMWQ0YTRiYjQz
MzdjMWQwHhcNMjUwMTAxMTU0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDViMDk0MDQzYmU5YTNlZTZiZGNiMTdjNDdlNTU4MWE0ZDZlYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUbA0338uwIicve+1ldr2HpiOfit
4RZZ8UOXvkSOnKfIKihh5517UasAnhMMK0+lWefTrfwQ3cNX0+QUVSfBgBYe0NJu
E6p+Ybud5AU/U7bl7WTikljMApbobaIwCHukAFPR7SHShit12XrxmwJXQgxBLEVq
jsm52YN3XzNpfjH5WptHW7Q/riJQMO6K7JgZyR8zIje+FUm4Ud8dFs0/zH2XZjiZ
IKwAyP8Mg2iDL0C6ThCesHPI4ctK8kwhqrvAtzBytwmfbCS3vu51Qi7ETBM0Mbs+
/loS0SyOwSYGiU1ZsiaxL8cQg+jl+fssVamwnDgeh9gr4XyGKFJXCti5ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK1bCUBDvpo+5r3LF8R+VYGk1us4MB8GA1UdIwQY
MBaAFB/yzxpiMM1iyzyoobwdSku0M3wdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSF9MUEdtSXd6V0xMUEtpaHZCMUtTN1F6ZkIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS82YTQ4YTctMGMwMS00YWNhLWI0MzEt
NmNlZGNmMjM0OTc1LzEvclZzSlFFTy1tajdtdmNzWHhINVZnYVRXNnpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS82YTQ4YTctMGMwMS00YWNhLWI0MzEtNmNlZGNmMjM0OTc1
LzEvSF9MUEdtSXd6V0xMUEtpaHZCMUtTN1F6ZkIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/ZwMA0G
CSqGSIb3DQEBCwUAA4IBAQBOhnGY1DE5ujUb38Iqb/ceFzxy9RmoYrVoaOPH1v7W
QUBH9bKdzguVtxK4FW34J++quUt1MvhXIprXjYsi1lwbyjNcU/lVT8TjYS1PNIa6
QBxI0yZCBMCbsF6Fkfdktl8R937nZiks/pUjr9NmroZk7pZMTz7KPIGrZfuHRw8w
I5nLojgJdIhRUwb+ewdcW0Yr2m1yo0+r3zs3pxqXkeyrOIx1TCNNpuDBvqmqdNGx
Tl4xGu3d6IAGbWZ3PI3m9mU2EHlyjgCT30Oj7TfniTYKJEkUnNhucaX0rOGfidHx
LhLcSBRK+SsA4d4oT+we2dZfX1+cS9uQ+m02ySvGCCiF
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:56:33 2025 by rpki-client