Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/o5Ci2OOaaozGkEZOG_f7fDu7-XY.roa
File: o5Ci2OOaaozGkEZOG_f7fDu7-XY.roa (raw, json)
Hash identifier: 8C555rwsYeFI3kPoKdTROpSMNzbablYPsT0+Vk3NrV4=
Subject key identifier: A3:90:A2:D8:E3:9A:6A:8C:C6:90:46:4E:1B:F7:FB:7C:3B:BB:F9:76
Certificate issuer: /CN=34531c54b1e7956c2cc371b23e0a75567aa27518
Certificate serial: 0194258E83496A079D304F150A835CE992A6
Authority key identifier: 34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/o5Ci2OOaaozGkEZOG_f7fDu7-XY.roa
Signing time: Thu 02 Jan 2025 05:48:04 +0000
ROA not before: Thu 02 Jan 2025 05:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212939
IP address blocks: 195.2.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:83:49:6a:07:9d:30:4f:15:0a:83:5c:e9:92:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34531c54b1e7956c2cc371b23e0a75567aa27518
Validity
Not Before: Jan 2 05:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a390a2d8e39a6a8cc690464e1bf7fb7c3bbbf976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:17:b3:c2:b0:c2:20:6f:fd:b8:1d:7d:55:19:
88:7a:ed:04:83:4a:e7:e8:ed:40:09:ef:08:f1:2e:
8b:c0:e1:92:d6:56:e1:82:d1:5a:70:c5:a7:68:1a:
90:d0:29:2d:2b:e6:fc:eb:4d:17:30:67:98:b8:af:
11:0b:68:81:e5:f8:27:af:b0:73:ea:29:53:98:72:
3f:71:8d:f8:25:4b:6d:84:19:03:b3:76:4e:58:51:
77:4f:4d:87:b7:49:c3:a7:c0:c6:e5:31:72:e0:15:
23:28:e0:0a:7a:06:c3:09:91:7d:22:cb:63:05:b9:
78:3e:15:94:e2:cd:e5:e9:02:b0:04:04:c3:9b:99:
8e:d0:23:fd:65:6b:da:3e:b7:3f:25:c0:46:b7:17:
7f:54:91:3e:61:b5:66:98:a3:f4:a2:b7:1d:01:a9:
e5:da:23:ec:40:ec:c0:8c:05:32:aa:10:c1:85:ec:
1a:a1:8a:f7:1c:ee:21:8e:95:a6:c6:57:85:03:7e:
d0:6d:a0:60:d5:5e:68:ac:ca:e3:0b:41:03:1c:e2:
3b:9e:41:ea:08:1d:5f:88:59:a4:5e:bb:1a:14:bb:
e5:65:53:87:be:8f:67:a4:cb:8d:1f:40:e4:bd:45:
05:14:bd:b4:ae:aa:f1:ef:ce:82:00:7a:e3:89:21:
e4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:90:A2:D8:E3:9A:6A:8C:C6:90:46:4E:1B:F7:FB:7C:3B:BB:F9:76
X509v3 Authority Key Identifier:
keyid:34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/o5Ci2OOaaozGkEZOG_f7fDu7-XY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/NFMcVLHnlWwsw3GyPgp1VnqidRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.2.234.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:7c:fe:1c:8a:a4:de:81:fe:99:e8:42:64:85:02:df:de:7a:
a8:9b:eb:1c:96:bb:e1:61:c0:cc:f9:a1:57:e4:58:95:92:8b:
d0:40:b3:7a:38:d8:32:9a:a7:8a:e3:95:c3:9f:14:d9:9b:95:
d5:b4:01:6f:18:5a:73:b8:26:8d:70:84:6f:99:c3:ca:8f:85:
02:48:4f:d9:be:fa:b7:a2:ea:ea:1d:de:79:b4:59:72:bb:78:
78:11:d8:ed:06:12:8a:17:79:b2:36:10:9e:83:e7:0e:ba:4a:
f1:e7:94:6a:81:61:bd:aa:d0:60:df:69:4e:78:ab:f3:f6:e4:
c8:af:d5:a7:19:d4:17:e4:e1:4a:07:36:84:97:f3:e6:cc:4c:
77:4c:84:57:61:1d:0a:0c:09:ec:66:ca:f1:41:11:d2:c3:96:
b5:78:16:2d:95:9c:b2:3f:c4:79:9a:60:34:da:fe:e3:02:83:
a2:24:15:db:e8:ef:10:02:44:82:9f:91:ce:14:9c:69:13:84:
15:36:12:2f:c5:f1:4b:74:fd:8b:c4:89:96:f1:a0:db:6e:87:
9e:d9:66:33:f0:a1:7e:6d:32:6c:34:72:63:9c:4e:86:36:5d:
47:f8:ca:4a:16:6e:91:c5:d7:c7:e4:fd:f6:2c:e4:8b:53:72:
61:d6:16:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljoNJagedME8VCoNc6ZKmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NTMxYzU0YjFlNzk1NmMyY2MzNzFiMjNlMGE3NTU2N2Fh
Mjc1MTgwHhcNMjUwMTAyMDU0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzkwYTJkOGUzOWE2YThjYzY5MDQ2NGUxYmY3ZmI3YzNiYmJmOTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhezwrDCIG/9uB19VRmIeu0Eg0rn
6O1ACe8I8S6LwOGS1lbhgtFacMWnaBqQ0CktK+b8600XMGeYuK8RC2iB5fgnr7Bz
6ilTmHI/cY34JUtthBkDs3ZOWFF3T02Ht0nDp8DG5TFy4BUjKOAKegbDCZF9Istj
Bbl4PhWU4s3l6QKwBATDm5mO0CP9ZWvaPrc/JcBGtxd/VJE+YbVmmKP0orcdAanl
2iPsQOzAjAUyqhDBhewaoYr3HO4hjpWmxleFA37QbaBg1V5orMrjC0EDHOI7nkHq
CB1fiFmkXrsaFLvlZVOHvo9npMuNH0DkvUUFFL20rqrx786CAHrjiSHkoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOQotjjmmqMxpBGThv3+3w7u/l2MB8GA1UdIwQY
MBaAFDRTHFSx55VsLMNxsj4KdVZ6onUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEt
NDkwNjEwM2RiZDE2LzEvbzVDaTJPT2Fhb3pHa0VaT0dfZjdmRHU3LVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEtNDkwNjEwM2RiZDE2
LzEvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwLqMA0G
CSqGSIb3DQEBCwUAA4IBAQAcfP4ciqTegf6Z6EJkhQLf3nqom+sclrvhYcDM+aFX
5FiVkovQQLN6ONgymqeK45XDnxTZm5XVtAFvGFpzuCaNcIRvmcPKj4UCSE/Zvvq3
ourqHd55tFlyu3h4EdjtBhKKF3myNhCeg+cOukrx55RqgWG9qtBg32lOeKvz9uTI
r9WnGdQX5OFKBzaEl/PmzEx3TIRXYR0KDAnsZsrxQRHSw5a1eBYtlZyyP8R5mmA0
2v7jAoOiJBXb6O8QAkSCn5HOFJxpE4QVNhIvxfFLdP2LxImW8aDbboee2WYz8KF+
bTJsNHJjnE6GNl1H+MpKFm6RxdfH5P32LOSLU3Jh1hYU
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:12 2025 by rpki-client