Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/fa09f3-d0ea-48d0-acb1-436e34484bfc/1/jqQXbfvIehtcOccsmkpG8JMf7mA.roa
File: jqQXbfvIehtcOccsmkpG8JMf7mA.roa (raw, json)
Hash identifier: G0r05X4ASUr8oNoDrxU8tRF6emOwuyR+o9YPax5AfkE=
Subject key identifier: 8E:A4:17:6D:FB:C8:7A:1B:5C:39:C7:2C:9A:4A:46:F0:93:1F:EE:60
Certificate issuer: /CN=d2090b6e7691f7e19d771e63581a181d7a6e0da1
Certificate serial: 0185CDED104040B6C064B6F18CAF07B3AA23
Authority key identifier: D2:09:0B:6E:76:91:F7:E1:9D:77:1E:63:58:1A:18:1D:7A:6E:0D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0gkLbnaR9-Gddx5jWBoYHXpuDaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/fa09f3-d0ea-48d0-acb1-436e34484bfc/1/jqQXbfvIehtcOccsmkpG8JMf7mA.roa
Signing time: Fri 20 Jan 2023 06:45:43 +0000
ROA not before: Fri 20 Jan 2023 06:45:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48359
IP address blocks: 195.96.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cd:ed:10:40:40:b6:c0:64:b6:f1:8c:af:07:b3:aa:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2090b6e7691f7e19d771e63581a181d7a6e0da1
Validity
Not Before: Jan 20 06:45:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ea4176dfbc87a1b5c39c72c9a4a46f0931fee60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:00:67:88:4e:0a:9a:9c:67:93:a3:97:0f:7c:
a9:f5:e7:8f:a9:7a:27:cb:8d:0b:f6:a5:1f:ff:f8:
60:68:73:6a:f4:d2:2f:df:b6:9f:51:2d:37:47:c4:
3f:97:d9:dd:c4:fe:f1:7b:9b:12:e6:ef:ee:cd:8f:
5c:33:ce:b8:c5:89:37:2c:ff:33:fe:b1:35:53:25:
9d:66:b7:f3:44:4c:1e:39:9c:b4:4c:9e:6d:67:a4:
8e:8f:76:88:61:8c:d6:20:83:b1:25:b7:77:e3:a9:
37:a0:a4:9f:b4:fe:32:99:cd:2d:c1:24:58:43:f8:
87:1f:ef:92:ba:5c:9a:f1:5f:96:8d:f4:87:45:cd:
b1:2a:f0:2a:00:b6:b8:6d:31:26:80:5c:13:99:47:
2f:d5:d1:73:56:f2:81:0c:a4:d3:2e:3c:07:a9:7c:
d5:c7:a4:b7:9e:36:60:33:4c:b7:75:88:52:eb:60:
dc:44:57:7d:c1:d3:b7:bb:4a:e7:3b:79:35:77:9f:
2d:77:b0:c2:b1:26:cd:f0:14:a5:61:ce:ba:2a:ef:
8b:39:49:b6:35:34:16:d0:28:38:a8:cb:72:7a:34:
30:23:c4:85:3c:10:55:ba:65:e0:5a:74:91:2f:93:
41:b1:b7:c1:17:7b:47:76:fb:c0:24:40:ad:71:01:
fd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A4:17:6D:FB:C8:7A:1B:5C:39:C7:2C:9A:4A:46:F0:93:1F:EE:60
X509v3 Authority Key Identifier:
keyid:D2:09:0B:6E:76:91:F7:E1:9D:77:1E:63:58:1A:18:1D:7A:6E:0D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gkLbnaR9-Gddx5jWBoYHXpuDaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fa09f3-d0ea-48d0-acb1-436e34484bfc/1/jqQXbfvIehtcOccsmkpG8JMf7mA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fa09f3-d0ea-48d0-acb1-436e34484bfc/1/0gkLbnaR9-Gddx5jWBoYHXpuDaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.135.0/24
Signature Algorithm: sha256WithRSAEncryption
62:e0:56:d2:41:11:bf:11:1f:bb:cd:d4:9c:c7:59:f1:bc:8c:
eb:52:01:a6:84:66:9d:52:85:68:34:54:52:36:cd:a7:5d:f3:
c4:77:e7:eb:88:10:4c:8c:95:45:7c:3b:d0:69:c4:bd:8f:17:
a7:84:69:88:9f:f8:82:50:32:f2:eb:c3:5f:7e:d1:dd:8d:9e:
ee:56:e8:15:ed:a7:e3:62:5e:45:7a:d8:6c:44:d5:ab:3a:6c:
47:36:b4:0e:4c:de:93:67:dc:c4:91:e7:96:1c:08:74:0e:1e:
07:1d:46:e5:4f:9e:8d:c1:a3:50:c8:4c:8c:f6:c0:13:f0:8e:
5c:57:90:5e:e0:9f:38:9c:57:2b:6a:06:35:c6:45:2e:92:48:
a2:94:ed:3a:95:d8:2a:44:6e:2a:6c:fd:ce:50:61:66:90:26:
a6:c7:33:49:e0:49:8b:56:63:69:bb:f1:09:89:1c:5b:fe:07:
93:2b:2c:bb:61:14:77:ba:67:7b:16:de:69:9b:f3:88:b3:3f:
52:09:8a:96:3b:b4:a3:92:43:ec:e8:fc:b0:55:d6:e6:42:0e:
97:3e:8a:f9:86:da:ca:0f:79:14:64:31:2a:d2:e8:16:22:73:
af:90:f9:60:4e:ff:04:dd:fa:de:b1:f9:d2:51:a4:81:e5:78:
76:46:f7:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXN7RBAQLbAZLbxjK8Hs6ojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMDkwYjZlNzY5MWY3ZTE5ZDc3MWU2MzU4MWExODFkN2E2
ZTBkYTEwHhcNMjMwMTIwMDY0NTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWE0MTc2ZGZiYzg3YTFiNWMzOWM3MmM5YTRhNDZmMDkzMWZlZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswBniE4Kmpxnk6OXD3yp9eePqXon
y40L9qUf//hgaHNq9NIv37afUS03R8Q/l9ndxP7xe5sS5u/uzY9cM864xYk3LP8z
/rE1UyWdZrfzREweOZy0TJ5tZ6SOj3aIYYzWIIOxJbd346k3oKSftP4ymc0twSRY
Q/iHH++Sulya8V+WjfSHRc2xKvAqALa4bTEmgFwTmUcv1dFzVvKBDKTTLjwHqXzV
x6S3njZgM0y3dYhS62DcRFd9wdO3u0rnO3k1d58td7DCsSbN8BSlYc66Ku+LOUm2
NTQW0Cg4qMtyejQwI8SFPBBVumXgWnSRL5NBsbfBF3tHdvvAJECtcQH9mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI6kF237yHobXDnHLJpKRvCTH+5gMB8GA1UdIwQY
MBaAFNIJC252kffhnXceY1gaGB16bg2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGdrTGJuYVI5LUdkZHg1aldCb1lIWHB1RGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9mYTA5ZjMtZDBlYS00OGQwLWFjYjEt
NDM2ZTM0NDg0YmZjLzEvanFRWGJmdkllaHRjT2Njc21rcEc4Sk1mN21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9mYTA5ZjMtZDBlYS00OGQwLWFjYjEtNDM2ZTM0NDg0YmZj
LzEvMGdrTGJuYVI5LUdkZHg1aldCb1lIWHB1RGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CHMA0G
CSqGSIb3DQEBCwUAA4IBAQBi4FbSQRG/ER+7zdScx1nxvIzrUgGmhGadUoVoNFRS
Ns2nXfPEd+friBBMjJVFfDvQacS9jxenhGmIn/iCUDLy68NfftHdjZ7uVugV7afj
Yl5FethsRNWrOmxHNrQOTN6TZ9zEkeeWHAh0Dh4HHUblT56NwaNQyEyM9sAT8I5c
V5Be4J84nFcragY1xkUukkiilO06ldgqRG4qbP3OUGFmkCamxzNJ4EmLVmNpu/EJ
iRxb/geTKyy7YRR3umd7Ft5pm/OIsz9SCYqWO7SjkkPs6PywVdbmQg6XPor5htrK
D3kUZDEq0ugWInOvkPlgTv8E3fresfnSUaSB5Xh2RvfD
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:55:19 2025 by rpki-client