Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/CKxsc_gvWvfmK04VuscPq8EYz9U.roa
File: CKxsc_gvWvfmK04VuscPq8EYz9U.roa (raw, json)
Hash identifier: VikJqKETWTz/9E4QTfJjv0QToUwL5hu9InyAC9DAGmg=
Subject key identifier: 08:AC:6C:73:F8:2F:5A:F7:E6:2B:4E:15:BA:C7:0F:AB:C1:18:CF:D5
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747FDDE3228C54B338C825066E1654E
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/CKxsc_gvWvfmK04VuscPq8EYz9U.roa
Signing time: Thu 02 Jan 2025 13:50:16 +0000
ROA not before: Thu 02 Jan 2025 13:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202439
IP address blocks: 95.43.236.0/24 maxlen: 24
95.43.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:fd:de:32:28:c5:4b:33:8c:82:50:66:e1:65:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08ac6c73f82f5af7e62b4e15bac70fabc118cfd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f9:b8:bf:2b:58:ec:44:bc:35:f6:b9:2d:59:
7a:af:e6:c8:18:f2:be:0f:89:47:c4:31:04:3b:57:
9a:46:a9:aa:18:f3:3d:b9:f0:1d:62:a5:bd:b7:8b:
ec:17:6a:f8:45:2b:ab:c0:d6:b0:f5:26:17:3e:a8:
1d:a1:2e:59:98:3d:e3:12:21:a7:a0:05:6b:50:97:
7e:fd:d7:94:b5:72:18:f0:25:23:56:7e:7a:28:3a:
f0:8c:10:a8:d1:4a:48:df:74:e7:58:bb:69:ee:69:
a7:24:1d:b0:b3:8f:96:e5:aa:a6:d8:65:1b:f2:81:
ee:9f:06:5b:18:dd:c7:d5:ea:49:5a:dd:92:46:49:
7e:b2:80:36:8f:f1:3a:d2:83:67:1a:bb:be:95:3e:
d0:7e:36:18:f3:5e:1f:40:88:c7:00:d8:e6:aa:a8:
80:0c:3f:a7:7e:fa:8a:68:14:33:5a:c0:d8:ce:a6:
08:b0:c8:d5:4c:38:00:e0:fa:ae:9e:85:f3:16:fa:
3a:3d:89:b1:d8:7d:1b:68:76:4c:08:f2:b3:ab:15:
e3:e8:21:c1:92:a4:5b:fe:69:5c:bd:93:fc:fc:43:
d4:57:de:28:13:34:61:99:02:80:63:99:7c:ce:d1:
aa:a5:5a:2e:5f:35:c2:97:63:64:94:96:74:06:d5:
88:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:AC:6C:73:F8:2F:5A:F7:E6:2B:4E:15:BA:C7:0F:AB:C1:18:CF:D5
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/CKxsc_gvWvfmK04VuscPq8EYz9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.43.236.0/24
95.43.239.0/24
Signature Algorithm: sha256WithRSAEncryption
24:39:4e:16:3e:f5:7b:30:06:04:ef:86:c6:96:3d:8b:5a:a5:
7f:0b:c8:a2:a1:db:a4:72:26:42:82:81:c9:4b:84:d8:ca:a8:
a5:e4:73:c7:64:02:7e:5f:c9:05:1b:87:08:29:60:60:5f:3b:
39:47:1f:79:5d:a6:72:54:2d:28:e6:02:5c:a0:f7:e0:2c:da:
f3:a7:6a:fc:80:8a:61:64:a2:b7:e2:99:47:74:e4:24:a8:63:
84:37:de:39:0e:84:24:01:1c:be:24:7a:87:bb:42:1e:7c:66:
1c:ea:0f:0e:eb:1f:92:0c:a0:70:53:ec:fe:77:01:6f:20:f2:
20:d9:80:3c:d3:cd:81:3c:a0:27:f4:cd:66:4f:00:68:ab:4b:
5a:e4:4c:ff:ff:6f:22:66:b8:b5:2f:16:b6:d6:d4:fc:78:49:
b6:69:ee:13:f1:55:a7:46:a8:22:73:43:ef:29:23:9a:95:cb:
5e:3d:d9:f2:30:c5:3f:91:19:2d:b8:33:07:b4:85:cd:55:e7:
e2:1a:6c:28:98:41:8c:06:ed:de:51:66:9f:ce:ce:28:17:bb:
a4:e2:b2:23:b4:53:81:fb:7f:44:08:73:a0:c7:86:19:e6:00:
81:c1:59:ad:7f:a1:5d:75:4a:b6:9c:30:fe:26:74:1d:16:7f:
97:53:fe:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnR/3eMijFSzOMglBm4WVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGFjNmM3M2Y4MmY1YWY3ZTYyYjRlMTViYWM3MGZhYmMxMThjZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/m4vytY7ES8Nfa5LVl6r+bIGPK+
D4lHxDEEO1eaRqmqGPM9ufAdYqW9t4vsF2r4RSurwNaw9SYXPqgdoS5ZmD3jEiGn
oAVrUJd+/deUtXIY8CUjVn56KDrwjBCo0UpI33TnWLtp7mmnJB2ws4+W5aqm2GUb
8oHunwZbGN3H1epJWt2SRkl+soA2j/E60oNnGru+lT7QfjYY814fQIjHANjmqqiA
DD+nfvqKaBQzWsDYzqYIsMjVTDgA4PqunoXzFvo6PYmx2H0baHZMCPKzqxXj6CHB
kqRb/mlcvZP8/EPUV94oEzRhmQKAY5l8ztGqpVouXzXCl2NklJZ0BtWIqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAisbHP4L1r35itOFbrHD6vBGM/VMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvQ0t4c2NfZ3ZXdmZtSzA0VnVzY1BxOEVZejlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXyvsAwQA
XyvvMA0GCSqGSIb3DQEBCwUAA4IBAQAkOU4WPvV7MAYE74bGlj2LWqV/C8iioduk
ciZCgoHJS4TYyqil5HPHZAJ+X8kFG4cIKWBgXzs5Rx95XaZyVC0o5gJcoPfgLNrz
p2r8gIphZKK34plHdOQkqGOEN945DoQkARy+JHqHu0IefGYc6g8O6x+SDKBwU+z+
dwFvIPIg2YA8082BPKAn9M1mTwBoq0ta5Ez//28iZri1Lxa21tT8eEm2ae4T8VWn
Rqgic0PvKSOalctePdnyMMU/kRktuDMHtIXNVefiGmwomEGMBu3eUWafzs4oF7uk
4rIjtFOB+39ECHOgx4YZ5gCBwVmtf6FddUq2nDD+JnQdFn+XU/5a
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:54:23 2025 by rpki-client