Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3444a6-b2e8-400a-a2b1-7bff1dcb106a/1/9KyF73rehYPV02tjofB2AZLrL40.roa
File: 9KyF73rehYPV02tjofB2AZLrL40.roa (raw, json)
Hash identifier: puNKsT3QO3F9HAC3FWFKHMpsh3lk62Ax5BDntOG9N0s=
Subject key identifier: F4:AC:85:EF:7A:DE:85:83:D5:D3:6B:63:A1:F0:76:01:92:EB:2F:8D
Certificate issuer: /CN=82fffcfadd271623c8d5055d64a93eb3d3425dbc
Certificate serial: 01941F8C864BCC31A97F785ABF1BF2452815
Authority key identifier: 82:FF:FC:FA:DD:27:16:23:C8:D5:05:5D:64:A9:3E:B3:D3:42:5D:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gv_8-t0nFiPI1QVdZKk-s9NCXbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3444a6-b2e8-400a-a2b1-7bff1dcb106a/1/9KyF73rehYPV02tjofB2AZLrL40.roa
Signing time: Wed 01 Jan 2025 01:48:10 +0000
ROA not before: Wed 01 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8727
IP address blocks: 195.190.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:86:4b:cc:31:a9:7f:78:5a:bf:1b:f2:45:28:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82fffcfadd271623c8d5055d64a93eb3d3425dbc
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4ac85ef7ade8583d5d36b63a1f0760192eb2f8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:64:87:04:9c:c2:39:7b:ae:1b:db:cd:b5:24:
7a:a8:9b:f2:45:a1:e6:54:ed:95:ab:6b:a1:d6:68:
09:7f:84:33:9d:53:45:16:54:44:89:3a:89:ad:f1:
b6:d0:03:ca:2e:44:1a:2f:08:b5:ae:19:4b:65:3e:
2b:16:69:df:77:3a:32:65:f9:4e:63:76:ab:7a:db:
ef:6e:73:d0:54:66:4f:41:6b:fc:95:a6:f0:a1:6d:
2d:b4:70:49:2a:66:63:50:a7:1b:a9:a9:34:9e:ee:
da:29:ad:c5:e1:bf:87:11:02:9f:45:27:1b:23:31:
5b:fd:5c:bb:83:59:85:8c:af:2d:1d:94:85:a3:4f:
5f:3a:5e:ce:bc:83:fc:d1:ea:f5:6a:b8:0c:2c:f6:
68:01:d0:a3:f4:9a:f5:4a:4c:cc:3c:ee:0f:f5:46:
fc:0a:42:89:a6:d2:44:8b:0c:b2:24:9f:13:b3:e2:
58:d7:cc:07:16:84:81:a1:90:53:d4:46:d1:f5:3e:
b9:32:24:9a:06:b3:f5:00:32:35:a8:bc:46:b6:eb:
d6:6f:04:1a:57:fa:7d:f1:b1:fa:52:72:33:98:04:
ef:76:26:48:a9:a9:7d:d9:28:0d:d2:92:7c:14:0f:
01:6b:12:07:17:b7:79:19:8e:16:63:c1:99:6e:e0:
d5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AC:85:EF:7A:DE:85:83:D5:D3:6B:63:A1:F0:76:01:92:EB:2F:8D
X509v3 Authority Key Identifier:
keyid:82:FF:FC:FA:DD:27:16:23:C8:D5:05:5D:64:A9:3E:B3:D3:42:5D:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gv_8-t0nFiPI1QVdZKk-s9NCXbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3444a6-b2e8-400a-a2b1-7bff1dcb106a/1/9KyF73rehYPV02tjofB2AZLrL40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3444a6-b2e8-400a-a2b1-7bff1dcb106a/1/gv_8-t0nFiPI1QVdZKk-s9NCXbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:ba:95:52:13:d7:45:1f:2a:b0:47:c3:33:56:6c:08:bb:27:
8c:d0:02:e6:83:25:c4:0a:a4:31:37:07:d1:4d:ae:50:d2:78:
be:17:0b:c9:6b:4e:cc:a6:b4:40:70:d6:1d:fe:08:c3:40:ee:
c5:1a:e4:42:a2:24:2b:a1:5a:4f:18:84:a3:22:a3:25:f5:81:
d2:67:4a:df:c1:a3:4f:ab:1f:31:0b:d7:a7:68:27:5b:7a:72:
a7:66:43:e7:7f:e4:56:c0:0a:d7:f7:b5:d0:bc:b4:c6:09:43:
20:00:27:2c:2b:1c:35:1c:0d:2e:30:ef:32:32:68:71:3c:9a:
88:9a:1c:23:50:88:78:47:0d:ca:f1:35:7f:b9:11:50:90:36:
4c:4b:4c:81:87:c7:d7:11:e3:b8:23:fb:c3:7e:66:4a:2b:0e:
b3:48:80:f4:8d:71:a2:b9:fe:5d:cb:01:36:5c:f3:02:f9:fc:
86:17:db:44:58:23:a6:8f:5e:99:76:98:07:e5:2d:8d:42:32:
c8:85:f1:57:98:84:05:de:26:dc:6a:e8:f8:d5:13:f2:db:7d:
23:0d:8c:9e:d1:ca:6f:99:f7:b1:0b:ca:37:d2:dd:09:84:ce:
17:0e:bf:5c:21:43:64:3b:40:eb:17:0a:22:8f:02:e1:4c:46:
39:a6:f8:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjIZLzDGpf3havxvyRSgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZmZmY2ZhZGQyNzE2MjNjOGQ1MDU1ZDY0YTkzZWIzZDM0
MjVkYmMwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGFjODVlZjdhZGU4NTgzZDVkMzZiNjNhMWYwNzYwMTkyZWIyZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGSHBJzCOXuuG9vNtSR6qJvyRaHm
VO2Vq2uh1mgJf4QznVNFFlREiTqJrfG20APKLkQaLwi1rhlLZT4rFmnfdzoyZflO
Y3aretvvbnPQVGZPQWv8labwoW0ttHBJKmZjUKcbqak0nu7aKa3F4b+HEQKfRScb
IzFb/Vy7g1mFjK8tHZSFo09fOl7OvIP80er1argMLPZoAdCj9Jr1SkzMPO4P9Ub8
CkKJptJEiwyyJJ8Ts+JY18wHFoSBoZBT1EbR9T65MiSaBrP1ADI1qLxGtuvWbwQa
V/p98bH6UnIzmATvdiZIqal92SgN0pJ8FA8BaxIHF7d5GY4WY8GZbuDVgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSshe963oWD1dNrY6HwdgGS6y+NMB8GA1UdIwQY
MBaAFIL//PrdJxYjyNUFXWSpPrPTQl28MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3ZfOC10MG5GaVBJMVFWZFpLay1zOU5DWGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zNDQ0YTYtYjJlOC00MDBhLWEyYjEt
N2JmZjFkY2IxMDZhLzEvOUt5RjczcmVoWVBWMDJ0am9mQjJBWkxyTDQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zNDQ0YTYtYjJlOC00MDBhLWEyYjEtN2JmZjFkY2IxMDZh
LzEvZ3ZfOC10MG5GaVBJMVFWZFpLay1zOU5DWGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw76BMA0G
CSqGSIb3DQEBCwUAA4IBAQArupVSE9dFHyqwR8MzVmwIuyeM0ALmgyXECqQxNwfR
Ta5Q0ni+FwvJa07MprRAcNYd/gjDQO7FGuRCoiQroVpPGISjIqMl9YHSZ0rfwaNP
qx8xC9enaCdbenKnZkPnf+RWwArX97XQvLTGCUMgACcsKxw1HA0uMO8yMmhxPJqI
mhwjUIh4Rw3K8TV/uRFQkDZMS0yBh8fXEeO4I/vDfmZKKw6zSID0jXGiuf5dywE2
XPMC+fyGF9tEWCOmj16ZdpgH5S2NQjLIhfFXmIQF3ibcauj41RPy230jDYye0cpv
mfexC8o30t0JhM4XDr9cIUNkO0DrFwoijwLhTEY5pvgP
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:06:48 2025 by rpki-client