Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/l0K6PAqN9Gt27j_CVXz67WejrWo.roa
File: l0K6PAqN9Gt27j_CVXz67WejrWo.roa (raw, json)
Hash identifier: 791A1HYehBk0Xv4a4YcluI/Rrf5zyMUHKzRR42V6uDU=
Subject key identifier: 97:42:BA:3C:0A:8D:F4:6B:76:EE:3F:C2:55:7C:FA:ED:67:A3:AD:6A
Certificate issuer: /CN=03f3fe6075082be8e588329b43d761bf6e7b01d0
Certificate serial: 0194221FDEC6BFD5870CB26867A7204BC232
Authority key identifier: 03:F3:FE:60:75:08:2B:E8:E5:88:32:9B:43:D7:61:BF:6E:7B:01:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A_P-YHUIK-jliDKbQ9dhv257AdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/l0K6PAqN9Gt27j_CVXz67WejrWo.roa
Signing time: Wed 01 Jan 2025 13:48:21 +0000
ROA not before: Wed 01 Jan 2025 13:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209823
IP address blocks: 195.24.245.0/24 maxlen: 24
2a12:5541:1::/48 maxlen: 48
2a12:5541:2::/48 maxlen: 48
2a12:5541:a::/48 maxlen: 48
2a12:5541:331::/48 maxlen: 48
2a12:5542::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:de:c6:bf:d5:87:0c:b2:68:67:a7:20:4b:c2:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03f3fe6075082be8e588329b43d761bf6e7b01d0
Validity
Not Before: Jan 1 13:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9742ba3c0a8df46b76ee3fc2557cfaed67a3ad6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:65:62:b7:86:02:ff:c6:dc:1a:28:7a:ba:73:
32:20:ef:dd:72:9c:72:e6:d6:27:f9:ef:fb:8d:1f:
3f:29:fe:34:3d:4a:92:7f:42:85:c4:f7:e5:55:82:
8c:01:81:e0:25:3a:57:b8:af:b3:e2:f4:2a:a2:06:
d0:25:b4:4b:07:61:7e:bb:95:07:b2:06:bc:18:c0:
f0:b1:38:92:13:a6:0f:7c:87:d1:43:11:8f:4a:0a:
70:69:05:77:6c:82:ae:41:ac:9b:5b:ab:8f:85:15:
6e:81:3c:41:27:18:d7:73:69:84:d3:29:59:67:63:
29:1b:10:fb:dd:ff:0b:5b:fd:56:48:24:c1:d5:7c:
c8:3c:f5:2b:9e:16:ec:cd:a0:ec:c9:0b:55:fa:d8:
1c:12:68:ba:11:37:98:9a:15:56:cb:91:c2:2c:73:
6f:c1:96:b8:6b:30:1f:12:e4:34:78:87:80:0f:2f:
81:de:8b:01:b8:af:a6:37:20:47:90:11:bb:a9:32:
43:4d:d6:54:2f:d7:1d:fd:e2:cd:8f:f5:ab:58:22:
c2:3a:06:2a:79:72:5d:04:cc:30:10:33:9d:c3:24:
ed:d5:4a:a9:42:a0:7c:e1:32:6f:a7:d1:dc:04:a7:
29:f0:6e:c3:f6:18:d1:a3:79:71:6f:d9:5f:26:33:
d6:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:42:BA:3C:0A:8D:F4:6B:76:EE:3F:C2:55:7C:FA:ED:67:A3:AD:6A
X509v3 Authority Key Identifier:
keyid:03:F3:FE:60:75:08:2B:E8:E5:88:32:9B:43:D7:61:BF:6E:7B:01:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A_P-YHUIK-jliDKbQ9dhv257AdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/l0K6PAqN9Gt27j_CVXz67WejrWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.24.245.0/24
IPv6:
2a12:5541:1::-2a12:5541:2:ffff:ffff:ffff:ffff:ffff
2a12:5541:a::/48
2a12:5541:331::/48
2a12:5542::/32
Signature Algorithm: sha256WithRSAEncryption
2c:4c:5a:2e:89:98:7f:90:2d:0a:fa:da:73:bd:0f:2f:f7:b3:
28:d8:f5:26:4c:7b:6a:31:77:c0:51:6c:99:29:49:de:5d:52:
80:0a:b3:8e:63:55:d6:98:c9:0f:8a:28:6d:c2:0a:8a:e9:49:
09:58:8e:05:b2:cc:49:5a:88:51:22:92:40:90:63:a1:e5:88:
3c:a9:29:61:75:05:a3:b2:02:fa:53:ce:a9:d7:55:33:fa:8d:
c9:f7:fa:f7:14:73:0a:17:b1:67:de:d5:46:d7:fa:17:93:65:
21:be:ef:58:71:ff:6b:e7:8f:5f:c4:ad:77:a6:35:50:51:29:
27:5a:09:08:4a:63:7a:cf:ba:aa:28:56:0d:ce:6b:ac:ce:42:
aa:83:fb:5f:60:a7:5f:44:91:03:19:f2:14:93:d2:d3:ed:53:
7c:1c:c8:27:47:aa:bc:99:a1:9b:b8:21:71:0c:e5:58:6b:fb:
a9:57:ac:fa:ef:94:a0:94:c9:58:e7:3d:20:9c:2a:63:97:bc:
a2:ee:d8:2a:0d:4e:24:69:e5:cc:ed:d5:25:1a:c2:65:f4:48:
05:e2:01:f6:ec:a3:53:e1:39:6c:6b:10:5b:1c:2c:1b:20:f5:
44:4d:e3:e9:02:76:12:74:a0:66:a4:75:11:ad:2d:dd:de:2b:
a9:27:48:35
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQiH97Gv9WHDLJoZ6cgS8IyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZjNmZTYwNzUwODJiZThlNTg4MzI5YjQzZDc2MWJmNmU3
YjAxZDAwHhcNMjUwMTAxMTM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzQyYmEzYzBhOGRmNDZiNzZlZTNmYzI1NTdjZmFlZDY3YTNhZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWVit4YC/8bcGih6unMyIO/dcpxy
5tYn+e/7jR8/Kf40PUqSf0KFxPflVYKMAYHgJTpXuK+z4vQqogbQJbRLB2F+u5UH
sga8GMDwsTiSE6YPfIfRQxGPSgpwaQV3bIKuQaybW6uPhRVugTxBJxjXc2mE0ylZ
Z2MpGxD73f8LW/1WSCTB1XzIPPUrnhbszaDsyQtV+tgcEmi6ETeYmhVWy5HCLHNv
wZa4azAfEuQ0eIeADy+B3osBuK+mNyBHkBG7qTJDTdZUL9cd/eLNj/WrWCLCOgYq
eXJdBMwwEDOdwyTt1UqpQqB84TJvp9HcBKcp8G7D9hjRo3lxb9lfJjPW5wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFJdCujwKjfRrdu4/wlV8+u1no61qMB8GA1UdIwQY
MBaAFAPz/mB1CCvo5Ygym0PXYb9uewHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQV9QLVlIVUlLLWpsaURLYlE5ZGh2MjU3QWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84YmY3ZWEtODgzYS00YzQzLTk0NmMt
ODJkYWZlMTA0YmM1LzEvbDBLNlBBcU45R3QyN2pfQ1ZYejY3V2VqcldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84YmY3ZWEtODgzYS00YzQzLTk0NmMtODJkYWZlMTA0YmM1
LzEvQV9QLVlIVUlLLWpsaURLYlE5ZGh2MjU3QWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAMBAIAATAGAwQAwxj1MDME
AgACMC0wEgMHACoSVUEAAQMHACoSVUEAAgMHACoSVUEACgMHACoSVUEDMQMFACoS
VUIwDQYJKoZIhvcNAQELBQADggEBACxMWi6JmH+QLQr62nO9Dy/3syjY9SZMe2ox
d8BRbJkpSd5dUoAKs45jVdaYyQ+KKG3CCorpSQlYjgWyzElaiFEikkCQY6HliDyp
KWF1BaOyAvpTzqnXVTP6jcn3+vcUcwoXsWfe1UbX+heTZSG+71hx/2vnj1/ErXem
NVBRKSdaCQhKY3rPuqooVg3Oa6zOQqqD+19gp19EkQMZ8hST0tPtU3wcyCdHqryZ
oZu4IXEM5Vhr+6lXrPrvlKCUyVjnPSCcKmOXvKLu2CoNTiRp5czt1SUawmX0SAXi
Afbso1PhOWxrEFscLBsg9URN4+kCdhJ0oGakdRGtLd3eK6knSDU=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:45 2025 by rpki-client