Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/safrg3kATgNbdktyHNaBTUQ20Fg.roa
File: safrg3kATgNbdktyHNaBTUQ20Fg.roa (raw, json)
Hash identifier: rMOUfy4ZM5vd45QmK8llUEFz0T+7f/LFtDqbEYg/alc=
Subject key identifier: B1:A7:EB:83:79:00:4E:03:5B:76:4B:72:1C:D6:81:4D:44:36:D0:58
Certificate issuer: /CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Certificate serial: 019426D9908C385C8E7437626A73682E803D
Authority key identifier: 97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/safrg3kATgNbdktyHNaBTUQ20Fg.roa
Signing time: Thu 02 Jan 2025 11:49:40 +0000
ROA not before: Thu 02 Jan 2025 11:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48960
IP address blocks: 95.173.200.0/24 maxlen: 24
2a02:a48::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:90:8c:38:5c:8e:74:37:62:6a:73:68:2e:80:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Validity
Not Before: Jan 2 11:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1a7eb8379004e035b764b721cd6814d4436d058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:82:0b:25:52:b9:ee:92:d7:94:95:51:64:06:
d0:82:ec:ca:15:90:86:8b:1d:fa:54:a0:36:9e:a4:
cf:c2:e7:f1:0e:dd:c8:d9:ef:6b:00:e6:bd:fb:92:
50:3f:3d:40:7c:27:5b:db:0e:c3:fd:a2:e5:92:6a:
60:8c:8d:ea:df:e5:86:99:05:4c:af:e7:a0:d7:b8:
46:43:e0:02:0b:e8:6b:c2:77:5c:6b:d9:d0:82:e0:
22:38:77:94:3f:9c:eb:e7:fe:68:d7:47:05:fc:c7:
ba:2e:eb:4f:62:0c:aa:d4:f2:4d:fa:eb:dc:c6:50:
a4:bf:40:dc:91:86:c0:a1:59:cd:6f:b8:be:66:99:
54:a2:c7:7d:fd:be:da:90:b6:a0:34:7e:c9:7d:fc:
db:9e:25:c7:a4:7a:49:53:f2:65:6a:d8:aa:54:4f:
cf:65:b9:9c:5b:42:5d:b2:f1:9d:80:be:6f:47:f6:
7e:90:36:d1:b8:5b:b5:32:ea:38:78:c1:43:31:73:
2f:6f:97:bd:dd:3c:6c:23:8a:f0:8b:93:7c:9c:61:
02:6f:31:43:38:78:09:54:48:99:d3:d0:db:57:99:
5f:60:f9:ea:9f:12:11:c2:a4:af:4d:74:84:00:3f:
aa:dc:2c:59:8e:4d:8c:94:77:60:da:0e:cf:a6:18:
52:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A7:EB:83:79:00:4E:03:5B:76:4B:72:1C:D6:81:4D:44:36:D0:58
X509v3 Authority Key Identifier:
keyid:97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/safrg3kATgNbdktyHNaBTUQ20Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.173.200.0/24
IPv6:
2a02:a48::/32
Signature Algorithm: sha256WithRSAEncryption
42:c3:0e:af:10:f0:77:2b:7e:19:a2:c5:d9:d3:3c:b2:48:97:
a7:74:1b:4a:e5:4c:95:a0:5c:69:53:47:ac:3a:84:22:8f:31:
e3:21:26:32:f2:80:17:49:40:85:31:e4:a5:f3:88:0c:58:a9:
35:d8:1a:fc:d9:11:54:f9:01:e1:03:92:fa:b1:9d:d0:65:f7:
82:7f:eb:ae:ba:ba:70:98:a2:90:c9:de:81:65:a1:7a:9a:14:
ea:67:43:55:49:ad:45:e1:b9:f6:cb:43:ca:b7:ff:04:9a:8a:
f2:53:d8:41:50:5c:df:58:7e:78:f3:97:ca:c5:c7:42:b8:f5:
d8:ce:6b:5b:fb:13:df:62:a1:73:79:54:84:94:a0:68:9b:2f:
6c:02:1f:2f:5c:e7:e8:4e:1d:72:5e:43:62:65:b3:fe:b9:b9:
14:ef:ac:71:14:e6:38:f8:ef:af:87:f7:84:92:50:84:b8:27:
f7:6e:ba:d8:12:63:e6:5d:2f:49:e4:ac:07:4a:fe:32:d3:fa:
25:e4:9e:8d:fa:2b:cf:dc:6a:f7:00:c2:0f:1f:8f:22:6f:79:
da:db:b2:ec:dc:aa:d3:c8:d4:3b:46:52:c9:34:06:70:4f:4d:
1a:1e:fe:72:04:fa:0c:2c:41:ad:c2:69:21:29:95:d0:45:5f:
d2:53:f4:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2ZCMOFyOdDdianNoLoA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Y2NhMDk1MmRiOGFhOWZlNWU1NzAzYzZmMTg5YTA2YTU3
ZjRiYjEwHhcNMjUwMTAyMTE0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWE3ZWI4Mzc5MDA0ZTAzNWI3NjRiNzIxY2Q2ODE0ZDQ0MzZkMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4ILJVK57pLXlJVRZAbQguzKFZCG
ix36VKA2nqTPwufxDt3I2e9rAOa9+5JQPz1AfCdb2w7D/aLlkmpgjI3q3+WGmQVM
r+eg17hGQ+ACC+hrwndca9nQguAiOHeUP5zr5/5o10cF/Me6LutPYgyq1PJN+uvc
xlCkv0DckYbAoVnNb7i+ZplUosd9/b7akLagNH7JffzbniXHpHpJU/JlatiqVE/P
ZbmcW0JdsvGdgL5vR/Z+kDbRuFu1Muo4eMFDMXMvb5e93TxsI4rwi5N8nGECbzFD
OHgJVEiZ09DbV5lfYPnqnxIRwqSvTXSEAD+q3CxZjk2MlHdg2g7PphhSMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLGn64N5AE4DW3ZLchzWgU1ENtBYMB8GA1UdIwQY
MBaAFJfMoJUtuKqf5eVwPG8Ymgalf0uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYt
NWQ2ZGQwYmE1MmNmLzEvc2Fmcmcza0FUZ05iZGt0eUhOYUJUVVEyMEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYtNWQ2ZGQwYmE1MmNm
LzEvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAX63IMA0E
AgACMAcDBQAqAgpIMA0GCSqGSIb3DQEBCwUAA4IBAQBCww6vEPB3K34ZosXZ0zyy
SJendBtK5UyVoFxpU0esOoQijzHjISYy8oAXSUCFMeSl84gMWKk12Br82RFU+QHh
A5L6sZ3QZfeCf+uuurpwmKKQyd6BZaF6mhTqZ0NVSa1F4bn2y0PKt/8EmoryU9hB
UFzfWH5485fKxcdCuPXYzmtb+xPfYqFzeVSElKBomy9sAh8vXOfoTh1yXkNiZbP+
ubkU76xxFOY4+O+vh/eEklCEuCf3brrYEmPmXS9J5KwHSv4y0/ol5J6N+ivP3Gr3
AMIPH48ib3na27Ls3KrTyNQ7RlLJNAZwT00aHv5yBPoMLEGtwmkhKZXQRV/SU/SJ
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:45:46 2025 by rpki-client