Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/lAb9RBA01K4gUbdUlXjRheZBvO0.roa
File: lAb9RBA01K4gUbdUlXjRheZBvO0.roa (raw, json)
Hash identifier: zjGOSVwUy9hMnYD8GEG9lZULYJEj9vGVyVzW3rH4iO0=
Subject key identifier: 94:06:FD:44:10:34:D4:AE:20:51:B7:54:95:78:D1:85:E6:41:BC:ED
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 01942827ABA69751387B81982E387946804F
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/lAb9RBA01K4gUbdUlXjRheZBvO0.roa
Signing time: Thu 02 Jan 2025 17:54:35 +0000
ROA not before: Thu 02 Jan 2025 17:54:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 195.216.162.0/23 maxlen: 23
195.216.168.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:ab:a6:97:51:38:7b:81:98:2e:38:79:46:80:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jan 2 17:54:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9406fd441034d4ae2051b7549578d185e641bced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e6:a5:75:0b:c9:e6:93:67:f2:62:88:54:48:
ae:4a:56:41:fd:06:2e:09:44:08:01:54:fc:ab:84:
5c:34:68:ae:df:1b:61:86:11:b1:f0:9d:bc:a1:13:
65:cd:9a:43:d8:7b:c4:15:38:87:04:96:a5:47:e7:
c1:33:b2:55:7d:0e:a7:7d:ee:2e:8a:2c:aa:e7:5f:
a9:04:b8:35:ac:2c:f6:51:a8:ae:f5:c8:63:44:0b:
cf:17:37:ad:06:07:10:6d:e2:01:e2:f4:59:d4:2a:
08:fd:31:29:50:4b:d5:68:1c:b3:da:31:8b:d1:9a:
2d:30:7f:f5:fa:37:e5:37:4d:e9:54:d4:01:a5:31:
ea:71:f5:f6:69:df:42:ef:3f:37:cc:ad:78:04:8b:
6a:8d:20:a4:fa:33:be:72:09:34:84:c3:3b:72:ed:
f5:35:e7:15:31:82:c0:d6:7e:e5:7c:88:4a:3b:1b:
ba:b1:04:88:07:84:81:ef:d8:ea:3e:c3:48:05:0c:
ca:bc:13:b7:80:e8:1e:59:08:50:b8:47:f0:a9:0a:
0a:0a:1e:97:98:a1:3b:6d:d0:e8:4c:f4:3e:09:b4:
59:35:3d:e2:75:0a:82:87:09:53:1f:70:30:b3:2b:
37:64:18:95:e6:fd:36:87:2d:6e:d8:c0:c3:5b:fd:
72:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:06:FD:44:10:34:D4:AE:20:51:B7:54:95:78:D1:85:E6:41:BC:ED
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/lAb9RBA01K4gUbdUlXjRheZBvO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.162.0/23
195.216.168.0/21
Signature Algorithm: sha256WithRSAEncryption
15:9e:67:f9:af:b1:00:fb:77:c6:f4:68:fc:90:cb:2a:03:5e:
6d:b0:1d:45:75:99:07:cf:0e:90:65:8f:1d:8c:b1:fb:ec:5e:
66:e4:52:0a:94:f8:c9:b2:72:0d:1c:b8:f6:36:8a:16:11:36:
76:86:18:9f:a0:40:bd:1b:d5:7c:3e:8c:1e:f7:9b:8a:e3:ae:
2d:26:28:ca:86:74:eb:57:fc:bc:bd:31:cb:1b:68:c4:1b:db:
48:c0:0c:f1:41:9f:7e:42:cd:4e:77:6a:03:fb:bf:db:d8:4d:
a1:14:9d:1c:8a:19:c7:49:63:bb:df:5e:40:b2:fb:66:30:24:
ec:24:f9:9c:2b:cc:87:2d:b7:ce:6f:39:57:82:5b:7e:6d:95:
68:df:b3:64:b7:e4:4e:4b:bd:66:ad:46:76:c1:17:c3:c8:1c:
82:1e:66:28:ff:bb:39:5b:da:de:e4:09:f7:be:27:43:e7:5f:
27:a8:41:9f:c3:4e:8d:fb:17:33:51:8a:ed:2d:9d:88:03:64:
de:ed:d5:f0:ce:14:08:9d:c6:c3:73:c7:6d:f8:c4:f7:c5:3c:
68:b1:e2:68:06:f8:21:df:64:e3:5c:1e:19:2e:9b:cb:4f:99:
e7:12:4c:5b:4f:60:37:ac:95:f6:86:c4:bc:98:f2:4d:60:12:
2a:4f:36:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJ6uml1E4e4GYLjh5RoBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwMTAyMTc1NDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDA2ZmQ0NDEwMzRkNGFlMjA1MWI3NTQ5NTc4ZDE4NWU2NDFiY2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OaldQvJ5pNn8mKIVEiuSlZB/QYu
CUQIAVT8q4RcNGiu3xthhhGx8J28oRNlzZpD2HvEFTiHBJalR+fBM7JVfQ6nfe4u
iiyq51+pBLg1rCz2Uaiu9chjRAvPFzetBgcQbeIB4vRZ1CoI/TEpUEvVaByz2jGL
0ZotMH/1+jflN03pVNQBpTHqcfX2ad9C7z83zK14BItqjSCk+jO+cgk0hMM7cu31
NecVMYLA1n7lfIhKOxu6sQSIB4SB79jqPsNIBQzKvBO3gOgeWQhQuEfwqQoKCh6X
mKE7bdDoTPQ+CbRZNT3idQqChwlTH3Awsys3ZBiV5v02hy1u2MDDW/1yiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJQG/UQQNNSuIFG3VJV40YXmQbztMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvbEFiOVJCQTAxSzRnVWJkVWxYalJoZVpCdk8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw9iiAwQD
w9ioMA0GCSqGSIb3DQEBCwUAA4IBAQAVnmf5r7EA+3fG9Gj8kMsqA15tsB1FdZkH
zw6QZY8djLH77F5m5FIKlPjJsnINHLj2NooWETZ2hhifoEC9G9V8Powe95uK464t
JijKhnTrV/y8vTHLG2jEG9tIwAzxQZ9+Qs1Od2oD+7/b2E2hFJ0cihnHSWO7315A
svtmMCTsJPmcK8yHLbfObzlXglt+bZVo37Nkt+ROS71mrUZ2wRfDyByCHmYo/7s5
W9re5An3vidD518nqEGfw06N+xczUYrtLZ2IA2Te7dXwzhQIncbDc8dt+MT3xTxo
seJoBvgh32TjXB4ZLpvLT5nnEkxbT2A3rJX2hsS8mPJNYBIqTzbt
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:13:17 2025 by rpki-client