Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/nzavVYcJbw7wiHkfWugRkHLaUpY.roa
File: nzavVYcJbw7wiHkfWugRkHLaUpY.roa (raw, json)
Hash identifier: 7Fywj4H77E3YoHsXLFEeeVcdvfLNHsgfNSvo5Wn1Yao=
Subject key identifier: 9F:36:AF:55:87:09:6F:0E:F0:88:79:1F:5A:E8:11:90:72:DA:52:96
Certificate issuer: /CN=065a470dbab9c1c334f0f85f417cd1aa425e9f13
Certificate serial: 019448220E7CD690C3794B6C28B310307F08
Authority key identifier: 06:5A:47:0D:BA:B9:C1:C3:34:F0:F8:5F:41:7C:D1:AA:42:5E:9F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BlpHDbq5wcM08PhfQXzRqkJenxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/nzavVYcJbw7wiHkfWugRkHLaUpY.roa
Signing time: Wed 08 Jan 2025 22:56:18 +0000
ROA not before: Wed 08 Jan 2025 22:56:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214834
IP address blocks: 195.66.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:48:22:0e:7c:d6:90:c3:79:4b:6c:28:b3:10:30:7f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=065a470dbab9c1c334f0f85f417cd1aa425e9f13
Validity
Not Before: Jan 8 22:56:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f36af5587096f0ef088791f5ae8119072da5296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:79:66:13:4f:af:e1:2c:eb:57:28:7a:4d:a8:
d5:c5:78:59:82:01:68:fd:99:fe:dd:ad:5e:7e:e1:
8e:93:26:4b:64:5d:8f:b7:1c:da:8d:4e:e6:e6:0c:
24:30:0d:25:61:f2:61:42:6a:d1:34:d3:fd:63:d8:
90:f5:da:0f:e0:79:c2:e2:27:db:65:ae:dd:5e:02:
e1:de:f8:b6:d5:e0:ea:c0:d3:a1:30:ca:c5:17:b0:
80:1d:ac:7f:3b:65:3d:18:bc:d3:d8:24:97:68:85:
99:b9:36:b4:28:44:ab:ab:99:88:9a:b6:68:6e:78:
78:01:42:0d:b2:b4:5f:68:27:de:37:d1:d8:d2:cf:
26:da:68:15:44:02:a0:7f:6b:ba:80:d1:99:8e:04:
81:91:3f:d0:bb:48:e8:70:76:ae:b2:66:ea:78:33:
32:d1:8c:f8:57:8b:69:5e:1e:f4:f5:cd:e7:ce:0e:
a1:55:ca:d3:cf:fa:5e:9a:94:f6:14:bd:aa:ee:85:
cd:90:b6:c6:50:7f:80:e9:78:3a:6f:0d:55:7a:ec:
d2:a9:e0:83:e3:2d:08:9d:1c:a5:b1:f2:a5:17:8b:
3f:76:ef:8f:38:83:65:c3:49:de:d9:84:8d:53:57:
d8:45:e2:68:64:17:e8:2a:f8:49:d5:b4:3a:5c:29:
a7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:36:AF:55:87:09:6F:0E:F0:88:79:1F:5A:E8:11:90:72:DA:52:96
X509v3 Authority Key Identifier:
keyid:06:5A:47:0D:BA:B9:C1:C3:34:F0:F8:5F:41:7C:D1:AA:42:5E:9F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BlpHDbq5wcM08PhfQXzRqkJenxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/nzavVYcJbw7wiHkfWugRkHLaUpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/BlpHDbq5wcM08PhfQXzRqkJenxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.101.0/24
Signature Algorithm: sha256WithRSAEncryption
35:51:cb:ff:8e:39:90:31:cc:cd:89:d4:5e:f8:94:64:da:c2:
50:5c:e0:fd:20:99:4a:10:7a:88:10:53:80:70:e9:c8:4b:25:
8a:b4:0c:f5:97:2d:a2:95:4c:95:04:03:a5:58:fc:f7:71:c6:
ba:98:01:24:c1:d7:a1:fd:56:b3:f5:43:72:1b:df:4f:c7:e1:
92:ca:2b:34:d9:c8:dc:26:e4:92:17:a1:80:c8:bb:81:41:c7:
c1:0d:f9:69:7f:c3:da:94:85:fa:37:8d:48:5b:96:bf:d3:97:
15:6f:b7:5b:34:e7:84:32:49:e5:46:30:67:cf:bc:1d:45:21:
71:4a:b6:53:0f:83:a0:9a:d0:a1:f6:db:59:ff:01:6f:ea:c8:
ab:19:21:51:44:ef:1d:e4:7e:69:d9:02:8b:c5:be:ca:d9:89:
2e:5f:5f:8e:7f:60:7f:60:6d:2f:35:49:55:64:88:82:1f:f5:
c0:3f:e8:34:ca:44:fd:5e:3d:34:9b:af:9a:26:fa:46:39:a1:
0a:5d:39:9c:3d:0d:77:e8:8e:ea:7a:c7:78:e3:c3:aa:f1:69:
1a:33:80:86:92:2f:b3:38:07:d2:ce:b4:db:35:ad:9c:08:99:
ce:8d:32:0b:eb:5f:ee:9b:88:ea:0a:1b:0f:02:08:42:cc:48:
a7:ef:3b:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRIIg581pDDeUtsKLMQMH8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NWE0NzBkYmFiOWMxYzMzNGYwZjg1ZjQxN2NkMWFhNDI1
ZTlmMTMwHhcNMjUwMTA4MjI1NjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjM2YWY1NTg3MDk2ZjBlZjA4ODc5MWY1YWU4MTE5MDcyZGE1Mjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXlmE0+v4SzrVyh6TajVxXhZggFo
/Zn+3a1efuGOkyZLZF2PtxzajU7m5gwkMA0lYfJhQmrRNNP9Y9iQ9doP4HnC4ifb
Za7dXgLh3vi21eDqwNOhMMrFF7CAHax/O2U9GLzT2CSXaIWZuTa0KESrq5mImrZo
bnh4AUINsrRfaCfeN9HY0s8m2mgVRAKgf2u6gNGZjgSBkT/Qu0jocHausmbqeDMy
0Yz4V4tpXh709c3nzg6hVcrTz/pempT2FL2q7oXNkLbGUH+A6Xg6bw1VeuzSqeCD
4y0InRylsfKlF4s/du+POINlw0ne2YSNU1fYReJoZBfoKvhJ1bQ6XCmnNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ82r1WHCW8O8Ih5H1roEZBy2lKWMB8GA1UdIwQY
MBaAFAZaRw26ucHDNPD4X0F80apCXp8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmxwSERicTV3Y00wOFBoZlFYelJxa0plbnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8zNzVhNjctOGM0ZS00YTQ2LTk5Y2Mt
NjUwNzhhN2Y2NWI4LzEvbnphdlZZY0pidzd3aUhrZld1Z1JrSExhVXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8zNzVhNjctOGM0ZS00YTQ2LTk5Y2MtNjUwNzhhN2Y2NWI4
LzEvQmxwSERicTV3Y00wOFBoZlFYelJxa0plbnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0JlMA0G
CSqGSIb3DQEBCwUAA4IBAQA1Ucv/jjmQMczNidRe+JRk2sJQXOD9IJlKEHqIEFOA
cOnISyWKtAz1ly2ilUyVBAOlWPz3cca6mAEkwdeh/Vaz9UNyG99Px+GSyis02cjc
JuSSF6GAyLuBQcfBDflpf8PalIX6N41IW5a/05cVb7dbNOeEMknlRjBnz7wdRSFx
SrZTD4OgmtCh9ttZ/wFv6sirGSFRRO8d5H5p2QKLxb7K2YkuX1+Of2B/YG0vNUlV
ZIiCH/XAP+g0ykT9Xj00m6+aJvpGOaEKXTmcPQ136I7qesd448Oq8WkaM4CGki+z
OAfSzrTbNa2cCJnOjTIL61/um4jqChsPAghCzEin7zuz
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:13:18 2025 by rpki-client