Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/296a78-01e2-496d-ba59-2200b3cc57e6/1/9Z5hWDI-Kh-NztOkQSMKvhY8qzE.roa
File: 9Z5hWDI-Kh-NztOkQSMKvhY8qzE.roa (raw, json)
Hash identifier: lOFYxh8QJeVwqsBGYE+6Q0gH74BhU3Eg1T5v8M/Ib+E=
Subject key identifier: F5:9E:61:58:32:3E:2A:1F:8D:CE:D3:A4:41:23:0A:BE:16:3C:AB:31
Certificate issuer: /CN=07f0ba59b1c76cf20dc4382e5a2854d7142c26ba
Certificate serial: 01953CCBC8586432201A000CCAD4F8E32B1F
Authority key identifier: 07:F0:BA:59:B1:C7:6C:F2:0D:C4:38:2E:5A:28:54:D7:14:2C:26:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_C6WbHHbPINxDguWihU1xQsJro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/296a78-01e2-496d-ba59-2200b3cc57e6/1/9Z5hWDI-Kh-NztOkQSMKvhY8qzE.roa
Signing time: Tue 25 Feb 2025 11:09:02 +0000
ROA not before: Tue 25 Feb 2025 11:09:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216176
IP address blocks: 195.246.195.0/24 maxlen: 24
2a14::/32 maxlen: 32
2a14:7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:cb:c8:58:64:32:20:1a:00:0c:ca:d4:f8:e3:2b:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f0ba59b1c76cf20dc4382e5a2854d7142c26ba
Validity
Not Before: Feb 25 11:09:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f59e6158323e2a1f8dced3a441230abe163cab31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ca:e1:31:59:9e:a5:d6:4a:5e:1a:ff:ac:46:
42:2b:99:76:e1:75:c7:c9:3d:a4:ae:04:05:35:30:
f7:03:61:db:38:cb:5c:e3:b6:14:e5:e4:1f:a4:49:
07:45:ca:84:26:5a:d9:66:c0:41:c9:06:e3:43:11:
25:df:6e:c2:e4:c6:e9:9d:b5:11:b9:89:90:7a:bb:
dd:74:2a:ef:76:59:cc:98:54:4e:82:d0:21:30:9e:
80:b2:63:26:9e:14:c8:f7:27:8e:76:37:86:30:22:
10:02:1f:59:62:f8:1e:30:7b:72:70:75:ae:5e:a2:
b0:e6:06:1f:c2:50:1f:95:38:bc:51:6a:79:25:9a:
23:b4:e0:d2:d7:0a:13:bc:08:37:25:3c:62:b9:e7:
b2:e8:1e:2d:45:f1:bc:f8:a0:2c:11:3f:93:91:18:
9f:13:64:80:e9:b1:5d:cb:7c:e7:cc:5a:a0:3d:d3:
9d:f2:04:52:f9:48:27:e4:09:34:cc:ca:3d:04:45:
7d:88:3b:d4:12:f3:05:1c:55:42:a7:ef:09:91:e1:
12:ba:f3:38:0e:bf:78:0c:e1:77:d2:08:6b:9c:10:
eb:d7:20:03:a7:33:17:01:63:1d:88:4c:54:af:be:
f6:53:fb:31:22:ea:03:c8:a2:54:52:a8:35:ef:3c:
5d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9E:61:58:32:3E:2A:1F:8D:CE:D3:A4:41:23:0A:BE:16:3C:AB:31
X509v3 Authority Key Identifier:
keyid:07:F0:BA:59:B1:C7:6C:F2:0D:C4:38:2E:5A:28:54:D7:14:2C:26:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_C6WbHHbPINxDguWihU1xQsJro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296a78-01e2-496d-ba59-2200b3cc57e6/1/9Z5hWDI-Kh-NztOkQSMKvhY8qzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296a78-01e2-496d-ba59-2200b3cc57e6/1/B_C6WbHHbPINxDguWihU1xQsJro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.246.195.0/24
IPv6:
2a14::/32
2a14:7::/32
Signature Algorithm: sha256WithRSAEncryption
62:bc:43:2f:bf:35:59:ef:52:c7:75:5f:a6:46:cc:5a:41:91:
47:a2:74:39:8b:77:f0:58:8c:78:f9:d3:aa:84:e0:b4:8a:18:
08:08:1c:cd:51:c4:25:eb:48:9b:4d:a0:e5:e5:02:4a:86:a9:
e0:9a:38:59:c9:e3:7f:3b:81:4a:4a:16:a1:42:09:fc:a2:51:
82:90:11:15:10:80:b9:64:4c:8e:e4:8d:67:cb:fc:f2:2c:09:
02:f1:61:22:d6:19:c1:f6:a3:eb:28:77:c5:dd:69:ea:06:e0:
bf:2f:c1:79:ce:ba:65:9e:46:50:a7:86:6a:0d:6b:2f:7b:a1:
38:c5:52:10:69:f0:d6:36:c0:40:1b:b3:7b:cb:90:40:e6:8e:
b9:ea:38:dd:a7:86:ee:3c:04:19:09:4e:e4:a9:77:9a:bd:39:
1d:5a:5d:b6:c7:ed:b8:fd:c3:30:38:3b:b2:d5:2b:9f:40:71:
e5:23:db:10:06:6c:82:c4:2d:81:9a:f9:0a:f6:95:ca:67:a0:
9d:b9:2b:f2:b7:cb:4f:e4:36:68:fb:31:92:8f:a2:b7:7a:cf:
02:9e:b4:8b:93:e0:29:0b:53:0b:a8:10:50:6f:dd:4c:13:cc:
d9:22:ca:fd:29:e4:82:8b:9b:09:01:5c:34:de:d9:34:0b:ed:
bb:91:f2:87
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZU8y8hYZDIgGgAMytT44ysfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjBiYTU5YjFjNzZjZjIwZGM0MzgyZTVhMjg1NGQ3MTQy
YzI2YmEwHhcNMjUwMjI1MTEwOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTllNjE1ODMyM2UyYTFmOGRjZWQzYTQ0MTIzMGFiZTE2M2NhYjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7MrhMVmepdZKXhr/rEZCK5l24XXH
yT2krgQFNTD3A2HbOMtc47YU5eQfpEkHRcqEJlrZZsBByQbjQxEl327C5MbpnbUR
uYmQervddCrvdlnMmFROgtAhMJ6AsmMmnhTI9yeOdjeGMCIQAh9ZYvgeMHtycHWu
XqKw5gYfwlAflTi8UWp5JZojtODS1woTvAg3JTxiueey6B4tRfG8+KAsET+TkRif
E2SA6bFdy3znzFqgPdOd8gRS+Ugn5Ak0zMo9BEV9iDvUEvMFHFVCp+8JkeESuvM4
Dr94DOF30ghrnBDr1yADpzMXAWMdiExUr772U/sxIuoDyKJUUqg17zxdWwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPWeYVgyPiofjc7TpEEjCr4WPKsxMB8GA1UdIwQY
MBaAFAfwulmxx2zyDcQ4LlooVNcULCa6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9DNldiSEhiUElOeERndVdpaFUxeFFzSnJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yOTZhNzgtMDFlMi00OTZkLWJhNTkt
MjIwMGIzY2M1N2U2LzEvOVo1aFdESS1LaC1OenRPa1FTTUt2aFk4cXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yOTZhNzgtMDFlMi00OTZkLWJhNTktMjIwMGIzY2M1N2U2
LzEvQl9DNldiSEhiUElOeERndVdpaFUxeFFzSnJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAw/bDMBQE
AgACMA4DBQAqFAAAAwUAKhQABzANBgkqhkiG9w0BAQsFAAOCAQEAYrxDL781We9S
x3VfpkbMWkGRR6J0OYt38FiMePnTqoTgtIoYCAgczVHEJetIm02g5eUCSoap4Jo4
WcnjfzuBSkoWoUIJ/KJRgpARFRCAuWRMjuSNZ8v88iwJAvFhItYZwfaj6yh3xd1p
6gbgvy/Bec66ZZ5GUKeGag1rL3uhOMVSEGnw1jbAQBuze8uQQOaOueo43aeG7jwE
GQlO5Kl3mr05HVpdtsftuP3DMDg7stUrn0Bx5SPbEAZsgsQtgZr5CvaVymegnbkr
8rfLT+Q2aPsxko+it3rPAp60i5PgKQtTC6gQUG/dTBPM2SLK/SnkgoubCQFcNN7Z
NAvtu5Hyhw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:56:50 2025 by rpki-client