Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Nz-kQDqKmJF6WwtL2BlSPcgdZEY.roa
File: Nz-kQDqKmJF6WwtL2BlSPcgdZEY.roa (raw, json)
Hash identifier: Hgv7p1rf/vhHuBFr/IpMrgFzTOwwNbB10mCspSdMRVw=
Subject key identifier: 37:3F:A4:40:3A:8A:98:91:7A:5B:0B:4B:D8:19:52:3D:C8:1D:64:46
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 019425FDACA630AD2DE26C873DB530D5C38A
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Nz-kQDqKmJF6WwtL2BlSPcgdZEY.roa
Signing time: Thu 02 Jan 2025 07:49:29 +0000
ROA not before: Thu 02 Jan 2025 07:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207911
IP address blocks: 95.161.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:ac:a6:30:ad:2d:e2:6c:87:3d:b5:30:d5:c3:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 2 07:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=373fa4403a8a98917a5b0b4bd819523dc81d6446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a5:7d:3f:32:fc:85:30:1a:61:31:2c:e1:72:
58:a5:a6:f2:a1:d4:9b:ff:15:79:5a:06:00:b3:32:
2b:16:35:3a:4b:e3:bc:dd:77:61:64:e9:59:cb:5d:
94:fc:ca:32:9f:d1:d8:b1:dd:14:7d:6c:6a:46:4e:
3f:51:32:9f:67:95:1c:c8:71:68:92:1c:5f:53:26:
51:52:11:b3:4c:5f:e8:b3:3f:b2:f4:8e:c6:e8:15:
e8:9e:8b:9f:ce:0b:e7:bb:58:d7:f9:c2:f1:f7:36:
76:26:af:ad:a5:d7:cf:9a:67:a8:60:49:06:47:99:
c1:93:98:81:03:99:16:78:ca:eb:c8:e7:e7:9d:76:
3a:d4:22:a4:41:b9:31:14:41:f3:c1:79:f3:46:6e:
8e:57:dd:00:74:05:cb:8f:90:c8:22:f7:10:6b:6f:
03:ec:3d:bd:5d:1f:61:ec:e5:49:a6:71:7c:29:7c:
44:bc:69:46:2d:23:88:f0:97:a0:1e:f1:c6:6c:63:
c1:c2:0d:be:31:8f:6e:2d:bc:aa:57:1f:c8:e8:8f:
df:eb:8c:0f:f1:94:68:7a:07:0e:74:1c:b4:75:35:
a7:a2:fd:e4:ee:78:d3:bc:44:88:4f:98:24:d2:b6:
5a:20:9f:39:00:31:7c:86:70:0c:0d:21:2e:5d:1a:
72:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:3F:A4:40:3A:8A:98:91:7A:5B:0B:4B:D8:19:52:3D:C8:1D:64:46
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Nz-kQDqKmJF6WwtL2BlSPcgdZEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.161.240.0/24
Signature Algorithm: sha256WithRSAEncryption
29:bd:aa:eb:c9:7d:bc:9f:d0:61:30:06:36:c2:8e:14:70:66:
00:49:e8:1c:bf:e6:df:2a:ba:86:6b:16:a8:be:25:8c:36:6e:
00:98:b3:76:2b:0b:2b:da:09:ff:c4:ef:81:f1:be:16:06:6b:
31:0a:7e:db:b4:79:78:d0:ab:5c:22:a2:f5:4c:35:28:fe:e6:
12:8b:82:70:6c:dd:a6:e5:aa:b3:db:a8:83:f8:5b:e2:3c:ab:
95:93:da:b9:99:77:22:fe:9f:ff:7a:11:e8:da:42:39:2b:a6:
e2:49:7d:c6:18:c3:1d:75:05:11:61:32:66:96:2f:30:d9:55:
98:6e:7f:ff:40:8a:6f:fb:c1:f2:11:9e:90:b9:33:4e:61:79:
b8:ad:54:9a:75:44:b8:fc:2c:f2:66:0c:42:c1:3e:bd:7e:13:
b0:1f:f5:fc:c0:be:f0:e3:0a:e2:27:34:9e:0a:b0:6f:4a:bf:
3e:58:c4:08:d4:bd:b1:1f:52:f0:be:b0:9f:2d:3e:f0:3a:d3:
84:68:e8:22:0c:4d:df:5a:ad:f3:00:02:ea:6a:22:8d:4d:95:
5b:0a:cb:f0:85:be:83:21:35:72:eb:a5:a6:fc:b0:3a:87:aa:
6b:3a:4f:78:50:ed:04:59:91:cc:14:88:83:0e:9e:c5:d0:a7:
6d:27:ee:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/aymMK0t4myHPbUw1cOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjUwMTAyMDc0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzNmYTQ0MDNhOGE5ODkxN2E1YjBiNGJkODE5NTIzZGM4MWQ2NDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6V9PzL8hTAaYTEs4XJYpabyodSb
/xV5WgYAszIrFjU6S+O83XdhZOlZy12U/Moyn9HYsd0UfWxqRk4/UTKfZ5UcyHFo
khxfUyZRUhGzTF/osz+y9I7G6BXonoufzgvnu1jX+cLx9zZ2Jq+tpdfPmmeoYEkG
R5nBk5iBA5kWeMrryOfnnXY61CKkQbkxFEHzwXnzRm6OV90AdAXLj5DIIvcQa28D
7D29XR9h7OVJpnF8KXxEvGlGLSOI8JegHvHGbGPBwg2+MY9uLbyqVx/I6I/f64wP
8ZRoegcOdBy0dTWnov3k7njTvESIT5gk0rZaIJ85ADF8hnAMDSEuXRpyWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDc/pEA6ipiRelsLS9gZUj3IHWRGMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvTnota1FEcUttSkY2V3d0TDJCbFNQY2dkWkVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6HwMA0G
CSqGSIb3DQEBCwUAA4IBAQApvarryX28n9BhMAY2wo4UcGYASegcv+bfKrqGaxao
viWMNm4AmLN2Kwsr2gn/xO+B8b4WBmsxCn7btHl40KtcIqL1TDUo/uYSi4JwbN2m
5aqz26iD+FviPKuVk9q5mXci/p//ehHo2kI5K6biSX3GGMMddQURYTJmli8w2VWY
bn//QIpv+8HyEZ6QuTNOYXm4rVSadUS4/CzyZgxCwT69fhOwH/X8wL7w4wriJzSe
CrBvSr8+WMQI1L2xH1LwvrCfLT7wOtOEaOgiDE3fWq3zAALqaiKNTZVbCsvwhb6D
ITVy66Wm/LA6h6prOk94UO0EWZHMFIiDDp7F0KdtJ+6M
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:16:45 2025 by rpki-client