Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/i0fmZM1AEDYMZaFq1nuZM08ObDQ.roa
File: i0fmZM1AEDYMZaFq1nuZM08ObDQ.roa (raw, json)
Hash identifier: KgMXn1dnqIA/Jlk/tE/8JiwXL+vU/J3JJ5ZTHfnCA7I=
Subject key identifier: 8B:47:E6:64:CD:40:10:36:0C:65:A1:6A:D6:7B:99:33:4F:0E:6C:34
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019422FBD79F53B09DA76DEAD89DDF89DAED
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/i0fmZM1AEDYMZaFq1nuZM08ObDQ.roa
Signing time: Wed 01 Jan 2025 17:48:37 +0000
ROA not before: Wed 01 Jan 2025 17:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396613
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:d7:9f:53:b0:9d:a7:6d:ea:d8:9d:df:89:da:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 1 17:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b47e664cd4010360c65a16ad67b99334f0e6c34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f2:2e:ad:da:3c:29:d6:2a:80:19:a6:57:8e:
d8:95:10:ef:00:22:3d:61:ac:f4:79:c9:67:d8:35:
32:5c:c8:6e:1e:e4:71:40:2b:ad:50:ac:6e:dc:d4:
fc:be:08:6e:d1:6c:15:5d:6b:50:09:3e:60:da:b8:
ce:96:58:9c:ab:76:5f:b7:3d:c5:7e:a6:fd:f2:b5:
a9:f8:c6:d7:9b:b3:b9:75:ae:43:65:ca:36:ed:b8:
30:c5:d6:2a:72:df:41:31:a8:10:30:c6:88:d0:97:
71:35:87:be:48:58:3f:84:74:38:56:a6:25:9f:90:
a4:0f:7b:8e:88:71:aa:8a:9d:9d:91:3f:1a:e4:4d:
59:52:96:dc:6e:ab:81:51:a3:78:1f:bc:60:58:1b:
f2:86:ea:d5:b6:e6:17:51:8b:a9:e2:e9:74:60:b1:
dc:14:af:fe:22:b4:11:29:a9:77:c5:23:97:fb:27:
8c:1a:6c:dc:6c:cb:e3:15:dd:52:8e:4e:98:ff:bf:
36:57:d0:33:14:74:6c:fd:1d:e9:ef:24:89:0f:ad:
25:1f:58:cf:a7:b7:7d:06:43:bd:7f:94:76:8e:8c:
53:dd:6f:cd:77:3b:06:52:e7:03:d7:65:12:39:89:
90:3a:47:a6:05:9f:1a:d3:fd:25:c4:56:70:07:fb:
65:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:47:E6:64:CD:40:10:36:0C:65:A1:6A:D6:7B:99:33:4F:0E:6C:34
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/i0fmZM1AEDYMZaFq1nuZM08ObDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
a7:d8:db:fa:d5:83:09:cb:af:ff:34:9e:16:76:29:38:83:b5:
32:48:cf:b1:38:c5:7e:3f:34:61:10:ea:d6:5e:13:41:de:e5:
a3:da:07:5a:57:fd:ba:6c:61:9d:09:17:ee:0e:d2:db:5d:a0:
32:23:c6:27:72:a7:6c:ac:0a:dd:ca:fe:ba:f4:3e:5f:f5:c6:
a0:99:e9:17:80:23:1f:23:1c:49:30:89:fe:76:1a:4f:f7:a8:
7e:b6:08:56:e1:b9:87:33:7d:89:04:30:59:46:35:e4:36:a8:
5d:da:3b:28:01:f2:f6:66:ed:ce:57:39:68:ef:23:01:44:9d:
7c:d8:ee:19:3d:cb:fe:ad:63:fa:85:02:c8:39:9c:66:55:69:
ec:a2:13:5e:be:0f:48:dd:04:c0:8d:53:00:1f:26:5f:fe:3d:
18:ed:40:fc:bd:30:17:40:b0:9f:25:e2:c6:83:88:2d:5a:dc:
d5:18:5f:86:4e:2d:c4:8d:9a:96:29:91:cc:12:72:93:ae:0f:
72:42:bb:a7:45:0f:18:f2:30:b9:89:88:74:db:20:2e:65:57:
bf:e4:09:56:27:0a:36:43:3e:8b:9d:e6:ca:34:2c:60:0a:e3:
b7:1d:dc:1b:ec:28:36:d6:56:01:31:a8:ec:43:cf:34:77:65:
71:f1:3d:4b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi+9efU7Cdp23q2J3fidrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjUwMTAxMTc0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQ3ZTY2NGNkNDAxMDM2MGM2NWExNmFkNjdiOTkzMzRmMGU2YzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfIurdo8KdYqgBmmV47YlRDvACI9
Yaz0ecln2DUyXMhuHuRxQCutUKxu3NT8vghu0WwVXWtQCT5g2rjOllicq3Zftz3F
fqb98rWp+MbXm7O5da5DZco27bgwxdYqct9BMagQMMaI0JdxNYe+SFg/hHQ4VqYl
n5CkD3uOiHGqip2dkT8a5E1ZUpbcbquBUaN4H7xgWBvyhurVtuYXUYup4ul0YLHc
FK/+IrQRKal3xSOX+yeMGmzcbMvjFd1Sjk6Y/782V9AzFHRs/R3p7ySJD60lH1jP
p7d9BkO9f5R2joxT3W/NdzsGUucD12USOYmQOkemBZ8a0/0lxFZwB/tlIQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFItH5mTNQBA2DGWhatZ7mTNPDmw0MB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvaTBmbVpNMUFFRFlNWmFGcTFudVpNMDhPYkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAKfY2/rVgwnLr/80nhZ2KTiDtTJIz7E4
xX4/NGEQ6tZeE0He5aPaB1pX/bpsYZ0JF+4O0ttdoDIjxidyp2ysCt3K/rr0Pl/1
xqCZ6ReAIx8jHEkwif52Gk/3qH62CFbhuYczfYkEMFlGNeQ2qF3aOygB8vZm7c5X
OWjvIwFEnXzY7hk9y/6tY/qFAsg5nGZVaeyiE16+D0jdBMCNUwAfJl/+PRjtQPy9
MBdAsJ8l4saDiC1a3NUYX4ZOLcSNmpYpkcwScpOuD3JCu6dFDxjyMLmJiHTbIC5l
V7/kCVYnCjZDPoud5so0LGAK47cd3BvsKDbWVgExqOxDzzR3ZXHxPUs=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:43 2025 by rpki-client