Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/CJqITen207ZODHzo1XtCMdI_VBo.roa
File: CJqITen207ZODHzo1XtCMdI_VBo.roa (raw, json)
Hash identifier: f1FWG5pswdJQTpL1NXAace6jGLQD4G1flmSN2+tjCMo=
Subject key identifier: 08:9A:88:4D:E9:F6:D3:B6:4E:0C:7C:E8:D5:7B:42:31:D2:3F:54:1A
Certificate issuer: /CN=854c5f298d81acc5573fd59fb05dd86f20abcba8
Certificate serial: 019512D7BA3E5E032750213A85ECF2D4537E
Authority key identifier: 85:4C:5F:29:8D:81:AC:C5:57:3F:D5:9F:B0:5D:D8:6F:20:AB:CB:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/CJqITen207ZODHzo1XtCMdI_VBo.roa
Signing time: Mon 17 Feb 2025 07:38:02 +0000
ROA not before: Mon 17 Feb 2025 07:38:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39715
IP address blocks: 195.12.36.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:12:d7:ba:3e:5e:03:27:50:21:3a:85:ec:f2:d4:53:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854c5f298d81acc5573fd59fb05dd86f20abcba8
Validity
Not Before: Feb 17 07:38:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=089a884de9f6d3b64e0c7ce8d57b4231d23f541a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:24:db:95:5d:b5:f1:e0:70:9e:83:5e:71:07:
6e:ef:6c:0c:59:c5:fb:f4:05:c1:f9:93:8f:88:de:
76:19:e0:27:9e:3a:f4:59:bc:c8:53:54:ba:d7:91:
33:61:74:43:ac:22:57:2c:9e:b4:33:fc:e5:87:31:
88:91:34:9f:8f:c3:05:ac:87:05:93:d3:3d:c4:17:
87:ee:f6:3c:1c:e3:29:89:65:83:28:44:b3:b8:2e:
8d:dd:09:5c:e1:f6:83:d6:30:75:8c:79:18:21:fe:
c0:f4:9e:d4:5a:b0:ed:41:e5:2c:26:4a:8c:61:78:
e0:67:d1:69:7b:3d:c4:84:00:43:52:a7:5a:49:7e:
30:01:88:fd:87:34:97:ff:3d:6e:ef:3f:03:31:3e:
29:33:df:4d:a4:26:45:98:95:83:ce:7e:41:85:3a:
55:2d:4c:bc:84:e7:4f:83:9f:4d:3f:06:13:bb:75:
32:fa:d1:29:ee:4b:e4:19:36:25:c8:04:ef:44:e8:
91:8b:d3:bf:8b:2c:70:35:ea:d0:68:7c:0f:b8:fd:
05:ad:79:4d:bc:88:ac:6a:c1:2f:c9:73:03:70:29:
8f:8d:20:92:f6:c6:72:6e:97:8a:b4:e4:84:e0:3f:
da:e8:85:e3:91:2d:96:6e:88:a2:c4:34:6c:3e:b5:
77:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:9A:88:4D:E9:F6:D3:B6:4E:0C:7C:E8:D5:7B:42:31:D2:3F:54:1A
X509v3 Authority Key Identifier:
keyid:85:4C:5F:29:8D:81:AC:C5:57:3F:D5:9F:B0:5D:D8:6F:20:AB:CB:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/CJqITen207ZODHzo1XtCMdI_VBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.12.36.0/24
Signature Algorithm: sha256WithRSAEncryption
53:72:0b:7f:30:1c:8e:d2:6c:0e:6c:3d:9e:ba:5c:68:07:e7:
54:46:0f:38:51:9f:46:f1:ec:7e:ed:45:eb:12:a3:1e:28:da:
d7:70:54:d2:76:23:e5:95:fe:80:1a:27:f0:fa:0f:65:75:57:
d5:9e:6e:6a:a2:ac:b1:63:57:22:73:cf:ec:02:0d:65:98:f6:
56:b9:72:87:76:89:17:5e:e9:48:14:bf:8b:ca:07:c3:e9:03:
f8:df:4a:7f:1e:ab:9a:ea:02:22:b6:de:0a:cb:cd:df:ba:3f:
86:34:ad:3a:c0:ca:fb:19:1f:e6:3a:32:25:fd:e8:e2:e7:fb:
c9:d7:e4:9e:7b:12:bf:fa:69:5c:de:7f:7d:d6:60:29:6d:cc:
f9:e5:2c:9f:f9:01:09:90:30:35:ca:36:d0:5b:73:d2:63:b7:
b8:c5:6a:e9:49:6d:35:05:8f:3c:3f:bb:64:a3:13:78:44:63:
65:f0:4d:b9:6e:99:d3:1f:f4:44:53:bb:60:b5:8b:3e:fe:a5:
23:b4:c8:91:3e:a7:a0:68:b8:5b:a6:c7:c1:a9:a3:27:63:3e:
c7:f9:4d:16:14:f8:db:14:89:f0:65:4b:a2:2b:c6:11:e7:6f:
7f:15:db:3e:e2:9e:77:0c:22:57:ae:63:09:48:5e:8b:d3:1f:
d3:ee:73:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUS17o+XgMnUCE6hezy1FN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGM1ZjI5OGQ4MWFjYzU1NzNmZDU5ZmIwNWRkODZmMjBh
YmNiYTgwHhcNMjUwMjE3MDczODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODlhODg0ZGU5ZjZkM2I2NGUwYzdjZThkNTdiNDIzMWQyM2Y1NDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiTblV218eBwnoNecQdu72wMWcX7
9AXB+ZOPiN52GeAnnjr0WbzIU1S615EzYXRDrCJXLJ60M/zlhzGIkTSfj8MFrIcF
k9M9xBeH7vY8HOMpiWWDKESzuC6N3Qlc4faD1jB1jHkYIf7A9J7UWrDtQeUsJkqM
YXjgZ9Fpez3EhABDUqdaSX4wAYj9hzSX/z1u7z8DMT4pM99NpCZFmJWDzn5BhTpV
LUy8hOdPg59NPwYTu3Uy+tEp7kvkGTYlyATvROiRi9O/iyxwNerQaHwPuP0FrXlN
vIisasEvyXMDcCmPjSCS9sZybpeKtOSE4D/a6IXjkS2WboiixDRsPrV3cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAiaiE3p9tO2Tgx86NV7QjHSP1QaMB8GA1UdIwQY
MBaAFIVMXymNgazFVz/Vn7Bd2G8gq8uoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xMjk1ZDAtMzkxMS00YTE4LWE4ZDIt
NzUyZDU5YTA0MmMyLzEvQ0pxSVRlbjIwN1pPREh6bzFYdENNZElfVkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xMjk1ZDAtMzkxMS00YTE4LWE4ZDItNzUyZDU5YTA0MmMy
LzEvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwwkMA0G
CSqGSIb3DQEBCwUAA4IBAQBTcgt/MByO0mwObD2eulxoB+dURg84UZ9G8ex+7UXr
EqMeKNrXcFTSdiPllf6AGifw+g9ldVfVnm5qoqyxY1cic8/sAg1lmPZWuXKHdokX
XulIFL+LygfD6QP430p/Hqua6gIitt4Ky83fuj+GNK06wMr7GR/mOjIl/eji5/vJ
1+SeexK/+mlc3n991mApbcz55Syf+QEJkDA1yjbQW3PSY7e4xWrpSW01BY88P7tk
oxN4RGNl8E25bpnTH/REU7tgtYs+/qUjtMiRPqegaLhbpsfBqaMnYz7H+U0WFPjb
FInwZUuiK8YR529/Fds+4p53DCJXrmMJSF6L0x/T7nPc
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:39:12 2025 by rpki-client