Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/aEJUX-P3iWzm8iZ2YmNhX1BUm-w.roa
File: aEJUX-P3iWzm8iZ2YmNhX1BUm-w.roa (raw, json)
Hash identifier: UCW6fp2JBu8X3L8wVEatff2uZp8yn3edNh91K1NyH88=
Subject key identifier: 68:42:54:5F:E3:F7:89:6C:E6:F2:26:76:62:63:61:5F:50:54:9B:EC
Certificate issuer: /CN=2004d6293274396f5a8d691485d6876a0a2071d9
Certificate serial: 019423D743D4EC3AE57F73F897455F6F9264
Authority key identifier: 20:04:D6:29:32:74:39:6F:5A:8D:69:14:85:D6:87:6A:0A:20:71:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IATWKTJ0OW9ajWkUhdaHagogcdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/aEJUX-P3iWzm8iZ2YmNhX1BUm-w.roa
Signing time: Wed 01 Jan 2025 21:48:17 +0000
ROA not before: Wed 01 Jan 2025 21:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35073
IP address blocks: 195.238.254.0/24 maxlen: 24
2001:67c:18fc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:43:d4:ec:3a:e5:7f:73:f8:97:45:5f:6f:92:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2004d6293274396f5a8d691485d6876a0a2071d9
Validity
Not Before: Jan 1 21:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6842545fe3f7896ce6f226766263615f50549bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:71:71:01:fc:55:da:d7:44:7e:4e:54:1e:8d:
4a:15:bd:d1:89:bc:c3:ab:cc:7d:04:1c:79:c4:3e:
0b:2b:c5:96:37:64:62:87:14:88:ae:5f:fc:79:9d:
a0:50:c4:1e:a6:f9:a8:2f:ac:1e:e9:ec:50:bb:73:
0b:57:a8:f6:88:f9:a9:d4:13:a7:aa:69:f4:82:2c:
b6:db:63:ee:3b:a4:81:ea:3a:fb:46:90:d5:70:1e:
3f:18:35:cd:32:39:ec:cb:4b:4f:06:e2:7f:85:3d:
a8:e9:e6:dd:f9:f3:12:c2:ba:18:d5:5f:84:c4:6e:
a9:20:2c:59:8b:7b:d7:36:02:01:da:35:ee:82:a7:
4f:9a:25:93:53:41:41:ed:0b:84:f5:b5:b0:6f:cb:
9f:bb:22:80:a0:68:c8:04:dd:60:18:97:32:53:3c:
66:2d:22:1b:f6:0c:16:19:1e:4d:00:ac:d3:7a:d1:
09:b3:28:9e:9e:f2:1b:50:9d:92:34:08:fa:74:a0:
99:28:fc:18:94:b0:bf:53:2b:d2:57:bd:02:55:6b:
59:b6:bd:28:1d:b5:d9:73:b8:e7:1e:73:9d:7d:95:
06:76:9a:de:d8:6e:28:e5:8b:d1:ad:66:a7:6f:58:
83:17:5c:00:c0:8d:a1:5b:1c:d3:60:41:98:d5:c7:
92:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:42:54:5F:E3:F7:89:6C:E6:F2:26:76:62:63:61:5F:50:54:9B:EC
X509v3 Authority Key Identifier:
keyid:20:04:D6:29:32:74:39:6F:5A:8D:69:14:85:D6:87:6A:0A:20:71:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IATWKTJ0OW9ajWkUhdaHagogcdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/aEJUX-P3iWzm8iZ2YmNhX1BUm-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.254.0/24
IPv6:
2001:67c:18fc::/48
Signature Algorithm: sha256WithRSAEncryption
c0:03:8d:52:d4:40:a6:1a:1c:2d:a9:67:e8:a0:15:84:c5:35:
53:9d:fe:30:60:33:6c:ef:79:3f:ad:bf:8c:11:33:f8:06:7c:
23:8f:77:76:53:a7:6c:0a:fa:9e:4d:83:e0:e4:d4:70:23:f8:
10:b0:e6:ab:51:bb:57:8c:86:06:a3:35:19:ee:fb:ef:9f:d0:
8a:71:b5:d9:c9:20:73:9f:9f:2e:4e:53:db:8c:ba:ac:c6:ca:
6f:ba:d5:a4:84:f1:57:0a:8f:52:64:56:85:67:5f:24:f4:3c:
26:80:a0:90:08:3f:19:e4:7c:92:c9:22:c4:59:0e:b5:c8:f1:
1d:01:d2:d3:7d:82:a0:10:78:48:25:51:3f:a4:72:6c:88:16:
93:3c:12:20:d1:fd:75:a6:4c:b5:b7:8a:2c:b5:95:2f:f6:ff:
23:ac:a8:f5:4b:56:a3:7f:85:1c:f3:78:f7:23:ef:0f:cd:44:
34:4e:7b:25:7d:87:10:13:e0:1f:d8:c1:06:02:54:85:ee:df:
fa:e4:03:fd:c1:33:fa:11:6d:a9:26:2a:db:ca:4d:3b:4b:a0:
2b:4e:e0:ed:e2:97:16:b3:6c:10:8c:4e:8a:d0:e2:31:bc:e9:
d2:bc:2c:b5:45:6a:6f:db:ba:d4:f4:04:1d:19:39:98:9b:a2:
14:b3:85:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQj10PU7Drlf3P4l0Vfb5JkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMDRkNjI5MzI3NDM5NmY1YThkNjkxNDg1ZDY4NzZhMGEy
MDcxZDkwHhcNMjUwMTAxMjE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODQyNTQ1ZmUzZjc4OTZjZTZmMjI2NzY2MjYzNjE1ZjUwNTQ5YmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonFxAfxV2tdEfk5UHo1KFb3RibzD
q8x9BBx5xD4LK8WWN2RihxSIrl/8eZ2gUMQepvmoL6we6exQu3MLV6j2iPmp1BOn
qmn0giy222PuO6SB6jr7RpDVcB4/GDXNMjnsy0tPBuJ/hT2o6ebd+fMSwroY1V+E
xG6pICxZi3vXNgIB2jXugqdPmiWTU0FB7QuE9bWwb8ufuyKAoGjIBN1gGJcyUzxm
LSIb9gwWGR5NAKzTetEJsyienvIbUJ2SNAj6dKCZKPwYlLC/UyvSV70CVWtZtr0o
HbXZc7jnHnOdfZUGdpre2G4o5YvRrWanb1iDF1wAwI2hWxzTYEGY1ceS9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGhCVF/j94ls5vImdmJjYV9QVJvsMB8GA1UdIwQY
MBaAFCAE1ikydDlvWo1pFIXWh2oKIHHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUFUV0tUSjBPVzlhaldrVWhkYUhhZ29nY2RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZTVjYmQtNGQ1YS00ZWQ2LWIxYzIt
NGVmOWNjNzUxNTE3LzEvYUVKVVgtUDNpV3ptOGlaMlltTmhYMUJVbS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85ZTVjYmQtNGQ1YS00ZWQ2LWIxYzItNGVmOWNjNzUxNTE3
LzEvSUFUV0tUSjBPVzlhaldrVWhkYUhhZ29nY2RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw+7+MA8E
AgACMAkDBwAgAQZ8GPwwDQYJKoZIhvcNAQELBQADggEBAMADjVLUQKYaHC2pZ+ig
FYTFNVOd/jBgM2zveT+tv4wRM/gGfCOPd3ZTp2wK+p5Ng+Dk1HAj+BCw5qtRu1eM
hgajNRnu+++f0IpxtdnJIHOfny5OU9uMuqzGym+61aSE8VcKj1JkVoVnXyT0PCaA
oJAIPxnkfJLJIsRZDrXI8R0B0tN9gqAQeEglUT+kcmyIFpM8EiDR/XWmTLW3iiy1
lS/2/yOsqPVLVqN/hRzzePcj7w/NRDROeyV9hxAT4B/YwQYCVIXu3/rkA/3BM/oR
bakmKtvKTTtLoCtO4O3ilxazbBCMTorQ4jG86dK8LLVFam/butT0BB0ZOZibohSz
hdc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:21:21 2025 by rpki-client