Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/3e5c96-7e95-4797-aa6a-a8978e3aae98/1/H9SO8EzcNBS2yNz1oqlQvF8nYaA.roa
File: H9SO8EzcNBS2yNz1oqlQvF8nYaA.roa (raw, json)
Hash identifier: DHcHXu+DGDdMpd1sZPMiGOEXUFezuU4wJP51eqKaDv0=
Subject key identifier: 1F:D4:8E:F0:4C:DC:34:14:B6:C8:DC:F5:A2:A9:50:BC:5F:27:61:A0
Certificate issuer: /CN=4eeb86abd5374e553098209075b9afecabef333a
Certificate serial: 0195D1E87EF57C77161AD4A9699647B6B3B7
Authority key identifier: 4E:EB:86:AB:D5:37:4E:55:30:98:20:90:75:B9:AF:EC:AB:EF:33:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuuGq9U3TlUwmCCQdbmv7KvvMzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/3e5c96-7e95-4797-aa6a-a8978e3aae98/1/H9SO8EzcNBS2yNz1oqlQvF8nYaA.roa
Signing time: Wed 26 Mar 2025 10:03:49 +0000
ROA not before: Wed 26 Mar 2025 10:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13009
IP address blocks: 195.191.164.0/24 maxlen: 24
2a10:4a40:4ddc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d1:e8:7e:f5:7c:77:16:1a:d4:a9:69:96:47:b6:b3:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eeb86abd5374e553098209075b9afecabef333a
Validity
Not Before: Mar 26 10:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fd48ef04cdc3414b6c8dcf5a2a950bc5f2761a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6f:d6:03:d7:bd:3c:94:8e:3f:9c:ea:ab:1c:
16:27:80:19:66:f4:5e:a4:e4:16:2a:6e:d3:82:73:
0b:c1:32:f1:31:42:fe:59:0f:05:f0:3b:e3:e7:6d:
65:cb:9f:2b:c1:5a:50:57:2f:ad:4b:37:59:40:9f:
0e:d2:fb:6f:70:93:a9:c4:c3:89:9d:3d:e9:9a:1a:
16:2b:2d:11:9e:3a:01:eb:f1:52:2e:28:d0:a3:3e:
48:cf:95:6a:f7:6b:cf:7f:f5:e8:16:0a:af:b6:33:
53:4b:28:3f:5b:25:d7:cf:63:f2:cd:db:3c:bf:d4:
67:08:8e:fe:2e:4b:70:b8:9e:d9:6e:05:8b:e0:bb:
ca:3f:66:45:2b:45:11:61:f5:73:f4:cb:e2:d5:6f:
35:5d:88:52:66:f9:98:ce:af:25:8c:5e:85:c3:19:
ff:ea:1c:bf:86:2e:8f:c9:d9:b2:6c:83:54:51:1f:
21:b8:8c:a7:1e:5b:ce:da:ed:cd:5c:8a:25:e5:0b:
d0:cc:46:b2:b6:7a:53:b9:9f:1b:46:46:a5:9d:54:
ad:f2:ba:41:00:6c:35:0d:e1:bb:7c:70:70:78:1e:
1d:ff:6c:d5:73:f7:51:2b:72:38:3c:02:fd:de:b6:
e2:f9:7f:d2:21:2d:b7:1b:e9:31:10:27:fc:fe:b8:
ac:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D4:8E:F0:4C:DC:34:14:B6:C8:DC:F5:A2:A9:50:BC:5F:27:61:A0
X509v3 Authority Key Identifier:
keyid:4E:EB:86:AB:D5:37:4E:55:30:98:20:90:75:B9:AF:EC:AB:EF:33:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuuGq9U3TlUwmCCQdbmv7KvvMzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/3e5c96-7e95-4797-aa6a-a8978e3aae98/1/H9SO8EzcNBS2yNz1oqlQvF8nYaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/3e5c96-7e95-4797-aa6a-a8978e3aae98/1/TuuGq9U3TlUwmCCQdbmv7KvvMzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.164.0/24
IPv6:
2a10:4a40:4ddc::/48
Signature Algorithm: sha256WithRSAEncryption
87:be:07:a5:b7:ab:b9:9d:09:32:59:45:33:67:2c:d9:a9:00:
0a:14:15:7b:8b:b6:36:b7:11:a3:33:98:2b:12:9c:25:0d:20:
93:62:9f:f7:ca:05:c4:d9:54:15:9e:41:5b:af:20:91:1d:b7:
70:25:5a:97:3e:3f:7d:3d:d0:3d:bf:7d:53:8f:02:86:60:c9:
e1:b0:de:d7:21:26:bb:ac:ab:90:44:b7:8a:a8:25:7c:6f:3e:
4b:f3:a5:8a:c6:ed:76:bc:2a:b0:fc:8f:19:01:01:56:cc:0d:
92:24:21:5e:d8:51:8b:18:1f:15:62:05:fa:48:b5:aa:06:80:
64:27:02:8b:92:ab:56:c2:d7:de:3f:ba:61:74:63:dc:46:eb:
15:87:af:39:e5:88:f0:c4:25:cd:82:ae:d0:98:ff:dc:fa:5f:
7c:60:d4:bf:e5:9d:6b:37:77:76:d0:46:b9:e2:a6:97:17:07:
8d:9c:80:f1:13:82:35:1e:22:40:18:ef:30:fc:6c:c3:de:b4:
0c:40:35:41:21:8a:6c:6c:a4:e7:11:3a:b4:55:5c:f3:26:1a:
88:73:c2:06:e9:54:08:ed:ec:17:e9:c3:3a:89:25:5b:87:28:
d9:e3:d7:39:29:64:9a:2b:15:01:00:ee:ad:95:12:db:33:f3:
7a:30:21:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZXR6H71fHcWGtSpaZZHtrO3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZWI4NmFiZDUzNzRlNTUzMDk4MjA5MDc1YjlhZmVjYWJl
ZjMzM2EwHhcNMjUwMzI2MTAwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmQ0OGVmMDRjZGMzNDE0YjZjOGRjZjVhMmE5NTBiYzVmMjc2MWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum/WA9e9PJSOP5zqqxwWJ4AZZvRe
pOQWKm7TgnMLwTLxMUL+WQ8F8Dvj521ly58rwVpQVy+tSzdZQJ8O0vtvcJOpxMOJ
nT3pmhoWKy0RnjoB6/FSLijQoz5Iz5Vq92vPf/XoFgqvtjNTSyg/WyXXz2Pyzds8
v9RnCI7+LktwuJ7ZbgWL4LvKP2ZFK0URYfVz9Mvi1W81XYhSZvmYzq8ljF6Fwxn/
6hy/hi6PydmybINUUR8huIynHlvO2u3NXIol5QvQzEaytnpTuZ8bRkalnVSt8rpB
AGw1DeG7fHBweB4d/2zVc/dRK3I4PAL93rbi+X/SIS23G+kxECf8/ris4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB/UjvBM3DQUtsjc9aKpULxfJ2GgMB8GA1UdIwQY
MBaAFE7rhqvVN05VMJggkHW5r+yr7zM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHV1R3E5VTNUbFV3bUNDUWRibXY3S3Z2TXpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8zZTVjOTYtN2U5NS00Nzk3LWFhNmEt
YTg5NzhlM2FhZTk4LzEvSDlTTzhFemNOQlMyeU56MW9xbFF2RjhuWWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8zZTVjOTYtN2U5NS00Nzk3LWFhNmEtYTg5NzhlM2FhZTk4
LzEvVHV1R3E5VTNUbFV3bUNDUWRibXY3S3Z2TXpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw7+kMA8E
AgACMAkDBwAqEEpATdwwDQYJKoZIhvcNAQELBQADggEBAIe+B6W3q7mdCTJZRTNn
LNmpAAoUFXuLtja3EaMzmCsSnCUNIJNin/fKBcTZVBWeQVuvIJEdt3AlWpc+P309
0D2/fVOPAoZgyeGw3tchJrusq5BEt4qoJXxvPkvzpYrG7Xa8KrD8jxkBAVbMDZIk
IV7YUYsYHxViBfpItaoGgGQnAouSq1bC194/umF0Y9xG6xWHrznliPDEJc2CrtCY
/9z6X3xg1L/lnWs3d3bQRrnippcXB42cgPETgjUeIkAY7zD8bMPetAxANUEhimxs
pOcROrRVXPMmGohzwgbpVAjt7BfpwzqJJVuHKNnj1zkpZJorFQEA7q2VEtsz83ow
Ieg=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:34:41 2025 by rpki-client