Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/_1tN0UBLiyuCujg3AZ50RuBUwOg.roa
File: _1tN0UBLiyuCujg3AZ50RuBUwOg.roa (raw, json)
Hash identifier: 1ZvypUQUuF8i0/QyEt0MQwMm2AYs9FXDUFbMyLP6qAI=
Subject key identifier: FF:5B:4D:D1:40:4B:8B:2B:82:BA:38:37:01:9E:74:46:E0:54:C0:E8
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0191DA2E3C8A519933335B0C35035A1E9669
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/_1tN0UBLiyuCujg3AZ50RuBUwOg.roa
Signing time: Tue 10 Sep 2024 04:25:48 +0000
ROA not before: Tue 10 Sep 2024 04:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56603
IP address blocks: 195.128.133.0/24 maxlen: 24
2a09:6280:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:da:2e:3c:8a:51:99:33:33:5b:0c:35:03:5a:1e:96:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 10 04:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff5b4dd1404b8b2b82ba3837019e7446e054c0e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f8:75:4e:36:a5:da:8e:5c:aa:32:75:41:f3:
fd:21:7d:a4:22:25:db:d6:7b:b0:5a:0a:5e:a1:45:
3d:7a:11:2f:93:77:f8:3b:ac:e2:c8:b1:f8:e7:29:
f0:f1:97:5e:ba:de:89:6b:dc:fd:76:ad:fa:44:0e:
0b:87:72:e6:8a:fc:57:40:b7:d9:09:45:bd:5a:7c:
ff:96:44:45:38:58:ad:9a:d8:9d:40:b3:fb:b2:a7:
f0:5a:7d:a1:a5:4f:fe:a0:41:15:6e:48:91:10:28:
16:55:6f:46:57:c4:3c:48:c6:07:c1:a9:40:3e:29:
93:92:90:b8:fe:a0:cd:ff:12:2f:df:16:23:c1:d1:
18:1c:d4:56:da:fe:b6:7c:c8:0d:04:0a:db:5e:64:
7d:a5:8c:03:5f:04:6c:23:84:6f:e6:6a:dc:7d:bd:
78:a8:75:d2:d2:51:97:bb:f9:47:07:33:3b:6a:39:
4f:42:66:94:6b:27:7d:6f:0a:7e:2d:57:70:74:be:
2c:34:66:06:0b:7e:f2:36:62:e9:ed:4c:60:2b:9c:
72:24:4f:e0:31:71:de:35:2e:25:4c:3a:a4:ae:a8:
1d:3f:e7:5a:39:49:1f:d1:01:30:1c:6a:ff:ff:9b:
8b:b6:91:f7:39:4a:01:fc:1c:0c:e7:5a:ed:42:48:
b7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5B:4D:D1:40:4B:8B:2B:82:BA:38:37:01:9E:74:46:E0:54:C0:E8
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/_1tN0UBLiyuCujg3AZ50RuBUwOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.133.0/24
IPv6:
2a09:6280:1::/48
Signature Algorithm: sha256WithRSAEncryption
b0:e8:5e:77:7b:68:da:6d:a9:27:4d:19:19:da:49:70:a5:36:
0f:74:ee:67:10:6d:20:76:01:9c:ee:21:43:52:4c:51:c4:b0:
35:6d:53:a5:63:77:04:da:ca:b5:d4:16:35:82:8e:b2:48:c0:
27:c9:8f:1e:99:8c:75:c9:98:3e:cc:13:a6:34:aa:29:5a:b1:
ab:3d:66:d8:76:95:c8:48:0c:6c:69:8f:7e:0d:a6:e4:56:a8:
5b:80:fe:67:24:c7:60:26:f3:18:18:52:94:81:1b:62:8b:b4:
bd:d3:ef:75:93:cb:2a:16:fd:4b:98:d8:72:1b:fb:ba:1b:ec:
d9:5d:81:3a:54:13:04:21:0a:f5:b4:7b:89:12:2c:9e:8f:65:
a0:94:47:39:38:23:18:ed:0f:c9:c8:83:09:54:70:d5:96:6b:
bf:f9:74:e6:c3:7d:77:e3:f0:d8:1d:09:84:a7:26:15:1f:b1:
85:59:af:b7:ec:bc:cb:09:51:30:6c:c2:29:3b:63:6d:cf:c5:
c7:1a:7d:e0:90:b0:b2:86:8d:dc:d1:f6:83:6e:9d:02:66:df:
bd:21:91:d0:0c:d3:4f:bf:b1:cc:bb:59:28:79:9a:1c:e7:de:
b3:f8:70:6d:2e:46:62:cc:2c:6e:ff:8b:ee:59:e9:fb:9d:52:
6a:bb:59:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZHaLjyKUZkzM1sMNQNaHpZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwOTEwMDQyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjViNGRkMTQwNGI4YjJiODJiYTM4MzcwMTllNzQ0NmUwNTRjMGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Ph1Tjal2o5cqjJ1QfP9IX2kIiXb
1nuwWgpeoUU9ehEvk3f4O6ziyLH45ynw8Zdeut6Ja9z9dq36RA4Lh3LmivxXQLfZ
CUW9Wnz/lkRFOFitmtidQLP7sqfwWn2hpU/+oEEVbkiRECgWVW9GV8Q8SMYHwalA
PimTkpC4/qDN/xIv3xYjwdEYHNRW2v62fMgNBArbXmR9pYwDXwRsI4Rv5mrcfb14
qHXS0lGXu/lHBzM7ajlPQmaUayd9bwp+LVdwdL4sNGYGC37yNmLp7UxgK5xyJE/g
MXHeNS4lTDqkrqgdP+daOUkf0QEwHGr//5uLtpH3OUoB/BwM51rtQki3nQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP9bTdFAS4srgro4NwGedEbgVMDoMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvXzF0TjBVQkxpeXVDdWpnM0FaNTBSdUJVd09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw4CFMA8E
AgACMAkDBwAqCWKAAAEwDQYJKoZIhvcNAQELBQADggEBALDoXnd7aNptqSdNGRna
SXClNg907mcQbSB2AZzuIUNSTFHEsDVtU6VjdwTayrXUFjWCjrJIwCfJjx6ZjHXJ
mD7ME6Y0qilasas9Zth2lchIDGxpj34NpuRWqFuA/mckx2Am8xgYUpSBG2KLtL3T
73WTyyoW/UuY2HIb+7ob7NldgTpUEwQhCvW0e4kSLJ6PZaCURzk4IxjtD8nIgwlU
cNWWa7/5dObDfXfj8NgdCYSnJhUfsYVZr7fsvMsJUTBswik7Y23PxccafeCQsLKG
jdzR9oNunQJm370hkdAM00+/scy7WSh5mhzn3rP4cG0uRmLMLG7/i+5Z6fudUmq7
WcI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:21:03 2025 by rpki-client