Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/kBHxm6YjgeKHTQvZgGTtm08z4Ic.roa
File: kBHxm6YjgeKHTQvZgGTtm08z4Ic.roa (raw, json)
Hash identifier: 6XvS8I0eMxHzrFUCIjOE9Aehjizs5kg4EFHAIoePW0g=
Subject key identifier: 90:11:F1:9B:A6:23:81:E2:87:4D:0B:D9:80:64:ED:9B:4F:33:E0:87
Certificate issuer: /CN=a40a081fba8fb33efb46259ef93f6878d70150eb
Certificate serial: 01941FFA5DAD576C3E1F4CC5F36721DB40DE
Authority key identifier: A4:0A:08:1F:BA:8F:B3:3E:FB:46:25:9E:F9:3F:68:78:D7:01:50:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAoIH7qPsz77RiWe-T9oeNcBUOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/kBHxm6YjgeKHTQvZgGTtm08z4Ic.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25238
IP address blocks: 195.234.204.0/22 maxlen: 22
195.234.204.0/23 maxlen: 23
195.234.206.0/23 maxlen: 23
2001:67c:2620::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5d:ad:57:6c:3e:1f:4c:c5:f3:67:21:db:40:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a40a081fba8fb33efb46259ef93f6878d70150eb
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9011f19ba62381e2874d0bd98064ed9b4f33e087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c7:26:4c:f1:5e:91:4c:03:3e:36:b4:dd:37:
61:f6:c9:29:83:eb:6c:60:8c:2f:4d:30:92:06:ff:
3a:2d:6a:81:39:b8:ca:74:d7:c6:28:19:77:35:c6:
bb:c8:d0:4d:9f:b7:fd:9b:d8:4f:8e:db:8d:12:74:
66:59:7f:76:4b:6b:96:8e:d0:e9:2c:67:8c:f1:e0:
a6:6a:17:7c:66:48:bb:63:28:cf:ab:3b:09:b3:27:
8f:ae:9f:87:cc:8f:f5:04:10:fe:cc:bc:28:f1:b0:
f1:ed:b3:87:80:fd:37:f5:b4:18:21:3c:f2:8e:74:
65:91:3d:b2:d8:b4:bb:48:2e:a7:a2:9b:d3:3d:b1:
05:6a:8e:fd:29:8b:1b:60:d1:a2:fa:c1:e7:3b:2b:
be:6b:9f:cf:6e:db:ab:e1:07:be:3d:52:13:5d:2d:
43:81:26:c6:64:81:49:4e:67:e3:d3:9e:13:ba:b0:
c8:a1:5c:bf:a8:13:9b:99:73:59:8f:3b:d0:83:5d:
53:e7:6f:4a:f7:f7:23:47:b7:7b:bc:ba:3b:c9:c6:
b3:ca:50:31:92:0b:a1:42:26:6d:15:a9:1e:ea:a5:
cd:51:4e:2a:de:47:da:4f:0f:c3:57:19:34:40:1f:
c3:5f:6d:37:5c:9f:c1:33:42:bb:fe:4c:bf:84:c3:
45:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:11:F1:9B:A6:23:81:E2:87:4D:0B:D9:80:64:ED:9B:4F:33:E0:87
X509v3 Authority Key Identifier:
keyid:A4:0A:08:1F:BA:8F:B3:3E:FB:46:25:9E:F9:3F:68:78:D7:01:50:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAoIH7qPsz77RiWe-T9oeNcBUOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/kBHxm6YjgeKHTQvZgGTtm08z4Ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/pAoIH7qPsz77RiWe-T9oeNcBUOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.204.0/22
IPv6:
2001:67c:2620::/48
Signature Algorithm: sha256WithRSAEncryption
57:a0:3e:10:45:52:e7:ea:f3:76:c1:df:5e:26:9c:d2:47:02:
b4:42:f3:51:a0:d4:06:ef:54:a5:46:8e:f8:c9:7e:21:6a:aa:
8c:52:99:b4:49:49:12:38:f1:c7:a8:22:fe:4e:06:43:b3:1c:
6e:c5:5e:d9:87:c9:48:24:06:92:d2:a8:dd:29:2a:81:c1:fb:
97:c1:5b:ff:2f:e2:65:ab:28:20:50:ab:31:2d:82:47:1a:8b:
8e:a7:98:c0:67:8b:80:9b:ef:8c:31:7f:9e:a9:ab:e3:18:4b:
16:56:2a:aa:58:18:e8:6a:3f:d3:20:9b:83:4b:1b:0f:64:40:
2e:c7:0a:ca:8e:57:5c:37:04:df:3a:39:40:e8:f9:38:f7:72:
36:d5:11:9f:00:73:30:68:68:3b:8e:ba:61:4f:f7:a2:38:2d:
83:9d:d7:c6:94:82:4b:c5:7c:7a:10:be:9c:75:8e:ee:78:7c:
4d:e1:d9:08:98:27:cb:f0:08:73:7e:b0:59:bf:86:eb:e9:dd:
5d:42:9c:59:90:fa:72:5f:f7:67:e1:08:9c:14:f6:19:5f:b4:
8a:a9:7e:10:a2:a3:04:bc:e7:c8:5c:71:7e:93:97:90:c8:fd:
61:71:09:01:c2:da:c3:b1:0b:fc:aa:57:c6:f4:32:41:01:84:
9b:02:e2:ea
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+l2tV2w+H0zF82ch20DeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MGEwODFmYmE4ZmIzM2VmYjQ2MjU5ZWY5M2Y2ODc4ZDcw
MTUwZWIwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDExZjE5YmE2MjM4MWUyODc0ZDBiZDk4MDY0ZWQ5YjRmMzNlMDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjccmTPFekUwDPja03Tdh9skpg+ts
YIwvTTCSBv86LWqBObjKdNfGKBl3Nca7yNBNn7f9m9hPjtuNEnRmWX92S2uWjtDp
LGeM8eCmahd8Zki7YyjPqzsJsyePrp+HzI/1BBD+zLwo8bDx7bOHgP039bQYITzy
jnRlkT2y2LS7SC6nopvTPbEFao79KYsbYNGi+sHnOyu+a5/Pbtur4Qe+PVITXS1D
gSbGZIFJTmfj054TurDIoVy/qBObmXNZjzvQg11T529K9/cjR7d7vLo7ycazylAx
kguhQiZtFake6qXNUU4q3kfaTw/DVxk0QB/DX203XJ/BM0K7/ky/hMNFEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJAR8ZumI4Hih00L2YBk7ZtPM+CHMB8GA1UdIwQY
MBaAFKQKCB+6j7M++0Ylnvk/aHjXAVDrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFvSUg3cVBzejc3UmlXZS1UOW9lTmNCVU9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jYjI3YTAtOTRkMi00OWFhLTg1ZWEt
YWU5MWU0NjYyZDkzLzEva0JIeG02WWpnZUtIVFF2WmdHVHRtMDh6NEljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jYjI3YTAtOTRkMi00OWFhLTg1ZWEtYWU5MWU0NjYyZDkz
LzEvcEFvSUg3cVBzejc3UmlXZS1UOW9lTmNCVU9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCw+rMMA8E
AgACMAkDBwAgAQZ8JiAwDQYJKoZIhvcNAQELBQADggEBAFegPhBFUufq83bB314m
nNJHArRC81Gg1AbvVKVGjvjJfiFqqoxSmbRJSRI48ceoIv5OBkOzHG7FXtmHyUgk
BpLSqN0pKoHB+5fBW/8v4mWrKCBQqzEtgkcai46nmMBni4Cb74wxf56pq+MYSxZW
KqpYGOhqP9Mgm4NLGw9kQC7HCsqOV1w3BN86OUDo+Tj3cjbVEZ8AczBoaDuOumFP
96I4LYOd18aUgkvFfHoQvpx1ju54fE3h2QiYJ8vwCHN+sFm/huvp3V1CnFmQ+nJf
92fhCJwU9hlftIqpfhCiowS858hccX6Tl5DI/WFxCQHC2sOxC/yqV8b0MkEBhJsC
4uo=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:36:41 2025 by rpki-client