Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c60ba7-796b-4140-b0ac-addd65bc5a6a/1/G75hDgiyd2LwDpJ76o2-U8H3uNQ.roa
File: G75hDgiyd2LwDpJ76o2-U8H3uNQ.roa (raw, json)
Hash identifier: S5OSLsFsbCnXpNSoGI0qFyRFbDiGy+ql70CMoNWtluw=
Subject key identifier: 1B:BE:61:0E:08:B2:77:62:F0:0E:92:7B:EA:8D:BE:53:C1:F7:B8:D4
Certificate issuer: /CN=348c2f0d9677a4d15865601f18e6af1ff7c7ea4f
Certificate serial: 019427B412C6AA08251640F9596D3700ADC2
Authority key identifier: 34:8C:2F:0D:96:77:A4:D1:58:65:60:1F:18:E6:AF:1F:F7:C7:EA:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NIwvDZZ3pNFYZWAfGOavH_fH6k8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c60ba7-796b-4140-b0ac-addd65bc5a6a/1/G75hDgiyd2LwDpJ76o2-U8H3uNQ.roa
Signing time: Thu 02 Jan 2025 15:48:20 +0000
ROA not before: Thu 02 Jan 2025 15:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49820
IP address blocks: 195.93.224.0/23 maxlen: 23
2001:67c:1e8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:12:c6:aa:08:25:16:40:f9:59:6d:37:00:ad:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=348c2f0d9677a4d15865601f18e6af1ff7c7ea4f
Validity
Not Before: Jan 2 15:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bbe610e08b27762f00e927bea8dbe53c1f7b8d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:20:93:4b:a5:10:81:24:bc:9a:36:70:d2:f7:
60:a7:00:28:3c:f4:f7:51:49:cc:3f:d6:82:f4:88:
6b:0e:17:4f:07:d7:fb:38:8d:5f:de:2d:8c:c8:e7:
c5:1e:3a:c9:43:b2:83:47:f3:6c:c7:19:e4:00:ed:
dd:87:05:53:68:ed:17:64:9d:38:45:1c:56:53:33:
e9:c6:71:1b:86:b9:30:55:31:48:88:48:46:5f:6d:
38:8b:e2:96:da:41:7d:5a:a3:38:9c:71:af:c8:5a:
c5:4e:60:a5:a0:e5:50:db:f3:9a:ad:7d:8b:3a:80:
e7:c1:39:10:9b:58:e7:85:78:c8:33:3a:f2:af:03:
a8:b5:f6:ca:29:3e:00:b6:a1:e5:81:e8:27:67:8f:
a4:d4:26:73:6c:e4:98:3e:fd:aa:5a:d4:d0:81:ef:
75:e2:85:1d:59:91:fb:52:82:26:29:7f:1e:35:b5:
f1:ae:6d:ce:25:4d:2c:d2:42:49:5e:26:a5:32:be:
1e:19:c8:83:6d:ff:63:66:bf:1a:96:fd:40:61:a9:
c3:45:a2:82:2c:51:1b:90:2f:6d:d1:f8:f9:dc:59:
54:45:e3:bc:e7:da:f7:49:64:9b:3e:ef:f0:bc:1d:
74:94:f0:a1:0e:1c:26:48:4b:5c:c6:ef:0d:bf:a1:
f9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:BE:61:0E:08:B2:77:62:F0:0E:92:7B:EA:8D:BE:53:C1:F7:B8:D4
X509v3 Authority Key Identifier:
keyid:34:8C:2F:0D:96:77:A4:D1:58:65:60:1F:18:E6:AF:1F:F7:C7:EA:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NIwvDZZ3pNFYZWAfGOavH_fH6k8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c60ba7-796b-4140-b0ac-addd65bc5a6a/1/G75hDgiyd2LwDpJ76o2-U8H3uNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c60ba7-796b-4140-b0ac-addd65bc5a6a/1/NIwvDZZ3pNFYZWAfGOavH_fH6k8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.93.224.0/23
IPv6:
2001:67c:1e8::/48
Signature Algorithm: sha256WithRSAEncryption
49:99:16:05:ae:b6:ee:b1:25:ed:68:b1:16:16:49:6d:b7:cf:
c4:a8:ce:7a:f2:38:e8:a9:f9:a2:67:c9:62:04:57:f5:73:3c:
4d:11:78:dc:e8:0e:53:21:eb:2a:c9:07:41:c6:b9:7b:43:bb:
6f:2c:d2:1c:bf:5f:9c:3e:fe:43:b1:0c:f5:b7:8a:09:56:b2:
b2:38:32:e4:16:2b:8d:36:29:26:32:5b:c9:7c:59:c5:e9:58:
ff:c2:01:02:61:06:db:a4:fe:6e:6b:f8:1e:1f:83:c4:d6:16:
86:1c:0c:05:c5:4d:22:df:11:17:f6:e3:61:b4:bb:a9:c3:fc:
a4:36:46:99:dd:3c:d6:32:54:e9:13:9a:44:3d:fe:5b:71:27:
2f:da:7e:36:7a:61:4f:ed:b6:c7:14:90:3c:14:b1:da:2a:29:
6f:1e:ce:29:ee:b2:81:1a:0e:87:8d:bb:3d:eb:eb:56:36:cc:
41:05:e3:6d:7d:3f:b5:de:f3:b6:85:fe:1a:2f:a9:58:71:38:
63:15:6d:e4:03:75:2c:d9:cc:09:89:98:3c:06:f0:79:c3:61:
6e:9d:f2:30:15:8c:f9:3e:b8:aa:fc:99:f4:7d:cf:4d:78:2e:
7c:18:4b:cd:3f:2a:fc:5d:4d:bf:42:32:8a:db:7c:89:e0:31:
ec:42:85:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQntBLGqgglFkD5WW03AK3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OGMyZjBkOTY3N2E0ZDE1ODY1NjAxZjE4ZTZhZjFmZjdj
N2VhNGYwHhcNMjUwMTAyMTU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmJlNjEwZTA4YjI3NzYyZjAwZTkyN2JlYThkYmU1M2MxZjdiOGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyCTS6UQgSS8mjZw0vdgpwAoPPT3
UUnMP9aC9IhrDhdPB9f7OI1f3i2MyOfFHjrJQ7KDR/NsxxnkAO3dhwVTaO0XZJ04
RRxWUzPpxnEbhrkwVTFIiEhGX204i+KW2kF9WqM4nHGvyFrFTmCloOVQ2/OarX2L
OoDnwTkQm1jnhXjIMzryrwOotfbKKT4AtqHlgegnZ4+k1CZzbOSYPv2qWtTQge91
4oUdWZH7UoImKX8eNbXxrm3OJU0s0kJJXialMr4eGciDbf9jZr8alv1AYanDRaKC
LFEbkC9t0fj53FlUReO859r3SWSbPu/wvB10lPChDhwmSEtcxu8Nv6H5gwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBu+YQ4Isndi8A6Se+qNvlPB97jUMB8GA1UdIwQY
MBaAFDSMLw2Wd6TRWGVgHxjmrx/3x+pPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkl3dkRaWjNwTkZZWldBZkdPYXZIX2ZINms4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jNjBiYTctNzk2Yi00MTQwLWIwYWMt
YWRkZDY1YmM1YTZhLzEvRzc1aERnaXlkMkx3RHBKNzZvMi1VOEgzdU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jNjBiYTctNzk2Yi00MTQwLWIwYWMtYWRkZDY1YmM1YTZh
LzEvTkl3dkRaWjNwTkZZWldBZkdPYXZIX2ZINms4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw13gMA8E
AgACMAkDBwAgAQZ8AegwDQYJKoZIhvcNAQELBQADggEBAEmZFgWutu6xJe1osRYW
SW23z8SoznryOOip+aJnyWIEV/VzPE0ReNzoDlMh6yrJB0HGuXtDu28s0hy/X5w+
/kOxDPW3iglWsrI4MuQWK402KSYyW8l8WcXpWP/CAQJhBtuk/m5r+B4fg8TWFoYc
DAXFTSLfERf242G0u6nD/KQ2RpndPNYyVOkTmkQ9/ltxJy/afjZ6YU/ttscUkDwU
sdoqKW8ezinusoEaDoeNuz3r61Y2zEEF4219P7Xe87aF/hovqVhxOGMVbeQDdSzZ
zAmJmDwG8HnDYW6d8jAVjPk+uKr8mfR9z014LnwYS80/KvxdTb9CMorbfIngMexC
hTs=
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:58:24 2025 by rpki-client