Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/0683c3-61f9-4db8-94a8-5bdf61551a06/1/CkBOc7z4kdZJGb4-90X6hX6L7jo.roa
File: CkBOc7z4kdZJGb4-90X6hX6L7jo.roa (raw, json)
Hash identifier: 2s0FvcQyY/vg4fHm2yrRgYb/gxmRARkKeZ3RrkEOVnA=
Subject key identifier: 0A:40:4E:73:BC:F8:91:D6:49:19:BE:3E:F7:45:FA:85:7E:8B:EE:3A
Certificate issuer: /CN=ccf292d82c0a2252dd3285a287331f4450ed359a
Certificate serial: 0194228D0AAFAC86CEE0265D0465A1510C5F
Authority key identifier: CC:F2:92:D8:2C:0A:22:52:DD:32:85:A2:87:33:1F:44:50:ED:35:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zPKS2CwKIlLdMoWihzMfRFDtNZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/0683c3-61f9-4db8-94a8-5bdf61551a06/1/CkBOc7z4kdZJGb4-90X6hX6L7jo.roa
Signing time: Wed 01 Jan 2025 15:47:36 +0000
ROA not before: Wed 01 Jan 2025 15:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2027
IP address blocks: 195.20.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:0a:af:ac:86:ce:e0:26:5d:04:65:a1:51:0c:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccf292d82c0a2252dd3285a287331f4450ed359a
Validity
Not Before: Jan 1 15:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a404e73bcf891d64919be3ef745fa857e8bee3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:89:97:7a:ef:1d:fa:95:a1:f6:dc:6d:93:21:
e8:6d:db:5c:e9:38:22:ae:77:d5:b7:93:29:97:10:
76:c7:19:9a:16:35:13:c5:32:3c:1b:8f:13:6e:a5:
88:18:9c:cf:e5:7b:79:2f:ca:a3:f7:e5:f1:6c:0f:
7b:cf:5e:e9:4f:ff:30:d3:c2:7f:f1:12:9e:be:4b:
8f:bd:c9:f9:d6:94:26:23:97:9c:66:f1:49:b5:bc:
2e:6b:65:6d:61:a5:89:bb:96:61:e1:0f:da:5e:ac:
0d:a9:f1:4e:57:6b:6a:4e:c7:fb:ff:16:46:2e:d7:
9e:b1:fc:20:05:61:84:a2:62:33:a8:24:50:3d:80:
74:23:87:e9:0f:6a:70:fd:d1:4b:f0:20:a7:1d:f1:
7a:39:65:4f:e3:69:e6:5e:79:7d:7e:d3:5a:c6:58:
74:74:62:ef:92:eb:86:73:78:b1:23:60:63:19:9f:
b7:73:93:4f:98:53:a2:6a:e4:fb:90:6d:cb:83:df:
08:88:c0:13:9d:62:73:ab:68:f8:a7:f1:9b:6f:db:
69:88:2d:b8:45:28:ed:13:36:4f:c4:13:f2:e1:14:
6e:ef:c1:d6:d3:e5:67:97:ae:1c:26:ec:7d:13:15:
d6:26:e6:4f:f8:ec:f2:ba:31:6a:7b:1a:a8:26:63:
83:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:40:4E:73:BC:F8:91:D6:49:19:BE:3E:F7:45:FA:85:7E:8B:EE:3A
X509v3 Authority Key Identifier:
keyid:CC:F2:92:D8:2C:0A:22:52:DD:32:85:A2:87:33:1F:44:50:ED:35:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zPKS2CwKIlLdMoWihzMfRFDtNZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/0683c3-61f9-4db8-94a8-5bdf61551a06/1/CkBOc7z4kdZJGb4-90X6hX6L7jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/0683c3-61f9-4db8-94a8-5bdf61551a06/1/zPKS2CwKIlLdMoWihzMfRFDtNZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.209.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:2b:5d:46:fa:38:79:39:08:81:df:d4:0c:e9:63:a0:3c:fe:
8f:d3:8b:f8:87:9d:45:8a:cd:83:6b:02:9b:a0:7c:8a:50:b9:
34:3b:c4:bd:a9:db:17:9b:e5:55:4a:66:42:d8:92:1e:5f:1d:
a0:29:b6:0a:bd:fd:5e:7c:c3:c3:d3:b0:19:1b:4b:2d:1c:b5:
24:37:87:ef:64:ed:0b:df:f4:27:01:bd:f9:50:5a:c3:b7:07:
30:6c:39:51:86:4b:6d:8e:0f:50:50:a5:70:ab:c4:84:b5:49:
8d:e9:4d:b8:46:2f:5e:04:4a:57:17:ec:cb:c3:b8:30:68:69:
41:76:9d:c2:27:75:12:1a:e5:2e:0a:f9:a7:e9:93:61:b9:89:
1a:89:aa:df:0a:0b:7a:be:7e:f5:9b:94:4d:c8:61:8d:29:89:
02:69:06:c7:d8:1d:41:95:85:b3:13:8d:48:4f:e7:f9:f4:b3:
9c:84:30:05:54:26:b2:88:4a:bb:b2:ab:d3:5f:c8:01:82:04:
f1:96:93:a5:1e:7d:e2:a8:dc:f4:21:20:a0:15:7c:06:45:7b:
ff:d5:0b:fc:05:ba:93:96:20:35:d4:3a:01:f8:e0:c2:ba:19:
14:cb:2c:87:a6:b4:87:98:d1:25:64:d8:11:9a:10:33:b9:fd:
72:fd:eb:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijQqvrIbO4CZdBGWhUQxfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZjI5MmQ4MmMwYTIyNTJkZDMyODVhMjg3MzMxZjQ0NTBl
ZDM1OWEwHhcNMjUwMTAxMTU0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQwNGU3M2JjZjg5MWQ2NDkxOWJlM2VmNzQ1ZmE4NTdlOGJlZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34mXeu8d+pWh9txtkyHobdtc6Tgi
rnfVt5MplxB2xxmaFjUTxTI8G48TbqWIGJzP5Xt5L8qj9+XxbA97z17pT/8w08J/
8RKevkuPvcn51pQmI5ecZvFJtbwua2VtYaWJu5Zh4Q/aXqwNqfFOV2tqTsf7/xZG
LteesfwgBWGEomIzqCRQPYB0I4fpD2pw/dFL8CCnHfF6OWVP42nmXnl9ftNaxlh0
dGLvkuuGc3ixI2BjGZ+3c5NPmFOiauT7kG3Lg98IiMATnWJzq2j4p/Gbb9tpiC24
RSjtEzZPxBPy4RRu78HW0+Vnl64cJux9ExXWJuZP+OzyujFqexqoJmODPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFApATnO8+JHWSRm+PvdF+oV+i+46MB8GA1UdIwQY
MBaAFMzyktgsCiJS3TKFooczH0RQ7TWaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelBLUzJDd0tJbExkTW9XaWh6TWZSRkR0TlpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8wNjgzYzMtNjFmOS00ZGI4LTk0YTgt
NWJkZjYxNTUxYTA2LzEvQ2tCT2M3ejRrZFpKR2I0LTkwWDZoWDZMN2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8wNjgzYzMtNjFmOS00ZGI4LTk0YTgtNWJkZjYxNTUxYTA2
LzEvelBLUzJDd0tJbExkTW9XaWh6TWZSRkR0TlpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxTRMA0G
CSqGSIb3DQEBCwUAA4IBAQCoK11G+jh5OQiB39QM6WOgPP6P04v4h51Fis2DawKb
oHyKULk0O8S9qdsXm+VVSmZC2JIeXx2gKbYKvf1efMPD07AZG0stHLUkN4fvZO0L
3/QnAb35UFrDtwcwbDlRhkttjg9QUKVwq8SEtUmN6U24Ri9eBEpXF+zLw7gwaGlB
dp3CJ3USGuUuCvmn6ZNhuYkaiarfCgt6vn71m5RNyGGNKYkCaQbH2B1BlYWzE41I
T+f59LOchDAFVCayiEq7sqvTX8gBggTxlpOlHn3iqNz0ISCgFXwGRXv/1Qv8BbqT
liA11DoB+ODCuhkUyyyHprSHmNElZNgRmhAzuf1y/es2
-----END CERTIFICATE-----
Generated at Fri Apr 25 23:21:28 2025 by rpki-client