Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/aFnUGsqLDnxmFuCiKUxGldNemm4.roa
File: aFnUGsqLDnxmFuCiKUxGldNemm4.roa (raw, json)
Hash identifier: +vt1O+sPmS0CFLTIXFB6LjeRwNrvpt9nlB+8daLJ94g=
Subject key identifier: 68:59:D4:1A:CA:8B:0E:7C:66:16:E0:A2:29:4C:46:95:D3:5E:9A:6E
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0194228D37CC41A2C95373BCFC383CD6CEF0
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/aFnUGsqLDnxmFuCiKUxGldNemm4.roa
Signing time: Wed 01 Jan 2025 15:47:47 +0000
ROA not before: Wed 01 Jan 2025 15:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201016
IP address blocks: 195.144.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:37:cc:41:a2:c9:53:73:bc:fc:38:3c:d6:ce:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 15:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6859d41aca8b0e7c6616e0a2294c4695d35e9a6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b0:f4:67:72:76:25:b0:81:fe:f8:e5:38:8f:
8b:a0:f7:b0:3a:4b:ea:43:fb:99:62:d6:80:a6:26:
ea:ee:58:fb:91:aa:b3:c1:d0:d2:d6:66:0f:87:0c:
a5:47:c2:17:98:4a:4b:ca:9b:6e:4c:b8:15:9f:da:
72:64:7e:2f:96:af:64:5e:42:ff:83:57:78:f5:c2:
8f:9e:6f:1b:5c:d0:41:9a:b6:20:d7:80:36:9c:c0:
85:45:d3:d6:4f:26:85:c9:40:8f:54:87:40:51:11:
92:2f:7d:0f:a9:8c:00:5b:d3:87:06:17:a0:8d:c4:
a9:dd:be:25:f9:ff:10:2d:cc:4f:07:c8:17:8b:24:
a3:49:26:8a:df:bb:aa:b5:2b:ae:a4:19:f7:ef:17:
ed:f1:99:dd:42:99:4c:f4:23:98:e2:74:d2:2e:20:
8d:37:66:a8:e1:83:c9:b8:a4:15:a5:fe:ce:b7:e1:
da:46:ef:f3:89:4d:a9:9d:2d:7d:ba:40:41:8d:02:
8a:38:c9:1f:cc:5c:08:d0:a3:d8:dc:ec:51:7a:6c:
8c:46:f0:80:a6:3f:3f:41:8a:fa:1b:20:ae:89:93:
95:0f:12:a4:49:c1:e9:af:9a:12:c2:f1:29:9d:0e:
f2:4c:e1:77:75:42:51:b0:19:73:7f:16:c5:e9:3a:
6c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:59:D4:1A:CA:8B:0E:7C:66:16:E0:A2:29:4C:46:95:D3:5E:9A:6E
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/aFnUGsqLDnxmFuCiKUxGldNemm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.144.243.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:7d:90:bd:06:a2:5c:c7:ba:8f:ee:6b:8e:64:96:4d:68:93:
42:fe:f7:c3:d3:26:21:db:f4:3a:34:0c:90:77:60:94:a2:aa:
28:38:13:62:a7:c7:6a:39:d0:0e:b1:79:83:e5:79:bc:23:a6:
01:8a:1b:5d:36:53:18:a8:fd:83:06:61:84:20:7f:c0:4d:bb:
91:f7:2c:23:ad:35:39:7d:42:7d:f6:1b:ce:e7:5f:22:b6:13:
25:d1:d3:3a:46:cc:65:93:fd:83:8d:2c:ce:59:01:b8:df:47:
fd:7f:74:89:39:39:2f:f4:19:fe:e5:cb:19:09:01:78:12:ac:
1c:20:cf:fa:a4:3a:e9:45:59:53:d8:a9:6e:15:73:69:16:fb:
09:c8:25:52:ed:80:32:ff:fb:09:eb:a1:a0:45:44:ff:44:32:
c1:7e:5f:9a:bb:d5:b4:82:a7:c3:ca:56:c1:ee:04:8b:93:2e:
5d:ba:c1:47:9b:3d:f0:f0:07:06:de:f4:7b:b2:f5:73:b4:de:
d6:5b:59:98:73:0c:6a:10:36:7c:a7:17:57:37:b6:f0:f2:5f:
7e:d5:42:5e:85:ab:b4:d1:c9:ae:58:ce:1d:91:06:ed:7d:58:
c5:ec:9d:68:e1:48:a7:c8:af:33:82:78:93:18:82:2d:71:57:
ac:5f:02:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijTfMQaLJU3O8/Dg81s7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjUwMTAxMTU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODU5ZDQxYWNhOGIwZTdjNjYxNmUwYTIyOTRjNDY5NWQzNWU5YTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7D0Z3J2JbCB/vjlOI+LoPewOkvq
Q/uZYtaApibq7lj7kaqzwdDS1mYPhwylR8IXmEpLyptuTLgVn9pyZH4vlq9kXkL/
g1d49cKPnm8bXNBBmrYg14A2nMCFRdPWTyaFyUCPVIdAURGSL30PqYwAW9OHBheg
jcSp3b4l+f8QLcxPB8gXiySjSSaK37uqtSuupBn37xft8ZndQplM9COY4nTSLiCN
N2ao4YPJuKQVpf7Ot+HaRu/ziU2pnS19ukBBjQKKOMkfzFwI0KPY3OxRemyMRvCA
pj8/QYr6GyCuiZOVDxKkScHpr5oSwvEpnQ7yTOF3dUJRsBlzfxbF6TpsdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhZ1BrKiw58ZhbgoilMRpXTXppuMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvYUZuVUdzcUxEbnhtRnVDaUtVeEdsZE5lbW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5DzMA0G
CSqGSIb3DQEBCwUAA4IBAQBqfZC9BqJcx7qP7muOZJZNaJNC/vfD0yYh2/Q6NAyQ
d2CUoqooOBNip8dqOdAOsXmD5Xm8I6YBihtdNlMYqP2DBmGEIH/ATbuR9ywjrTU5
fUJ99hvO518ithMl0dM6Rsxlk/2DjSzOWQG430f9f3SJOTkv9Bn+5csZCQF4Eqwc
IM/6pDrpRVlT2KluFXNpFvsJyCVS7YAy//sJ66GgRUT/RDLBfl+au9W0gqfDylbB
7gSLky5dusFHmz3w8AcG3vR7svVztN7WW1mYcwxqEDZ8pxdXN7bw8l9+1UJehau0
0cmuWM4dkQbtfVjF7J1o4UinyK8zgniTGIItcVesXwLL
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:23:40 2025 by rpki-client