Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/c4e7e9-f6be-41a3-a459-195389330edf/1/36ETTT31Rv9Wj7u6PqyJTy0CjDw.roa
File: 36ETTT31Rv9Wj7u6PqyJTy0CjDw.roa (raw, json)
Hash identifier: tx94g3vqrXkgyvU4ElzQ7jsADUb8XlCc6Q0poIVPLl8=
Subject key identifier: DF:A1:13:4D:3D:F5:46:FF:56:8F:BB:BA:3E:AC:89:4F:2D:02:8C:3C
Certificate issuer: /CN=bf817dc8552df3610ffc45441b3f81464e489dc8
Certificate serial: 019421B2573AC705770D97DBA42276AB866C
Authority key identifier: BF:81:7D:C8:55:2D:F3:61:0F:FC:45:44:1B:3F:81:46:4E:48:9D:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4F9yFUt82EP_EVEGz-BRk5Incg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/c4e7e9-f6be-41a3-a459-195389330edf/1/36ETTT31Rv9Wj7u6PqyJTy0CjDw.roa
Signing time: Wed 01 Jan 2025 11:48:43 +0000
ROA not before: Wed 01 Jan 2025 11:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39029
IP address blocks: 195.88.54.0/23 maxlen: 24
2001:67c:21e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:57:3a:c7:05:77:0d:97:db:a4:22:76:ab:86:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf817dc8552df3610ffc45441b3f81464e489dc8
Validity
Not Before: Jan 1 11:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfa1134d3df546ff568fbbba3eac894f2d028c3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f3:2e:37:1d:db:d0:47:fc:f8:0c:07:e1:78:
a9:b2:27:8f:51:5e:15:90:bd:66:78:9d:df:d7:c1:
c8:11:e7:62:ac:be:79:17:a1:f7:94:95:ba:c7:5a:
14:12:33:89:68:84:01:a8:25:e9:f7:01:62:e5:29:
25:6b:ae:ce:05:6e:b5:67:aa:3a:14:75:bf:78:69:
44:f7:e3:14:d6:01:c9:98:8e:38:6f:5c:ee:56:6f:
15:eb:9d:6c:55:0f:ae:54:8a:9a:46:01:15:d7:de:
67:5a:a4:2b:de:46:14:bb:8a:56:41:06:b2:f5:7f:
50:51:f3:e1:e0:fc:7c:e4:38:f3:47:1b:3c:de:3c:
7a:be:e1:74:e2:bd:55:15:ac:dc:d5:0c:9a:d3:01:
42:f1:62:36:8f:37:06:1c:b4:cc:00:bf:89:35:7e:
05:5f:07:a6:4a:0b:6a:2d:25:83:46:87:3f:2b:25:
4c:d0:66:c7:cc:ff:96:b5:07:31:ee:b9:4c:9a:ee:
3d:e0:72:87:fc:3c:d1:f9:aa:7c:1c:94:82:f8:96:
46:11:54:93:79:f1:ef:04:44:9e:d9:65:0a:ba:8c:
75:57:9e:74:6a:9b:d2:a9:e6:84:d7:9d:86:ae:ae:
d7:83:f1:30:0e:12:4e:42:02:c0:83:7b:14:c7:ed:
58:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A1:13:4D:3D:F5:46:FF:56:8F:BB:BA:3E:AC:89:4F:2D:02:8C:3C
X509v3 Authority Key Identifier:
keyid:BF:81:7D:C8:55:2D:F3:61:0F:FC:45:44:1B:3F:81:46:4E:48:9D:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4F9yFUt82EP_EVEGz-BRk5Incg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c4e7e9-f6be-41a3-a459-195389330edf/1/36ETTT31Rv9Wj7u6PqyJTy0CjDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c4e7e9-f6be-41a3-a459-195389330edf/1/v4F9yFUt82EP_EVEGz-BRk5Incg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.54.0/23
IPv6:
2001:67c:21e0::/48
Signature Algorithm: sha256WithRSAEncryption
9d:f5:5e:f7:c9:f6:c7:01:f9:71:f0:b8:66:a2:82:e1:35:21:
37:b6:43:fc:4f:00:e0:7e:15:fd:74:dc:83:43:ea:72:ab:92:
0a:27:8c:5f:17:34:6c:a7:65:e0:63:d3:97:1b:3c:a2:72:19:
3a:48:c4:9a:25:32:b7:67:fd:9d:1c:c9:fd:bf:9a:99:a6:74:
f4:a1:30:13:ec:d4:44:28:f6:10:47:e9:67:17:cb:f0:58:0a:
d1:05:67:4a:f4:27:f2:06:5a:0f:f7:ab:e3:b3:b5:12:00:ca:
dc:59:c9:fb:6c:e3:ca:cc:f4:be:77:f4:4d:09:91:c9:5b:5a:
9c:b4:22:10:29:11:3c:10:91:01:7b:f6:8b:a6:af:33:07:d1:
5c:f9:de:81:e4:a0:bc:a6:e3:27:3b:c7:f8:db:1d:16:f8:0e:
eb:77:b5:02:48:b2:58:ac:25:33:89:f1:ef:66:83:30:14:e4:
ca:b4:26:09:f4:fd:01:8b:a4:90:64:52:bd:15:f7:cc:24:0b:
70:2e:18:a4:e6:e7:7b:01:d9:d8:3e:4c:76:da:b5:c2:73:b1:
32:c1:b5:ca:3e:2e:43:15:73:0b:cf:0b:1a:a5:56:8e:bb:b1:
9b:d4:ac:fb:44:b3:7d:f2:6b:67:f8:ec:75:e7:51:59:a0:e8:
0f:f3:cd:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhslc6xwV3DZfbpCJ2q4ZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODE3ZGM4NTUyZGYzNjEwZmZjNDU0NDFiM2Y4MTQ2NGU0
ODlkYzgwHhcNMjUwMTAxMTE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmExMTM0ZDNkZjU0NmZmNTY4ZmJiYmEzZWFjODk0ZjJkMDI4YzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PMuNx3b0Ef8+AwH4XipsiePUV4V
kL1meJ3f18HIEedirL55F6H3lJW6x1oUEjOJaIQBqCXp9wFi5Skla67OBW61Z6o6
FHW/eGlE9+MU1gHJmI44b1zuVm8V651sVQ+uVIqaRgEV195nWqQr3kYUu4pWQQay
9X9QUfPh4Px85DjzRxs83jx6vuF04r1VFazc1Qya0wFC8WI2jzcGHLTMAL+JNX4F
XwemSgtqLSWDRoc/KyVM0GbHzP+WtQcx7rlMmu494HKH/DzR+ap8HJSC+JZGEVST
efHvBESe2WUKuox1V550apvSqeaE152Grq7Xg/EwDhJOQgLAg3sUx+1YSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN+hE0099Ub/Vo+7uj6siU8tAow8MB8GA1UdIwQY
MBaAFL+BfchVLfNhD/xFRBs/gUZOSJ3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRGOXlGVXQ4MkVQX0VWRUd6LUJSazVJbmNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jNGU3ZTktZjZiZS00MWEzLWE0NTkt
MTk1Mzg5MzMwZWRmLzEvMzZFVFRUMzFSdjlXajd1NlBxeUpUeTBDakR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jNGU3ZTktZjZiZS00MWEzLWE0NTktMTk1Mzg5MzMwZWRm
LzEvdjRGOXlGVXQ4MkVQX0VWRUd6LUJSazVJbmNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw1g2MA8E
AgACMAkDBwAgAQZ8IeAwDQYJKoZIhvcNAQELBQADggEBAJ31XvfJ9scB+XHwuGai
guE1ITe2Q/xPAOB+Ff103IND6nKrkgonjF8XNGynZeBj05cbPKJyGTpIxJolMrdn
/Z0cyf2/mpmmdPShMBPs1EQo9hBH6WcXy/BYCtEFZ0r0J/IGWg/3q+OztRIAytxZ
yfts48rM9L539E0JkclbWpy0IhApETwQkQF79oumrzMH0Vz53oHkoLym4yc7x/jb
HRb4Dut3tQJIslisJTOJ8e9mgzAU5Mq0Jgn0/QGLpJBkUr0V98wkC3AuGKTm53sB
2dg+THbatcJzsTLBtco+LkMVcwvPCxqlVo67sZvUrPtEs33ya2f47HXnUVmg6A/z
zTA=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:08:42 2025 by rpki-client