Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/c4e7e9-f6be-41a3-a459-195389330edf/1/w6CIFsXhe3gJ8pF9EHg-adXDS5c.roa
File: w6CIFsXhe3gJ8pF9EHg-adXDS5c.roa (raw, json)
Hash identifier: G5Kk3492Lln+8yGKEbYcF38b0XZXBFYUAf9aIet6yWo=
Subject key identifier: C3:A0:88:16:C5:E1:7B:78:09:F2:91:7D:10:78:3E:69:D5:C3:4B:97
Certificate issuer: /CN=bf817dc8552df3610ffc45441b3f81464e489dc8
Certificate serial: 019421B256DDB63A35172969AD0D51CD79E7
Authority key identifier: BF:81:7D:C8:55:2D:F3:61:0F:FC:45:44:1B:3F:81:46:4E:48:9D:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4F9yFUt82EP_EVEGz-BRk5Incg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/c4e7e9-f6be-41a3-a459-195389330edf/1/w6CIFsXhe3gJ8pF9EHg-adXDS5c.roa
Signing time: Wed 01 Jan 2025 11:48:43 +0000
ROA not before: Wed 01 Jan 2025 11:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2116
IP address blocks: 195.88.54.0/23 maxlen: 23
2001:67c:21e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:56:dd:b6:3a:35:17:29:69:ad:0d:51:cd:79:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf817dc8552df3610ffc45441b3f81464e489dc8
Validity
Not Before: Jan 1 11:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3a08816c5e17b7809f2917d10783e69d5c34b97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7b:cd:9c:d2:cd:b0:40:1b:e4:4c:c7:95:23:
39:c6:bf:fd:1f:81:97:1e:fa:7f:e7:22:f9:25:ba:
64:c9:1b:5c:2b:69:49:ae:c5:cd:72:a8:70:7a:22:
9e:de:b4:e1:95:f6:e8:3f:9c:6e:aa:2a:45:64:b3:
6f:14:af:f4:59:12:db:ba:6a:18:48:8f:c5:d4:21:
08:0d:38:f6:71:38:12:33:95:84:bd:84:41:2c:eb:
a3:4a:4f:10:88:f2:53:fe:b0:24:df:a1:3b:5f:83:
97:ff:6d:d9:64:90:a7:5c:1e:17:a0:ae:6f:d5:c5:
6b:5e:86:0a:ce:c9:b9:b5:b9:e1:9b:4e:e0:8f:a4:
39:25:4e:b1:1b:97:a1:30:de:86:e6:e2:22:35:30:
26:48:2b:30:c9:04:da:c7:e2:7c:be:7c:b9:cb:f3:
1f:0b:96:2a:7c:3a:f6:50:ea:33:3e:33:c0:b2:b6:
a9:25:27:86:3c:6e:f9:7d:90:e7:e9:77:77:0d:05:
a3:5b:98:54:fa:05:ab:d4:03:84:9d:2d:6b:83:a1:
e4:f2:56:9d:12:93:21:85:d9:56:59:31:fb:ac:10:
22:7e:5e:7f:86:49:bd:c0:24:90:0a:26:f0:c7:d1:
94:22:14:1f:fc:4b:ba:62:59:21:14:84:df:f0:a1:
e0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:A0:88:16:C5:E1:7B:78:09:F2:91:7D:10:78:3E:69:D5:C3:4B:97
X509v3 Authority Key Identifier:
keyid:BF:81:7D:C8:55:2D:F3:61:0F:FC:45:44:1B:3F:81:46:4E:48:9D:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4F9yFUt82EP_EVEGz-BRk5Incg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c4e7e9-f6be-41a3-a459-195389330edf/1/w6CIFsXhe3gJ8pF9EHg-adXDS5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c4e7e9-f6be-41a3-a459-195389330edf/1/v4F9yFUt82EP_EVEGz-BRk5Incg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.54.0/23
IPv6:
2001:67c:21e0::/48
Signature Algorithm: sha256WithRSAEncryption
02:df:bd:3e:a8:04:18:d2:48:18:70:db:f2:c7:89:a5:5d:a5:
21:8e:fc:d7:e7:11:84:89:fb:70:51:0e:e6:e6:17:54:53:53:
6e:ff:ff:85:a4:47:cd:98:e5:eb:37:a8:d0:c7:63:54:dd:79:
95:d8:80:8b:c4:ca:11:60:0a:6e:01:2f:5d:ab:74:07:87:d7:
aa:c7:ec:50:1c:d4:19:06:0e:a3:0c:2e:34:ee:42:fd:df:b4:
81:70:7a:42:95:17:c8:09:36:46:79:14:6a:92:b8:32:97:7d:
d2:fe:1f:38:83:98:f7:07:b1:a4:84:95:d8:e8:fe:b9:d5:10:
c7:4d:7a:fc:41:99:34:7c:49:6b:b6:05:1e:c1:eb:f5:bd:37:
d7:e6:28:7a:95:7e:35:27:b4:7f:98:4c:28:c6:3b:97:50:59:
fc:33:e4:02:84:9d:fd:39:b5:2a:29:94:da:b2:cb:92:4c:3d:
31:0a:e6:51:59:17:ab:28:f6:cc:3d:d1:b3:34:ed:46:ec:42:
b1:ec:ac:30:7d:64:e9:90:ce:39:44:cc:a4:cc:6d:9d:a5:2a:
84:b8:bb:6b:91:bd:1d:3b:c9:3d:21:b8:80:e6:79:b6:24:8a:
43:f9:1b:ef:6b:8b:bc:0a:7b:1e:24:16:56:43:0c:21:bf:89:
06:30:d5:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhslbdtjo1FylprQ1RzXnnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODE3ZGM4NTUyZGYzNjEwZmZjNDU0NDFiM2Y4MTQ2NGU0
ODlkYzgwHhcNMjUwMTAxMTE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2EwODgxNmM1ZTE3Yjc4MDlmMjkxN2QxMDc4M2U2OWQ1YzM0Yjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXvNnNLNsEAb5EzHlSM5xr/9H4GX
Hvp/5yL5JbpkyRtcK2lJrsXNcqhweiKe3rThlfboP5xuqipFZLNvFK/0WRLbumoY
SI/F1CEIDTj2cTgSM5WEvYRBLOujSk8QiPJT/rAk36E7X4OX/23ZZJCnXB4XoK5v
1cVrXoYKzsm5tbnhm07gj6Q5JU6xG5ehMN6G5uIiNTAmSCswyQTax+J8vny5y/Mf
C5YqfDr2UOozPjPAsrapJSeGPG75fZDn6Xd3DQWjW5hU+gWr1AOEnS1rg6Hk8lad
EpMhhdlWWTH7rBAifl5/hkm9wCSQCibwx9GUIhQf/Eu6YlkhFITf8KHgYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMOgiBbF4Xt4CfKRfRB4PmnVw0uXMB8GA1UdIwQY
MBaAFL+BfchVLfNhD/xFRBs/gUZOSJ3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRGOXlGVXQ4MkVQX0VWRUd6LUJSazVJbmNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jNGU3ZTktZjZiZS00MWEzLWE0NTkt
MTk1Mzg5MzMwZWRmLzEvdzZDSUZzWGhlM2dKOHBGOUVIZy1hZFhEUzVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jNGU3ZTktZjZiZS00MWEzLWE0NTktMTk1Mzg5MzMwZWRm
LzEvdjRGOXlGVXQ4MkVQX0VWRUd6LUJSazVJbmNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw1g2MA8E
AgACMAkDBwAgAQZ8IeAwDQYJKoZIhvcNAQELBQADggEBAALfvT6oBBjSSBhw2/LH
iaVdpSGO/NfnEYSJ+3BRDubmF1RTU27//4WkR82Y5es3qNDHY1TdeZXYgIvEyhFg
Cm4BL12rdAeH16rH7FAc1BkGDqMMLjTuQv3ftIFwekKVF8gJNkZ5FGqSuDKXfdL+
HziDmPcHsaSEldjo/rnVEMdNevxBmTR8SWu2BR7B6/W9N9fmKHqVfjUntH+YTCjG
O5dQWfwz5AKEnf05tSoplNqyy5JMPTEK5lFZF6so9sw90bM07UbsQrHsrDB9ZOmQ
zjlEzKTMbZ2lKoS4u2uRvR07yT0huIDmebYkikP5G+9ri7wKex4kFlZDDCG/iQYw
1bs=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:56:27 2025 by rpki-client