Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/tPgoYI5HCA6lDLuNIZH2QUrkH7w.roa
File: tPgoYI5HCA6lDLuNIZH2QUrkH7w.roa (raw, json)
Hash identifier: WclByaQIiFfhimi4FACXYIiZytd+BWMElGXEmfWnPhY=
Subject key identifier: B4:F8:28:60:8E:47:08:0E:A5:0C:BB:8D:21:91:F6:41:4A:E4:1F:BC
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 01947564C858AB39E7A800581D7F259C0BE7
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/tPgoYI5HCA6lDLuNIZH2QUrkH7w.roa
Signing time: Fri 17 Jan 2025 17:52:06 +0000
ROA not before: Fri 17 Jan 2025 17:52:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 188.95.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:75:64:c8:58:ab:39:e7:a8:00:58:1d:7f:25:9c:0b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jan 17 17:52:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4f828608e47080ea50cbb8d2191f6414ae41fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a4:fd:23:aa:41:10:74:78:24:54:af:5c:6a:
d4:d8:bc:ba:28:ee:70:4c:49:35:0d:86:b1:52:1d:
89:77:f4:9d:dd:91:58:ae:2f:4b:97:7d:a2:cc:0a:
a9:1d:2c:14:6a:0a:d1:15:f9:90:25:c0:b2:06:b7:
0a:c7:a9:e9:a8:3f:3c:f9:bb:47:9e:cc:4c:16:69:
ad:d6:ec:6e:18:f4:0d:bc:04:12:36:f8:7e:92:e6:
be:1b:bc:75:2b:a6:4a:21:57:e0:72:b1:79:41:e8:
13:80:17:2f:9d:98:f7:c9:e6:38:88:6c:9a:d4:83:
a8:6f:9e:c4:e3:3b:0b:49:a6:72:24:6b:3b:d3:f5:
eb:c8:98:8e:b8:9b:f0:4c:a5:52:05:50:df:e4:36:
ce:f9:15:8b:8f:7b:7a:a4:2b:7e:34:a3:2b:9a:2e:
17:72:a6:70:79:08:04:4a:4e:f9:06:54:da:70:a9:
96:b1:fe:08:a6:29:7e:bd:88:7a:3e:03:57:22:11:
93:df:b3:f8:6d:17:bb:f9:8c:60:a5:65:25:ca:b1:
0d:31:4c:68:92:63:e0:d7:5c:39:ea:08:0b:6b:e2:
c0:89:54:24:dc:e0:3f:ea:f2:52:d5:36:5a:19:05:
f3:4a:a3:49:b0:91:09:41:15:ed:59:a4:be:bd:2d:
4a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F8:28:60:8E:47:08:0E:A5:0C:BB:8D:21:91:F6:41:4A:E4:1F:BC
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/tPgoYI5HCA6lDLuNIZH2QUrkH7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.67.0/24
Signature Algorithm: sha256WithRSAEncryption
77:74:3d:4a:23:21:c0:e3:36:16:a0:51:89:3c:45:2b:35:81:
92:f3:b1:df:f1:48:10:e5:17:80:b3:a9:9a:e6:2f:7b:97:63:
26:74:79:77:c5:48:ec:79:27:9f:66:ca:d1:6c:3d:46:31:78:
16:8d:3a:d8:dd:cc:05:fa:b3:28:42:00:8f:a5:0a:c2:90:33:
d4:ba:f5:e6:b8:66:a4:a8:2d:80:04:a0:74:6c:9d:d0:24:7b:
1c:71:6f:da:c7:9f:6d:be:18:83:60:f4:9f:1f:12:e1:3f:7d:
b2:7a:0f:9e:66:74:e0:8f:27:eb:86:2d:33:f7:4a:80:74:16:
f5:d3:12:a2:1d:d2:6d:8b:7d:88:b4:b1:de:39:6e:f5:f7:19:
b3:13:fb:22:4c:c4:e7:b4:23:c8:b2:b4:b9:cd:54:0f:b5:06:
7e:57:21:23:31:50:a4:36:a2:0e:eb:77:14:ae:9e:9c:d1:f0:
91:d8:f5:e5:7b:8d:d5:5c:4b:bb:64:c7:4a:97:7c:59:1e:6d:
0c:8b:7f:17:88:a0:2c:59:a5:74:cc:fb:32:c5:cc:a3:49:4d:
1a:e3:32:66:0a:dc:06:68:3a:fb:f3:cb:16:b8:05:ae:0f:f6:
87:0a:61:c5:f8:58:f1:fb:11:d8:19:dc:3a:b7:d8:e1:78:54:
29:93:cb:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZR1ZMhYqznnqABYHX8lnAvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwMTE3MTc1MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY4Mjg2MDhlNDcwODBlYTUwY2JiOGQyMTkxZjY0MTRhZTQxZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqT9I6pBEHR4JFSvXGrU2Ly6KO5w
TEk1DYaxUh2Jd/Sd3ZFYri9Ll32izAqpHSwUagrRFfmQJcCyBrcKx6npqD88+btH
nsxMFmmt1uxuGPQNvAQSNvh+kua+G7x1K6ZKIVfgcrF5QegTgBcvnZj3yeY4iGya
1IOob57E4zsLSaZyJGs70/XryJiOuJvwTKVSBVDf5DbO+RWLj3t6pCt+NKMrmi4X
cqZweQgESk75BlTacKmWsf4Ipil+vYh6PgNXIhGT37P4bRe7+YxgpWUlyrENMUxo
kmPg11w56ggLa+LAiVQk3OA/6vJS1TZaGQXzSqNJsJEJQRXtWaS+vS1KuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLT4KGCORwgOpQy7jSGR9kFK5B+8MB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvdFBnb1lJNUhDQTZsREx1TklaSDJRVXJrSDd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF9DMA0G
CSqGSIb3DQEBCwUAA4IBAQB3dD1KIyHA4zYWoFGJPEUrNYGS87Hf8UgQ5ReAs6ma
5i97l2MmdHl3xUjseSefZsrRbD1GMXgWjTrY3cwF+rMoQgCPpQrCkDPUuvXmuGak
qC2ABKB0bJ3QJHsccW/ax59tvhiDYPSfHxLhP32yeg+eZnTgjyfrhi0z90qAdBb1
0xKiHdJti32ItLHeOW719xmzE/siTMTntCPIsrS5zVQPtQZ+VyEjMVCkNqIO63cU
rp6c0fCR2PXle43VXEu7ZMdKl3xZHm0Mi38XiKAsWaV0zPsyxcyjSU0a4zJmCtwG
aDr788sWuAWuD/aHCmHF+Fjx+xHYGdw6t9jheFQpk8ul
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:49:34 2025 by rpki-client