Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/afF1dxl_LmNwCvwOu-CxTaBAPsE.roa
File: afF1dxl_LmNwCvwOu-CxTaBAPsE.roa (raw, json)
Hash identifier: 2PsecFqYTcXE3Me2mMpOXpuvsS4y86LFqJBD0VQl4Yk=
Subject key identifier: 69:F1:75:77:19:7F:2E:63:70:0A:FC:0E:BB:E0:B1:4D:A0:40:3E:C1
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 019424455F912465AD652D072620D0A04515
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/afF1dxl_LmNwCvwOu-CxTaBAPsE.roa
Signing time: Wed 01 Jan 2025 23:48:33 +0000
ROA not before: Wed 01 Jan 2025 23:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25261
IP address blocks: 195.53.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:5f:91:24:65:ad:65:2d:07:26:20:d0:a0:45:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 1 23:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69f17577197f2e63700afc0ebbe0b14da0403ec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:17:f1:8b:40:3f:8f:89:c7:38:0a:45:8e:b3:
a8:f1:d4:d7:4e:29:90:2f:f2:b4:ae:e0:a8:71:f7:
a7:d4:70:eb:45:64:88:40:b5:a9:ee:ac:6e:01:73:
64:7f:3d:60:f3:16:5d:99:0f:e8:e3:a5:2e:ee:52:
aa:7c:13:4e:ca:93:db:4f:cd:2b:66:db:83:08:5d:
77:f2:0d:0d:0b:42:b8:89:20:10:db:73:b3:4e:b3:
50:23:07:b6:fc:a8:78:f0:61:b5:59:da:5f:b0:13:
d3:4c:49:78:23:b4:2c:83:3a:51:70:90:6f:c2:cd:
8c:3e:06:6e:ea:b9:99:37:eb:b0:d9:d2:d9:b2:96:
7e:fa:b6:3f:44:f2:d7:4e:5a:dc:9a:42:e2:e1:d5:
13:ec:b8:45:e1:42:4d:27:4d:90:7f:ca:1d:e7:06:
3d:e0:f6:51:84:c4:27:7a:09:fc:d2:2e:6e:79:1d:
d4:fa:c7:4f:9c:af:36:63:c1:fa:96:41:49:fe:33:
d6:66:21:5a:a4:63:34:77:e5:cf:af:40:b3:94:c0:
b7:6c:e0:69:8f:02:0c:42:1f:23:3a:d1:15:05:33:
c4:1f:36:bd:4d:b8:c3:ad:77:10:88:63:87:32:61:
a4:7d:92:44:ee:2d:0e:44:5d:83:e7:b8:2f:2e:ad:
1d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F1:75:77:19:7F:2E:63:70:0A:FC:0E:BB:E0:B1:4D:A0:40:3E:C1
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/afF1dxl_LmNwCvwOu-CxTaBAPsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.53.213.0/24
Signature Algorithm: sha256WithRSAEncryption
98:40:6a:45:0b:53:ff:68:20:3b:ba:fe:f1:80:3c:e9:48:05:
2a:50:1b:82:b4:ce:24:1e:fe:65:97:d6:29:36:6b:a0:54:70:
37:83:16:7e:12:51:22:3a:76:6e:8c:46:16:bd:8c:00:46:a9:
95:b7:52:06:77:8e:eb:a7:03:18:c1:9a:76:77:e9:1f:91:64:
8b:a5:79:97:cb:20:17:69:ce:d1:40:34:84:d2:b0:09:14:e6:
05:94:89:31:3a:5f:46:c5:c8:94:07:e7:cd:62:da:b6:12:c6:
20:f2:30:2a:d0:10:6c:df:f5:4e:77:55:40:7b:6e:62:96:3c:
70:8f:b3:d2:bb:49:2f:0e:29:cd:e4:94:2e:f5:e4:88:09:36:
5a:6e:83:de:1c:82:9b:7c:78:76:2b:cd:5c:0f:9b:a9:fc:ab:
8a:ba:20:17:94:39:bd:59:c8:6d:80:b9:15:08:61:47:9e:13:
ff:8a:24:36:1e:bb:a5:24:7b:75:48:af:db:b0:b3:14:8f:f3:
88:4b:1d:21:15:b0:6d:f9:9c:eb:55:70:fd:de:f6:46:ac:e3:
a3:e8:7a:c3:ae:d3:da:ab:43:8c:48:aa:46:e5:85:d1:54:55:
5d:b5:3e:07:2d:99:50:c4:9a:eb:0f:d7:48:c6:53:24:c0:c6:
96:2c:4c:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRV+RJGWtZS0HJiDQoEUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjUwMTAxMjM0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWYxNzU3NzE5N2YyZTYzNzAwYWZjMGViYmUwYjE0ZGEwNDAzZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBfxi0A/j4nHOApFjrOo8dTXTimQ
L/K0ruCocfen1HDrRWSIQLWp7qxuAXNkfz1g8xZdmQ/o46Uu7lKqfBNOypPbT80r
ZtuDCF138g0NC0K4iSAQ23OzTrNQIwe2/Kh48GG1WdpfsBPTTEl4I7QsgzpRcJBv
ws2MPgZu6rmZN+uw2dLZspZ++rY/RPLXTlrcmkLi4dUT7LhF4UJNJ02Qf8od5wY9
4PZRhMQnegn80i5ueR3U+sdPnK82Y8H6lkFJ/jPWZiFapGM0d+XPr0CzlMC3bOBp
jwIMQh8jOtEVBTPEHza9TbjDrXcQiGOHMmGkfZJE7i0ORF2D57gvLq0dmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGnxdXcZfy5jcAr8DrvgsU2gQD7BMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvYWZGMWR4bF9MbU53Q3Z3T3UtQ3hUYUJBUHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzXVMA0G
CSqGSIb3DQEBCwUAA4IBAQCYQGpFC1P/aCA7uv7xgDzpSAUqUBuCtM4kHv5ll9Yp
NmugVHA3gxZ+ElEiOnZujEYWvYwARqmVt1IGd47rpwMYwZp2d+kfkWSLpXmXyyAX
ac7RQDSE0rAJFOYFlIkxOl9GxciUB+fNYtq2EsYg8jAq0BBs3/VOd1VAe25iljxw
j7PSu0kvDinN5JQu9eSICTZaboPeHIKbfHh2K81cD5up/KuKuiAXlDm9WchtgLkV
CGFHnhP/iiQ2HrulJHt1SK/bsLMUj/OISx0hFbBt+ZzrVXD93vZGrOOj6HrDrtPa
q0OMSKpG5YXRVFVdtT4HLZlQxJrrD9dIxlMkwMaWLEzp
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:50:03 2025 by rpki-client