Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/a3c055-b25a-425f-8d99-e5a7003e10de/1/kR9L0FG1sHus996EjzOxHeu0FXE.roa
File: kR9L0FG1sHus996EjzOxHeu0FXE.roa (raw, json)
Hash identifier: UCFmwyRMlD4Wx3VXNW0aEuOECURhEH5R/h4nsdT+Qoc=
Subject key identifier: 91:1F:4B:D0:51:B5:B0:7B:AC:F7:DE:84:8F:33:B1:1D:EB:B4:15:71
Certificate issuer: /CN=c64d2286b5cc7be42f8aebaeb6aae57e7ce7da2b
Certificate serial: 019420D5EF77EAFE0DBB3BD0CBF1C6FD5D87
Authority key identifier: C6:4D:22:86:B5:CC:7B:E4:2F:8A:EB:AE:B6:AA:E5:7E:7C:E7:DA:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk0ihrXMe-Qviuuutqrlfnzn2is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/a3c055-b25a-425f-8d99-e5a7003e10de/1/kR9L0FG1sHus996EjzOxHeu0FXE.roa
Signing time: Wed 01 Jan 2025 07:47:58 +0000
ROA not before: Wed 01 Jan 2025 07:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48897
IP address blocks: 195.88.72.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ef:77:ea:fe:0d:bb:3b:d0:cb:f1:c6:fd:5d:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64d2286b5cc7be42f8aebaeb6aae57e7ce7da2b
Validity
Not Before: Jan 1 07:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=911f4bd051b5b07bacf7de848f33b11debb41571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:62:1f:8d:90:1f:dd:3d:ec:5f:c7:25:df:4e:
1e:63:de:69:ec:08:ea:33:a8:dd:69:09:19:d8:f6:
71:46:37:a2:1b:98:ec:a2:7b:15:42:6e:36:ab:04:
f2:13:2f:ac:9c:da:a4:5f:dc:ac:62:b4:d4:08:9a:
d5:5c:61:6d:b0:1e:31:dd:52:75:6f:59:d0:c2:dd:
13:88:ac:9a:61:fa:fa:f7:ef:7d:93:c5:96:2d:1f:
00:4a:5a:f7:53:7e:18:12:b6:7d:7e:2c:8f:34:89:
25:bf:8a:28:73:70:96:2b:ec:24:fb:9a:13:fc:08:
17:a9:20:93:8e:51:0b:87:98:ef:41:9b:e4:eb:dd:
43:c2:30:05:e9:db:96:88:a9:20:1f:d2:14:34:d9:
89:88:9e:be:8a:d1:7c:37:6f:4b:e2:32:48:52:a6:
c2:37:a3:07:25:e8:d4:1a:e8:d2:fb:40:9f:69:20:
90:63:d3:20:21:2b:d1:33:67:f9:f8:6d:3e:d7:39:
29:75:1e:19:73:af:0f:6a:42:50:51:c7:b2:e0:b8:
f2:8c:1e:56:dd:af:2b:ee:26:47:80:22:fa:aa:87:
1b:90:fd:df:b3:d9:22:1c:01:78:97:4a:8f:31:77:
5c:9d:82:3e:77:ca:87:f9:75:38:39:8f:c6:ee:4e:
99:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1F:4B:D0:51:B5:B0:7B:AC:F7:DE:84:8F:33:B1:1D:EB:B4:15:71
X509v3 Authority Key Identifier:
keyid:C6:4D:22:86:B5:CC:7B:E4:2F:8A:EB:AE:B6:AA:E5:7E:7C:E7:DA:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk0ihrXMe-Qviuuutqrlfnzn2is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a3c055-b25a-425f-8d99-e5a7003e10de/1/kR9L0FG1sHus996EjzOxHeu0FXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a3c055-b25a-425f-8d99-e5a7003e10de/1/xk0ihrXMe-Qviuuutqrlfnzn2is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.72.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:bb:a5:c8:4c:5a:8b:64:07:f6:0f:02:4b:42:6e:a1:67:12:
32:c8:7f:a6:88:36:59:36:2e:b5:c4:b0:ec:68:b4:9c:31:7d:
32:f5:78:0b:56:61:89:23:71:7a:66:81:68:ab:6f:01:86:cb:
d2:87:d3:31:7d:36:9a:10:cb:22:40:7e:31:53:4b:c5:2e:f6:
c1:2d:49:38:f6:2a:79:1f:49:1c:d2:f3:83:80:27:f0:be:c8:
f3:fa:2a:cf:24:53:30:4a:d0:b0:6f:da:56:3b:ad:19:dc:be:
e4:aa:b2:87:5f:cc:08:25:57:fc:1a:65:30:8b:7c:22:34:37:
2b:e0:93:b0:56:7e:d4:31:11:18:4e:bf:46:48:06:fc:52:92:
f6:7b:ba:59:ad:24:a5:27:6a:02:1d:bd:31:2d:98:dd:a9:ce:
ae:cb:b2:c2:a0:b3:07:d2:63:e6:da:cf:10:61:9e:6e:c3:0f:
ac:4a:74:da:82:d4:51:5a:b2:ed:da:84:09:3b:62:f2:f0:3d:
84:27:73:98:74:e0:2f:d2:c6:42:1e:64:2b:a7:32:ab:a3:cc:
83:28:1d:bb:d8:dd:fd:7a:d7:7c:ef:4a:17:d9:0f:9f:dc:4b:
6c:60:fc:15:dc:cd:b3:b7:f3:20:64:9f:62:ff:a1:79:c8:80:
b6:8a:24:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1e936v4NuzvQy/HG/V2HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGQyMjg2YjVjYzdiZTQyZjhhZWJhZWI2YWFlNTdlN2Nl
N2RhMmIwHhcNMjUwMTAxMDc0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTFmNGJkMDUxYjViMDdiYWNmN2RlODQ4ZjMzYjExZGViYjQxNTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWIfjZAf3T3sX8cl304eY95p7Ajq
M6jdaQkZ2PZxRjeiG5jsonsVQm42qwTyEy+snNqkX9ysYrTUCJrVXGFtsB4x3VJ1
b1nQwt0TiKyaYfr69+99k8WWLR8ASlr3U34YErZ9fiyPNIklv4ooc3CWK+wk+5oT
/AgXqSCTjlELh5jvQZvk691DwjAF6duWiKkgH9IUNNmJiJ6+itF8N29L4jJIUqbC
N6MHJejUGujS+0CfaSCQY9MgISvRM2f5+G0+1zkpdR4Zc68PakJQUcey4LjyjB5W
3a8r7iZHgCL6qocbkP3fs9kiHAF4l0qPMXdcnYI+d8qH+XU4OY/G7k6ZNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEfS9BRtbB7rPfehI8zsR3rtBVxMB8GA1UdIwQY
MBaAFMZNIoa1zHvkL4rrrraq5X5859orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGswaWhyWE1lLVF2aXV1dXRxcmxmbnpuMmlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9hM2MwNTUtYjI1YS00MjVmLThkOTkt
ZTVhNzAwM2UxMGRlLzEva1I5TDBGRzFzSHVzOTk2RWp6T3hIZXUwRlhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9hM2MwNTUtYjI1YS00MjVmLThkOTktZTVhNzAwM2UxMGRl
LzEveGswaWhyWE1lLVF2aXV1dXRxcmxmbnpuMmlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw1hIMA0G
CSqGSIb3DQEBCwUAA4IBAQCeu6XITFqLZAf2DwJLQm6hZxIyyH+miDZZNi61xLDs
aLScMX0y9XgLVmGJI3F6ZoFoq28BhsvSh9MxfTaaEMsiQH4xU0vFLvbBLUk49ip5
H0kc0vODgCfwvsjz+irPJFMwStCwb9pWO60Z3L7kqrKHX8wIJVf8GmUwi3wiNDcr
4JOwVn7UMREYTr9GSAb8UpL2e7pZrSSlJ2oCHb0xLZjdqc6uy7LCoLMH0mPm2s8Q
YZ5uww+sSnTagtRRWrLt2oQJO2Ly8D2EJ3OYdOAv0sZCHmQrpzKro8yDKB272N39
etd870oX2Q+f3EtsYPwV3M2zt/MgZJ9i/6F5yIC2iiSU
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:01:28 2025 by rpki-client