Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/09kK1ESpBv8LiYB9wN6M6ItCuW8.roa
File: 09kK1ESpBv8LiYB9wN6M6ItCuW8.roa (raw, json)
Hash identifier: knJCckrITclIVMheMGK5cxyj8YBBf+peiHkDGIWIF80=
Subject key identifier: D3:D9:0A:D4:44:A9:06:FF:0B:89:80:7D:C0:DE:8C:E8:8B:42:B9:6F
Certificate issuer: /CN=84db747b289717a0684cd6ac82307aa67bb2d7bb
Certificate serial: 019427B6155E656EAD9C381B46D18960E41B
Authority key identifier: 84:DB:74:7B:28:97:17:A0:68:4C:D6:AC:82:30:7A:A6:7B:B2:D7:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/09kK1ESpBv8LiYB9wN6M6ItCuW8.roa
Signing time: Thu 02 Jan 2025 15:50:31 +0000
ROA not before: Thu 02 Jan 2025 15:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39729
IP address blocks: 195.110.100.0/23 maxlen: 24
195.110.102.0/23 maxlen: 24
195.110.104.0/23 maxlen: 24
195.110.107.0/24 maxlen: 24
195.110.112.0/24 maxlen: 24
195.110.118.0/23 maxlen: 24
195.110.120.0/23 maxlen: 24
195.110.122.0/23 maxlen: 24
195.110.124.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:15:5e:65:6e:ad:9c:38:1b:46:d1:89:60:e4:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84db747b289717a0684cd6ac82307aa67bb2d7bb
Validity
Not Before: Jan 2 15:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3d90ad444a906ff0b89807dc0de8ce88b42b96f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cd:01:6d:2d:dd:a2:1c:37:75:83:ed:9b:51:
54:2b:fc:88:d5:86:29:18:e4:90:e4:49:1a:bf:c5:
d0:32:f4:d4:3f:cb:96:51:0e:6c:ff:13:c7:7e:a5:
0d:03:d6:1d:20:00:27:45:2f:24:a3:45:b4:1f:ce:
49:29:2a:ae:1b:1c:ba:14:bf:ba:4b:e7:24:2e:07:
0d:71:22:c7:ec:02:46:88:f4:08:a3:cf:71:9f:0f:
a7:de:a6:41:19:4d:9c:1a:ad:a5:0c:fe:56:15:44:
5f:a7:fe:88:57:77:f3:5f:77:1c:b1:2c:9e:d8:c3:
0c:0b:ef:ee:83:f3:ed:d2:94:65:df:7b:6d:e1:87:
47:04:3b:fc:17:0a:a5:c8:67:40:b8:92:74:74:bb:
f9:c4:e2:45:b8:b3:bb:fb:52:b3:68:39:a6:03:d1:
0e:a0:85:b4:1f:bc:07:d1:0f:63:a4:d8:58:ab:de:
82:1e:7f:a4:33:8d:3b:e3:a1:75:7c:b2:43:ce:7b:
42:45:95:48:a6:aa:dc:6e:68:24:12:4b:5c:a5:4c:
2b:9b:62:9d:77:8e:c5:01:c8:57:ab:20:c7:07:3d:
91:71:2c:8e:48:b8:72:0c:ba:2e:96:90:b9:b9:7b:
11:77:2f:a0:fd:26:56:6c:bb:3f:95:32:7f:e2:ac:
58:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:D9:0A:D4:44:A9:06:FF:0B:89:80:7D:C0:DE:8C:E8:8B:42:B9:6F
X509v3 Authority Key Identifier:
keyid:84:DB:74:7B:28:97:17:A0:68:4C:D6:AC:82:30:7A:A6:7B:B2:D7:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/09kK1ESpBv8LiYB9wN6M6ItCuW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/hNt0eyiXF6BoTNasgjB6pnuy17s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.110.100.0-195.110.105.255
195.110.107.0/24
195.110.112.0/24
195.110.118.0-195.110.127.255
Signature Algorithm: sha256WithRSAEncryption
c7:93:89:8c:ea:6c:da:3c:dd:6d:37:3f:22:ee:50:2f:76:3e:
5e:3f:fc:e9:86:53:fb:26:79:4b:b1:24:f7:e9:1f:8c:4c:15:
32:7a:c8:9c:6c:83:b1:0d:5f:84:76:1c:c4:ba:60:a9:2c:a3:
00:78:b4:e6:e4:4d:1a:6b:23:b2:d0:9c:ec:f2:d8:58:f1:7f:
b7:c9:f4:39:f9:19:44:4f:c1:63:d2:ba:b6:2d:f0:8c:ae:74:
77:b5:23:1a:20:cd:19:3f:7e:fd:a9:13:28:72:78:10:3a:67:
db:15:f2:18:15:5e:aa:eb:32:4c:5a:0c:9a:d3:0b:b3:06:c2:
75:66:f0:69:fd:62:e4:54:7e:96:0f:09:99:f8:e3:12:57:f8:
58:c7:0d:99:fb:7f:15:4b:08:8e:e8:35:fc:d6:1f:3f:0a:c3:
87:88:f2:5e:6d:2f:61:8b:a8:4d:e6:5c:b0:95:80:f0:a2:34:
9f:c6:0e:bd:6d:22:a8:1a:74:a9:a0:d5:fe:87:2e:4f:3a:36:
70:f1:b5:aa:04:57:71:34:2c:eb:b3:ff:92:e6:7c:d3:6f:aa:
a5:c4:fa:5d:53:04:05:8a:30:ca:eb:cd:69:e9:c0:80:f6:a6:
fb:88:d9:be:34:55:bd:4a:e6:67:fe:d1:a2:e1:c7:a0:c1:f4:
c1:77:73:5e
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQnthVeZW6tnDgbRtGJYOQbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZGI3NDdiMjg5NzE3YTA2ODRjZDZhYzgyMzA3YWE2N2Ji
MmQ3YmIwHhcNMjUwMTAyMTU1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2Q5MGFkNDQ0YTkwNmZmMGI4OTgwN2RjMGRlOGNlODhiNDJiOTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAus0BbS3dohw3dYPtm1FUK/yI1YYp
GOSQ5Ekav8XQMvTUP8uWUQ5s/xPHfqUNA9YdIAAnRS8ko0W0H85JKSquGxy6FL+6
S+ckLgcNcSLH7AJGiPQIo89xnw+n3qZBGU2cGq2lDP5WFURfp/6IV3fzX3ccsSye
2MMMC+/ug/Pt0pRl33tt4YdHBDv8FwqlyGdAuJJ0dLv5xOJFuLO7+1KzaDmmA9EO
oIW0H7wH0Q9jpNhYq96CHn+kM40746F1fLJDzntCRZVIpqrcbmgkEktcpUwrm2Kd
d47FAchXqyDHBz2RcSyOSLhyDLoulpC5uXsRdy+g/SZWbLs/lTJ/4qxYlwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNPZCtREqQb/C4mAfcDejOiLQrlvMB8GA1UdIwQY
MBaAFITbdHsolxegaEzWrIIweqZ7ste7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE50MGV5aVhGNkJvVE5hc2dqQjZwbnV5MTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83MTQyYjEtNzA5MS00ZDNhLWJkNmQt
OWZlN2VlOWMwMzY4LzEvMDlrSzFFU3BCdjhMaVlCOXdONk02SXRDdVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83MTQyYjEtNzA5MS00ZDNhLWJkNmQtOWZlN2VlOWMwMzY4
LzEvaE50MGV5aVhGNkJvVE5hc2dqQjZwbnV5MTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBALDbmQD
BAHDbmgDBADDbmsDBADDbnAwDAMEAcNudgMEB8NuADANBgkqhkiG9w0BAQsFAAOC
AQEAx5OJjOps2jzdbTc/Iu5QL3Y+Xj/86YZT+yZ5S7Ek9+kfjEwVMnrInGyDsQ1f
hHYcxLpgqSyjAHi05uRNGmsjstCc7PLYWPF/t8n0OfkZRE/BY9K6ti3wjK50d7Uj
GiDNGT9+/akTKHJ4EDpn2xXyGBVequsyTFoMmtMLswbCdWbwaf1i5FR+lg8Jmfjj
Elf4WMcNmft/FUsIjug1/NYfPwrDh4jyXm0vYYuoTeZcsJWA8KI0n8YOvW0iqBp0
qaDV/ocuTzo2cPG1qgRXcTQs67P/kuZ802+qpcT6XVMEBYowyuvNaenAgPam+4jZ
vjRVvUrmZ/7RouHHoMH0wXdzXg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:56:22 2025 by rpki-client