Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b0c875-24e1-444d-b01d-5408f8d9dfb1/1/gKY4N4flGE3w8VGawvt5MmzbsEY.roa
File: gKY4N4flGE3w8VGawvt5MmzbsEY.roa (raw, json)
Hash identifier: n6hPnIZKkrQ9PZ3CvwgI/ENozP0XURH/9HKr+aSdN00=
Subject key identifier: 80:A6:38:37:87:E5:18:4D:F0:F1:51:9A:C2:FB:79:32:6C:DB:B0:46
Certificate issuer: /CN=6cff3d899e26fc84fb4379fb325f174b5075ce0d
Certificate serial: 01942143E524B9383B38E36B44BD55AC0C63
Authority key identifier: 6C:FF:3D:89:9E:26:FC:84:FB:43:79:FB:32:5F:17:4B:50:75:CE:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bP89iZ4m_IT7Q3n7Ml8XS1B1zg0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b0c875-24e1-444d-b01d-5408f8d9dfb1/1/gKY4N4flGE3w8VGawvt5MmzbsEY.roa
Signing time: Wed 01 Jan 2025 09:48:05 +0000
ROA not before: Wed 01 Jan 2025 09:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29317
IP address blocks: 195.137.210.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e5:24:b9:38:3b:38:e3:6b:44:bd:55:ac:0c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cff3d899e26fc84fb4379fb325f174b5075ce0d
Validity
Not Before: Jan 1 09:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80a6383787e5184df0f1519ac2fb79326cdbb046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1f:eb:fd:08:ee:44:d2:c6:d2:5d:c4:6e:05:
70:5b:88:1e:f9:b4:8e:2d:11:2b:3b:16:81:df:49:
97:c6:87:5a:64:0b:d0:9e:ac:6e:72:bc:d9:4b:7c:
a4:2d:97:10:4e:db:53:26:f8:07:85:29:47:e5:0c:
27:5f:19:e3:85:7e:46:c9:91:d8:8f:91:78:5d:84:
13:49:96:e2:0c:67:6a:39:93:3f:45:e9:10:91:29:
fd:1f:23:5b:37:51:84:d8:06:de:d1:84:0e:18:ad:
0e:1e:14:ab:bd:04:4b:d1:10:74:12:fc:1a:83:63:
f2:37:85:41:23:54:09:ed:de:62:a8:b5:a8:46:c2:
b0:45:8f:f8:e6:54:99:ea:b7:3b:fe:16:1c:62:73:
8e:97:9e:b4:b3:2e:2d:25:ce:86:bc:99:60:a5:41:
2b:3e:26:06:4b:1e:f4:fe:0c:bf:36:45:f1:a5:26:
70:bb:33:8d:e8:0d:13:fd:9b:68:e8:c7:73:3a:01:
29:8a:dd:0b:04:04:f1:fc:14:b0:44:ee:4b:b9:95:
41:af:83:19:45:29:6b:46:12:af:08:a0:36:f6:74:
03:0e:32:b4:3c:42:7b:33:a6:f2:39:fe:a4:76:d4:
1c:1f:eb:b6:67:c0:ac:92:1b:e3:28:50:12:71:51:
0e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A6:38:37:87:E5:18:4D:F0:F1:51:9A:C2:FB:79:32:6C:DB:B0:46
X509v3 Authority Key Identifier:
keyid:6C:FF:3D:89:9E:26:FC:84:FB:43:79:FB:32:5F:17:4B:50:75:CE:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP89iZ4m_IT7Q3n7Ml8XS1B1zg0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b0c875-24e1-444d-b01d-5408f8d9dfb1/1/gKY4N4flGE3w8VGawvt5MmzbsEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b0c875-24e1-444d-b01d-5408f8d9dfb1/1/bP89iZ4m_IT7Q3n7Ml8XS1B1zg0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.210.0/23
Signature Algorithm: sha256WithRSAEncryption
44:0e:79:0e:62:54:0b:65:99:2d:41:80:6f:fb:9f:d2:54:8c:
f8:ce:75:66:42:34:31:42:3a:bb:79:d1:a4:07:0c:56:4b:57:
05:93:57:ca:06:85:f5:73:b9:3d:01:c4:14:e1:b7:78:f0:77:
bc:69:02:6c:19:4a:63:14:4e:26:33:d1:32:5e:aa:f2:a4:d5:
5b:13:db:ee:74:6e:11:8d:de:5b:ca:57:8f:32:94:56:39:37:
ca:17:ce:41:42:ad:71:48:94:57:92:ae:6b:f3:94:e5:52:a5:
46:e6:a7:e0:7d:77:79:a0:9f:67:33:dc:7e:fd:e8:ba:ee:5b:
e0:40:fd:94:48:d1:86:c6:31:e5:27:29:e7:96:49:d5:64:eb:
d9:fc:10:e7:d2:99:22:85:3f:c0:cf:06:a9:12:e6:64:ca:18:
cf:b9:7d:3e:25:27:84:31:54:ce:c5:5d:5b:89:7f:a2:80:76:
07:8d:81:d5:87:4b:dc:98:47:3c:db:e2:3f:d3:91:13:2a:1b:
73:a2:0e:b2:06:0a:69:e0:05:d8:85:ad:da:ce:c8:ce:ff:70:
df:58:3d:af:ec:eb:8d:60:90:7c:ab:17:2e:8b:9b:23:06:a3:
9d:fb:7f:ae:1f:61:8e:6a:73:8c:c9:9f:5d:db:74:66:18:84:
38:ee:fa:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ+UkuTg7OONrRL1VrAxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmYzZDg5OWUyNmZjODRmYjQzNzlmYjMyNWYxNzRiNTA3
NWNlMGQwHhcNMjUwMTAxMDk0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE2MzgzNzg3ZTUxODRkZjBmMTUxOWFjMmZiNzkzMjZjZGJiMDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzB/r/QjuRNLG0l3EbgVwW4ge+bSO
LRErOxaB30mXxodaZAvQnqxucrzZS3ykLZcQTttTJvgHhSlH5QwnXxnjhX5GyZHY
j5F4XYQTSZbiDGdqOZM/RekQkSn9HyNbN1GE2Abe0YQOGK0OHhSrvQRL0RB0Evwa
g2PyN4VBI1QJ7d5iqLWoRsKwRY/45lSZ6rc7/hYcYnOOl560sy4tJc6GvJlgpUEr
PiYGSx70/gy/NkXxpSZwuzON6A0T/Zto6MdzOgEpit0LBATx/BSwRO5LuZVBr4MZ
RSlrRhKvCKA29nQDDjK0PEJ7M6byOf6kdtQcH+u2Z8CskhvjKFAScVEOOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFICmODeH5RhN8PFRmsL7eTJs27BGMB8GA1UdIwQY
MBaAFGz/PYmeJvyE+0N5+zJfF0tQdc4NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlA4OWlaNG1fSVQ3UTNuN01sOFhTMUIxemcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iMGM4NzUtMjRlMS00NDRkLWIwMWQt
NTQwOGY4ZDlkZmIxLzEvZ0tZNE40ZmxHRTN3OFZHYXd2dDVNbXpic0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iMGM4NzUtMjRlMS00NDRkLWIwMWQtNTQwOGY4ZDlkZmIx
LzEvYlA4OWlaNG1fSVQ3UTNuN01sOFhTMUIxemcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4nSMA0G
CSqGSIb3DQEBCwUAA4IBAQBEDnkOYlQLZZktQYBv+5/SVIz4znVmQjQxQjq7edGk
BwxWS1cFk1fKBoX1c7k9AcQU4bd48He8aQJsGUpjFE4mM9EyXqrypNVbE9vudG4R
jd5bylePMpRWOTfKF85BQq1xSJRXkq5r85TlUqVG5qfgfXd5oJ9nM9x+/ei67lvg
QP2USNGGxjHlJynnlknVZOvZ/BDn0pkihT/AzwapEuZkyhjPuX0+JSeEMVTOxV1b
iX+igHYHjYHVh0vcmEc82+I/05ETKhtzog6yBgpp4AXYha3azsjO/3DfWD2v7OuN
YJB8qxcui5sjBqOd+3+uH2GOanOMyZ9d23RmGIQ47vob
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:50 2025 by rpki-client