Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/AHAoAS0NTz8rAfdAi1-FKZQiZzo.roa
File: AHAoAS0NTz8rAfdAi1-FKZQiZzo.roa (raw, json)
Hash identifier: UPpJLytuKjP0PEtk9/ACh8gURBOrfTZUj6sBll9GGNE=
Subject key identifier: 00:70:28:01:2D:0D:4F:3F:2B:01:F7:40:8B:5F:85:29:94:22:67:3A
Certificate issuer: /CN=15cce061d2408d9a8f6b2b94162d1f74fac3dcac
Certificate serial: 019420D5E156C6CA2CFD48DE46F4E8A8751D
Authority key identifier: 15:CC:E0:61:D2:40:8D:9A:8F:6B:2B:94:16:2D:1F:74:FA:C3:DC:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FczgYdJAjZqPayuUFi0fdPrD3Kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/AHAoAS0NTz8rAfdAi1-FKZQiZzo.roa
Signing time: Wed 01 Jan 2025 07:47:55 +0000
ROA not before: Wed 01 Jan 2025 07:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34975
IP address blocks: 95.129.56.0/21 maxlen: 21
95.129.56.0/24 maxlen: 24
95.129.57.0/24 maxlen: 24
95.129.58.0/24 maxlen: 24
95.129.59.0/24 maxlen: 24
95.129.60.0/22 maxlen: 22
95.143.16.0/20 maxlen: 20
95.143.16.0/24 maxlen: 24
95.143.17.0/24 maxlen: 24
95.143.18.0/24 maxlen: 24
95.143.19.0/24 maxlen: 24
95.143.20.0/24 maxlen: 24
95.143.21.0/24 maxlen: 24
95.143.22.0/24 maxlen: 24
95.143.23.0/24 maxlen: 24
95.143.24.0/21 maxlen: 21
185.18.20.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:e1:56:c6:ca:2c:fd:48:de:46:f4:e8:a8:75:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15cce061d2408d9a8f6b2b94162d1f74fac3dcac
Validity
Not Before: Jan 1 07:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=007028012d0d4f3f2b01f7408b5f85299422673a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:67:89:13:20:c6:bb:a1:7e:9d:ff:ca:2c:fa:
51:ff:da:77:36:1f:a4:3c:3c:c6:5e:b4:e3:5a:cf:
37:84:9e:ac:c8:e0:d4:62:74:49:dd:4e:c2:e6:9c:
0e:7d:46:f8:6a:3e:db:9b:58:50:ba:a4:e8:f4:7a:
e7:c8:1a:9f:7b:a8:2f:4f:9c:b8:1d:2d:c6:d4:30:
d1:9b:cf:76:a4:d5:41:0d:ba:76:82:e0:80:ec:94:
95:3a:2b:1e:25:48:dc:4c:3e:4c:5f:f1:ba:05:f9:
0b:36:85:b8:60:83:9f:3f:cd:35:55:d6:ee:98:a6:
f9:6c:55:cc:35:6c:40:91:cc:56:4e:90:ad:a0:10:
57:f0:bf:a4:16:13:05:15:57:d9:73:17:45:d9:b7:
0a:86:4b:49:80:ff:58:b3:53:a0:c9:17:10:d7:f7:
b7:17:60:df:f6:8c:29:b0:b2:54:c1:29:92:fc:f5:
78:7d:62:05:0f:fb:76:9a:a0:34:44:48:f9:2b:5d:
3e:92:12:73:39:7d:47:97:76:fd:ae:ed:05:b8:67:
6a:b0:f4:d9:17:10:82:27:0e:9c:d3:1b:04:d6:04:
58:d1:df:b2:f0:93:0e:2f:6d:c9:d9:a5:34:d5:96:
c2:14:47:8d:1f:d1:17:2b:0b:47:16:91:da:a8:53:
2b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:70:28:01:2D:0D:4F:3F:2B:01:F7:40:8B:5F:85:29:94:22:67:3A
X509v3 Authority Key Identifier:
keyid:15:CC:E0:61:D2:40:8D:9A:8F:6B:2B:94:16:2D:1F:74:FA:C3:DC:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FczgYdJAjZqPayuUFi0fdPrD3Kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/AHAoAS0NTz8rAfdAi1-FKZQiZzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/FczgYdJAjZqPayuUFi0fdPrD3Kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.56.0/21
95.143.16.0/20
185.18.20.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:64:14:10:ae:07:b2:c9:72:22:68:8e:2d:d1:69:13:c9:34:
6a:7b:f0:d6:2d:89:84:5f:40:c0:54:40:8a:bf:6b:c7:94:d3:
2d:25:63:b6:e2:8d:55:cd:ad:68:b2:ad:8e:c5:a1:49:a1:e8:
8a:73:f2:40:29:91:c1:28:ed:ee:d4:6d:c7:18:c7:97:5a:74:
09:79:06:88:16:6b:be:e3:72:7e:05:1e:f1:c3:fd:56:0c:ab:
3f:da:1b:1c:6d:fa:a9:e7:2e:47:49:58:37:ce:d4:83:33:b3:
5c:cd:23:e3:6c:4c:d0:d5:8b:91:79:88:d8:a0:a9:2e:ab:4b:
2f:61:7a:d7:9b:40:30:de:b1:a3:d6:29:bb:6c:96:05:db:3b:
39:15:82:25:c9:b2:e8:d3:ea:c2:01:f1:04:6b:68:57:19:9e:
96:45:12:0c:a0:12:38:1c:80:10:db:9f:98:b8:f2:2d:e3:4f:
61:a8:39:bc:5e:fc:a1:e2:c0:c8:a7:bf:69:d5:5b:73:93:47:
85:20:2a:68:18:69:fd:d8:77:d1:56:71:f1:45:08:2d:01:b3:
d1:d4:28:ae:1c:76:e5:07:a0:84:85:ae:59:98:ac:f4:a9:23:
04:63:f7:47:5d:b8:b5:76:00:c9:ee:8f:6d:e4:57:2e:a4:92:
9f:ff:f8:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQg1eFWxsos/UjeRvToqHUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1Y2NlMDYxZDI0MDhkOWE4ZjZiMmI5NDE2MmQxZjc0ZmFj
M2RjYWMwHhcNMjUwMTAxMDc0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDcwMjgwMTJkMGQ0ZjNmMmIwMWY3NDA4YjVmODUyOTk0MjI2NzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2eJEyDGu6F+nf/KLPpR/9p3Nh+k
PDzGXrTjWs83hJ6syODUYnRJ3U7C5pwOfUb4aj7bm1hQuqTo9HrnyBqfe6gvT5y4
HS3G1DDRm892pNVBDbp2guCA7JSVOiseJUjcTD5MX/G6BfkLNoW4YIOfP801Vdbu
mKb5bFXMNWxAkcxWTpCtoBBX8L+kFhMFFVfZcxdF2bcKhktJgP9Ys1OgyRcQ1/e3
F2Df9owpsLJUwSmS/PV4fWIFD/t2mqA0REj5K10+khJzOX1Hl3b9ru0FuGdqsPTZ
FxCCJw6c0xsE1gRY0d+y8JMOL23J2aU01ZbCFEeNH9EXKwtHFpHaqFMrJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFABwKAEtDU8/KwH3QItfhSmUImc6MB8GA1UdIwQY
MBaAFBXM4GHSQI2aj2srlBYtH3T6w9ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmN6Z1lkSkFqWnFQYXl1VUZpMGZkUHJEM0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85YWY4N2MtZTI3Mi00Zjg0LTkxNDMt
NjY4MmY3ODI3ZGYwLzEvQUhBb0FTME5UejhyQWZkQWkxLUZLWlFpWnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85YWY4N2MtZTI3Mi00Zjg0LTkxNDMtNjY4MmY3ODI3ZGYw
LzEvRmN6Z1lkSkFqWnFQYXl1VUZpMGZkUHJEM0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDX4E4AwQE
X48QAwQCuRIUMA0GCSqGSIb3DQEBCwUAA4IBAQAOZBQQrgeyyXIiaI4t0WkTyTRq
e/DWLYmEX0DAVECKv2vHlNMtJWO24o1Vza1osq2OxaFJoeiKc/JAKZHBKO3u1G3H
GMeXWnQJeQaIFmu+43J+BR7xw/1WDKs/2hscbfqp5y5HSVg3ztSDM7NczSPjbEzQ
1YuReYjYoKkuq0svYXrXm0Aw3rGj1im7bJYF2zs5FYIlybLo0+rCAfEEa2hXGZ6W
RRIMoBI4HIAQ25+YuPIt409hqDm8Xvyh4sDIp79p1Vtzk0eFICpoGGn92HfRVnHx
RQgtAbPR1CiuHHblB6CEha5ZmKz0qSMEY/dHXbi1dgDJ7o9t5FcupJKf//hg
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:25:58 2025 by rpki-client