Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/5b4e13-b3dd-4d8a-8e71-cae6c725d92f/1/nEDjfIZKF5qMb1h8bPxSVAUrtik.roa
File: nEDjfIZKF5qMb1h8bPxSVAUrtik.roa (raw, json)
Hash identifier: JVEr/YaoGSePnRYcOVuf4Hm+Hsrwi6AszccnyN21uQc=
Subject key identifier: 9C:40:E3:7C:86:4A:17:9A:8C:6F:58:7C:6C:FC:52:54:05:2B:B6:29
Certificate issuer: /CN=bde6ac28f954e13dcb7db69bc222b785b4d75f2c
Certificate serial: 019424B3EFA85D7BC71C18B57F1DC741E728
Authority key identifier: BD:E6:AC:28:F9:54:E1:3D:CB:7D:B6:9B:C2:22:B7:85:B4:D7:5F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/veasKPlU4T3LfbabwiK3hbTXXyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/5b4e13-b3dd-4d8a-8e71-cae6c725d92f/1/nEDjfIZKF5qMb1h8bPxSVAUrtik.roa
Signing time: Thu 02 Jan 2025 01:49:19 +0000
ROA not before: Thu 02 Jan 2025 01:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25275
IP address blocks: 195.234.224.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ef:a8:5d:7b:c7:1c:18:b5:7f:1d:c7:41:e7:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde6ac28f954e13dcb7db69bc222b785b4d75f2c
Validity
Not Before: Jan 2 01:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c40e37c864a179a8c6f587c6cfc5254052bb629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:90:12:29:ae:dd:9c:06:a1:af:5b:82:9e:85:
85:88:3d:35:8a:e6:71:60:26:7b:6d:9a:d8:8c:64:
77:57:4f:8b:76:fc:b5:58:96:a7:3d:16:2f:09:60:
0f:f5:ee:2b:1d:c7:3b:e9:cc:03:bc:8e:83:6a:d2:
01:5c:d6:d6:c2:b8:c1:da:81:45:38:2d:99:6a:f1:
83:b1:10:2c:a4:6b:62:69:e0:fd:f1:cd:b1:1e:b5:
08:a2:ea:57:5f:06:60:54:e6:37:b9:53:c8:45:41:
d0:57:99:33:e5:99:c2:da:29:59:81:53:4e:07:7f:
46:c9:1c:d5:6a:5e:c0:fe:12:48:f7:cc:9e:f3:1d:
b6:73:7c:0b:a3:9e:78:54:bd:48:2e:d8:36:c1:ff:
54:6b:ef:cb:ac:62:b6:8b:8f:ac:bc:f6:46:35:bf:
b0:19:09:90:51:15:e4:fd:e2:45:77:1c:81:fd:a0:
14:7d:48:3e:ca:6c:3e:12:a9:11:98:59:b2:cf:67:
37:97:60:0b:f3:7b:26:c9:f3:6a:0f:8b:51:ed:90:
6f:bd:58:f7:e6:5d:2b:69:a6:39:b7:fd:63:a1:83:
e0:cb:8d:d2:ec:2c:82:24:be:78:4b:01:7e:db:ba:
a1:17:37:88:17:d4:b1:5a:2d:72:42:b0:a8:66:2b:
14:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:40:E3:7C:86:4A:17:9A:8C:6F:58:7C:6C:FC:52:54:05:2B:B6:29
X509v3 Authority Key Identifier:
keyid:BD:E6:AC:28:F9:54:E1:3D:CB:7D:B6:9B:C2:22:B7:85:B4:D7:5F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veasKPlU4T3LfbabwiK3hbTXXyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/5b4e13-b3dd-4d8a-8e71-cae6c725d92f/1/nEDjfIZKF5qMb1h8bPxSVAUrtik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/5b4e13-b3dd-4d8a-8e71-cae6c725d92f/1/veasKPlU4T3LfbabwiK3hbTXXyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.224.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:76:17:4f:4b:dd:41:56:5f:9f:51:bf:e6:ee:bb:85:49:f3:
cc:72:61:e3:7b:02:47:ed:09:3a:3d:d4:aa:29:2d:43:71:35:
20:19:c4:37:a0:16:63:17:62:f7:d2:bd:29:4b:51:9d:24:d5:
10:cb:76:47:6a:1b:31:e3:41:32:41:6f:98:d2:fb:8b:d6:fb:
49:0a:3b:cc:92:be:90:94:0b:7b:6c:a7:6c:09:f0:9e:41:35:
24:46:d6:b6:63:37:d2:e0:bb:15:56:f8:42:d1:d2:8e:11:8e:
94:6f:f0:bf:b4:59:6a:64:7b:25:16:ba:67:08:0d:57:a9:05:
a9:49:11:2a:96:21:e9:f1:17:6c:63:49:05:ce:68:f9:2a:34:
00:dc:6f:c9:4b:a0:a9:7e:18:40:f1:60:78:74:ce:5c:34:d1:
b1:11:90:c0:f3:2e:c9:b4:0e:63:2c:15:52:3c:b9:2a:d4:57:
07:b4:4d:0d:ca:49:90:fb:80:f1:ba:93:9f:2d:50:97:eb:fb:
05:82:9e:d6:d2:bf:07:63:7f:61:47:92:17:ab:35:69:1b:9c:
da:33:3d:97:e6:d5:ec:0e:7c:2e:99:ee:d1:ef:0c:08:09:9b:
2f:0a:13:be:94:eb:5e:01:62:98:c0:7e:fe:a6:80:aa:bf:bf:
0d:8b:0a:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks++oXXvHHBi1fx3HQecoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTZhYzI4Zjk1NGUxM2RjYjdkYjY5YmMyMjJiNzg1YjRk
NzVmMmMwHhcNMjUwMTAyMDE0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzQwZTM3Yzg2NGExNzlhOGM2ZjU4N2M2Y2ZjNTI1NDA1MmJiNjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZASKa7dnAahr1uCnoWFiD01iuZx
YCZ7bZrYjGR3V0+Ldvy1WJanPRYvCWAP9e4rHcc76cwDvI6DatIBXNbWwrjB2oFF
OC2ZavGDsRAspGtiaeD98c2xHrUIoupXXwZgVOY3uVPIRUHQV5kz5ZnC2ilZgVNO
B39GyRzVal7A/hJI98ye8x22c3wLo554VL1ILtg2wf9Ua+/LrGK2i4+svPZGNb+w
GQmQURXk/eJFdxyB/aAUfUg+ymw+EqkRmFmyz2c3l2AL83smyfNqD4tR7ZBvvVj3
5l0raaY5t/1joYPgy43S7CyCJL54SwF+27qhFzeIF9SxWi1yQrCoZisUNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxA43yGSheajG9YfGz8UlQFK7YpMB8GA1UdIwQY
MBaAFL3mrCj5VOE9y322m8Iit4W0118sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVhc0tQbFU0VDNMZmJhYndpSzNoYlRYWHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy81YjRlMTMtYjNkZC00ZDhhLThlNzEt
Y2FlNmM3MjVkOTJmLzEvbkVEamZJWktGNXFNYjFoOGJQeFNWQVVydGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy81YjRlMTMtYjNkZC00ZDhhLThlNzEtY2FlNmM3MjVkOTJm
LzEvdmVhc0tQbFU0VDNMZmJhYndpSzNoYlRYWHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw+rgMA0G
CSqGSIb3DQEBCwUAA4IBAQBKdhdPS91BVl+fUb/m7ruFSfPMcmHjewJH7Qk6PdSq
KS1DcTUgGcQ3oBZjF2L30r0pS1GdJNUQy3ZHahsx40EyQW+Y0vuL1vtJCjvMkr6Q
lAt7bKdsCfCeQTUkRta2YzfS4LsVVvhC0dKOEY6Ub/C/tFlqZHslFrpnCA1XqQWp
SREqliHp8RdsY0kFzmj5KjQA3G/JS6CpfhhA8WB4dM5cNNGxEZDA8y7JtA5jLBVS
PLkq1FcHtE0NykmQ+4DxupOfLVCX6/sFgp7W0r8HY39hR5IXqzVpG5zaMz2X5tXs
Dnwume7R7wwICZsvChO+lOteAWKYwH7+poCqv78NiwoM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:50 2025 by rpki-client