Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/dA9DZPAABtlejc0G0adjQxYBv5c.roa
File: dA9DZPAABtlejc0G0adjQxYBv5c.roa (raw, json)
Hash identifier: 3UVeFl3N3ODI+QVLphkmL5y9dyL4Gw+YagDr/4SW4gs=
Subject key identifier: 74:0F:43:64:F0:00:06:D9:5E:8D:CD:06:D1:A7:63:43:16:01:BF:97
Certificate issuer: /CN=dddc9ad250b85cd39949465b6681b2f1df14d6a3
Certificate serial: 0194222009DBC0B5FECD6167FEEF5CBFBFA8
Authority key identifier: DD:DC:9A:D2:50:B8:5C:D3:99:49:46:5B:66:81:B2:F1:DF:14:D6:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3dya0lC4XNOZSUZbZoGy8d8U1qM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/dA9DZPAABtlejc0G0adjQxYBv5c.roa
Signing time: Wed 01 Jan 2025 13:48:32 +0000
ROA not before: Wed 01 Jan 2025 13:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20668
IP address blocks: 195.211.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:09:db:c0:b5:fe:cd:61:67:fe:ef:5c:bf:bf:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dddc9ad250b85cd39949465b6681b2f1df14d6a3
Validity
Not Before: Jan 1 13:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=740f4364f00006d95e8dcd06d1a763431601bf97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f6:21:6e:0a:de:d8:4c:37:26:01:f2:e1:89:
12:0f:cc:51:b9:8e:bf:d2:56:b8:88:7e:3e:7d:23:
ee:af:7e:58:f5:c8:6f:67:b8:9f:95:57:2d:8d:77:
40:05:48:dd:3a:22:9c:22:11:9e:05:fe:5a:7c:f0:
0f:e7:03:dd:4d:63:3f:c6:eb:2f:a6:61:d1:13:e7:
a9:bc:f8:b4:5d:03:d1:4b:a3:95:44:f4:c1:7d:4e:
03:3f:73:c5:6e:88:65:5c:aa:8a:1c:af:1d:ad:cf:
41:6f:22:72:33:ac:c2:ba:75:82:1f:78:fa:d4:fe:
02:14:e2:df:ab:87:50:da:82:bf:91:89:71:03:ec:
89:4b:75:d2:f1:48:ec:1f:fb:42:a5:03:87:dc:5e:
32:80:2a:5a:2c:7f:d6:29:5a:5f:38:cd:5b:19:61:
45:28:64:53:c6:a5:3c:f6:31:03:9e:a7:cd:88:ec:
f7:1d:f0:c2:83:f5:c0:5a:3e:35:f7:f3:25:62:c7:
f0:eb:94:27:41:f5:e9:ca:c1:30:c4:4b:ba:4e:a1:
96:29:5c:c8:ad:94:27:68:69:0d:dc:43:b9:95:54:
35:c2:41:f9:03:4c:ae:68:31:46:d4:94:d4:0d:5a:
5b:74:c3:9d:ab:ef:ca:d7:b9:77:16:ca:de:87:ca:
af:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:0F:43:64:F0:00:06:D9:5E:8D:CD:06:D1:A7:63:43:16:01:BF:97
X509v3 Authority Key Identifier:
keyid:DD:DC:9A:D2:50:B8:5C:D3:99:49:46:5B:66:81:B2:F1:DF:14:D6:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dya0lC4XNOZSUZbZoGy8d8U1qM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/dA9DZPAABtlejc0G0adjQxYBv5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.127.0/24
Signature Algorithm: sha256WithRSAEncryption
65:ff:f3:bc:f4:c6:23:56:c7:d3:54:fd:30:fb:72:c8:f1:c4:
b1:2c:e7:90:7a:5b:c6:f6:42:09:86:ad:15:3d:b3:09:60:99:
2b:29:a7:43:ab:61:40:ed:c7:7a:30:48:dd:49:14:77:98:66:
58:12:06:b5:6f:d2:f6:d4:bc:c6:4b:f0:26:1d:3b:ef:6b:b3:
0e:12:47:46:1a:b6:af:2f:f0:28:d2:13:c2:b5:66:34:33:54:
bb:be:dd:57:fd:27:0b:25:dc:3b:ad:5d:05:71:86:d2:17:52:
a9:fb:d6:ab:d8:10:48:bb:f9:75:3d:66:84:fe:05:1f:c6:23:
70:5c:06:96:b9:e5:a8:f3:ab:4c:d3:f9:1f:1f:77:b6:94:84:
90:60:79:a7:09:00:8b:46:66:38:10:a0:f1:0b:81:f7:f7:55:
cf:99:d8:4d:00:85:c6:76:6a:67:b4:0e:a7:28:36:e9:a3:79:
fc:d9:35:99:5c:7c:76:09:ea:da:db:35:62:0f:7f:95:46:8f:
db:42:17:20:52:de:c4:a9:84:1e:a2:dc:3b:8b:92:1a:e5:1d:
f3:be:fc:02:ac:5d:80:bb:c0:a0:37:de:09:aa:8b:7c:18:18:
5d:25:55:fd:bc:4a:c1:13:15:6b:e0:15:54:58:de:75:0b:8b:
de:64:50:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIAnbwLX+zWFn/u9cv7+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZGM5YWQyNTBiODVjZDM5OTQ5NDY1YjY2ODFiMmYxZGYx
NGQ2YTMwHhcNMjUwMTAxMTM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDBmNDM2NGYwMDAwNmQ5NWU4ZGNkMDZkMWE3NjM0MzE2MDFiZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4vYhbgre2Ew3JgHy4YkSD8xRuY6/
0la4iH4+fSPur35Y9chvZ7iflVctjXdABUjdOiKcIhGeBf5afPAP5wPdTWM/xusv
pmHRE+epvPi0XQPRS6OVRPTBfU4DP3PFbohlXKqKHK8drc9BbyJyM6zCunWCH3j6
1P4CFOLfq4dQ2oK/kYlxA+yJS3XS8UjsH/tCpQOH3F4ygCpaLH/WKVpfOM1bGWFF
KGRTxqU89jEDnqfNiOz3HfDCg/XAWj419/MlYsfw65QnQfXpysEwxEu6TqGWKVzI
rZQnaGkN3EO5lVQ1wkH5A0yuaDFG1JTUDVpbdMOdq+/K17l3Fsreh8qviwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQPQ2TwAAbZXo3NBtGnY0MWAb+XMB8GA1UdIwQY
MBaAFN3cmtJQuFzTmUlGW2aBsvHfFNajMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2R5YTBsQzRYTk9aU1VaYlpvR3k4ZDhVMXFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81YmY5NDgtOTc3Yi00YjBlLWI4ZTct
MGQ0MzE4Y2E4YzU1LzEvZEE5RFpQQUFCdGxlamMwRzBhZGpReFlCdjVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81YmY5NDgtOTc3Yi00YjBlLWI4ZTctMGQ0MzE4Y2E4YzU1
LzEvM2R5YTBsQzRYTk9aU1VaYlpvR3k4ZDhVMXFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9N/MA0G
CSqGSIb3DQEBCwUAA4IBAQBl//O89MYjVsfTVP0w+3LI8cSxLOeQelvG9kIJhq0V
PbMJYJkrKadDq2FA7cd6MEjdSRR3mGZYEga1b9L21LzGS/AmHTvva7MOEkdGGrav
L/Ao0hPCtWY0M1S7vt1X/ScLJdw7rV0FcYbSF1Kp+9ar2BBIu/l1PWaE/gUfxiNw
XAaWueWo86tM0/kfH3e2lISQYHmnCQCLRmY4EKDxC4H391XPmdhNAIXGdmpntA6n
KDbpo3n82TWZXHx2Cera2zViD3+VRo/bQhcgUt7EqYQeotw7i5Ia5R3zvvwCrF2A
u8CgN94Jqot8GBhdJVX9vErBExVr4BVUWN51C4veZFD2
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:10:36 2025 by rpki-client