Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58005a-5233-4844-b024-29e35ae912da/1/_1ZVUyiWiKcUkDQ7d9MEjN-Qxjg.roa
File: _1ZVUyiWiKcUkDQ7d9MEjN-Qxjg.roa (raw, json)
Hash identifier: B9N8iWkGu9FMB4JofKmJJULgTYSFoSVSwpeNEHQNG3o=
Subject key identifier: FF:56:55:53:28:96:88:A7:14:90:34:3B:77:D3:04:8C:DF:90:C6:38
Certificate issuer: /CN=9d46542726668436fa93e757feef4d45e24cd6e3
Certificate serial: 01941FFA3AD8E4A4F46E24F2C0A7AEE1300D
Authority key identifier: 9D:46:54:27:26:66:84:36:FA:93:E7:57:FE:EF:4D:45:E2:4C:D6:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nUZUJyZmhDb6k-dX_u9NReJM1uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58005a-5233-4844-b024-29e35ae912da/1/_1ZVUyiWiKcUkDQ7d9MEjN-Qxjg.roa
Signing time: Wed 01 Jan 2025 03:48:00 +0000
ROA not before: Wed 01 Jan 2025 03:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47196
IP address blocks: 195.22.148.0/24 maxlen: 24
195.22.149.0/24 maxlen: 24
195.22.152.0/24 maxlen: 24
195.22.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:3a:d8:e4:a4:f4:6e:24:f2:c0:a7:ae:e1:30:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d46542726668436fa93e757feef4d45e24cd6e3
Validity
Not Before: Jan 1 03:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff565553289688a71490343b77d3048cdf90c638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e9:0b:81:29:a2:ac:2f:f6:3d:32:62:9b:f1:
da:96:95:08:9c:c3:84:0d:29:10:da:29:d7:ec:c5:
cc:1a:33:3b:ea:2e:3a:80:31:85:82:69:e2:9d:36:
0e:2a:2d:13:48:c0:47:1d:d4:f2:a3:c3:20:0a:d7:
e3:45:31:60:6b:53:26:87:6d:2e:3f:d3:90:9f:c5:
3e:33:eb:27:55:b0:06:7f:b6:b6:ae:64:a2:7b:c0:
15:63:5d:81:ec:3e:53:ed:75:62:0c:bd:bd:c4:d5:
38:b1:8c:97:c3:57:49:e8:50:24:c1:53:4f:e7:25:
1c:10:b6:09:89:ed:0f:9f:39:bc:53:90:7a:24:97:
67:4f:17:b0:c5:7b:f8:c8:6b:ea:19:52:fd:f5:0c:
65:8e:f7:96:51:c8:c7:43:6a:60:59:51:d5:07:87:
3a:9a:d3:92:20:5e:5d:cf:26:18:91:98:42:db:6c:
c6:28:9e:94:29:0e:78:3c:3f:7c:41:90:c9:fd:2f:
3a:35:77:66:02:4e:7a:41:78:02:41:b9:92:e9:1d:
7e:9e:6f:ad:52:a8:16:e0:8a:b0:c4:bb:0d:a5:08:
b1:e0:6b:30:36:0b:cc:94:55:17:46:d9:3e:4d:50:
d7:c1:66:23:07:57:d3:78:4c:f1:d1:b5:30:bb:ca:
da:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:56:55:53:28:96:88:A7:14:90:34:3B:77:D3:04:8C:DF:90:C6:38
X509v3 Authority Key Identifier:
keyid:9D:46:54:27:26:66:84:36:FA:93:E7:57:FE:EF:4D:45:E2:4C:D6:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nUZUJyZmhDb6k-dX_u9NReJM1uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58005a-5233-4844-b024-29e35ae912da/1/_1ZVUyiWiKcUkDQ7d9MEjN-Qxjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58005a-5233-4844-b024-29e35ae912da/1/nUZUJyZmhDb6k-dX_u9NReJM1uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.22.148.0/23
195.22.152.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:f1:02:9a:cf:cd:dd:24:58:f8:f2:98:3e:1b:5b:67:7c:56:
20:48:81:f8:c6:0d:4e:63:62:d1:4a:a3:47:01:1d:ed:46:91:
32:b6:53:ea:5d:8a:e1:c2:d2:10:e2:71:fc:8f:f2:b6:6b:0a:
87:74:30:0f:e5:c9:53:32:d6:e0:54:82:22:fc:54:5b:3e:b4:
a5:0a:d9:14:e6:48:03:12:4a:57:03:f8:5b:95:94:cc:1e:2e:
ca:0d:fa:5f:e6:d3:21:32:e0:81:a5:2f:73:95:61:9b:a8:9e:
01:d1:b3:b5:92:51:c5:43:08:94:fe:37:c5:82:96:b1:b3:30:
83:d8:bb:7b:81:d1:ec:22:3e:70:7c:94:bd:af:01:36:5f:dc:
90:1c:bb:b0:63:77:87:ab:85:cd:0e:21:40:22:cc:ac:5c:17:
e8:da:48:14:ab:63:b0:bb:b4:e1:d8:4b:39:00:79:f5:08:72:
b5:5e:9d:ba:06:c3:a4:d2:aa:7d:1c:01:47:bd:73:0f:1e:f4:
39:40:46:2f:a4:9e:27:f3:3e:ce:f3:b8:44:4c:99:18:ce:04:
8a:2c:be:0c:41:f2:bc:54:ca:bc:a8:49:c7:e4:f1:81:73:ac:
be:32:d2:6b:85:fc:61:46:c4:07:9a:4a:dc:e8:55:99:c6:40:
4c:0b:8a:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+jrY5KT0biTywKeu4TANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNDY1NDI3MjY2Njg0MzZmYTkzZTc1N2ZlZWY0ZDQ1ZTI0
Y2Q2ZTMwHhcNMjUwMTAxMDM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjU2NTU1MzI4OTY4OGE3MTQ5MDM0M2I3N2QzMDQ4Y2RmOTBjNjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+kLgSmirC/2PTJim/HalpUInMOE
DSkQ2inX7MXMGjM76i46gDGFgmninTYOKi0TSMBHHdTyo8MgCtfjRTFga1Mmh20u
P9OQn8U+M+snVbAGf7a2rmSie8AVY12B7D5T7XViDL29xNU4sYyXw1dJ6FAkwVNP
5yUcELYJie0Pnzm8U5B6JJdnTxewxXv4yGvqGVL99QxljveWUcjHQ2pgWVHVB4c6
mtOSIF5dzyYYkZhC22zGKJ6UKQ54PD98QZDJ/S86NXdmAk56QXgCQbmS6R1+nm+t
UqgW4IqwxLsNpQix4GswNgvMlFUXRtk+TVDXwWYjB1fTeEzx0bUwu8raTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP9WVVMoloinFJA0O3fTBIzfkMY4MB8GA1UdIwQY
MBaAFJ1GVCcmZoQ2+pPnV/7vTUXiTNbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblVaVUp5Wm1oRGI2ay1kWF91OU5SZUpNMXVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81ODAwNWEtNTIzMy00ODQ0LWIwMjQt
MjllMzVhZTkxMmRhLzEvXzFaVlV5aVdpS2NVa0RRN2Q5TUVqTi1ReGpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81ODAwNWEtNTIzMy00ODQ0LWIwMjQtMjllMzVhZTkxMmRh
LzEvblVaVUp5Wm1oRGI2ay1kWF91OU5SZUpNMXVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwxaUAwQB
wxaYMA0GCSqGSIb3DQEBCwUAA4IBAQAa8QKaz83dJFj48pg+G1tnfFYgSIH4xg1O
Y2LRSqNHAR3tRpEytlPqXYrhwtIQ4nH8j/K2awqHdDAP5clTMtbgVIIi/FRbPrSl
CtkU5kgDEkpXA/hblZTMHi7KDfpf5tMhMuCBpS9zlWGbqJ4B0bO1klHFQwiU/jfF
gpaxszCD2Lt7gdHsIj5wfJS9rwE2X9yQHLuwY3eHq4XNDiFAIsysXBfo2kgUq2Ow
u7Th2Es5AHn1CHK1Xp26BsOk0qp9HAFHvXMPHvQ5QEYvpJ4n8z7O87hETJkYzgSK
LL4MQfK8VMq8qEnH5PGBc6y+MtJrhfxhRsQHmkrc6FWZxkBMC4oa
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:06:45 2025 by rpki-client