Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/sdThYvleJaL-c_bm6C-9ZPzP9Y4.roa
File: sdThYvleJaL-c_bm6C-9ZPzP9Y4.roa (raw, json)
Hash identifier: o0CkhveA8bkxqQ9BoY1Nin+1fU50JT7PqNBRU8Zhn3Y=
Subject key identifier: B1:D4:E1:62:F9:5E:25:A2:FE:73:F6:E6:E8:2F:BD:64:FC:CF:F5:8E
Certificate issuer: /CN=869b3600fd738e698d12fef20e106e6a94e3b674
Certificate serial: 01942368CA655CFEF04E88F6719EF6A7AB53
Authority key identifier: 86:9B:36:00:FD:73:8E:69:8D:12:FE:F2:0E:10:6E:6A:94:E3:B6:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hps2AP1zjmmNEv7yDhBuapTjtnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/sdThYvleJaL-c_bm6C-9ZPzP9Y4.roa
Signing time: Wed 01 Jan 2025 19:47:37 +0000
ROA not before: Wed 01 Jan 2025 19:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50635
IP address blocks: 195.191.186.0/24 maxlen: 24
195.191.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:ca:65:5c:fe:f0:4e:88:f6:71:9e:f6:a7:ab:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869b3600fd738e698d12fef20e106e6a94e3b674
Validity
Not Before: Jan 1 19:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1d4e162f95e25a2fe73f6e6e82fbd64fccff58e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4c:c0:a1:09:76:2b:f2:64:80:91:6c:43:d3:
61:47:ef:f3:82:16:2d:1c:1c:d3:4a:04:75:73:e3:
67:15:ed:0c:ff:22:fe:f4:31:5c:03:f0:6f:b3:26:
77:52:03:fb:68:37:a2:f8:5a:ad:ea:75:33:c4:52:
4a:a4:50:75:a4:fd:85:4f:5d:e7:a4:75:f6:c5:38:
ec:e3:3c:0a:a8:90:e6:ea:ef:89:72:9a:be:5b:3a:
cb:43:84:cd:93:b3:d9:5d:89:30:be:19:22:e3:9a:
fa:82:70:a3:93:5e:60:c9:39:93:9b:d4:91:1a:ac:
96:e4:bc:09:57:de:7b:dd:f8:a4:96:a6:ba:99:5f:
43:61:b8:59:21:51:80:2d:fb:27:9c:1c:e6:1e:c8:
86:8d:78:67:8b:0b:e3:80:1b:92:61:cc:61:64:7b:
85:72:c0:7b:b8:5b:a8:59:79:80:9c:51:9f:68:56:
87:f9:00:be:54:ba:bd:52:b7:d9:f1:73:d2:9b:eb:
34:fa:b1:df:7f:c6:73:ef:26:b5:30:5d:f0:fc:8b:
44:2b:ef:e4:99:43:7e:6f:e6:9a:5a:4e:c0:cb:50:
f4:0e:82:3f:8f:4b:43:56:18:a8:0f:b2:96:ef:47:
49:02:58:be:de:3f:c1:86:e5:89:20:a7:1a:bc:d2:
0f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D4:E1:62:F9:5E:25:A2:FE:73:F6:E6:E8:2F:BD:64:FC:CF:F5:8E
X509v3 Authority Key Identifier:
keyid:86:9B:36:00:FD:73:8E:69:8D:12:FE:F2:0E:10:6E:6A:94:E3:B6:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hps2AP1zjmmNEv7yDhBuapTjtnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/sdThYvleJaL-c_bm6C-9ZPzP9Y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/hps2AP1zjmmNEv7yDhBuapTjtnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.186.0/23
Signature Algorithm: sha256WithRSAEncryption
cd:78:1a:ce:5f:1c:66:47:ad:eb:55:4d:a4:83:85:b7:fc:b7:
1c:d1:b7:d8:b0:d3:41:c5:7f:7f:fc:3f:9b:db:13:7c:6e:51:
97:e8:36:6c:7a:42:b4:10:dd:bd:0c:8a:eb:00:56:cc:53:b1:
89:b0:5c:60:af:60:00:65:ef:20:41:47:68:48:9e:2d:c8:ed:
5c:a7:c3:2f:84:71:12:ba:9a:f6:26:24:8e:fd:3c:e3:48:8d:
17:c7:bb:36:47:04:25:da:44:7f:82:8b:46:13:6f:90:1a:66:
c8:93:ff:87:03:b8:dd:eb:34:52:9c:4f:3b:0c:26:0c:4d:47:
08:9e:60:d4:07:0a:23:32:3e:de:b6:8d:37:16:b3:e4:a6:2c:
99:97:c8:b2:66:4b:7d:f4:1e:80:10:7a:db:72:77:f7:02:ff:
90:ae:41:b4:80:94:db:8b:f9:2c:15:9a:dd:8a:d8:14:44:af:
29:b8:f9:fd:f5:c8:c7:50:e2:a1:98:6e:c8:18:61:1e:dd:78:
10:33:94:17:b4:af:6d:d0:aa:8f:15:02:60:7e:7a:e6:e8:6d:
9f:1b:44:cd:53:76:f8:bc:8b:11:43:e0:9b:15:a9:e2:3d:62:
cb:a0:1f:a2:90:a7:76:3e:08:e6:cf:bc:52:c6:21:ce:a3:a7:
c3:4e:8a:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaMplXP7wToj2cZ72p6tTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OWIzNjAwZmQ3MzhlNjk4ZDEyZmVmMjBlMTA2ZTZhOTRl
M2I2NzQwHhcNMjUwMTAxMTk0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWQ0ZTE2MmY5NWUyNWEyZmU3M2Y2ZTZlODJmYmQ2NGZjY2ZmNThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0zAoQl2K/JkgJFsQ9NhR+/zghYt
HBzTSgR1c+NnFe0M/yL+9DFcA/BvsyZ3UgP7aDei+Fqt6nUzxFJKpFB1pP2FT13n
pHX2xTjs4zwKqJDm6u+Jcpq+WzrLQ4TNk7PZXYkwvhki45r6gnCjk15gyTmTm9SR
GqyW5LwJV9573fiklqa6mV9DYbhZIVGALfsnnBzmHsiGjXhniwvjgBuSYcxhZHuF
csB7uFuoWXmAnFGfaFaH+QC+VLq9UrfZ8XPSm+s0+rHff8Zz7ya1MF3w/ItEK+/k
mUN+b+aaWk7Ay1D0DoI/j0tDVhioD7KW70dJAli+3j/BhuWJIKcavNIPswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLHU4WL5XiWi/nP25ugvvWT8z/WOMB8GA1UdIwQY
MBaAFIabNgD9c45pjRL+8g4QbmqU47Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBzMkFQMXpqbW1ORXY3eURoQnVhcFRqdG5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy82MDk5NzYtMWFjZS00NDRmLWJjYjUt
NDI0M2U4OGJkNzZjLzEvc2RUaFl2bGVKYUwtY19ibTZDLTlaUHpQOVk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy82MDk5NzYtMWFjZS00NDRmLWJjYjUtNDI0M2U4OGJkNzZj
LzEvaHBzMkFQMXpqbW1ORXY3eURoQnVhcFRqdG5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw7+6MA0G
CSqGSIb3DQEBCwUAA4IBAQDNeBrOXxxmR63rVU2kg4W3/Lcc0bfYsNNBxX9//D+b
2xN8blGX6DZsekK0EN29DIrrAFbMU7GJsFxgr2AAZe8gQUdoSJ4tyO1cp8MvhHES
upr2JiSO/TzjSI0Xx7s2RwQl2kR/gotGE2+QGmbIk/+HA7jd6zRSnE87DCYMTUcI
nmDUBwojMj7eto03FrPkpiyZl8iyZkt99B6AEHrbcnf3Av+QrkG0gJTbi/ksFZrd
itgURK8puPn99cjHUOKhmG7IGGEe3XgQM5QXtK9t0KqPFQJgfnrm6G2fG0TNU3b4
vIsRQ+CbFaniPWLLoB+ikKd2Pgjmz7xSxiHOo6fDTope
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:28:43 2025 by rpki-client