Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/95gfeORrzFU1baOm9FNRF4z-Awc.roa
File: 95gfeORrzFU1baOm9FNRF4z-Awc.roa (raw, json)
Hash identifier: yu0lodJztF5C/Epqr7ypdXxVzEpgYNXlQQQ9uDXoMnU=
Subject key identifier: F7:98:1F:78:E4:6B:CC:55:35:6D:A3:A6:F4:53:51:17:8C:FE:03:07
Certificate issuer: /CN=c6c0fdbb65ca491cb83cc085a43e0340596ae873
Certificate serial: 019425213F14195509C5A1021A395B72FA6C
Authority key identifier: C6:C0:FD:BB:65:CA:49:1C:B8:3C:C0:85:A4:3E:03:40:59:6A:E8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xsD9u2XKSRy4PMCFpD4DQFlq6HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/95gfeORrzFU1baOm9FNRF4z-Awc.roa
Signing time: Thu 02 Jan 2025 03:48:43 +0000
ROA not before: Thu 02 Jan 2025 03:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5631
IP address blocks: 79.173.128.0/18 maxlen: 18
79.173.128.0/19 maxlen: 19
79.173.128.0/20 maxlen: 20
79.173.128.0/21 maxlen: 21
79.173.136.0/21 maxlen: 21
79.173.144.0/21 maxlen: 21
79.173.152.0/21 maxlen: 21
79.173.160.0/19 maxlen: 19
79.173.160.0/21 maxlen: 21
79.173.168.0/21 maxlen: 21
79.173.176.0/21 maxlen: 21
79.173.184.0/21 maxlen: 21
83.143.224.0/21 maxlen: 21
83.143.224.0/22 maxlen: 22
83.143.228.0/22 maxlen: 22
195.167.128.0/20 maxlen: 20
195.167.128.0/21 maxlen: 21
195.167.136.0/21 maxlen: 21
195.167.176.0/20 maxlen: 20
195.167.176.0/21 maxlen: 21
195.167.184.0/21 maxlen: 21
2a00:5840::/32 maxlen: 32
2a02:890::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:3f:14:19:55:09:c5:a1:02:1a:39:5b:72:fa:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6c0fdbb65ca491cb83cc085a43e0340596ae873
Validity
Not Before: Jan 2 03:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7981f78e46bcc55356da3a6f45351178cfe0307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4c:d7:07:0b:48:88:e6:9b:c5:e0:0f:34:9d:
ca:0e:d1:08:76:28:6c:ed:8b:c1:a1:31:4c:1c:37:
85:0a:5a:2a:74:be:6d:f6:84:a8:8f:ff:33:fa:40:
ee:59:8d:80:8e:ef:c8:6e:21:44:9c:5e:61:01:41:
1d:c6:d1:b9:6a:21:34:09:05:44:3f:40:9a:dc:41:
c5:e5:91:1d:ad:50:3d:94:81:c1:0b:86:a5:ae:51:
60:40:1c:ee:35:69:2d:cc:eb:4e:ed:63:30:e4:ff:
46:78:97:98:da:59:c6:a9:57:73:11:62:b1:06:8f:
8e:0b:6c:4a:de:e7:a1:0b:3f:3c:4a:fe:9d:b2:79:
94:d2:de:ea:cd:4c:96:58:d6:f4:2c:57:4b:4f:d2:
65:39:0e:94:88:6d:74:e2:2c:f0:2e:f5:4f:30:a0:
da:dd:7c:c7:c6:e6:64:fe:89:b6:b4:2a:75:a1:ec:
ed:8c:89:b9:f6:d6:23:26:28:a6:25:e9:b3:84:be:
7c:cd:2d:60:34:44:9a:90:4c:a4:5a:b2:fc:82:ff:
5f:af:f6:e5:5e:ea:32:7e:69:10:16:c2:12:6b:3f:
db:00:7b:10:ad:1d:e2:d9:22:6e:fc:87:f0:83:ed:
d6:c5:1c:ad:fe:41:db:53:f1:68:44:84:84:a5:59:
e0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:98:1F:78:E4:6B:CC:55:35:6D:A3:A6:F4:53:51:17:8C:FE:03:07
X509v3 Authority Key Identifier:
keyid:C6:C0:FD:BB:65:CA:49:1C:B8:3C:C0:85:A4:3E:03:40:59:6A:E8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsD9u2XKSRy4PMCFpD4DQFlq6HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/95gfeORrzFU1baOm9FNRF4z-Awc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/xsD9u2XKSRy4PMCFpD4DQFlq6HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.173.128.0/18
83.143.224.0/21
195.167.128.0/20
195.167.176.0/20
IPv6:
2a00:5840::/32
2a02:890::/32
Signature Algorithm: sha256WithRSAEncryption
af:b3:64:c8:57:8e:31:e9:23:87:27:19:f4:08:83:46:61:49:
35:bb:4e:33:c9:35:53:cf:ec:45:b4:52:2d:19:0f:00:50:85:
d0:2c:20:ee:b9:e8:bb:15:ab:79:68:04:9f:5f:75:d7:9b:26:
be:49:3f:52:f5:77:18:d6:70:61:1d:1c:ab:4e:cd:ad:4b:bc:
75:36:c3:4b:97:3c:0d:5b:e5:c2:9d:d5:20:96:df:4b:74:aa:
a1:04:ff:5b:bb:69:a3:ec:32:9c:b7:26:5d:91:e2:e6:f5:8f:
81:1d:c8:4f:9a:4e:c5:2d:a6:bc:ca:71:35:d3:50:df:d3:8a:
93:6e:b9:d6:12:82:ac:9b:bb:8c:f2:8c:d1:10:20:f8:5c:54:
ec:60:cb:48:7a:58:c6:1c:8b:99:77:b9:22:1f:67:24:db:37:
7f:37:bb:9b:7a:29:5e:1a:94:a0:17:38:a7:26:0d:e6:f6:c6:
5a:c2:4f:c8:df:12:1f:d4:75:67:15:67:82:cb:5f:ca:23:e6:
99:04:49:80:03:8c:f0:8f:a7:e8:b5:39:84:f6:7d:02:05:57:
3e:4f:81:c7:ef:36:42:99:f6:67:f9:13:dd:1e:b4:53:10:85:
28:f1:f0:72:17:9b:e4:f2:2b:5d:b7:93:0e:bb:fa:2f:7b:c9:
87:73:f0:90
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQlIT8UGVUJxaECGjlbcvpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzBmZGJiNjVjYTQ5MWNiODNjYzA4NWE0M2UwMzQwNTk2
YWU4NzMwHhcNMjUwMTAyMDM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzk4MWY3OGU0NmJjYzU1MzU2ZGEzYTZmNDUzNTExNzhjZmUwMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10zXBwtIiOabxeAPNJ3KDtEIdihs
7YvBoTFMHDeFCloqdL5t9oSoj/8z+kDuWY2Aju/IbiFEnF5hAUEdxtG5aiE0CQVE
P0Ca3EHF5ZEdrVA9lIHBC4alrlFgQBzuNWktzOtO7WMw5P9GeJeY2lnGqVdzEWKx
Bo+OC2xK3uehCz88Sv6dsnmU0t7qzUyWWNb0LFdLT9JlOQ6UiG104izwLvVPMKDa
3XzHxuZk/om2tCp1oeztjIm59tYjJiimJemzhL58zS1gNESakEykWrL8gv9fr/bl
XuoyfmkQFsISaz/bAHsQrR3i2SJu/Ifwg+3WxRyt/kHbU/FoRISEpVngGQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPeYH3jka8xVNW2jpvRTUReM/gMHMB8GA1UdIwQY
MBaAFMbA/btlykkcuDzAhaQ+A0BZauhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNEOXUyWEtTUnk0UE1DRnBENERRRmxxNkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NjY5YmItMWY2Mi00MmEzLTllOGQt
NDlhNjU0NTc4NmU2LzEvOTVnZmVPUnJ6RlUxYmFPbTlGTlJGNHotQXdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NjY5YmItMWY2Mi00MmEzLTllOGQtNDlhNjU0NTc4NmU2
LzEveHNEOXUyWEtTUnk0UE1DRnBENERRRmxxNkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQGT62AAwQD
U4/gAwQEw6eAAwQEw6ewMBQEAgACMA4DBQAqAFhAAwUAKgIIkDANBgkqhkiG9w0B
AQsFAAOCAQEAr7NkyFeOMekjhycZ9AiDRmFJNbtOM8k1U8/sRbRSLRkPAFCF0Cwg
7rnouxWreWgEn19115smvkk/UvV3GNZwYR0cq07NrUu8dTbDS5c8DVvlwp3VIJbf
S3SqoQT/W7tpo+wynLcmXZHi5vWPgR3IT5pOxS2mvMpxNdNQ39OKk2651hKCrJu7
jPKM0RAg+FxU7GDLSHpYxhyLmXe5Ih9nJNs3fze7m3opXhqUoBc4pyYN5vbGWsJP
yN8SH9R1ZxVngstfyiPmmQRJgAOM8I+n6LU5hPZ9AgVXPk+Bx+82Qpn2Z/kT3R60
UxCFKPHwcheb5PIrXbeTDrv6L3vJh3PwkA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:22 2025 by rpki-client