Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/V4OKC9u84ToAwKHP8ipFnECEUSc.roa
File: V4OKC9u84ToAwKHP8ipFnECEUSc.roa (raw, json)
Hash identifier: 63X029Xmtv3CuXa3LW6ITuuCc8ehUl7D3xtwLtBbGKw=
Subject key identifier: 57:83:8A:0B:DB:BC:E1:3A:00:C0:A1:CF:F2:2A:45:9C:40:84:51:27
Certificate issuer: /CN=97024ffc4927bfe35289435d9d0280420b8ecdcb
Certificate serial: 0194221F94D9952894049DAA89EDF9F3E194
Authority key identifier: 97:02:4F:FC:49:27:BF:E3:52:89:43:5D:9D:02:80:42:0B:8E:CD:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lwJP_Eknv-NSiUNdnQKAQguOzcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/V4OKC9u84ToAwKHP8ipFnECEUSc.roa
Signing time: Wed 01 Jan 2025 13:48:02 +0000
ROA not before: Wed 01 Jan 2025 13:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41588
IP address blocks: 91.195.248.0/23 maxlen: 23
195.138.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:94:d9:95:28:94:04:9d:aa:89:ed:f9:f3:e1:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97024ffc4927bfe35289435d9d0280420b8ecdcb
Validity
Not Before: Jan 1 13:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57838a0bdbbce13a00c0a1cff22a459c40845127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ed:8b:be:af:4c:2e:94:77:68:76:f5:4c:07:
60:3e:de:7b:aa:e4:15:c4:3f:15:56:f6:f0:65:33:
e3:22:7f:c1:18:30:27:77:f4:50:67:72:1c:ae:65:
60:9b:07:df:85:7f:08:4d:9b:93:dd:6b:36:04:e6:
fe:ff:f6:ae:a5:13:f7:1a:bf:d6:c1:d7:58:88:ad:
12:f4:dc:70:1e:25:c6:73:cd:61:2e:79:17:ad:3d:
cf:bc:b6:2c:8e:a8:d8:a4:4b:c4:82:34:19:ce:11:
ef:7b:7a:87:c2:d4:4e:c2:c8:58:ad:ef:a7:e6:1d:
33:da:24:e7:97:41:3b:43:e4:37:a1:1b:3e:79:b7:
01:e2:78:f6:9a:3e:6a:9a:fe:6d:80:d1:5a:c5:e1:
38:2a:f4:73:b9:88:df:6a:02:73:05:4f:a1:c1:4d:
a6:e5:db:5a:fe:01:87:44:97:51:5e:6e:17:e8:46:
3c:82:20:d6:bf:fe:53:20:0e:83:1b:3a:ff:58:f0:
68:4f:3f:69:c9:4f:32:72:33:a0:64:14:fe:b0:e3:
2c:59:59:2a:82:2b:f7:55:c4:e4:9b:2c:98:aa:5a:
a9:a3:b3:84:36:98:09:75:66:b9:2f:de:9c:11:59:
99:9a:8b:1a:66:24:0c:29:bb:17:97:4c:bb:bc:af:
f4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:83:8A:0B:DB:BC:E1:3A:00:C0:A1:CF:F2:2A:45:9C:40:84:51:27
X509v3 Authority Key Identifier:
keyid:97:02:4F:FC:49:27:BF:E3:52:89:43:5D:9D:02:80:42:0B:8E:CD:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lwJP_Eknv-NSiUNdnQKAQguOzcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/V4OKC9u84ToAwKHP8ipFnECEUSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/lwJP_Eknv-NSiUNdnQKAQguOzcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.248.0/23
195.138.193.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:af:07:a1:e8:f2:28:78:a0:2c:6f:60:95:05:1c:29:23:05:
26:10:81:0f:44:fb:cd:e2:ba:bb:b2:ec:64:8b:95:ac:7f:7e:
ae:3e:b5:38:de:52:3f:11:f7:30:aa:45:e4:e4:2d:7c:56:18:
f6:88:81:ce:6e:e8:75:40:24:6b:08:c3:09:95:2d:4b:99:cf:
a6:7f:b2:e3:67:d5:b6:4a:54:26:7b:4d:07:68:44:44:8c:d5:
b5:20:fe:ff:dc:85:ee:e6:8b:38:90:cd:08:ba:48:85:c8:c2:
31:a4:07:57:10:61:64:76:ef:18:af:d6:13:76:7b:75:e5:b0:
58:b2:dc:e9:05:f3:6d:9e:68:dd:3b:cb:b7:a2:b4:b1:06:c4:
6a:78:87:4d:93:d9:72:74:b0:d7:4e:10:7e:06:13:be:7c:e0:
45:91:35:94:a3:07:da:93:9c:19:ad:60:d2:b0:34:a7:aa:11:
36:35:e5:11:c2:e6:72:8b:ac:bc:4d:5d:6b:62:46:15:f9:78:
ff:1a:a1:98:6f:d8:94:62:11:4b:df:41:f4:29:43:d8:5b:f5:
28:89:f1:67:1e:d7:cf:31:bb:51:c0:0b:67:09:69:17:cb:77:
66:5d:97:68:68:f2:9b:ec:e7:95:92:a8:6e:45:b3:ad:b2:6c:
61:33:6a:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH5TZlSiUBJ2qie358+GUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MDI0ZmZjNDkyN2JmZTM1Mjg5NDM1ZDlkMDI4MDQyMGI4
ZWNkY2IwHhcNMjUwMTAxMTM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzgzOGEwYmRiYmNlMTNhMDBjMGExY2ZmMjJhNDU5YzQwODQ1MTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAju2Lvq9MLpR3aHb1TAdgPt57quQV
xD8VVvbwZTPjIn/BGDAnd/RQZ3IcrmVgmwffhX8ITZuT3Ws2BOb+//aupRP3Gr/W
wddYiK0S9NxwHiXGc81hLnkXrT3PvLYsjqjYpEvEgjQZzhHve3qHwtROwshYre+n
5h0z2iTnl0E7Q+Q3oRs+ebcB4nj2mj5qmv5tgNFaxeE4KvRzuYjfagJzBU+hwU2m
5dta/gGHRJdRXm4X6EY8giDWv/5TIA6DGzr/WPBoTz9pyU8ycjOgZBT+sOMsWVkq
giv3VcTkmyyYqlqpo7OENpgJdWa5L96cEVmZmosaZiQMKbsXl0y7vK/0LwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFeDigvbvOE6AMChz/IqRZxAhFEnMB8GA1UdIwQY
MBaAFJcCT/xJJ7/jUolDXZ0CgEILjs3LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHdKUF9Fa252LU5TaVVOZG5RS0FRZ3VPemNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC83MTcyMjEtMWQwMy00ZDEzLTkwNDkt
NDAxYmRhNDQ3N2I1LzEvVjRPS0M5dTg0VG9Bd0tIUDhpcEZuRUNFVVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC83MTcyMjEtMWQwMy00ZDEzLTkwNDktNDAxYmRhNDQ3N2I1
LzEvbHdKUF9Fa252LU5TaVVOZG5RS0FRZ3VPemNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8P4AwQA
w4rBMA0GCSqGSIb3DQEBCwUAA4IBAQBNrweh6PIoeKAsb2CVBRwpIwUmEIEPRPvN
4rq7suxki5Wsf36uPrU43lI/EfcwqkXk5C18Vhj2iIHObuh1QCRrCMMJlS1Lmc+m
f7LjZ9W2SlQme00HaEREjNW1IP7/3IXu5os4kM0IukiFyMIxpAdXEGFkdu8Yr9YT
dnt15bBYstzpBfNtnmjdO8u3orSxBsRqeIdNk9lydLDXThB+BhO+fOBFkTWUowfa
k5wZrWDSsDSnqhE2NeURwuZyi6y8TV1rYkYV+Xj/GqGYb9iUYhFL30H0KUPYW/Uo
ifFnHtfPMbtRwAtnCWkXy3dmXZdoaPKb7OeVkqhuRbOtsmxhM2oB
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:17 2025 by rpki-client