Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/xs5EMPFexMMDbg6ZozpAr6uWE70.roa
File: xs5EMPFexMMDbg6ZozpAr6uWE70.roa (raw, json)
Hash identifier: qg/QvTawYThYqecFxjzESCzrgezKdtEVEc1jID0tLZg=
Subject key identifier: C6:CE:44:30:F1:5E:C4:C3:03:6E:0E:99:A3:3A:40:AF:AB:96:13:BD
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 019426D8AFA5E90580F895FDE6FA2E294753
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/xs5EMPFexMMDbg6ZozpAr6uWE70.roa
Signing time: Thu 02 Jan 2025 11:48:42 +0000
ROA not before: Thu 02 Jan 2025 11:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214526
IP address blocks: 95.38.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:af:a5:e9:05:80:f8:95:fd:e6:fa:2e:29:47:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Jan 2 11:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6ce4430f15ec4c3036e0e99a33a40afab9613bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:39:46:13:35:25:1a:12:fb:55:6d:1d:a6:26:
ae:93:56:21:bc:a8:23:23:63:1c:32:9c:2d:4a:f8:
bb:36:65:97:e2:23:c8:59:cf:bc:86:d2:20:c1:d7:
21:b6:59:73:7d:1b:0b:c2:09:65:9d:d7:2b:a1:77:
16:6d:31:62:da:1d:c7:6c:e8:22:1f:6f:66:1f:47:
57:af:f3:68:d8:03:b0:b5:93:44:b1:7f:93:e2:c5:
50:9c:40:36:c5:08:0c:0d:b9:5e:19:5f:31:64:26:
fd:1f:22:e5:e2:70:1b:06:17:0e:de:da:b9:94:80:
06:73:4e:5a:83:fb:09:95:1a:4e:8d:64:e6:5f:28:
72:1f:25:97:df:58:10:f3:d1:c1:7d:d9:a4:40:a9:
61:98:92:8e:f0:57:17:e2:ea:80:25:a8:5d:d0:a4:
e6:aa:22:61:8a:0c:08:c3:8d:40:2a:0a:21:cf:89:
a8:a2:b2:0c:0d:3e:3c:87:8e:42:59:42:78:06:25:
69:0d:6b:2b:b8:63:60:c2:b5:42:25:66:8a:72:2c:
d4:70:f1:a5:ce:ee:6a:8d:ba:38:fc:57:cb:99:c9:
41:19:5d:fd:b6:b0:59:a9:82:fe:b4:96:9a:df:12:
cf:ce:2a:67:58:70:6e:69:1f:b7:4c:a0:16:43:ed:
ba:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:CE:44:30:F1:5E:C4:C3:03:6E:0E:99:A3:3A:40:AF:AB:96:13:BD
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/xs5EMPFexMMDbg6ZozpAr6uWE70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.38.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:09:d9:04:48:62:42:53:af:df:c8:3e:b9:85:43:19:5f:bf:
48:50:7c:ba:d1:04:dc:af:63:99:1f:10:24:20:d2:3b:6a:f8:
99:7c:fc:99:47:0d:f9:7e:a0:dd:06:5c:ba:4b:f2:a9:4c:a5:
96:dc:19:c7:43:4d:ce:1d:aa:c5:7b:2b:72:b3:d6:dc:ac:7d:
73:79:06:e8:36:32:65:c0:b3:62:ec:a6:d5:f3:34:db:6f:47:
03:21:b7:46:04:c2:d6:ce:4a:47:8c:e6:e1:69:f3:99:f2:a9:
e9:b3:e1:e6:45:43:a8:4b:34:83:2d:f3:2c:6c:70:5b:bf:e4:
1a:49:5b:6e:8b:97:02:3c:7b:c1:8d:df:6a:c5:e8:22:5a:1d:
55:ae:79:79:5f:4e:07:a6:d7:ac:83:95:27:b3:b3:f6:28:b3:
b4:38:56:9f:84:4c:c0:5b:69:e9:ea:23:24:43:2f:7d:7b:f9:
58:aa:8a:f2:8e:7a:77:69:cd:86:72:2e:04:18:9a:1e:b7:2b:
f4:f5:d1:31:44:66:1e:bf:4c:36:ca:2c:9e:5a:26:58:77:aa:
2f:61:4c:a6:3d:86:b8:a6:e9:91:06:d8:60:a4:48:86:10:ac:
ba:dd:dc:cf:77:53:48:ff:3f:ec:e9:50:4d:41:07:2e:ff:38:
26:7f:d0:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2K+l6QWA+JX95vouKUdTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjUwMTAyMTE0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmNlNDQzMGYxNWVjNGMzMDM2ZTBlOTlhMzNhNDBhZmFiOTYxM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTlGEzUlGhL7VW0dpiauk1YhvKgj
I2McMpwtSvi7NmWX4iPIWc+8htIgwdchtllzfRsLwgllndcroXcWbTFi2h3HbOgi
H29mH0dXr/No2AOwtZNEsX+T4sVQnEA2xQgMDbleGV8xZCb9HyLl4nAbBhcO3tq5
lIAGc05ag/sJlRpOjWTmXyhyHyWX31gQ89HBfdmkQKlhmJKO8FcX4uqAJahd0KTm
qiJhigwIw41AKgohz4moorIMDT48h45CWUJ4BiVpDWsruGNgwrVCJWaKcizUcPGl
zu5qjbo4/FfLmclBGV39trBZqYL+tJaa3xLPzipnWHBuaR+3TKAWQ+26BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMbORDDxXsTDA24OmaM6QK+rlhO9MB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEveHM1RU1QRmV4TU1EYmc2Wm96cEFyNnVXRTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXyYmMA0G
CSqGSIb3DQEBCwUAA4IBAQB9CdkESGJCU6/fyD65hUMZX79IUHy60QTcr2OZHxAk
INI7aviZfPyZRw35fqDdBly6S/KpTKWW3BnHQ03OHarFeytys9bcrH1zeQboNjJl
wLNi7KbV8zTbb0cDIbdGBMLWzkpHjObhafOZ8qnps+HmRUOoSzSDLfMsbHBbv+Qa
SVtui5cCPHvBjd9qxegiWh1Vrnl5X04Hptesg5Uns7P2KLO0OFafhEzAW2np6iMk
Qy99e/lYqoryjnp3ac2Gci4EGJoetyv09dExRGYev0w2yiyeWiZYd6ovYUymPYa4
pumRBthgpEiGEKy63dzPd1NI/z/s6VBNQQcu/zgmf9BB
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:09:31 2025 by rpki-client