Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/PiMCmpetvGyOad9hAP8fiU1Qa8U.roa
File: PiMCmpetvGyOad9hAP8fiU1Qa8U.roa (raw, json)
Hash identifier: W2k0p2aLpcmF1pGu+mKgyVPY0tAWg3LNT6+Z7BuBqqY=
Subject key identifier: 3E:23:02:9A:97:AD:BC:6C:8E:69:DF:61:00:FF:1F:89:4D:50:6B:C5
Certificate issuer: /CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Certificate serial: 0194228D441E141F4FA417ED6EF4F003953A
Authority key identifier: 20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/PiMCmpetvGyOad9hAP8fiU1Qa8U.roa
Signing time: Wed 01 Jan 2025 15:47:50 +0000
ROA not before: Wed 01 Jan 2025 15:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47796
IP address blocks: 195.245.70.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:44:1e:14:1f:4f:a4:17:ed:6e:f4:f0:03:95:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Validity
Not Before: Jan 1 15:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e23029a97adbc6c8e69df6100ff1f894d506bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2b:70:31:45:ca:98:cc:5f:14:ce:05:94:bc:
e2:85:ae:59:f8:57:e2:a6:9b:32:d3:f3:28:2a:97:
cb:bb:b7:0d:ff:c1:d7:0f:f5:8a:bf:57:d5:98:b4:
bc:8b:bf:9f:8f:36:f9:b1:09:90:70:73:61:34:fd:
ce:d6:d4:6b:bc:c2:79:98:8a:0d:5b:4e:a1:4c:94:
04:68:58:de:9e:c0:66:d9:ea:b3:fc:a8:f7:be:f0:
bb:35:55:d5:01:85:8f:94:82:68:de:82:9d:34:63:
08:9f:63:bf:fa:80:50:60:95:9d:78:f0:94:4d:16:
05:b4:c1:1e:c8:7d:f8:bc:7f:1c:16:05:1f:34:f1:
0c:16:bb:7a:cc:9e:74:7c:44:71:45:bd:ad:4c:22:
65:20:74:05:74:a6:ec:af:3b:34:ab:f7:3b:3d:94:
c2:8e:3e:5f:4a:50:26:bb:c4:dc:aa:e1:3c:a6:f2:
85:0f:8b:4b:55:a8:55:80:51:23:8f:e3:14:3c:be:
35:9a:e7:c0:f4:8f:8a:67:33:d5:55:ec:15:74:e1:
ee:ba:23:7e:b8:5f:e4:05:3e:be:54:70:c4:d7:35:
58:84:31:01:be:3e:be:67:95:fc:c6:1f:ce:b6:0c:
29:9e:22:43:06:b9:5f:98:ee:db:37:2d:41:7c:8f:
60:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:23:02:9A:97:AD:BC:6C:8E:69:DF:61:00:FF:1F:89:4D:50:6B:C5
X509v3 Authority Key Identifier:
keyid:20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/PiMCmpetvGyOad9hAP8fiU1Qa8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.245.70.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:23:66:87:57:29:93:5a:28:b5:47:df:38:71:54:fe:84:ed:
af:52:0b:f1:cf:ee:e2:6c:fc:a5:f0:ae:ca:a3:b6:21:7d:2c:
f3:ee:d3:5c:9e:04:f7:71:ea:cd:37:bb:c7:4c:72:16:69:14:
24:78:4b:28:47:02:7d:db:28:f9:66:3c:cf:67:69:6f:48:5c:
a6:83:c4:d8:98:6a:6e:1a:67:ae:1b:71:6c:f6:91:3a:7a:45:
82:bd:91:08:7d:90:02:8a:81:39:a1:aa:26:81:da:03:5a:fe:
a7:d5:5c:04:27:54:13:c0:16:01:df:d3:cf:10:a4:49:a1:4c:
ed:cf:ba:7a:8a:a6:fd:4a:aa:79:11:48:c2:28:e0:98:b4:8b:
71:f5:d8:86:92:35:a1:7d:61:9a:da:40:fb:db:bb:ef:d0:40:
6b:7b:99:e3:a5:b8:3b:06:3d:bf:ee:62:b6:97:5e:b1:1a:3c:
0e:d4:bd:00:e1:ce:e9:49:e8:99:55:61:a2:fb:a5:32:6e:8c:
4f:6a:8d:d2:4f:05:39:40:83:86:59:32:88:dd:1e:80:94:ea:
a6:e9:66:8d:56:54:17:2a:a4:e1:ff:0d:09:c2:9d:98:1a:b4:
0d:3a:b9:e3:10:c6:de:8e:95:20:68:e3:81:23:b7:7e:74:c9:
47:8e:48:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijUQeFB9PpBftbvTwA5U6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2Q1NzQyODRhNjAxOGU1YjAzNjM1ZTlhNWQ2NThmZGY1
NzM0ZjAwHhcNMjUwMTAxMTU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTIzMDI5YTk3YWRiYzZjOGU2OWRmNjEwMGZmMWY4OTRkNTA2YmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwStwMUXKmMxfFM4FlLziha5Z+Ffi
ppsy0/MoKpfLu7cN/8HXD/WKv1fVmLS8i7+fjzb5sQmQcHNhNP3O1tRrvMJ5mIoN
W06hTJQEaFjensBm2eqz/Kj3vvC7NVXVAYWPlIJo3oKdNGMIn2O/+oBQYJWdePCU
TRYFtMEeyH34vH8cFgUfNPEMFrt6zJ50fERxRb2tTCJlIHQFdKbsrzs0q/c7PZTC
jj5fSlAmu8TcquE8pvKFD4tLVahVgFEjj+MUPL41mufA9I+KZzPVVewVdOHuuiN+
uF/kBT6+VHDE1zVYhDEBvj6+Z5X8xh/OtgwpniJDBrlfmO7bNy1BfI9gwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD4jApqXrbxsjmnfYQD/H4lNUGvFMB8GA1UdIwQY
MBaAFCDNV0KEpgGOWwNjXppdZY/fVzTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9jMjE2Y2EtYWE5ZC00ZDIxLTg0MWUt
NDliNTY4N2ZlZTZkLzEvUGlNQ21wZXR2R3lPYWQ5aEFQOGZpVTFRYThVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9jMjE2Y2EtYWE5ZC00ZDIxLTg0MWUtNDliNTY4N2ZlZTZk
LzEvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/VGMA0G
CSqGSIb3DQEBCwUAA4IBAQDCI2aHVymTWii1R984cVT+hO2vUgvxz+7ibPyl8K7K
o7YhfSzz7tNcngT3cerNN7vHTHIWaRQkeEsoRwJ92yj5ZjzPZ2lvSFymg8TYmGpu
GmeuG3Fs9pE6ekWCvZEIfZACioE5oaomgdoDWv6n1VwEJ1QTwBYB39PPEKRJoUzt
z7p6iqb9Sqp5EUjCKOCYtItx9diGkjWhfWGa2kD727vv0EBre5njpbg7Bj2/7mK2
l16xGjwO1L0A4c7pSeiZVWGi+6UyboxPao3STwU5QIOGWTKI3R6AlOqm6WaNVlQX
KqTh/w0Jwp2YGrQNOrnjEMbejpUgaOOBI7d+dMlHjkjc
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:18:50 2025 by rpki-client