Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/05a1ca-33c5-4aef-9c9a-f50fd99373ec/1/KqK95kA_OeRU7nACiSd3lAze0vY.roa
File: KqK95kA_OeRU7nACiSd3lAze0vY.roa (raw, json)
Hash identifier: B7AMB5/+VeIa1+pxAsGTh2RB/UvVZMPeKnxdMUh4GP8=
Subject key identifier: 2A:A2:BD:E6:40:3F:39:E4:54:EE:70:02:89:27:77:94:0C:DE:D2:F6
Certificate issuer: /CN=7e5555f1a2cee89b7134656086f054d796353c1e
Certificate serial: 01942521D399A3469D6F15663DB0FB53E7A2
Authority key identifier: 7E:55:55:F1:A2:CE:E8:9B:71:34:65:60:86:F0:54:D7:96:35:3C:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/flVV8aLO6JtxNGVghvBU15Y1PB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/05a1ca-33c5-4aef-9c9a-f50fd99373ec/1/KqK95kA_OeRU7nACiSd3lAze0vY.roa
Signing time: Thu 02 Jan 2025 03:49:21 +0000
ROA not before: Thu 02 Jan 2025 03:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25577
IP address blocks: 195.135.208.0/22 maxlen: 22
195.210.54.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d3:99:a3:46:9d:6f:15:66:3d:b0:fb:53:e7:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e5555f1a2cee89b7134656086f054d796353c1e
Validity
Not Before: Jan 2 03:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2aa2bde6403f39e454ee7002892777940cded2f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0d:06:a6:24:74:fc:8f:63:82:92:5c:a8:a1:
90:c0:45:64:08:14:a9:f3:9a:16:0b:54:73:d6:ac:
4a:ed:a7:1c:df:7b:5c:b9:94:29:54:4f:35:1c:3c:
70:b3:22:4e:06:7f:e8:29:d8:e9:04:17:38:a9:11:
bf:fe:57:62:42:14:8a:ef:b6:19:e9:c0:b8:4e:05:
2d:78:9c:fa:ba:3c:3f:00:b2:92:13:84:a3:ff:b6:
7c:7b:a7:29:83:13:34:59:82:bd:2b:c4:59:87:32:
67:cd:4c:83:26:ae:b5:d2:04:eb:33:26:52:20:fa:
e8:dd:22:f9:9b:98:05:7b:51:23:1f:52:11:c1:43:
c5:2d:91:bd:d0:1d:89:24:87:42:a3:78:fc:c8:e1:
01:f3:31:b3:b4:6d:af:10:f7:40:ed:55:f3:d5:32:
42:50:fb:23:5c:f2:90:6a:bc:79:58:28:e7:6c:95:
77:97:cf:b0:71:85:a4:12:00:8e:52:f7:e7:05:e2:
2a:c2:24:c6:db:1d:15:5d:f3:6b:94:8c:e5:7b:e4:
76:c7:6a:cc:63:a2:90:fb:20:a8:b2:8a:0b:f1:9c:
42:e5:c6:88:9b:4a:32:f3:80:40:e8:48:c9:f2:b4:
f0:44:e4:17:b2:1d:9f:21:60:03:cd:05:fa:4f:29:
dd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A2:BD:E6:40:3F:39:E4:54:EE:70:02:89:27:77:94:0C:DE:D2:F6
X509v3 Authority Key Identifier:
keyid:7E:55:55:F1:A2:CE:E8:9B:71:34:65:60:86:F0:54:D7:96:35:3C:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/flVV8aLO6JtxNGVghvBU15Y1PB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/05a1ca-33c5-4aef-9c9a-f50fd99373ec/1/KqK95kA_OeRU7nACiSd3lAze0vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/05a1ca-33c5-4aef-9c9a-f50fd99373ec/1/flVV8aLO6JtxNGVghvBU15Y1PB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.135.208.0/22
195.210.54.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:2a:13:23:14:9c:89:a9:f8:cb:a4:06:1b:b4:c9:f7:5c:d6:
6a:5b:3f:e3:94:c8:db:c7:a2:1a:95:60:8d:bd:7e:ac:91:70:
b0:0b:22:60:ae:65:31:1d:c4:9d:c5:e3:d9:d5:7d:65:be:2d:
b3:e6:7f:bb:b5:39:b8:75:cd:dd:bf:ef:c3:88:69:a8:a4:93:
fb:26:26:fc:32:d9:b6:6d:22:66:d9:9b:fa:ee:df:ae:3e:1d:
c0:d3:64:4c:5a:a1:e7:b4:29:97:0f:36:2a:88:f9:72:dc:97:
93:9f:80:0c:0a:bc:5a:8a:0c:d4:9f:80:f8:1c:44:08:3a:41:
11:d1:11:7a:ba:3d:f8:43:b4:99:99:da:de:6c:f4:f5:8f:0c:
fd:89:c4:a9:46:d6:4e:51:43:56:51:99:89:cc:53:6b:4b:22:
87:39:b2:75:78:35:e1:51:60:27:de:c9:88:fb:6b:19:a9:8b:
91:03:c9:1d:4d:a5:4a:6d:74:fc:92:9e:ef:1d:79:b1:76:6e:
ae:03:3e:64:1e:a7:04:19:11:e5:71:db:0f:71:aa:fa:08:fa:
61:98:af:0d:cb:d6:a3:24:99:37:be:3e:a0:eb:b7:54:ab:bf:
90:d7:0d:5e:2b:21:12:de:1e:23:7f:85:75:a3:c0:bf:b9:74:
85:b0:3b:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIdOZo0adbxVmPbD7U+eiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNTU1NWYxYTJjZWU4OWI3MTM0NjU2MDg2ZjA1NGQ3OTYz
NTNjMWUwHhcNMjUwMTAyMDM0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWEyYmRlNjQwM2YzOWU0NTRlZTcwMDI4OTI3Nzc5NDBjZGVkMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw0GpiR0/I9jgpJcqKGQwEVkCBSp
85oWC1Rz1qxK7acc33tcuZQpVE81HDxwsyJOBn/oKdjpBBc4qRG//ldiQhSK77YZ
6cC4TgUteJz6ujw/ALKSE4Sj/7Z8e6cpgxM0WYK9K8RZhzJnzUyDJq610gTrMyZS
IPro3SL5m5gFe1EjH1IRwUPFLZG90B2JJIdCo3j8yOEB8zGztG2vEPdA7VXz1TJC
UPsjXPKQarx5WCjnbJV3l8+wcYWkEgCOUvfnBeIqwiTG2x0VXfNrlIzle+R2x2rM
Y6KQ+yCosooL8ZxC5caIm0oy84BA6EjJ8rTwROQXsh2fIWADzQX6TyndzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCqiveZAPznkVO5wAoknd5QM3tL2MB8GA1UdIwQY
MBaAFH5VVfGizuibcTRlYIbwVNeWNTweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmxWVjhhTE82SnR4TkdWZ2h2QlUxNVkxUEI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wNWExY2EtMzNjNS00YWVmLTljOWEt
ZjUwZmQ5OTM3M2VjLzEvS3FLOTVrQV9PZVJVN25BQ2lTZDNsQXplMHZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wNWExY2EtMzNjNS00YWVmLTljOWEtZjUwZmQ5OTM3M2Vj
LzEvZmxWVjhhTE82SnR4TkdWZ2h2QlUxNVkxUEI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw4fQAwQB
w9I2MA0GCSqGSIb3DQEBCwUAA4IBAQA+KhMjFJyJqfjLpAYbtMn3XNZqWz/jlMjb
x6IalWCNvX6skXCwCyJgrmUxHcSdxePZ1X1lvi2z5n+7tTm4dc3dv+/DiGmopJP7
Jib8Mtm2bSJm2Zv67t+uPh3A02RMWqHntCmXDzYqiPly3JeTn4AMCrxaigzUn4D4
HEQIOkER0RF6uj34Q7SZmdrebPT1jwz9icSpRtZOUUNWUZmJzFNrSyKHObJ1eDXh
UWAn3smI+2sZqYuRA8kdTaVKbXT8kp7vHXmxdm6uAz5kHqcEGRHlcdsPcar6CPph
mK8Ny9ajJJk3vj6g67dUq7+Q1w1eKyES3h4jf4V1o8C/uXSFsDsK
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:17 2025 by rpki-client