Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/633vYI0vgawtTiAsAfetuclpLa4.roa
File: 633vYI0vgawtTiAsAfetuclpLa4.roa (raw, json)
Hash identifier: QZjDUE+Ik13/OlCkdc+ycs4ujBDr7OuwjAkTuz9Kz8Q=
Subject key identifier: EB:7D:EF:60:8D:2F:81:AC:2D:4E:20:2C:01:F7:AD:B9:C9:69:2D:AE
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 01943F6AEAEC85A3371732AA75E38B029C4A
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/633vYI0vgawtTiAsAfetuclpLa4.roa
Signing time: Tue 07 Jan 2025 06:19:19 +0000
ROA not before: Tue 07 Jan 2025 06:19:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200202
IP address blocks: 195.216.187.0/24 maxlen: 24
195.216.190.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3f:6a:ea:ec:85:a3:37:17:32:aa:75:e3:8b:02:9c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jan 7 06:19:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb7def608d2f81ac2d4e202c01f7adb9c9692dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:22:05:31:d3:ad:31:9b:fa:d0:b7:db:8a:5c:
df:e4:79:37:a8:7b:a4:58:11:5f:2a:bb:3b:f2:e1:
30:6f:ea:ff:e0:b5:e3:d7:dc:fa:e3:bc:0d:26:be:
de:1d:68:8e:3d:3e:28:eb:cd:90:42:b0:31:11:39:
6c:39:2a:9d:d6:2c:2b:ab:8c:db:70:01:22:19:b5:
02:7b:2e:36:96:b6:97:cc:bb:16:d7:f5:6e:91:76:
6e:d2:90:d7:fb:4e:3b:be:bd:61:ce:f5:ee:69:d4:
93:76:ca:b8:af:76:36:d2:d3:2d:7e:be:a9:af:01:
70:55:55:ba:d7:85:8e:8a:f7:37:3c:cc:f0:68:6d:
fb:02:df:a3:1f:72:d4:3f:dc:a6:c4:14:51:04:a7:
2d:0a:dd:81:8d:08:a7:db:99:ea:9f:86:7b:14:9b:
25:fa:21:31:3e:50:8b:6d:bb:8b:b2:fa:a3:ff:da:
65:52:05:a7:e6:1c:b2:f9:5a:dd:74:e2:e6:c0:96:
d4:a3:5a:d7:62:b9:a7:83:09:f9:db:ca:99:f3:aa:
38:76:c3:9b:bf:66:b6:42:0d:71:bd:eb:98:24:ed:
8a:47:88:3a:6d:5e:04:32:f4:6b:54:61:09:52:1b:
3b:04:e5:4d:d1:ae:71:83:62:bf:81:1e:c2:56:d9:
6e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:7D:EF:60:8D:2F:81:AC:2D:4E:20:2C:01:F7:AD:B9:C9:69:2D:AE
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/633vYI0vgawtTiAsAfetuclpLa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.187.0/24
195.216.190.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:e9:29:2a:77:dc:67:1d:48:9e:e5:8d:9a:f1:ca:11:90:e4:
f4:9b:3c:f1:34:df:fb:1e:ff:19:d9:9a:c9:ac:55:7c:c5:a6:
d9:bb:52:c4:15:a2:fe:9c:7b:e2:a2:47:03:71:ba:8f:12:10:
9b:23:9c:65:21:3d:24:fc:0f:ac:cd:41:f5:5f:af:31:ec:be:
23:0d:1a:51:2f:7b:5e:8a:ce:b1:47:9d:79:f3:43:2f:b7:7c:
b5:b7:d7:45:0d:19:a9:08:06:14:85:b5:38:4e:93:4e:f3:1b:
2e:09:aa:30:e2:56:b1:49:59:a6:4d:59:2c:ca:24:de:b5:1c:
12:a7:59:aa:f6:35:26:24:04:0d:c5:53:be:9f:d4:d1:b3:ce:
56:18:9d:22:b6:d2:c7:ed:ce:c3:25:ca:52:ee:e1:7f:23:bf:
45:0a:33:6f:97:39:52:b8:af:c1:32:b5:36:08:ba:53:f4:6e:
75:66:9f:ca:68:88:b0:44:8b:8c:e7:74:7d:77:36:2a:b4:53:
37:b0:6f:d7:4c:b6:7e:0c:30:8c:5f:40:66:61:d0:a2:ee:54:
52:8e:a7:99:99:b2:fa:cc:14:d3:0e:02:58:48:d1:36:a5:8e:
ff:ee:8b:a8:a6:36:44:d6:50:77:54:c9:42:52:86:55:af:16:
69:a8:95:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQ/aurshaM3FzKqdeOLApxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwMTA3MDYxOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjdkZWY2MDhkMmY4MWFjMmQ0ZTIwMmMwMWY3YWRiOWM5NjkyZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CIFMdOtMZv60Lfbilzf5Hk3qHuk
WBFfKrs78uEwb+r/4LXj19z647wNJr7eHWiOPT4o682QQrAxETlsOSqd1iwrq4zb
cAEiGbUCey42lraXzLsW1/VukXZu0pDX+047vr1hzvXuadSTdsq4r3Y20tMtfr6p
rwFwVVW614WOivc3PMzwaG37At+jH3LUP9ymxBRRBKctCt2BjQin25nqn4Z7FJsl
+iExPlCLbbuLsvqj/9plUgWn5hyy+VrddOLmwJbUo1rXYrmngwn528qZ86o4dsOb
v2a2Qg1xveuYJO2KR4g6bV4EMvRrVGEJUhs7BOVN0a5xg2K/gR7CVtlukwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOt972CNL4GsLU4gLAH3rbnJaS2uMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvNjMzdllJMHZnYXd0VGlBc0FmZXR1Y2xwTGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw9i7AwQA
w9i+MA0GCSqGSIb3DQEBCwUAA4IBAQB/6Skqd9xnHUie5Y2a8coRkOT0mzzxNN/7
Hv8Z2ZrJrFV8xabZu1LEFaL+nHviokcDcbqPEhCbI5xlIT0k/A+szUH1X68x7L4j
DRpRL3teis6xR51580Mvt3y1t9dFDRmpCAYUhbU4TpNO8xsuCaow4laxSVmmTVks
yiTetRwSp1mq9jUmJAQNxVO+n9TRs85WGJ0ittLH7c7DJcpS7uF/I79FCjNvlzlS
uK/BMrU2CLpT9G51Zp/KaIiwRIuM53R9dzYqtFM3sG/XTLZ+DDCMX0BmYdCi7lRS
jqeZmbL6zBTTDgJYSNE2pY7/7ouopjZE1lB3VMlCUoZVrxZpqJVV
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:44:53 2025 by rpki-client