Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1eff17-65ec-45ea-a75d-96eb07f7825b/1/EPNaozHQAjVOYQy-Vt2Z_kxiWS0.roa
File: EPNaozHQAjVOYQy-Vt2Z_kxiWS0.roa (raw, json)
Hash identifier: WsqXo+AMtH2w9AGoDi4Cn3lAEUdfpStLLlDa9sz3f6I=
Subject key identifier: 10:F3:5A:A3:31:D0:02:35:4E:61:0C:BE:56:DD:99:FE:4C:62:59:2D
Certificate issuer: /CN=68e3ba87e3a93468cc3b3c3f60fa63d5e853c314
Certificate serial: 0194214398D6F293B0C2913B4B928ECE4CCE
Authority key identifier: 68:E3:BA:87:E3:A9:34:68:CC:3B:3C:3F:60:FA:63:D5:E8:53:C3:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOO6h-OpNGjMOzw_YPpj1ehTwxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/1eff17-65ec-45ea-a75d-96eb07f7825b/1/EPNaozHQAjVOYQy-Vt2Z_kxiWS0.roa
Signing time: Wed 01 Jan 2025 09:47:45 +0000
ROA not before: Wed 01 Jan 2025 09:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28854
IP address blocks: 195.49.240.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:98:d6:f2:93:b0:c2:91:3b:4b:92:8e:ce:4c:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68e3ba87e3a93468cc3b3c3f60fa63d5e853c314
Validity
Not Before: Jan 1 09:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10f35aa331d002354e610cbe56dd99fe4c62592d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b9:29:90:fc:b8:57:a6:ac:e6:84:37:fa:f9:
fc:bd:ed:59:12:4d:22:27:44:c3:7b:0e:40:3f:bc:
a7:05:33:5c:34:d9:53:65:88:17:a7:d0:ba:09:66:
f6:77:c9:bf:b9:0c:4a:1e:a3:f0:5b:ac:58:ea:11:
9c:54:3d:5f:db:1b:1d:4d:50:ed:75:25:af:cb:a1:
64:5e:0e:42:a6:09:85:76:61:fa:06:5d:49:ba:e3:
28:d5:06:5a:f2:db:77:a6:1c:cb:21:a1:dc:b2:e5:
b3:79:c3:43:4e:23:b6:35:d7:93:d1:0f:10:6d:16:
09:ab:55:30:a7:0d:97:ce:6c:6c:2d:f7:24:bf:53:
a4:ae:46:fd:d1:c0:5c:a3:9b:69:52:5f:0e:51:d3:
44:bc:ac:50:5f:ef:3c:df:be:4c:39:3e:d6:b4:3a:
71:70:01:d3:e6:bc:18:7d:37:3b:6d:1a:e1:23:f5:
c6:62:15:17:ad:eb:11:ad:e8:c3:1c:6e:8a:f3:ae:
e6:c8:2a:ef:e2:99:59:d7:be:b9:64:77:41:29:98:
0b:16:0c:6d:9c:a1:26:54:79:b0:83:8c:3b:3b:08:
94:b6:02:97:28:94:ac:d7:d5:35:71:35:33:d6:17:
2e:d5:80:ac:e6:0d:c0:6c:81:81:6d:04:ad:fc:c7:
6e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:F3:5A:A3:31:D0:02:35:4E:61:0C:BE:56:DD:99:FE:4C:62:59:2D
X509v3 Authority Key Identifier:
keyid:68:E3:BA:87:E3:A9:34:68:CC:3B:3C:3F:60:FA:63:D5:E8:53:C3:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOO6h-OpNGjMOzw_YPpj1ehTwxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1eff17-65ec-45ea-a75d-96eb07f7825b/1/EPNaozHQAjVOYQy-Vt2Z_kxiWS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1eff17-65ec-45ea-a75d-96eb07f7825b/1/aOO6h-OpNGjMOzw_YPpj1ehTwxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.49.240.0/21
Signature Algorithm: sha256WithRSAEncryption
48:bf:71:a6:6a:cf:64:74:9b:35:fd:aa:5b:cd:13:31:86:94:
0c:a2:80:f0:22:c4:ee:d1:fe:56:26:c5:b1:41:d4:51:6f:13:
48:bd:a3:7c:c6:24:3e:86:97:0d:36:fc:b7:cd:9d:8d:82:38:
e6:f9:4c:6d:73:ad:1d:db:ab:b1:33:26:0b:83:5e:12:11:e8:
cd:db:96:d4:eb:8b:ab:f5:ea:f7:54:82:43:15:3f:71:09:e0:
88:60:e5:5e:7c:74:c3:05:c2:33:fd:73:41:26:22:e6:3d:a4:
8f:fe:6b:ea:ed:30:d4:b1:89:5d:2f:25:b7:9d:8f:0e:83:9a:
3e:51:9e:14:b7:d4:2f:fc:d2:94:56:25:d4:25:21:42:ab:eb:
fd:cc:6b:f8:08:ed:12:8e:31:8b:d4:f4:0d:bf:e5:1f:ca:91:
83:03:6c:11:68:bf:8c:44:35:85:5d:d5:df:e2:39:bf:2e:08:
b7:81:5f:33:d2:aa:3f:89:c5:c0:36:03:f7:0e:a9:b4:4f:7c:
63:11:20:f3:ab:26:38:02:62:d9:ca:ff:46:26:e6:8c:29:02:
b9:46:20:d2:6f:66:2f:40:c9:d4:6a:30:69:a1:a7:bc:5a:59:
4e:29:d2:3e:f5:7f:92:82:a3:4e:56:fa:04:4f:77:26:58:b7:
3d:42:9a:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ5jW8pOwwpE7S5KOzkzOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTNiYTg3ZTNhOTM0NjhjYzNiM2MzZjYwZmE2M2Q1ZTg1
M2MzMTQwHhcNMjUwMTAxMDk0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGYzNWFhMzMxZDAwMjM1NGU2MTBjYmU1NmRkOTlmZTRjNjI1OTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLkpkPy4V6as5oQ3+vn8ve1ZEk0i
J0TDew5AP7ynBTNcNNlTZYgXp9C6CWb2d8m/uQxKHqPwW6xY6hGcVD1f2xsdTVDt
dSWvy6FkXg5CpgmFdmH6Bl1JuuMo1QZa8tt3phzLIaHcsuWzecNDTiO2NdeT0Q8Q
bRYJq1Uwpw2XzmxsLfckv1Okrkb90cBco5tpUl8OUdNEvKxQX+88375MOT7WtDpx
cAHT5rwYfTc7bRrhI/XGYhUXresRrejDHG6K867myCrv4plZ1765ZHdBKZgLFgxt
nKEmVHmwg4w7OwiUtgKXKJSs19U1cTUz1hcu1YCs5g3AbIGBbQSt/MduBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBDzWqMx0AI1TmEMvlbdmf5MYlktMB8GA1UdIwQY
MBaAFGjjuofjqTRozDs8P2D6Y9XoU8MUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9PNmgtT3BOR2pNT3p3X1lQcGoxZWhUd3hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xZWZmMTctNjVlYy00NWVhLWE3NWQt
OTZlYjA3Zjc4MjViLzEvRVBOYW96SFFBalZPWVF5LVZ0Mlpfa3hpV1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xZWZmMTctNjVlYy00NWVhLWE3NWQtOTZlYjA3Zjc4MjVi
LzEvYU9PNmgtT3BOR2pNT3p3X1lQcGoxZWhUd3hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwzHwMA0G
CSqGSIb3DQEBCwUAA4IBAQBIv3Gmas9kdJs1/apbzRMxhpQMooDwIsTu0f5WJsWx
QdRRbxNIvaN8xiQ+hpcNNvy3zZ2Ngjjm+Uxtc60d26uxMyYLg14SEejN25bU64ur
9er3VIJDFT9xCeCIYOVefHTDBcIz/XNBJiLmPaSP/mvq7TDUsYldLyW3nY8Og5o+
UZ4Ut9Qv/NKUViXUJSFCq+v9zGv4CO0SjjGL1PQNv+UfypGDA2wRaL+MRDWFXdXf
4jm/Lgi3gV8z0qo/icXANgP3Dqm0T3xjESDzqyY4AmLZyv9GJuaMKQK5RiDSb2Yv
QMnUajBpoae8WllOKdI+9X+SgqNOVvoET3cmWLc9QprB
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:13:06 2025 by rpki-client