Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/19d867-fd39-409e-b20a-ddcc25881128/1/b5qYlj2pGelCE8iMTZgVzkLgjZ4.roa
File: b5qYlj2pGelCE8iMTZgVzkLgjZ4.roa (raw, json)
Hash identifier: Q1LSediVZtUJxlECrGud2jZUPviShybaGQ27nBC5c2M=
Subject key identifier: 6F:9A:98:96:3D:A9:19:E9:42:13:C8:8C:4D:98:15:CE:42:E0:8D:9E
Certificate issuer: /CN=000c9d5542a5aa8cd5e0198ab83fce0f9472a461
Certificate serial: 019422FB7F10C63C7CF63DEA60DE243BAF02
Authority key identifier: 00:0C:9D:55:42:A5:AA:8C:D5:E0:19:8A:B8:3F:CE:0F:94:72:A4:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AAydVUKlqozV4BmKuD_OD5RypGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/19d867-fd39-409e-b20a-ddcc25881128/1/b5qYlj2pGelCE8iMTZgVzkLgjZ4.roa
Signing time: Wed 01 Jan 2025 17:48:14 +0000
ROA not before: Wed 01 Jan 2025 17:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209682
IP address blocks: 95.214.64.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:7f:10:c6:3c:7c:f6:3d:ea:60:de:24:3b:af:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=000c9d5542a5aa8cd5e0198ab83fce0f9472a461
Validity
Not Before: Jan 1 17:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f9a98963da919e94213c88c4d9815ce42e08d9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3a:92:ba:a9:ee:c2:0e:03:32:8e:1f:a1:d8:
01:91:09:c1:71:52:e2:38:28:0e:f1:60:01:d2:b5:
0b:40:17:53:39:39:27:88:b7:2f:16:72:12:3b:63:
27:29:60:31:9f:82:ea:04:4c:10:ce:93:a4:28:43:
a4:39:62:24:2d:47:97:6c:8e:19:a2:6b:cf:eb:39:
83:9a:02:ea:43:c2:b5:b0:97:8e:2e:eb:79:fa:2a:
6e:c5:39:aa:8b:3d:7b:bd:80:a0:f5:92:20:90:5b:
77:de:94:27:e4:21:7b:83:07:c3:71:e7:50:ee:2b:
2c:f4:73:05:a6:98:8e:18:21:3d:95:2e:66:b6:8f:
55:62:3a:59:a9:27:1e:46:39:5e:6d:c0:e3:0f:30:
65:9a:65:e4:01:7d:41:28:7e:9a:e6:e0:6b:17:b8:
36:34:74:ae:6c:7c:f0:49:ff:bc:6e:60:f2:70:38:
83:dc:df:ff:27:7f:d0:12:28:bc:99:81:e6:a7:14:
ea:84:82:00:af:dd:ac:3f:ae:34:26:6e:58:41:95:
dd:6f:d9:38:e0:bf:30:2d:c1:b3:85:47:12:47:5e:
51:ee:db:3a:07:32:99:03:01:c0:44:5b:96:c3:9e:
b6:70:87:17:a8:c1:04:74:0a:f5:e5:12:e7:61:d8:
c3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:9A:98:96:3D:A9:19:E9:42:13:C8:8C:4D:98:15:CE:42:E0:8D:9E
X509v3 Authority Key Identifier:
keyid:00:0C:9D:55:42:A5:AA:8C:D5:E0:19:8A:B8:3F:CE:0F:94:72:A4:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AAydVUKlqozV4BmKuD_OD5RypGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/19d867-fd39-409e-b20a-ddcc25881128/1/b5qYlj2pGelCE8iMTZgVzkLgjZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/19d867-fd39-409e-b20a-ddcc25881128/1/AAydVUKlqozV4BmKuD_OD5RypGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.64.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:0a:4b:b6:92:3a:69:60:9f:9e:ed:8f:23:ac:17:0e:b2:c3:
8f:bb:90:31:5c:f0:9c:d7:77:ab:fc:2f:cd:f4:02:71:1a:f3:
7e:42:58:7a:64:9a:18:5e:32:2d:db:43:49:e4:28:30:73:76:
3b:b5:a5:33:11:ad:d0:61:5f:db:c7:ff:c4:44:45:9d:9d:e8:
87:88:e0:1a:57:e1:16:24:c1:9b:55:28:1c:c9:ba:8b:81:c1:
ac:01:5d:42:09:07:c9:e5:a0:42:66:62:09:71:7e:28:0c:48:
20:52:a9:21:9f:2d:a4:31:19:a7:1f:13:11:6e:bc:c4:e1:3c:
2f:a5:90:82:36:21:79:89:82:f3:1e:cc:38:ab:bb:7f:2b:51:
ce:a5:3f:9d:44:ba:4a:0d:d1:94:aa:7b:df:f0:eb:e2:aa:63:
f3:50:e2:76:f0:b0:76:96:19:e9:0b:2b:cc:3e:8a:ec:36:87:
dd:cb:56:54:39:f1:7a:d2:f7:2b:74:16:14:64:5c:a1:c7:e7:
3e:c4:f1:b3:30:4c:16:a8:94:bf:44:ad:83:c7:21:f9:8f:e7:
4c:3c:a1:0f:9c:36:88:98:c3:f3:af:aa:75:da:64:d3:ef:76:
b7:36:53:34:07:22:46:53:61:b5:f4:0f:1c:23:6a:fb:61:65:
a6:47:2b:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+38Qxjx89j3qYN4kO68CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMGM5ZDU1NDJhNWFhOGNkNWUwMTk4YWI4M2ZjZTBmOTQ3
MmE0NjEwHhcNMjUwMTAxMTc0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjlhOTg5NjNkYTkxOWU5NDIxM2M4OGM0ZDk4MTVjZTQyZTA4ZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTqSuqnuwg4DMo4fodgBkQnBcVLi
OCgO8WAB0rULQBdTOTkniLcvFnISO2MnKWAxn4LqBEwQzpOkKEOkOWIkLUeXbI4Z
omvP6zmDmgLqQ8K1sJeOLut5+ipuxTmqiz17vYCg9ZIgkFt33pQn5CF7gwfDcedQ
7iss9HMFppiOGCE9lS5mto9VYjpZqSceRjlebcDjDzBlmmXkAX1BKH6a5uBrF7g2
NHSubHzwSf+8bmDycDiD3N//J3/QEii8mYHmpxTqhIIAr92sP640Jm5YQZXdb9k4
4L8wLcGzhUcSR15R7ts6BzKZAwHARFuWw562cIcXqMEEdAr15RLnYdjD7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+amJY9qRnpQhPIjE2YFc5C4I2eMB8GA1UdIwQY
MBaAFAAMnVVCpaqM1eAZirg/zg+UcqRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUF5ZFZVS2xxb3pWNEJtS3VEX09ENVJ5cEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xOWQ4NjctZmQzOS00MDllLWIyMGEt
ZGRjYzI1ODgxMTI4LzEvYjVxWWxqMnBHZWxDRThpTVRaZ1Z6a0xnalo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xOWQ4NjctZmQzOS00MDllLWIyMGEtZGRjYzI1ODgxMTI4
LzEvQUF5ZFZVS2xxb3pWNEJtS3VEX09ENVJ5cEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX9ZAMA0G
CSqGSIb3DQEBCwUAA4IBAQBKCku2kjppYJ+e7Y8jrBcOssOPu5AxXPCc13er/C/N
9AJxGvN+Qlh6ZJoYXjIt20NJ5Cgwc3Y7taUzEa3QYV/bx//EREWdneiHiOAaV+EW
JMGbVSgcybqLgcGsAV1CCQfJ5aBCZmIJcX4oDEggUqkhny2kMRmnHxMRbrzE4Twv
pZCCNiF5iYLzHsw4q7t/K1HOpT+dRLpKDdGUqnvf8OviqmPzUOJ28LB2lhnpCyvM
PorsNofdy1ZUOfF60vcrdBYUZFyhx+c+xPGzMEwWqJS/RK2DxyH5j+dMPKEPnDaI
mMPzr6p12mTT73a3NlM0ByJGU2G19A8cI2r7YWWmRyse
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:26 2025 by rpki-client