Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/DOAjS6N6DDMCT5Gs48jEEQ8kKdo.roa
File: DOAjS6N6DDMCT5Gs48jEEQ8kKdo.roa (raw, json)
Hash identifier: RxOSt+nS2Pi/oAjRbiU1f0I2BGNusR2WMtoxS2juhtk=
Subject key identifier: 0C:E0:23:4B:A3:7A:0C:33:02:4F:91:AC:E3:C8:C4:11:0F:24:29:DA
Certificate issuer: /CN=24350aa8a94af666099fd073ec621cd15d04b316
Certificate serial: 01942444BAE5E181CDA9194F89B68A012892
Authority key identifier: 24:35:0A:A8:A9:4A:F6:66:09:9F:D0:73:EC:62:1C:D1:5D:04:B3:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JDUKqKlK9mYJn9Bz7GIc0V0EsxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/DOAjS6N6DDMCT5Gs48jEEQ8kKdo.roa
Signing time: Wed 01 Jan 2025 23:47:51 +0000
ROA not before: Wed 01 Jan 2025 23:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29276
IP address blocks: 95.159.192.0/24 maxlen: 24
213.229.248.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ba:e5:e1:81:cd:a9:19:4f:89:b6:8a:01:28:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24350aa8a94af666099fd073ec621cd15d04b316
Validity
Not Before: Jan 1 23:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ce0234ba37a0c33024f91ace3c8c4110f2429da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:75:c7:82:9f:b8:d7:a0:91:63:c0:8e:91:98:
f1:dc:5f:67:c8:0d:72:6d:f3:c1:f0:b4:b9:3e:91:
07:ed:59:10:3f:84:39:5d:fc:c0:91:56:87:37:bd:
65:cc:2d:4e:e8:18:9b:3e:4d:6d:81:89:96:62:cc:
0a:13:ee:b1:af:d2:da:d1:c6:70:c5:da:3a:2c:17:
7f:82:50:8e:33:bd:77:18:11:d4:99:21:a1:c2:a2:
3a:90:21:d3:bf:1a:b1:66:00:42:00:06:ee:d5:42:
a5:6b:a2:c4:1b:a8:9b:4a:dd:14:3f:71:eb:40:19:
6d:68:66:3b:43:28:7d:b9:a3:24:02:f6:b5:5e:d7:
12:1a:ea:c1:e9:45:9c:cb:92:0a:86:0d:24:7f:54:
8e:29:d7:11:ee:88:70:56:d5:b3:68:fb:9e:de:7d:
ff:40:a5:4d:7a:b3:ed:5b:0e:b7:5a:ae:1d:5a:b5:
74:e2:c6:f7:02:71:9a:50:a8:82:ad:a8:37:9c:d5:
70:f1:87:be:cc:cf:f7:a9:15:43:f8:d8:fe:8f:3c:
15:31:27:e2:ad:85:00:62:7d:ee:45:99:05:a2:31:
4e:cd:80:c1:9a:95:76:74:97:57:a0:71:6f:4f:b3:
c2:ce:11:8d:ef:c7:f0:16:72:82:f7:6d:92:c6:6f:
3c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E0:23:4B:A3:7A:0C:33:02:4F:91:AC:E3:C8:C4:11:0F:24:29:DA
X509v3 Authority Key Identifier:
keyid:24:35:0A:A8:A9:4A:F6:66:09:9F:D0:73:EC:62:1C:D1:5D:04:B3:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JDUKqKlK9mYJn9Bz7GIc0V0EsxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/DOAjS6N6DDMCT5Gs48jEEQ8kKdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/JDUKqKlK9mYJn9Bz7GIc0V0EsxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.159.192.0/24
213.229.248.0/21
Signature Algorithm: sha256WithRSAEncryption
58:5b:03:d9:70:f2:58:7d:d7:b1:68:72:ce:b8:2a:5f:c0:c5:
7b:c2:79:7b:4b:8a:a6:03:1e:b0:3c:01:bf:58:8e:9c:69:13:
1f:de:22:3f:6f:be:4e:1b:cb:da:0e:09:29:75:70:22:b4:7b:
dd:04:31:05:44:51:e5:aa:1b:64:a2:1c:4f:d5:a9:dc:9a:23:
87:5c:82:0b:ad:ca:27:d3:21:2d:06:89:e7:3d:32:b2:30:f4:
fa:ed:79:62:f0:e3:b4:c4:88:72:0a:4a:00:b5:b1:6b:70:6a:
c4:ab:0b:9c:83:f6:54:aa:bb:2b:ca:1d:05:bc:1f:69:0b:43:
1b:cb:68:30:a5:30:00:74:4a:31:18:75:d6:de:23:f9:75:61:
11:22:a6:0b:21:54:53:10:f3:d8:69:3f:e8:99:44:e5:e9:0f:
4d:fb:c2:03:4a:85:53:bc:cd:71:46:4e:2f:31:08:68:35:f8:
9d:39:62:41:71:ee:80:e9:ca:f2:a9:d2:6d:f0:38:ad:62:36:
d7:df:09:7b:fb:5b:87:53:74:ee:fc:09:25:3e:4a:95:d9:bf:
30:dd:f1:4a:80:73:53:cc:21:af:4e:cc:21:62:e9:68:9b:43:
2b:4a:f3:91:53:86:8d:31:47:7b:84:a2:91:a4:c7:ea:b7:f5:
a1:26:1a:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRLrl4YHNqRlPibaKASiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MzUwYWE4YTk0YWY2NjYwOTlmZDA3M2VjNjIxY2QxNWQw
NGIzMTYwHhcNMjUwMTAxMjM0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2UwMjM0YmEzN2EwYzMzMDI0ZjkxYWNlM2M4YzQxMTBmMjQyOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33XHgp+416CRY8COkZjx3F9nyA1y
bfPB8LS5PpEH7VkQP4Q5XfzAkVaHN71lzC1O6BibPk1tgYmWYswKE+6xr9La0cZw
xdo6LBd/glCOM713GBHUmSGhwqI6kCHTvxqxZgBCAAbu1UKla6LEG6ibSt0UP3Hr
QBltaGY7Qyh9uaMkAva1XtcSGurB6UWcy5IKhg0kf1SOKdcR7ohwVtWzaPue3n3/
QKVNerPtWw63Wq4dWrV04sb3AnGaUKiCrag3nNVw8Ye+zM/3qRVD+Nj+jzwVMSfi
rYUAYn3uRZkFojFOzYDBmpV2dJdXoHFvT7PCzhGN78fwFnKC922Sxm88WwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAzgI0ujegwzAk+RrOPIxBEPJCnaMB8GA1UdIwQY
MBaAFCQ1CqipSvZmCZ/Qc+xiHNFdBLMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkRVS3FLbEs5bVlKbjlCejdHSWMwVjBFc3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9hYjYyZTctNzM2Ny00YmRlLTkzNGEt
YjQyNTIyZDA1ODk1LzEvRE9BalM2TjZERE1DVDVHczQ4akVFUThrS2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9hYjYyZTctNzM2Ny00YmRlLTkzNGEtYjQyNTIyZDA1ODk1
LzEvSkRVS3FLbEs5bVlKbjlCejdHSWMwVjBFc3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX5/AAwQD
1eX4MA0GCSqGSIb3DQEBCwUAA4IBAQBYWwPZcPJYfdexaHLOuCpfwMV7wnl7S4qm
Ax6wPAG/WI6caRMf3iI/b75OG8vaDgkpdXAitHvdBDEFRFHlqhtkohxP1ancmiOH
XIILrcon0yEtBonnPTKyMPT67Xli8OO0xIhyCkoAtbFrcGrEqwucg/ZUqrsryh0F
vB9pC0Mby2gwpTAAdEoxGHXW3iP5dWERIqYLIVRTEPPYaT/omUTl6Q9N+8IDSoVT
vM1xRk4vMQhoNfidOWJBce6A6cryqdJt8DitYjbX3wl7+1uHU3Tu/AklPkqV2b8w
3fFKgHNTzCGvTswhYulom0MrSvORU4aNMUd7hKKRpMfqt/WhJhpn
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:41 2025 by rpki-client