Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/Po5VOUisuy6Ulq1SsoUJ1fWKvQA.roa
File: Po5VOUisuy6Ulq1SsoUJ1fWKvQA.roa (raw, json)
Hash identifier: qtNwgQVEmJYMBBBL8VjznISb2fKJIvaD+VCUQWPp7rI=
Subject key identifier: 3E:8E:55:39:48:AC:BB:2E:94:96:AD:52:B2:85:09:D5:F5:8A:BD:00
Certificate issuer: /CN=406f014a2bc76ae04e6d304d06aacbfc8e85d514
Certificate serial: 019421B22F3EE188A3C89B9D38F8EEE32116
Authority key identifier: 40:6F:01:4A:2B:C7:6A:E0:4E:6D:30:4D:06:AA:CB:FC:8E:85:D5:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/Po5VOUisuy6Ulq1SsoUJ1fWKvQA.roa
Signing time: Wed 01 Jan 2025 11:48:33 +0000
ROA not before: Wed 01 Jan 2025 11:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34136
IP address blocks: 195.234.76.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:2f:3e:e1:88:a3:c8:9b:9d:38:f8:ee:e3:21:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406f014a2bc76ae04e6d304d06aacbfc8e85d514
Validity
Not Before: Jan 1 11:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e8e553948acbb2e9496ad52b28509d5f58abd00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:83:d3:4d:0b:61:4b:d9:de:bd:84:a8:79:55:
2b:2d:eb:9a:18:3b:62:ae:b1:9c:26:e2:63:0c:58:
51:1e:73:0d:3b:81:7d:59:bd:51:aa:a1:07:63:b8:
50:27:d4:ac:47:ab:65:e0:b2:63:bf:60:03:cf:e3:
78:ec:1e:a8:08:28:ed:a6:28:83:31:68:69:32:33:
ea:4e:9d:28:b8:b2:33:8d:11:1f:fb:82:ed:d7:fe:
d8:fd:50:b1:79:bd:44:8c:14:45:4f:ac:77:4a:b3:
07:78:10:64:53:57:45:27:c0:62:12:af:88:75:b9:
bb:67:c4:61:49:39:8b:4a:86:4f:1c:8d:18:cf:5a:
7f:cd:f6:1a:dd:46:45:0c:d1:c2:15:7b:ba:99:77:
28:df:5f:34:ec:08:14:4e:5e:8d:a2:03:87:81:e2:
19:d2:9f:3f:ca:e6:d3:8b:39:e0:7e:07:47:21:a5:
54:5c:2e:af:25:92:91:ce:e0:f6:90:67:9e:5a:3d:
2f:f0:7c:d8:5c:ee:12:c1:f8:e1:df:5f:e9:5b:64:
4d:f0:df:d0:f3:e9:60:b2:63:0e:12:f7:7b:4d:35:
47:28:2b:a3:2e:e9:75:fa:4e:ae:75:42:d4:87:c3:
0d:fb:5c:6f:0d:bb:9e:f8:74:7f:24:7e:22:c1:3a:
6a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:8E:55:39:48:AC:BB:2E:94:96:AD:52:B2:85:09:D5:F5:8A:BD:00
X509v3 Authority Key Identifier:
keyid:40:6F:01:4A:2B:C7:6A:E0:4E:6D:30:4D:06:AA:CB:FC:8E:85:D5:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/Po5VOUisuy6Ulq1SsoUJ1fWKvQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/QG8BSivHauBObTBNBqrL_I6F1RQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.76.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:84:54:36:39:bf:81:73:10:cc:96:1f:e3:77:d2:0b:d5:70:
d9:89:23:ea:24:c2:32:46:a9:0b:a1:99:26:b3:1c:1c:34:c0:
b3:e4:01:8e:2b:8c:e0:f2:0e:db:9f:ca:13:0c:2f:05:46:ae:
d4:5c:49:94:fd:cf:c8:90:dc:0e:58:3a:29:8c:1c:20:ad:91:
46:f6:e4:50:5f:c4:f7:1e:f1:0f:53:69:de:a7:df:2e:98:f2:
55:85:cc:ef:ed:0d:b5:ad:fd:d9:c7:41:d0:82:7e:d5:83:a4:
a7:b0:44:41:3d:f1:c0:6f:a3:74:d3:09:5d:7c:54:d2:32:ba:
ed:6e:33:65:eb:39:1a:53:39:92:aa:62:5c:7c:b6:51:73:ab:
5a:7f:76:c9:f3:8c:be:25:83:ce:32:6d:67:b6:f6:67:63:89:
ed:28:40:4c:cc:b8:a9:63:50:80:00:a9:29:4f:af:77:38:ad:
07:cc:07:ba:9b:55:d8:15:c7:44:ba:36:ac:d7:82:33:40:1b:
0a:a9:bb:a3:77:d5:09:70:3b:5d:ee:a0:54:5a:03:c5:3e:d0:
94:50:1b:fb:a2:6c:8a:ef:a0:1b:e7:6a:de:4e:ec:ca:d9:bc:
8b:83:24:2c:01:ee:54:1f:fa:47:3a:36:e2:ba:6b:21:b9:a0:
54:36:2b:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsi8+4YijyJudOPju4yEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNmYwMTRhMmJjNzZhZTA0ZTZkMzA0ZDA2YWFjYmZjOGU4
NWQ1MTQwHhcNMjUwMTAxMTE0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZThlNTUzOTQ4YWNiYjJlOTQ5NmFkNTJiMjg1MDlkNWY1OGFiZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4PTTQthS9nevYSoeVUrLeuaGDti
rrGcJuJjDFhRHnMNO4F9Wb1RqqEHY7hQJ9SsR6tl4LJjv2ADz+N47B6oCCjtpiiD
MWhpMjPqTp0ouLIzjREf+4Lt1/7Y/VCxeb1EjBRFT6x3SrMHeBBkU1dFJ8BiEq+I
dbm7Z8RhSTmLSoZPHI0Yz1p/zfYa3UZFDNHCFXu6mXco31807AgUTl6NogOHgeIZ
0p8/yubTizngfgdHIaVUXC6vJZKRzuD2kGeeWj0v8HzYXO4Swfjh31/pW2RN8N/Q
8+lgsmMOEvd7TTVHKCujLul1+k6udULUh8MN+1xvDbue+HR/JH4iwTpqFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD6OVTlIrLsulJatUrKFCdX1ir0AMB8GA1UdIwQY
MBaAFEBvAUorx2rgTm0wTQaqy/yOhdUUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUc4QlNpdkhhdUJPYlRCTkJxckxfSTZGMVJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjNjYWEtMzEzZS00NjgzLTg0ZGIt
OWVlNWE3OGVjNTdiLzEvUG81Vk9VaXN1eTZVbHExU3NvVUoxZldLdlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjNjYWEtMzEzZS00NjgzLTg0ZGItOWVlNWE3OGVjNTdi
LzEvUUc4QlNpdkhhdUJPYlRCTkJxckxfSTZGMVJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw+pMMA0G
CSqGSIb3DQEBCwUAA4IBAQBshFQ2Ob+BcxDMlh/jd9IL1XDZiSPqJMIyRqkLoZkm
sxwcNMCz5AGOK4zg8g7bn8oTDC8FRq7UXEmU/c/IkNwOWDopjBwgrZFG9uRQX8T3
HvEPU2nep98umPJVhczv7Q21rf3Zx0HQgn7Vg6SnsERBPfHAb6N00wldfFTSMrrt
bjNl6zkaUzmSqmJcfLZRc6taf3bJ84y+JYPOMm1ntvZnY4ntKEBMzLipY1CAAKkp
T693OK0HzAe6m1XYFcdEujas14IzQBsKqbujd9UJcDtd7qBUWgPFPtCUUBv7omyK
76Ab52reTuzK2byLgyQsAe5UH/pHOjbiumshuaBUNitU
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:50:00 2025 by rpki-client