Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/AFoF1GuFzHjl8hWS56zz0OT3Bgg.roa
File: AFoF1GuFzHjl8hWS56zz0OT3Bgg.roa (raw, json)
Hash identifier: tZKNbZDCtPOdNWQDTedTIFStwLgZ/2vtLmBHU+SWAQk=
Subject key identifier: 00:5A:05:D4:6B:85:CC:78:E5:F2:15:92:E7:AC:F3:D0:E4:F7:06:08
Certificate issuer: /CN=869035c317734f661bbf85c2184155a1f3616add
Certificate serial: 01942144393F0C9A335BFFAC7C2C816F9819
Authority key identifier: 86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/AFoF1GuFzHjl8hWS56zz0OT3Bgg.roa
Signing time: Wed 01 Jan 2025 09:48:26 +0000
ROA not before: Wed 01 Jan 2025 09:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41530
IP address blocks: 195.138.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:39:3f:0c:9a:33:5b:ff:ac:7c:2c:81:6f:98:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869035c317734f661bbf85c2184155a1f3616add
Validity
Not Before: Jan 1 09:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=005a05d46b85cc78e5f21592e7acf3d0e4f70608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d2:ed:e3:1f:53:74:e6:7d:a0:39:72:ce:ba:
e8:9d:71:52:b9:44:e6:a9:5b:0c:b0:bb:31:b1:f1:
0f:fe:58:b8:f7:09:bd:91:9a:d6:30:02:fe:32:e0:
0d:f1:51:bb:34:36:4a:3a:51:40:9c:f2:8e:f1:6a:
04:cc:bf:a1:ed:51:53:61:15:53:42:af:21:59:ba:
78:f1:65:a2:9c:c4:43:ac:35:c5:1d:57:43:7c:cf:
2f:ae:5c:f6:2f:d0:ea:f6:6d:50:0a:c7:40:0b:6d:
6e:39:8d:c5:87:b9:c5:ac:56:87:eb:0b:cb:66:2d:
af:27:6f:3c:09:88:a3:c2:48:9c:43:1e:e0:96:42:
d4:aa:cc:e3:e9:b9:7f:cf:18:36:3b:8c:4e:d4:07:
7d:06:1f:db:57:57:b3:c0:78:5b:6f:eb:15:29:06:
20:d6:df:7f:30:72:53:6a:87:e7:5a:6d:9e:86:4f:
2d:9a:e9:11:13:7a:b4:0c:02:44:90:33:f6:16:47:
3b:17:92:52:95:29:cb:d7:01:eb:11:d4:3a:25:2a:
41:2e:08:e0:c7:24:53:11:0f:2e:60:6f:b8:ff:ce:
31:9a:b5:1f:f7:b4:3d:5a:bf:cd:40:d0:97:ef:1a:
dc:55:ab:66:11:bc:a5:93:56:ee:2f:1c:82:f2:78:
21:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5A:05:D4:6B:85:CC:78:E5:F2:15:92:E7:AC:F3:D0:E4:F7:06:08
X509v3 Authority Key Identifier:
keyid:86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/AFoF1GuFzHjl8hWS56zz0OT3Bgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.138.192.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:1a:31:56:c9:1e:a9:32:16:02:e8:c8:5f:a3:3f:d4:6e:20:
6f:4f:ac:f3:1e:ea:fb:6d:3a:54:17:9d:d3:a8:59:af:c8:59:
24:30:ef:2d:5e:46:ce:c6:c3:6e:7c:1d:11:41:ea:d3:b2:8c:
89:6a:b0:bb:90:12:cd:b4:f3:f8:ae:1a:82:72:c6:60:77:80:
a0:d0:26:07:ed:9c:86:30:35:e6:49:97:e6:92:9e:99:0d:63:
bc:6d:b6:f8:e0:c5:66:d7:23:da:e5:13:aa:34:4f:53:09:a9:
0f:29:32:d7:5a:8d:a1:e3:99:09:db:a4:11:1c:78:c4:b2:ef:
79:7a:ab:30:9b:50:75:2f:58:a9:d6:14:3f:c0:67:4a:dc:97:
7b:0d:15:96:19:f5:f6:09:a4:b3:e2:6b:9c:b4:17:b2:a7:26:
4c:66:a5:3e:25:6d:8e:49:3d:94:88:1f:b3:c5:28:e2:0e:18:
76:b8:0c:50:f9:02:fc:38:99:d9:8a:3c:3a:9a:5c:ee:92:46:
a9:ba:c1:fa:67:a3:5e:5a:8b:47:22:a6:e1:d0:87:b9:75:96:
84:8e:e2:97:e4:91:f5:a9:1b:93:59:8e:bc:7f:10:cb:29:b2:
f5:3e:5a:30:4e:5c:e2:0c:00:0e:cf:33:09:49:10:2f:26:75:
0b:f7:f3:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRDk/DJozW/+sfCyBb5gZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTAzNWMzMTc3MzRmNjYxYmJmODVjMjE4NDE1NWExZjM2
MTZhZGQwHhcNMjUwMTAxMDk0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDVhMDVkNDZiODVjYzc4ZTVmMjE1OTJlN2FjZjNkMGU0ZjcwNjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNLt4x9TdOZ9oDlyzrronXFSuUTm
qVsMsLsxsfEP/li49wm9kZrWMAL+MuAN8VG7NDZKOlFAnPKO8WoEzL+h7VFTYRVT
Qq8hWbp48WWinMRDrDXFHVdDfM8vrlz2L9Dq9m1QCsdAC21uOY3Fh7nFrFaH6wvL
Zi2vJ288CYijwkicQx7glkLUqszj6bl/zxg2O4xO1Ad9Bh/bV1ezwHhbb+sVKQYg
1t9/MHJTaofnWm2ehk8tmukRE3q0DAJEkDP2Fkc7F5JSlSnL1wHrEdQ6JSpBLgjg
xyRTEQ8uYG+4/84xmrUf97Q9Wr/NQNCX7xrcVatmEbylk1buLxyC8nghbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABaBdRrhcx45fIVkues89Dk9wYIMB8GA1UdIwQY
MBaAFIaQNcMXc09mG7+FwhhBVaHzYWrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEt
NjAyOGMyNjU0OTQwLzEvQUZvRjFHdUZ6SGpsOGhXUzU2enowT1QzQmdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEtNjAyOGMyNjU0OTQw
LzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4rAMA0G
CSqGSIb3DQEBCwUAA4IBAQCtGjFWyR6pMhYC6Mhfoz/UbiBvT6zzHur7bTpUF53T
qFmvyFkkMO8tXkbOxsNufB0RQerTsoyJarC7kBLNtPP4rhqCcsZgd4Cg0CYH7ZyG
MDXmSZfmkp6ZDWO8bbb44MVm1yPa5ROqNE9TCakPKTLXWo2h45kJ26QRHHjEsu95
eqswm1B1L1ip1hQ/wGdK3Jd7DRWWGfX2CaSz4muctBeypyZMZqU+JW2OST2UiB+z
xSjiDhh2uAxQ+QL8OJnZijw6mlzukkapusH6Z6NeWotHIqbh0Ie5dZaEjuKX5JH1
qRuTWY68fxDLKbL1PlowTlziDAAOzzMJSRAvJnUL9/Mg
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:42:14 2025 by rpki-client