Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/G71nm17nOEzUWw1GLyO7Zfj_lkU.roa
File: G71nm17nOEzUWw1GLyO7Zfj_lkU.roa (raw, json)
Hash identifier: r0m4YbLwwtUtSb9XhbM+KsB7fqF7UQjjTclZT2Fc14A=
Subject key identifier: 1B:BD:67:9B:5E:E7:38:4C:D4:5B:0D:46:2F:23:BB:65:F8:FF:96:45
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 019424B279C36194F018085F2C78B6869ECE
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/G71nm17nOEzUWw1GLyO7Zfj_lkU.roa
Signing time: Thu 02 Jan 2025 01:47:43 +0000
ROA not before: Thu 02 Jan 2025 01:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393942
IP address blocks: 195.96.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:79:c3:61:94:f0:18:08:5f:2c:78:b6:86:9e:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Jan 2 01:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bbd679b5ee7384cd45b0d462f23bb65f8ff9645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4f:4a:e0:ed:95:78:6a:cb:4c:01:e0:f5:4b:
24:e0:0f:58:7b:28:78:9f:d4:61:10:b7:e6:2f:62:
f2:f7:30:3b:6a:93:ec:b7:4b:83:bb:d9:0f:88:5a:
98:a1:5a:93:6c:6e:e4:64:75:57:a7:47:ea:dd:c1:
48:45:47:86:bf:e8:9c:32:70:67:04:9f:f3:ea:e0:
3c:72:d1:27:0b:72:bb:9d:7e:a4:1b:52:54:63:de:
60:ef:9d:c8:77:ed:42:31:b0:cd:0e:7d:a7:d1:a9:
bb:f8:c1:a9:7f:b1:92:65:2a:71:96:46:35:15:17:
38:07:fb:9c:df:b7:e1:40:65:f3:26:ae:35:9b:48:
91:80:8e:8b:f6:c0:4e:87:6f:8c:3b:1a:5c:6f:5b:
c6:02:9f:bf:a7:7b:df:01:94:4b:66:e3:50:32:aa:
d4:51:f8:e2:1e:23:ae:6c:1b:4a:81:b1:da:9f:af:
3b:c2:cc:75:fa:b0:b4:e0:bf:0d:e4:71:ad:43:ae:
ab:a9:63:92:58:a9:ee:77:d5:24:fc:96:8f:7c:cb:
cd:1f:b6:31:86:25:36:cf:c1:99:d3:26:f3:84:72:
dd:bd:dc:15:8d:9e:d7:3a:60:d2:76:15:05:b6:a9:
2b:ce:34:03:a3:95:63:7b:58:30:35:22:f1:65:50:
32:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:BD:67:9B:5E:E7:38:4C:D4:5B:0D:46:2F:23:BB:65:F8:FF:96:45
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/G71nm17nOEzUWw1GLyO7Zfj_lkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.132.0/24
Signature Algorithm: sha256WithRSAEncryption
74:9e:fe:2e:cb:97:5b:ea:9c:fe:7e:f3:13:13:52:00:17:ad:
53:c5:6f:8b:8a:a1:a7:5d:d2:ce:69:05:df:89:72:5e:16:19:
cc:1a:5b:36:41:f2:05:99:58:f5:9c:79:fb:b6:c3:73:7f:8e:
30:16:66:a5:af:47:c3:cf:4b:02:69:94:20:3b:f6:0b:fd:71:
e7:e3:a8:a0:18:56:d6:e1:d5:bf:57:d2:52:73:07:57:00:d0:
47:3b:82:57:78:61:e1:56:7a:a7:2e:fa:81:a1:55:89:71:46:
ab:f4:04:ad:c0:73:c1:89:84:79:37:ce:9b:57:ea:90:a3:41:
be:7b:9d:d3:a5:03:93:ea:8f:88:c9:11:4b:af:6f:0a:a8:5e:
5d:08:a0:aa:a3:4b:c4:b5:d8:f1:c7:61:d1:55:f2:2d:c0:b5:
ff:39:7d:a5:ac:0a:3b:1c:a3:aa:e0:e6:07:ed:38:6e:20:70:
67:25:0c:ad:32:d8:b3:7f:28:0c:44:6b:e3:fc:aa:00:ad:d3:
3a:ee:53:0a:68:d4:92:db:79:9e:0e:c9:1a:90:11:50:8e:00:
d7:2c:c6:f1:69:bb:d7:c5:4c:7f:a3:a2:4a:3d:ce:85:f6:b3:
05:73:df:38:db:8e:ad:04:67:5d:bd:60:45:82:12:57:e0:a1:
5d:19:9b:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksnnDYZTwGAhfLHi2hp7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjUwMTAyMDE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmJkNjc5YjVlZTczODRjZDQ1YjBkNDYyZjIzYmI2NWY4ZmY5NjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE9K4O2VeGrLTAHg9Usk4A9Yeyh4
n9RhELfmL2Ly9zA7apPst0uDu9kPiFqYoVqTbG7kZHVXp0fq3cFIRUeGv+icMnBn
BJ/z6uA8ctEnC3K7nX6kG1JUY95g753Id+1CMbDNDn2n0am7+MGpf7GSZSpxlkY1
FRc4B/uc37fhQGXzJq41m0iRgI6L9sBOh2+MOxpcb1vGAp+/p3vfAZRLZuNQMqrU
UfjiHiOubBtKgbHan687wsx1+rC04L8N5HGtQ66rqWOSWKnud9Uk/JaPfMvNH7Yx
hiU2z8GZ0ybzhHLdvdwVjZ7XOmDSdhUFtqkrzjQDo5Vje1gwNSLxZVAy0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBu9Z5te5zhM1FsNRi8ju2X4/5ZFMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvRzcxbm0xN25PRXpVV3cxR0x5TzdaZmpfbGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CEMA0G
CSqGSIb3DQEBCwUAA4IBAQB0nv4uy5db6pz+fvMTE1IAF61TxW+LiqGnXdLOaQXf
iXJeFhnMGls2QfIFmVj1nHn7tsNzf44wFmalr0fDz0sCaZQgO/YL/XHn46igGFbW
4dW/V9JScwdXANBHO4JXeGHhVnqnLvqBoVWJcUar9AStwHPBiYR5N86bV+qQo0G+
e53TpQOT6o+IyRFLr28KqF5dCKCqo0vEtdjxx2HRVfItwLX/OX2lrAo7HKOq4OYH
7ThuIHBnJQytMtizfygMRGvj/KoArdM67lMKaNSS23meDskakBFQjgDXLMbxabvX
xUx/o6JKPc6F9rMFc984246tBGddvWBFghJX4KFdGZt7
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:40:29 2025 by rpki-client