Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/fdbLoHvJP5jShSTjTpcjG1VEgnQ.roa
File: fdbLoHvJP5jShSTjTpcjG1VEgnQ.roa (raw, json)
Hash identifier: 1thoMMOCH0I59TBwawTTYnenSUdNpyZkvEb3a3fn14A=
Subject key identifier: 7D:D6:CB:A0:7B:C9:3F:98:D2:85:24:E3:4E:97:23:1B:55:44:82:74
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 019488B214C4F8A78E0C96F02D9BF000F7E5
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/fdbLoHvJP5jShSTjTpcjG1VEgnQ.roa
Signing time: Tue 21 Jan 2025 11:49:19 +0000
ROA not before: Tue 21 Jan 2025 11:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51765
IP address blocks: 195.170.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:88:b2:14:c4:f8:a7:8e:0c:96:f0:2d:9b:f0:00:f7:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jan 21 11:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7dd6cba07bc93f98d28524e34e97231b55448274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:86:57:6d:cf:b5:c9:23:3c:31:73:91:a9:6e:
b0:23:9c:11:64:8c:37:54:ce:44:12:e6:1e:69:96:
d1:d8:52:e5:1e:2f:76:66:94:52:dd:af:f6:93:80:
bd:47:aa:9d:b3:54:4d:c9:57:bb:b6:83:83:73:1d:
24:84:b1:db:aa:46:e9:f1:33:70:b8:b2:1e:a5:6f:
49:69:1a:47:83:cb:8e:03:5b:3a:fa:06:42:e3:69:
03:51:eb:54:f2:43:3c:ec:d7:d4:1f:83:f8:d5:bb:
ab:09:45:78:be:4c:2a:8c:d2:0f:c4:0b:b6:78:5d:
81:dc:5e:b4:0f:f8:32:e1:24:25:21:90:24:77:41:
b0:81:16:7c:a3:fd:97:42:41:ca:2c:2e:82:2c:bc:
3f:88:e1:24:16:e3:61:22:32:df:21:8c:42:bc:4f:
b4:b4:75:0b:c6:d9:73:86:1b:ad:72:31:04:83:ae:
51:e9:ea:81:c0:a6:50:d7:b8:78:39:50:60:ad:87:
c8:a6:43:26:38:f9:c3:94:03:25:1e:01:c0:4a:42:
41:b8:54:c0:3f:4f:16:58:22:27:f2:fd:34:af:6b:
73:0b:c6:c3:ef:bd:8f:da:0c:d2:b0:8d:9e:ca:ed:
69:0a:37:f1:28:aa:2f:8f:cc:41:62:88:02:58:fc:
f4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D6:CB:A0:7B:C9:3F:98:D2:85:24:E3:4E:97:23:1B:55:44:82:74
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/fdbLoHvJP5jShSTjTpcjG1VEgnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.170.163.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:51:ea:b9:01:b8:1a:7e:fe:e4:cf:2f:80:6e:3c:cf:cd:a8:
e6:92:68:e1:a6:1f:12:64:dc:b7:b5:9a:6f:f3:47:95:38:09:
ac:14:14:a3:e9:9e:c9:81:b4:bc:e0:2b:0d:7d:24:a1:9f:94:
84:c0:a6:cd:3f:8a:54:1f:76:71:73:97:fc:84:79:2f:86:76:
d7:00:25:ee:ca:bc:33:aa:fa:39:ca:46:5b:b5:a5:34:0b:db:
3c:5f:0d:00:30:ce:1e:cc:71:d9:13:d7:15:c1:d4:eb:10:ea:
3d:52:a3:63:8d:64:4a:5d:5c:39:8f:64:d0:17:08:5c:64:a1:
a2:66:4e:1e:c6:64:1d:d1:96:6b:20:64:a9:91:19:5e:fa:ab:
8c:4e:a8:e4:ca:9a:e4:19:fe:e3:9d:69:07:1d:90:a1:42:4e:
b7:d5:e8:6a:34:4e:47:b7:a3:9f:51:40:bd:d6:3d:db:f5:9c:
c5:6f:c7:15:a3:cc:a9:da:75:c8:22:76:51:9e:75:59:f3:16:
14:55:1e:7a:c3:f5:67:5c:5a:93:6e:f6:d1:e3:93:0f:ce:86:
07:77:72:e4:94:38:ca:fe:cc:82:25:d5:3c:cd:90:07:8a:0b:
6c:1e:88:88:ce:20:1b:54:77:75:a9:6d:05:aa:96:74:30:5d:
6f:d4:f5:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSIshTE+KeODJbwLZvwAPflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwMTIxMTE0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGQ2Y2JhMDdiYzkzZjk4ZDI4NTI0ZTM0ZTk3MjMxYjU1NDQ4Mjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4ZXbc+1ySM8MXORqW6wI5wRZIw3
VM5EEuYeaZbR2FLlHi92ZpRS3a/2k4C9R6qds1RNyVe7toODcx0khLHbqkbp8TNw
uLIepW9JaRpHg8uOA1s6+gZC42kDUetU8kM87NfUH4P41burCUV4vkwqjNIPxAu2
eF2B3F60D/gy4SQlIZAkd0GwgRZ8o/2XQkHKLC6CLLw/iOEkFuNhIjLfIYxCvE+0
tHULxtlzhhutcjEEg65R6eqBwKZQ17h4OVBgrYfIpkMmOPnDlAMlHgHASkJBuFTA
P08WWCIn8v00r2tzC8bD772P2gzSsI2eyu1pCjfxKKovj8xBYogCWPz0rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH3Wy6B7yT+Y0oUk406XIxtVRIJ0MB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvZmRiTG9IdkpQNWpTaFNUalRwY2pHMVZFZ25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6qjMA0G
CSqGSIb3DQEBCwUAA4IBAQBuUeq5Abgafv7kzy+AbjzPzajmkmjhph8SZNy3tZpv
80eVOAmsFBSj6Z7JgbS84CsNfSShn5SEwKbNP4pUH3Zxc5f8hHkvhnbXACXuyrwz
qvo5ykZbtaU0C9s8Xw0AMM4ezHHZE9cVwdTrEOo9UqNjjWRKXVw5j2TQFwhcZKGi
Zk4exmQd0ZZrIGSpkRle+quMTqjkyprkGf7jnWkHHZChQk631ehqNE5Ht6OfUUC9
1j3b9ZzFb8cVo8yp2nXIInZRnnVZ8xYUVR56w/VnXFqTbvbR45MPzoYHd3LklDjK
/syCJdU8zZAHigtsHoiIziAbVHd1qW0FqpZ0MF1v1PUP
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:44:09 2025 by rpki-client