Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ryPRe0jc4dskRWi5AIJJZ0yQ6Uk.roa
File: ryPRe0jc4dskRWi5AIJJZ0yQ6Uk.roa (raw, json)
Hash identifier: WpaN0ZZnZ7ybJlBYdPCYqc+dIBZoJ7cT0/75j8Ze7eg=
Subject key identifier: AF:23:D1:7B:48:DC:E1:DB:24:45:68:B9:00:82:49:67:4C:90:E9:49
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01856ED4F6F750C080ECCD1702457A30567E
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ryPRe0jc4dskRWi5AIJJZ0yQ6Uk.roa
Signing time: Sun 01 Jan 2023 19:35:28 +0000
ROA not before: Sun 01 Jan 2023 19:35:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201016
IP address blocks: 195.144.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:f6:f7:50:c0:80:ec:cd:17:02:45:7a:30:56:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 19:35:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af23d17b48dce1db244568b9008249674c90e949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:07:f4:59:d3:c9:bf:e7:fd:2f:2a:f5:56:48:
b3:01:64:ec:36:49:e1:1f:1a:1c:f9:4a:c5:6e:1a:
ec:e1:81:10:88:8f:80:bc:c1:aa:f6:03:68:43:ca:
95:5e:ea:b5:31:06:7c:58:73:10:21:61:9d:c6:c0:
ad:ed:2f:0f:a3:2f:d3:21:14:9e:0c:6c:e1:34:e8:
8f:10:06:04:16:79:8c:36:42:f4:89:aa:5d:6d:94:
ff:bd:9e:03:56:b6:fb:e5:fc:2e:46:78:4e:c8:99:
e8:48:c6:8e:c5:5c:72:1a:3f:93:11:a6:91:c1:fa:
9c:b6:5f:cc:b7:8f:e8:3e:86:6b:07:ed:2a:4e:a8:
44:64:50:c7:e0:8d:9a:d9:ac:a2:44:4d:ad:32:e6:
68:58:30:0c:f8:d8:05:27:95:f9:5b:79:5c:e1:0c:
0c:28:1d:0c:88:ca:d7:a8:12:2a:73:ca:e1:86:ef:
44:ba:bc:a0:95:26:a4:ab:58:f6:de:f6:6d:40:21:
18:cd:df:d5:a6:63:c0:c5:4f:2a:dc:76:10:4b:45:
c3:27:f8:36:01:3b:09:ab:b8:36:a2:5c:60:f3:4f:
3c:c0:90:16:65:e4:c2:8b:a9:df:46:88:0a:71:c3:
a2:9b:9f:26:81:ee:89:9b:53:f0:7b:d4:d2:98:ad:
fb:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:23:D1:7B:48:DC:E1:DB:24:45:68:B9:00:82:49:67:4C:90:E9:49
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ryPRe0jc4dskRWi5AIJJZ0yQ6Uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.144.243.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:9e:ad:a4:d2:73:ad:9b:ad:93:25:e7:59:6f:16:64:06:5a:
98:f3:5b:7e:d3:b0:a0:1c:a8:ab:17:2c:c5:c6:b6:9f:30:f3:
b2:07:06:1f:da:99:18:d0:e9:65:21:f8:c3:fa:fb:98:1d:c3:
47:d7:62:b1:79:c5:12:a2:b7:a3:6b:1f:66:ca:14:4a:94:21:
69:de:6a:9a:bf:4e:36:d5:bd:ad:a4:4c:4a:5c:da:07:0d:60:
50:44:b3:a8:22:9c:66:ac:80:5b:0f:96:1c:a1:74:aa:8a:8c:
22:1c:79:ee:f4:a7:f3:8f:f2:a5:37:d9:ba:a4:4b:0b:23:da:
88:ee:2e:24:d7:5c:9b:71:84:ee:00:e4:1f:f3:5a:76:dc:16:
2b:78:da:a2:74:2d:91:2d:75:8e:42:c0:8f:15:2b:52:7e:ac:
59:ea:ef:35:da:d3:85:59:31:96:35:83:7b:91:73:14:ae:47:
83:4c:5c:b0:c7:4f:7b:7a:64:27:71:df:15:3c:28:83:88:bc:
ef:3b:32:b4:aa:64:6d:61:d5:53:f3:a9:98:66:c5:eb:b7:61:
c7:2e:34:6e:9f:cf:7d:ac:80:db:d8:85:d3:38:72:cf:ed:26:
b9:be:74:d2:b0:7d:bb:b6:8b:e1:65:f0:39:23:36:3f:d5:77:
b8:7e:1a:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1Pb3UMCA7M0XAkV6MFZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTAxMTkzNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjIzZDE3YjQ4ZGNlMWRiMjQ0NTY4YjkwMDgyNDk2NzRjOTBlOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywf0WdPJv+f9Lyr1VkizAWTsNknh
Hxoc+UrFbhrs4YEQiI+AvMGq9gNoQ8qVXuq1MQZ8WHMQIWGdxsCt7S8Poy/TIRSe
DGzhNOiPEAYEFnmMNkL0iapdbZT/vZ4DVrb75fwuRnhOyJnoSMaOxVxyGj+TEaaR
wfqctl/Mt4/oPoZrB+0qTqhEZFDH4I2a2ayiRE2tMuZoWDAM+NgFJ5X5W3lc4QwM
KB0MiMrXqBIqc8rhhu9EuryglSakq1j23vZtQCEYzd/VpmPAxU8q3HYQS0XDJ/g2
ATsJq7g2olxg8088wJAWZeTCi6nfRogKccOim58mge6Jm1Pwe9TSmK37zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK8j0XtI3OHbJEVouQCCSWdMkOlJMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvcnlQUmUwamM0ZHNrUldpNUFJSkpaMHlRNlVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5DzMA0G
CSqGSIb3DQEBCwUAA4IBAQB6nq2k0nOtm62TJedZbxZkBlqY81t+07CgHKirFyzF
xrafMPOyBwYf2pkY0OllIfjD+vuYHcNH12KxecUSorejax9myhRKlCFp3mqav042
1b2tpExKXNoHDWBQRLOoIpxmrIBbD5YcoXSqiowiHHnu9Kfzj/KlN9m6pEsLI9qI
7i4k11ybcYTuAOQf81p23BYreNqidC2RLXWOQsCPFStSfqxZ6u812tOFWTGWNYN7
kXMUrkeDTFywx097emQncd8VPCiDiLzvOzK0qmRtYdVT86mYZsXrt2HHLjRun899
rIDb2IXTOHLP7Sa5vnTSsH27tovhZfA5IzY/1Xe4fhop
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:28:20 2025 by rpki-client