Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/p9gQbHg8IpMtNLW0NQ42q_UAiDc.roa
File: p9gQbHg8IpMtNLW0NQ42q_UAiDc.roa (raw, json)
Hash identifier: t3Lsla/WvydRj60ad7MeBwokpBl+kvF1NmkVZ9213jY=
Subject key identifier: A7:D8:10:6C:78:3C:22:93:2D:34:B5:B4:35:0E:36:AB:F5:00:88:37
Certificate issuer: /CN=af0f5a9bd2ad1e96865f00d08522b9aad3e91a4d
Certificate serial: 01942143CA97F69C32967ECB6A1B56FA9FCD
Authority key identifier: AF:0F:5A:9B:D2:AD:1E:96:86:5F:00:D0:85:22:B9:AA:D3:E9:1A:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rw9am9KtHpaGXwDQhSK5qtPpGk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/p9gQbHg8IpMtNLW0NQ42q_UAiDc.roa
Signing time: Wed 01 Jan 2025 09:47:58 +0000
ROA not before: Wed 01 Jan 2025 09:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39528
IP address blocks: 195.60.224.0/24 maxlen: 24
195.60.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ca:97:f6:9c:32:96:7e:cb:6a:1b:56:fa:9f:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af0f5a9bd2ad1e96865f00d08522b9aad3e91a4d
Validity
Not Before: Jan 1 09:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7d8106c783c22932d34b5b4350e36abf5008837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c8:64:59:28:2a:4e:38:94:80:a0:23:32:61:
e6:09:9f:5b:4d:41:89:39:d2:38:8a:6e:0e:46:b8:
d6:25:58:32:b5:f2:73:c1:86:1a:75:1c:09:ae:b4:
d0:7e:2d:63:77:c6:8f:bb:1a:29:3b:0b:7e:64:89:
87:d2:c9:f3:83:04:65:ae:3a:bd:2f:2d:78:68:a3:
81:7a:4a:3e:01:9b:e3:78:47:9e:41:05:ae:87:41:
01:bb:a5:cd:3f:9c:1d:6b:3a:0d:6c:59:4f:10:38:
49:83:32:62:52:25:f7:a2:79:e6:bd:c9:a6:7a:fe:
50:0c:fe:f8:df:7b:ee:bd:c7:c2:68:e3:70:a8:bc:
a5:d8:c5:f8:e2:ad:3a:e4:a1:bc:c3:a2:56:cc:bb:
b3:8a:ac:6b:75:b3:66:84:a1:e4:b2:d6:6a:8f:13:
33:4b:84:bb:31:79:a1:3b:e5:6e:91:20:44:e2:3c:
a3:53:33:d0:87:5c:73:41:38:b8:75:75:a7:98:b8:
70:a1:82:e4:e0:32:82:f3:dc:b9:bf:75:82:c4:cf:
2a:62:47:8e:b5:23:63:47:00:e2:c7:18:84:0b:1c:
63:58:2f:1d:58:4a:42:de:42:96:84:2f:99:35:81:
cd:9d:7b:60:7b:9c:3e:24:92:84:42:fb:61:96:5c:
0d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:D8:10:6C:78:3C:22:93:2D:34:B5:B4:35:0E:36:AB:F5:00:88:37
X509v3 Authority Key Identifier:
keyid:AF:0F:5A:9B:D2:AD:1E:96:86:5F:00:D0:85:22:B9:AA:D3:E9:1A:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rw9am9KtHpaGXwDQhSK5qtPpGk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/p9gQbHg8IpMtNLW0NQ42q_UAiDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/rw9am9KtHpaGXwDQhSK5qtPpGk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.224.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:74:8e:70:1f:e4:10:97:50:cf:fd:c3:3d:7b:cc:40:27:8f:
91:9d:46:26:00:33:b5:42:96:50:e6:07:c8:7e:8a:8e:29:8d:
57:ba:0d:a0:b9:30:36:ce:26:f8:74:e8:b7:2b:dc:de:c6:de:
5b:91:30:03:c1:dc:be:79:3d:2e:c9:c3:42:a3:10:6a:39:50:
56:22:39:3d:83:6b:a3:df:2d:b7:22:94:4d:32:c5:db:48:86:
6e:7e:e6:fd:85:ba:6b:ab:52:0b:47:cf:8e:78:29:35:76:db:
0f:bc:dd:d5:45:a7:23:9f:8b:3b:ae:ed:e1:d4:e4:1d:57:97:
b7:bd:68:96:d0:e5:3a:a1:8b:ae:e8:98:34:91:3f:2c:53:b5:
ec:0f:d9:a9:b9:0f:09:34:44:c7:2b:3f:c5:b7:3e:23:ae:76:
87:82:11:96:fd:a7:8d:0d:20:e3:ca:8e:81:f0:44:5c:de:3f:
46:9f:2a:88:db:61:55:71:46:55:e7:a2:0e:d1:cd:e4:cf:f7:
75:f9:bb:db:b9:47:a5:a6:c4:ca:72:dd:8f:b1:be:43:fd:4d:
b7:ee:fd:af:18:82:ce:c2:00:ec:c1:64:57:a2:ae:ec:08:84:
18:56:c9:12:34:42:d6:62:a1:63:fc:fb:f9:fe:d4:dd:1c:2c:
41:d4:f1:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ8qX9pwyln7LahtW+p/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMGY1YTliZDJhZDFlOTY4NjVmMDBkMDg1MjJiOWFhZDNl
OTFhNGQwHhcNMjUwMTAxMDk0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2Q4MTA2Yzc4M2MyMjkzMmQzNGI1YjQzNTBlMzZhYmY1MDA4ODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAschkWSgqTjiUgKAjMmHmCZ9bTUGJ
OdI4im4ORrjWJVgytfJzwYYadRwJrrTQfi1jd8aPuxopOwt+ZImH0snzgwRlrjq9
Ly14aKOBeko+AZvjeEeeQQWuh0EBu6XNP5wdazoNbFlPEDhJgzJiUiX3onnmvcmm
ev5QDP7433vuvcfCaONwqLyl2MX44q065KG8w6JWzLuziqxrdbNmhKHkstZqjxMz
S4S7MXmhO+VukSBE4jyjUzPQh1xzQTi4dXWnmLhwoYLk4DKC89y5v3WCxM8qYkeO
tSNjRwDixxiECxxjWC8dWEpC3kKWhC+ZNYHNnXtge5w+JJKEQvthllwN4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKfYEGx4PCKTLTS1tDUONqv1AIg3MB8GA1UdIwQY
MBaAFK8PWpvSrR6Whl8A0IUiuarT6RpNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnc5YW05S3RIcGFHWHdEUWhTSzVxdFBwR2swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS82YWQ5YjgtOWYwZS00YWQwLWEyMjAt
M2FjM2I2NzM3MDQyLzEvcDlnUWJIZzhJcE10TkxXME5RNDJxX1VBaURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS82YWQ5YjgtOWYwZS00YWQwLWEyMjAtM2FjM2I2NzM3MDQy
LzEvcnc5YW05S3RIcGFHWHdEUWhTSzVxdFBwR2swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwzzgMA0G
CSqGSIb3DQEBCwUAA4IBAQAcdI5wH+QQl1DP/cM9e8xAJ4+RnUYmADO1QpZQ5gfI
foqOKY1Xug2guTA2zib4dOi3K9zext5bkTADwdy+eT0uycNCoxBqOVBWIjk9g2uj
3y23IpRNMsXbSIZufub9hbprq1ILR8+OeCk1dtsPvN3VRacjn4s7ru3h1OQdV5e3
vWiW0OU6oYuu6Jg0kT8sU7XsD9mpuQ8JNETHKz/Ftz4jrnaHghGW/aeNDSDjyo6B
8ERc3j9GnyqI22FVcUZV56IO0c3kz/d1+bvbuUelpsTKct2Psb5D/U237v2vGILO
wgDswWRXoq7sCIQYVskSNELWYqFj/Pv5/tTdHCxB1PHM
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:46:09 2025 by rpki-client