Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/03afc6-88f5-4660-8015-64c9c2cc9609/1/s3TIKJMGO-H8fbbN5SX9DjrKZbg.roa
File: s3TIKJMGO-H8fbbN5SX9DjrKZbg.roa (raw, json)
Hash identifier: nJZCH4ElBXirrkbsvqmvn6OniRKSBo6O3OjFqSqnuAA=
Subject key identifier: B3:74:C8:28:93:06:3B:E1:FC:7D:B6:CD:E5:25:FD:0E:3A:CA:65:B8
Certificate issuer: /CN=0db0f9f755b0e303cc16d1a633f958c036034945
Certificate serial: 019427483ED7B7A82A12CF4B47074C0E493B
Authority key identifier: 0D:B0:F9:F7:55:B0:E3:03:CC:16:D1:A6:33:F9:58:C0:36:03:49:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbD591Ww4wPMFtGmM_lYwDYDSUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/03afc6-88f5-4660-8015-64c9c2cc9609/1/s3TIKJMGO-H8fbbN5SX9DjrKZbg.roa
Signing time: Thu 02 Jan 2025 13:50:33 +0000
ROA not before: Thu 02 Jan 2025 13:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15966
IP address blocks: 95.128.0.0/21 maxlen: 21
2a01:a640::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:3e:d7:b7:a8:2a:12:cf:4b:47:07:4c:0e:49:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db0f9f755b0e303cc16d1a633f958c036034945
Validity
Not Before: Jan 2 13:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b374c82893063be1fc7db6cde525fd0e3aca65b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6c:17:d2:59:d7:3b:eb:38:52:10:82:49:fe:
2b:7b:4d:d5:b9:a7:38:17:ce:48:e4:b1:b5:28:60:
33:3e:88:8c:24:34:80:aa:d1:20:bd:69:36:76:12:
dc:7c:ae:7b:52:a3:a9:e6:aa:83:6c:73:b3:de:52:
ae:95:3a:58:7f:d8:74:a9:0c:8b:8e:2a:cf:ff:c8:
d2:0a:cb:5f:88:82:80:70:ff:69:69:37:09:77:2b:
44:d0:b8:9e:5f:98:d1:1c:ae:07:1c:15:b1:15:29:
e6:90:e3:40:1b:d6:1e:f9:c3:80:18:75:3d:b4:4c:
d2:73:79:93:5c:bd:04:51:c7:55:76:45:ad:fc:fe:
1e:e6:33:e1:66:50:f0:41:f4:1c:c7:a8:ab:19:8f:
33:a7:bd:ab:f4:9b:3e:fb:91:ce:a4:e7:ef:63:70:
9d:bc:d7:c3:4e:bd:bf:28:ae:7b:b1:61:aa:af:b4:
1e:1a:26:04:af:fd:4a:24:52:98:72:ee:f3:bb:58:
4e:c0:a4:8f:2a:c2:de:07:41:8b:60:06:fd:3b:b2:
a5:4a:16:4b:ac:d2:ab:26:b3:f8:0d:7c:a5:47:98:
4d:c5:31:fd:25:30:23:8b:21:58:f8:56:ec:b4:1e:
4f:d2:4a:a4:49:d8:6c:f6:ee:a9:e8:de:9d:87:ce:
69:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:74:C8:28:93:06:3B:E1:FC:7D:B6:CD:E5:25:FD:0E:3A:CA:65:B8
X509v3 Authority Key Identifier:
keyid:0D:B0:F9:F7:55:B0:E3:03:CC:16:D1:A6:33:F9:58:C0:36:03:49:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbD591Ww4wPMFtGmM_lYwDYDSUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/03afc6-88f5-4660-8015-64c9c2cc9609/1/s3TIKJMGO-H8fbbN5SX9DjrKZbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/03afc6-88f5-4660-8015-64c9c2cc9609/1/DbD591Ww4wPMFtGmM_lYwDYDSUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.0.0/21
IPv6:
2a01:a640::/32
Signature Algorithm: sha256WithRSAEncryption
6c:58:a6:69:ea:0b:a5:a6:c1:ab:03:22:49:86:64:e4:0b:c2:
6c:52:cf:a6:b3:5b:af:43:71:0a:42:ea:09:96:29:85:78:3a:
07:d8:ae:be:09:5f:6d:a2:b1:e8:ab:ab:64:a5:37:19:b9:49:
60:1c:26:17:95:db:0f:c1:f7:c9:b4:22:7f:17:f6:02:e0:e8:
e9:04:5b:37:e1:93:32:00:e1:3b:b3:8c:f8:83:c8:46:08:18:
bd:35:29:e6:20:61:e0:30:dd:8a:2c:94:e8:f3:60:fe:1d:7b:
d9:e3:4c:f3:23:9c:75:ed:ae:13:a6:3c:fd:03:0d:c9:d8:a8:
f3:2b:b8:4f:dd:e3:d8:76:70:93:e5:5e:28:0f:34:60:5c:62:
8a:4c:91:46:81:88:57:bd:60:c8:6b:23:d3:8d:81:fb:f9:c7:
23:bc:fa:78:b7:57:42:ed:ce:ee:2f:02:8c:2f:bb:52:42:0b:
a3:30:90:de:b5:d2:d8:40:81:60:85:64:1a:b4:81:da:81:80:
c8:ce:8a:84:47:f0:30:c1:72:e5:d9:f8:f3:66:d2:00:63:8f:
68:6e:ab:96:12:35:8b:d9:58:a8:e8:79:2b:69:84:e5:f1:43:
17:15:9e:20:1b:13:80:85:3f:af:b5:25:09:f6:01:64:52:a0:
ba:a2:c7:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSD7Xt6gqEs9LRwdMDkk7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjBmOWY3NTViMGUzMDNjYzE2ZDFhNjMzZjk1OGMwMzYw
MzQ5NDUwHhcNMjUwMTAyMTM1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzc0YzgyODkzMDYzYmUxZmM3ZGI2Y2RlNTI1ZmQwZTNhY2E2NWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmwX0lnXO+s4UhCCSf4re03Vuac4
F85I5LG1KGAzPoiMJDSAqtEgvWk2dhLcfK57UqOp5qqDbHOz3lKulTpYf9h0qQyL
jirP/8jSCstfiIKAcP9paTcJdytE0LieX5jRHK4HHBWxFSnmkONAG9Ye+cOAGHU9
tEzSc3mTXL0EUcdVdkWt/P4e5jPhZlDwQfQcx6irGY8zp72r9Js++5HOpOfvY3Cd
vNfDTr2/KK57sWGqr7QeGiYEr/1KJFKYcu7zu1hOwKSPKsLeB0GLYAb9O7KlShZL
rNKrJrP4DXylR5hNxTH9JTAjiyFY+FbstB5P0kqkSdhs9u6p6N6dh85pzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLN0yCiTBjvh/H22zeUl/Q46ymW4MB8GA1UdIwQY
MBaAFA2w+fdVsOMDzBbRpjP5WMA2A0lFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJENTkxV3c0d1BNRnRHbU1fbFl3RFlEU1VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wM2FmYzYtODhmNS00NjYwLTgwMTUt
NjRjOWMyY2M5NjA5LzEvczNUSUtKTUdPLUg4ZmJiTjVTWDlEanJLWmJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wM2FmYzYtODhmNS00NjYwLTgwMTUtNjRjOWMyY2M5NjA5
LzEvRGJENTkxV3c0d1BNRnRHbU1fbFl3RFlEU1VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDX4AAMA0E
AgACMAcDBQAqAaZAMA0GCSqGSIb3DQEBCwUAA4IBAQBsWKZp6gulpsGrAyJJhmTk
C8JsUs+ms1uvQ3EKQuoJlimFeDoH2K6+CV9torHoq6tkpTcZuUlgHCYXldsPwffJ
tCJ/F/YC4OjpBFs34ZMyAOE7s4z4g8hGCBi9NSnmIGHgMN2KLJTo82D+HXvZ40zz
I5x17a4Tpjz9Aw3J2KjzK7hP3ePYdnCT5V4oDzRgXGKKTJFGgYhXvWDIayPTjYH7
+ccjvPp4t1dC7c7uLwKML7tSQgujMJDetdLYQIFghWQatIHagYDIzoqER/AwwXLl
2fjzZtIAY49obquWEjWL2Vio6HkraYTl8UMXFZ4gGxOAhT+vtSUJ9gFkUqC6osfX
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:26:19 2025 by rpki-client