Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/9afb33-e0aa-493b-a46d-a885fb40d90d/1/am3Sy264Yl-JO5WdEXeWKKEs9ps.roa
File: am3Sy264Yl-JO5WdEXeWKKEs9ps.roa (raw, json)
Hash identifier: 9k8mynHVOZTwg4WDO/sfA0hKUXErmcKqWcYze5ZqrNU=
Subject key identifier: 6A:6D:D2:CB:6E:B8:62:5F:89:3B:95:9D:11:77:96:28:A1:2C:F6:9B
Certificate issuer: /CN=845de8732b1017138f87032b70fa3b7b8776ef71
Certificate serial: 01941FFA730FCC8CA6C2054BCECF97F5A3E3
Authority key identifier: 84:5D:E8:73:2B:10:17:13:8F:87:03:2B:70:FA:3B:7B:87:76:EF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hF3ocysQFxOPhwMrcPo7e4d273E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/9afb33-e0aa-493b-a46d-a885fb40d90d/1/am3Sy264Yl-JO5WdEXeWKKEs9ps.roa
Signing time: Wed 01 Jan 2025 03:48:14 +0000
ROA not before: Wed 01 Jan 2025 03:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6730
IP address blocks: 195.200.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:73:0f:cc:8c:a6:c2:05:4b:ce:cf:97:f5:a3:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845de8732b1017138f87032b70fa3b7b8776ef71
Validity
Not Before: Jan 1 03:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a6dd2cb6eb8625f893b959d11779628a12cf69b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:59:5c:1b:12:de:35:78:23:f4:60:ac:1c:d0:
d2:bb:d8:09:94:d2:b7:a1:e4:50:05:7b:b7:9c:12:
bf:4d:fa:3c:64:f3:48:a6:0d:80:44:6e:20:8e:b5:
72:51:8e:94:ce:1c:47:fc:c9:4a:32:39:30:bb:c4:
71:99:5a:44:e3:5c:2d:46:e5:a0:8a:a3:fd:46:57:
ed:32:4e:22:3b:65:c3:9c:a2:1d:b5:fa:71:53:1a:
9c:ec:1c:2a:16:ab:9e:66:41:22:fe:84:27:b8:61:
54:1d:b8:0e:74:58:0d:a5:2e:6d:17:88:cf:ae:0c:
ad:61:89:b1:6d:2a:9d:ff:36:8f:44:db:25:81:a7:
f0:70:c8:94:fe:c6:47:98:d3:66:08:14:55:59:37:
5f:0d:c3:4a:72:db:e1:58:ee:82:c9:74:d2:1a:70:
63:64:ca:d9:47:ee:68:21:44:a5:4c:95:bd:61:88:
70:06:41:79:4f:51:7d:c2:8a:4b:48:81:4e:cf:bd:
5a:0e:58:a4:1b:2c:9b:34:22:71:c9:61:56:cc:06:
9f:e7:d6:1f:a6:35:d1:b2:da:f5:b2:1c:1b:89:14:
e2:bc:a2:62:a9:4e:3a:f5:89:5a:e8:45:3f:bd:58:
98:48:7a:09:f8:cc:f3:8c:62:48:6a:55:32:ec:b8:
36:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:6D:D2:CB:6E:B8:62:5F:89:3B:95:9D:11:77:96:28:A1:2C:F6:9B
X509v3 Authority Key Identifier:
keyid:84:5D:E8:73:2B:10:17:13:8F:87:03:2B:70:FA:3B:7B:87:76:EF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hF3ocysQFxOPhwMrcPo7e4d273E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/9afb33-e0aa-493b-a46d-a885fb40d90d/1/am3Sy264Yl-JO5WdEXeWKKEs9ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/9afb33-e0aa-493b-a46d-a885fb40d90d/1/hF3ocysQFxOPhwMrcPo7e4d273E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.94.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:c8:52:bd:93:91:bc:0f:68:da:88:2a:e8:06:2f:17:80:74:
5f:18:fb:f0:6b:51:16:e1:b7:6a:fc:4b:49:61:c6:f3:de:a2:
90:c2:f2:6d:e3:f2:00:26:48:20:c8:58:91:d6:4b:1d:49:73:
e6:4e:b8:e6:35:79:05:1d:ca:f9:24:5b:76:02:0b:cb:4b:54:
df:6a:9b:37:61:49:df:ce:cd:17:72:cb:d0:44:30:e4:53:b8:
23:f3:30:fe:78:b4:6c:5a:3e:06:05:a1:4c:17:d7:5d:73:c0:
b1:d2:44:56:f0:56:a1:e7:56:78:d5:d7:ef:ef:26:5a:53:44:
13:c1:d9:a2:9e:0b:6f:6a:b9:6c:68:62:bf:3f:c1:67:2e:76:
de:10:d4:ff:01:d2:7a:c6:86:c2:69:6f:a0:38:c8:e2:b4:a2:
43:b8:6a:51:29:4b:4a:ff:cb:b3:7b:84:e0:77:e7:01:d1:a3:
28:0b:a8:98:36:9f:ef:87:60:8c:d0:d6:2a:c2:24:de:ef:e4:
8a:a7:c1:97:d0:bd:7c:33:b2:20:a3:02:f2:7a:cd:c4:d0:6f:
97:09:40:92:ac:5b:29:18:cd:5b:61:1c:8d:ce:8d:00:e2:a5:
05:81:11:b3:a3:c0:7e:5a:a7:a5:17:75:8b:ad:ac:30:4b:1d:
5d:6d:4c:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+nMPzIymwgVLzs+X9aPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWRlODczMmIxMDE3MTM4Zjg3MDMyYjcwZmEzYjdiODc3
NmVmNzEwHhcNMjUwMTAxMDM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTZkZDJjYjZlYjg2MjVmODkzYjk1OWQxMTc3OTYyOGExMmNmNjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1lcGxLeNXgj9GCsHNDSu9gJlNK3
oeRQBXu3nBK/Tfo8ZPNIpg2ARG4gjrVyUY6UzhxH/MlKMjkwu8RxmVpE41wtRuWg
iqP9RlftMk4iO2XDnKIdtfpxUxqc7BwqFqueZkEi/oQnuGFUHbgOdFgNpS5tF4jP
rgytYYmxbSqd/zaPRNslgafwcMiU/sZHmNNmCBRVWTdfDcNKctvhWO6CyXTSGnBj
ZMrZR+5oIUSlTJW9YYhwBkF5T1F9wopLSIFOz71aDlikGyybNCJxyWFWzAaf59Yf
pjXRstr1shwbiRTivKJiqU469Yla6EU/vViYSHoJ+MzzjGJIalUy7Lg21wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpt0stuuGJfiTuVnRF3liihLPabMB8GA1UdIwQY
MBaAFIRd6HMrEBcTj4cDK3D6O3uHdu9xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEYzb2N5c1FGeE9QaHdNcmNQbzdlNGQyNzNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85YWZiMzMtZTBhYS00OTNiLWE0NmQt
YTg4NWZiNDBkOTBkLzEvYW0zU3kyNjRZbC1KTzVXZEVYZVdLS0VzOXBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85YWZiMzMtZTBhYS00OTNiLWE0NmQtYTg4NWZiNDBkOTBk
LzEvaEYzb2N5c1FGeE9QaHdNcmNQbzdlNGQyNzNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw8heMA0G
CSqGSIb3DQEBCwUAA4IBAQAMyFK9k5G8D2jaiCroBi8XgHRfGPvwa1EW4bdq/EtJ
Ycbz3qKQwvJt4/IAJkggyFiR1ksdSXPmTrjmNXkFHcr5JFt2AgvLS1Tfaps3YUnf
zs0XcsvQRDDkU7gj8zD+eLRsWj4GBaFMF9ddc8Cx0kRW8Fah51Z41dfv7yZaU0QT
wdmingtvarlsaGK/P8FnLnbeENT/AdJ6xobCaW+gOMjitKJDuGpRKUtK/8uze4Tg
d+cB0aMoC6iYNp/vh2CM0NYqwiTe7+SKp8GX0L18M7IgowLyes3E0G+XCUCSrFsp
GM1bYRyNzo0A4qUFgRGzo8B+WqelF3WLrawwSx1dbUwL
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:25 2025 by rpki-client