Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/6f952a-ad59-4b9f-b7c7-09aac0789b93/1/cjk16MmGa9VAbHsgngJUOkSp08A.roa
File: cjk16MmGa9VAbHsgngJUOkSp08A.roa (raw, json)
Hash identifier: vjUqfCV04EKTU6LoX8huXEuT5umrktch7/fsTB3KR0w=
Subject key identifier: 72:39:35:E8:C9:86:6B:D5:40:6C:7B:20:9E:02:54:3A:44:A9:D3:C0
Certificate issuer: /CN=2a734eabcfb5b6c2a4e48388edb3af8f506b1fab
Certificate serial: 01941F8C4FF02EA4D31205F1B3248117BF3D
Authority key identifier: 2A:73:4E:AB:CF:B5:B6:C2:A4:E4:83:88:ED:B3:AF:8F:50:6B:1F:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KnNOq8-1tsKk5IOI7bOvj1BrH6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/6f952a-ad59-4b9f-b7c7-09aac0789b93/1/cjk16MmGa9VAbHsgngJUOkSp08A.roa
Signing time: Wed 01 Jan 2025 01:47:56 +0000
ROA not before: Wed 01 Jan 2025 01:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29037
IP address blocks: 195.160.160.0/23 maxlen: 24
2001:67c:19ec::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:4f:f0:2e:a4:d3:12:05:f1:b3:24:81:17:bf:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a734eabcfb5b6c2a4e48388edb3af8f506b1fab
Validity
Not Before: Jan 1 01:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=723935e8c9866bd5406c7b209e02543a44a9d3c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f5:b0:bb:e5:fa:cc:d2:9f:e6:41:a9:cd:0f:
3f:d4:4a:36:1a:7d:9b:0b:0c:49:2e:c8:b4:13:92:
a2:d6:08:19:c9:eb:39:c5:bd:7b:21:67:25:6d:6e:
52:13:2a:aa:ed:c8:7a:eb:a5:e3:ed:b6:ff:73:a5:
40:e2:23:2e:7f:8d:e2:9c:6a:ef:2b:5e:b0:e8:2b:
c2:68:88:0f:d5:9f:a9:84:62:64:a0:13:9f:a7:3a:
54:6b:79:0d:d6:3f:05:59:db:d8:03:e6:03:57:25:
29:c1:54:69:ba:a8:96:4e:96:8c:db:13:48:5a:1b:
91:ff:48:96:1b:b6:1d:07:5e:7b:f9:40:46:ab:5c:
20:46:28:9d:b1:5f:93:ff:e7:c9:d8:4a:88:d7:5b:
c2:53:82:2c:65:2f:5b:0a:8d:44:65:63:d2:9f:7f:
1e:b7:92:33:96:31:bc:6d:79:46:7c:e7:f3:75:91:
1b:34:d4:4e:4b:29:75:3a:a5:ec:b6:5c:8d:5b:e3:
50:d7:32:e5:ad:d3:ef:60:bf:0b:f6:e2:7e:a2:58:
f8:82:9c:c1:f2:d6:28:73:83:32:34:6f:2b:b8:15:
f4:a6:ef:e0:1a:7b:97:65:1a:38:2c:f5:86:a2:65:
03:b7:85:ad:72:04:09:4f:20:b7:41:84:59:23:51:
a1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:39:35:E8:C9:86:6B:D5:40:6C:7B:20:9E:02:54:3A:44:A9:D3:C0
X509v3 Authority Key Identifier:
keyid:2A:73:4E:AB:CF:B5:B6:C2:A4:E4:83:88:ED:B3:AF:8F:50:6B:1F:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KnNOq8-1tsKk5IOI7bOvj1BrH6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/6f952a-ad59-4b9f-b7c7-09aac0789b93/1/cjk16MmGa9VAbHsgngJUOkSp08A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/6f952a-ad59-4b9f-b7c7-09aac0789b93/1/KnNOq8-1tsKk5IOI7bOvj1BrH6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.160.160.0/23
IPv6:
2001:67c:19ec::/48
Signature Algorithm: sha256WithRSAEncryption
6b:e1:2a:65:05:db:7c:99:d0:e7:ce:a0:7a:52:81:18:f8:b2:
7e:a8:3c:ea:03:6e:a1:df:c8:07:1f:ee:b9:be:8e:3e:75:13:
7d:a6:0e:ce:1e:e2:c4:b7:4e:de:f4:7d:f5:9a:d7:65:7b:9d:
ca:00:71:32:63:69:41:d9:2a:bb:88:c0:0c:01:b4:03:97:1a:
05:5f:14:38:bc:8f:bf:14:25:1e:0e:b2:29:63:58:b1:f1:30:
f2:a1:67:44:4d:54:72:5b:6b:7e:5e:68:54:76:82:5f:56:cf:
bd:f5:5b:b9:40:5c:3f:4e:22:3d:25:6c:89:c3:c7:03:cd:79:
b2:e2:27:d2:11:25:c2:02:80:eb:17:e6:8e:7a:cb:6e:cb:84:
4a:84:d6:49:4b:57:33:96:9b:d6:71:d2:2e:dc:03:d5:b2:20:
05:e2:1d:e1:41:40:89:7a:17:31:23:ba:9a:2d:93:02:33:a0:
f8:59:97:7c:93:4e:2e:1c:bf:47:8f:2d:5e:63:14:42:31:dc:
74:5a:e8:d1:3e:85:46:fa:a5:12:3a:2d:2a:c9:4a:1b:f1:36:
5c:96:d9:5b:98:14:0d:4b:46:57:57:0d:bc:fb:55:0d:a0:78:
6b:00:ea:87:f4:af:9a:6b:40:33:d1:95:3f:26:c7:9e:85:cb:
b8:55:a1:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQfjE/wLqTTEgXxsySBF789MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNzM0ZWFiY2ZiNWI2YzJhNGU0ODM4OGVkYjNhZjhmNTA2
YjFmYWIwHhcNMjUwMTAxMDE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjM5MzVlOGM5ODY2YmQ1NDA2YzdiMjA5ZTAyNTQzYTQ0YTlkM2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfWwu+X6zNKf5kGpzQ8/1Eo2Gn2b
CwxJLsi0E5Ki1ggZyes5xb17IWclbW5SEyqq7ch666Xj7bb/c6VA4iMuf43inGrv
K16w6CvCaIgP1Z+phGJkoBOfpzpUa3kN1j8FWdvYA+YDVyUpwVRpuqiWTpaM2xNI
WhuR/0iWG7YdB157+UBGq1wgRiidsV+T/+fJ2EqI11vCU4IsZS9bCo1EZWPSn38e
t5IzljG8bXlGfOfzdZEbNNROSyl1OqXstlyNW+NQ1zLlrdPvYL8L9uJ+olj4gpzB
8tYoc4MyNG8ruBX0pu/gGnuXZRo4LPWGomUDt4WtcgQJTyC3QYRZI1GhyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHI5NejJhmvVQGx7IJ4CVDpEqdPAMB8GA1UdIwQY
MBaAFCpzTqvPtbbCpOSDiO2zr49Qax+rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS25OT3E4LTF0c0trNUlPSTdiT3ZqMUJySDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS82Zjk1MmEtYWQ1OS00YjlmLWI3Yzct
MDlhYWMwNzg5YjkzLzEvY2prMTZNbUdhOVZBYkhzZ25nSlVPa1NwMDhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS82Zjk1MmEtYWQ1OS00YjlmLWI3YzctMDlhYWMwNzg5Yjkz
LzEvS25OT3E4LTF0c0trNUlPSTdiT3ZqMUJySDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw6CgMA8E
AgACMAkDBwAgAQZ8GewwDQYJKoZIhvcNAQELBQADggEBAGvhKmUF23yZ0OfOoHpS
gRj4sn6oPOoDbqHfyAcf7rm+jj51E32mDs4e4sS3Tt70ffWa12V7ncoAcTJjaUHZ
KruIwAwBtAOXGgVfFDi8j78UJR4OsiljWLHxMPKhZ0RNVHJba35eaFR2gl9Wz731
W7lAXD9OIj0lbInDxwPNebLiJ9IRJcICgOsX5o56y27LhEqE1klLVzOWm9Zx0i7c
A9WyIAXiHeFBQIl6FzEjupotkwIzoPhZl3yTTi4cv0ePLV5jFEIx3HRa6NE+hUb6
pRI6LSrJShvxNlyW2VuYFA1LRldXDbz7VQ2geGsA6of0r5prQDPRlT8mx56Fy7hV
oXI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:53:56 2025 by rpki-client