Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/f3e67a-cfd7-4745-82b7-2d90c7fd0d60/1/xtLurjJMXgwePFKUT7vd_Bs7y4g.roa
File: xtLurjJMXgwePFKUT7vd_Bs7y4g.roa (raw, json)
Hash identifier: 9QOnyZtRBS25fvMRFyNZdyW0R5uMOP/pXW6ujcGtyGI=
Subject key identifier: C6:D2:EE:AE:32:4C:5E:0C:1E:3C:52:94:4F:BB:DD:FC:1B:3B:CB:88
Certificate issuer: /CN=34c4956f85671125882c574cd2e2d203aabded05
Certificate serial: 01942745C0EE04F4599C6A1FDA4D530B82A4
Authority key identifier: 34:C4:95:6F:85:67:11:25:88:2C:57:4C:D2:E2:D2:03:AA:BD:ED:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NMSVb4VnESWILFdM0uLSA6q97QU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/f3e67a-cfd7-4745-82b7-2d90c7fd0d60/1/xtLurjJMXgwePFKUT7vd_Bs7y4g.roa
Signing time: Thu 02 Jan 2025 13:47:50 +0000
ROA not before: Thu 02 Jan 2025 13:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29042
IP address blocks: 195.68.198.0/24 maxlen: 24
195.68.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:45:c0:ee:04:f4:59:9c:6a:1f:da:4d:53:0b:82:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34c4956f85671125882c574cd2e2d203aabded05
Validity
Not Before: Jan 2 13:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6d2eeae324c5e0c1e3c52944fbbddfc1b3bcb88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:54:8a:74:56:7a:52:26:21:17:cb:20:d2:da:
e4:5b:ca:52:33:ab:15:4d:64:68:93:34:84:79:61:
e3:f6:a4:24:2a:d0:44:e6:86:ad:ca:34:3f:b4:87:
cd:58:2e:96:6c:ab:31:ec:e7:58:a2:3e:ad:c2:e8:
4f:54:c0:31:80:da:cb:1e:67:2f:5a:f2:9b:ed:9c:
0e:91:da:03:d0:73:83:ca:0f:e0:0f:63:b7:c1:ea:
fd:15:72:7a:c4:0a:8f:61:1d:d3:53:f2:0a:9e:ee:
3b:72:70:4d:81:db:00:23:94:6a:b0:d6:e5:c4:d5:
30:0f:7e:c9:90:b5:ff:ee:aa:d0:8d:08:bd:6a:a4:
a3:2f:d4:38:e8:28:8c:77:82:72:ba:a0:b3:2b:94:
30:7e:ce:db:cf:94:7f:7a:d6:c6:b0:f0:65:b1:a5:
73:88:3e:f8:1c:a0:64:1c:4c:0e:6c:e4:42:d0:3b:
a7:e7:6d:20:a2:aa:66:90:f5:5e:cf:c1:72:b9:e0:
0d:fb:40:15:01:17:35:ee:d7:a4:8f:25:43:c3:99:
f1:9f:49:d5:e2:e4:35:c4:e7:b2:3d:32:40:47:7e:
fa:a6:02:2f:b6:91:d0:3d:64:b5:26:fc:cd:7e:7a:
cf:a8:0d:58:a4:d0:af:ab:9a:5a:fc:5a:77:6e:e5:
80:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D2:EE:AE:32:4C:5E:0C:1E:3C:52:94:4F:BB:DD:FC:1B:3B:CB:88
X509v3 Authority Key Identifier:
keyid:34:C4:95:6F:85:67:11:25:88:2C:57:4C:D2:E2:D2:03:AA:BD:ED:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NMSVb4VnESWILFdM0uLSA6q97QU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f3e67a-cfd7-4745-82b7-2d90c7fd0d60/1/xtLurjJMXgwePFKUT7vd_Bs7y4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f3e67a-cfd7-4745-82b7-2d90c7fd0d60/1/NMSVb4VnESWILFdM0uLSA6q97QU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.68.198.0/23
Signature Algorithm: sha256WithRSAEncryption
49:db:23:c9:b3:8b:b4:34:19:30:0a:30:23:3a:25:30:59:bc:
ad:74:9c:92:dc:40:5d:02:f5:2a:9a:50:37:dd:23:d1:3a:c2:
3b:79:77:9a:18:1b:9c:00:e8:4d:2c:ac:9b:08:bd:a2:a4:08:
d8:27:cb:c9:9c:73:6a:35:64:f9:61:37:34:6d:cf:93:9b:31:
96:a9:62:c1:df:00:9e:97:2f:0f:44:72:3b:8a:5d:7e:86:85:
84:09:04:6b:c4:df:c6:ec:63:f0:80:20:dd:0e:e4:f5:7d:93:
4e:ee:39:5d:46:44:60:1c:e7:a3:e4:cb:07:96:69:03:d3:1f:
31:08:5a:2f:9d:eb:e9:e2:06:dc:c0:e5:aa:cf:f6:90:7b:c3:
9a:e5:f5:dd:b8:7a:9b:5f:88:a8:f1:f3:17:d2:23:d1:3d:a5:
2f:3d:4b:5c:84:8e:8a:b2:e2:73:39:a6:1c:43:e1:3e:60:36:
68:e1:60:b6:bc:74:ef:3e:ad:5e:36:52:2c:d7:d4:1f:99:9c:
e0:4c:09:f7:4c:84:4a:a5:8b:a0:9e:b4:f7:41:5a:7b:12:6c:
5a:4d:a9:33:7a:60:dd:b3:a0:b7:dd:46:ae:56:2b:d4:bb:68:
ca:c9:29:40:37:15:6b:a8:69:0e:0d:f6:62:c2:da:3b:30:69:
3b:38:a7:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRcDuBPRZnGof2k1TC4KkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YzQ5NTZmODU2NzExMjU4ODJjNTc0Y2QyZTJkMjAzYWFi
ZGVkMDUwHhcNMjUwMTAyMTM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmQyZWVhZTMyNGM1ZTBjMWUzYzUyOTQ0ZmJiZGRmYzFiM2JjYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFSKdFZ6UiYhF8sg0trkW8pSM6sV
TWRokzSEeWHj9qQkKtBE5oatyjQ/tIfNWC6WbKsx7OdYoj6twuhPVMAxgNrLHmcv
WvKb7ZwOkdoD0HODyg/gD2O3wer9FXJ6xAqPYR3TU/IKnu47cnBNgdsAI5RqsNbl
xNUwD37JkLX/7qrQjQi9aqSjL9Q46CiMd4JyuqCzK5Qwfs7bz5R/etbGsPBlsaVz
iD74HKBkHEwObORC0Dun520goqpmkPVez8FyueAN+0AVARc17tekjyVDw5nxn0nV
4uQ1xOeyPTJAR376pgIvtpHQPWS1JvzNfnrPqA1YpNCvq5pa/Fp3buWAHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMbS7q4yTF4MHjxSlE+73fwbO8uIMB8GA1UdIwQY
MBaAFDTElW+FZxEliCxXTNLi0gOqve0FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk1TVmI0Vm5FU1dJTEZkTTB1TFNBNnE5N1FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9mM2U2N2EtY2ZkNy00NzQ1LTgyYjct
MmQ5MGM3ZmQwZDYwLzEveHRMdXJqSk1YZ3dlUEZLVVQ3dmRfQnM3eTRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9mM2U2N2EtY2ZkNy00NzQ1LTgyYjctMmQ5MGM3ZmQwZDYw
LzEvTk1TVmI0Vm5FU1dJTEZkTTB1TFNBNnE5N1FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw0TGMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ2yPJs4u0NBkwCjAjOiUwWbytdJyS3EBdAvUqmlA3
3SPROsI7eXeaGBucAOhNLKybCL2ipAjYJ8vJnHNqNWT5YTc0bc+TmzGWqWLB3wCe
ly8PRHI7il1+hoWECQRrxN/G7GPwgCDdDuT1fZNO7jldRkRgHOej5MsHlmkD0x8x
CFovnevp4gbcwOWqz/aQe8Oa5fXduHqbX4io8fMX0iPRPaUvPUtchI6KsuJzOaYc
Q+E+YDZo4WC2vHTvPq1eNlIs19QfmZzgTAn3TIRKpYugnrT3QVp7EmxaTakzemDd
s6C33UauVivUu2jKySlANxVrqGkODfZiwto7MGk7OKc+
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:42:00 2025 by rpki-client