Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/CTvzKYuavAXPQrA0BsbRPbX0CgI.roa
File: CTvzKYuavAXPQrA0BsbRPbX0CgI.roa (raw, json)
Hash identifier: 6AUy7OVDmglmaCZCA5TauI1Rw9HuOKH9yejf2rQneKs=
Subject key identifier: 09:3B:F3:29:8B:9A:BC:05:CF:42:B0:34:06:C6:D1:3D:B5:F4:0A:02
Certificate issuer: /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial: 01942445574FA4101E7B04579336F08A5762
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/CTvzKYuavAXPQrA0BsbRPbX0CgI.roa
Signing time: Wed 01 Jan 2025 23:48:31 +0000
ROA not before: Wed 01 Jan 2025 23:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43331
IP address blocks: 195.87.22.0/24 maxlen: 24
195.87.212.0/22 maxlen: 22
195.87.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:57:4f:a4:10:1e:7b:04:57:93:36:f0:8a:57:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Validity
Not Before: Jan 1 23:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=093bf3298b9abc05cf42b03406c6d13db5f40a02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9d:c7:5f:b0:e4:99:d7:e8:7d:a2:e1:44:0a:
92:ec:fc:a8:d5:85:83:e5:ca:ab:f8:ed:f4:a3:c0:
bd:37:4e:38:fe:de:6b:0a:64:b2:1b:c4:e8:d8:88:
99:23:48:ce:cf:1b:3e:ee:44:26:01:9e:7a:5a:a4:
ff:28:54:dc:84:14:ef:03:26:01:50:1e:97:93:f7:
fa:fa:c3:b3:85:48:e1:fb:12:d5:78:a6:66:f3:61:
dc:82:f5:e4:32:3e:41:8a:1a:fc:ee:d5:98:43:97:
29:b1:73:e1:3e:6a:9e:dd:d3:38:97:d5:87:38:4d:
04:88:18:bd:09:52:fe:57:19:e8:07:f3:d2:4d:b9:
83:50:d2:60:a0:04:bc:75:5b:e2:81:aa:6f:e3:3d:
eb:2d:56:95:df:ed:25:b3:12:ae:cf:1c:5a:e3:d5:
50:cc:52:4d:9b:ab:30:95:38:ff:3b:6a:d2:9d:d1:
b0:b3:6c:6d:ed:f4:b1:2f:16:26:b6:56:81:3e:24:
5d:fa:02:2d:0c:8f:76:6b:14:34:c5:6a:ec:c8:9b:
df:bb:82:6a:81:08:21:bc:79:54:90:c4:1c:14:e9:
5c:1d:8c:83:c0:f2:ea:00:07:76:da:10:d8:0d:94:
d3:ef:52:e6:11:a7:d3:36:36:c8:b6:50:55:8e:29:
63:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:3B:F3:29:8B:9A:BC:05:CF:42:B0:34:06:C6:D1:3D:B5:F4:0A:02
X509v3 Authority Key Identifier:
keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/CTvzKYuavAXPQrA0BsbRPbX0CgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.87.22.0/24
195.87.212.0/22
195.87.237.0/24
Signature Algorithm: sha256WithRSAEncryption
10:30:4b:05:b4:f5:9b:cf:50:6c:d0:aa:c2:85:c4:26:77:b1:
c3:bd:10:ea:96:70:ea:46:01:b6:9c:8f:a0:82:b3:b4:7d:c6:
b1:07:2b:f3:0f:88:44:9d:c0:af:22:5c:a6:1c:8c:6c:5a:17:
92:6d:58:47:cc:63:a8:89:e2:d9:fe:c8:70:03:94:f0:82:d7:
62:47:88:26:44:03:16:6e:fd:cd:ca:70:9e:56:79:80:9d:e4:
48:6e:fc:e8:20:34:db:05:2b:de:d8:e5:de:ae:3d:e6:a5:b1:
e2:2f:ec:7e:fc:7d:aa:6a:23:d7:30:63:8b:6c:e1:fd:d3:7d:
85:cd:23:6f:ba:3c:b3:9b:e6:88:63:4a:10:58:f2:e1:60:c6:
0a:d2:54:27:1f:9e:6a:57:e0:65:9d:56:3b:12:d0:fc:68:4c:
ac:f6:8b:b0:35:76:87:8f:9a:b1:2f:c6:2a:c7:15:1c:ea:15:
a4:86:9a:bc:c4:81:6a:86:1a:e0:32:e9:4c:a8:65:11:31:52:
1e:54:90:64:7b:02:ed:a8:bf:da:09:a4:e0:fc:30:71:8b:ed:
e7:03:97:62:ee:57:1b:34:5a:a2:86:ec:fd:eb:ad:f3:8f:7e:
01:6f:b9:20:f8:13:e0:af:cb:7c:85:4f:a5:18:9d:42:43:41:
ab:1e:4e:b1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQkRVdPpBAeewRXkzbwildiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjUwMTAxMjM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTNiZjMyOThiOWFiYzA1Y2Y0MmIwMzQwNmM2ZDEzZGI1ZjQwYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyp3HX7DkmdfofaLhRAqS7Pyo1YWD
5cqr+O30o8C9N044/t5rCmSyG8To2IiZI0jOzxs+7kQmAZ56WqT/KFTchBTvAyYB
UB6Xk/f6+sOzhUjh+xLVeKZm82HcgvXkMj5Bihr87tWYQ5cpsXPhPmqe3dM4l9WH
OE0EiBi9CVL+VxnoB/PSTbmDUNJgoAS8dVvigapv4z3rLVaV3+0lsxKuzxxa49VQ
zFJNm6swlTj/O2rSndGws2xt7fSxLxYmtlaBPiRd+gItDI92axQ0xWrsyJvfu4Jq
gQghvHlUkMQcFOlcHYyDwPLqAAd22hDYDZTT71LmEafTNjbItlBVjiljzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAk78ymLmrwFz0KwNAbG0T219AoCMB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvQ1R2ektZdWF2QVhQUXJBMEJzYlJQYlgwQ2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAw1cWAwQC
w1fUAwQAw1ftMA0GCSqGSIb3DQEBCwUAA4IBAQAQMEsFtPWbz1Bs0KrChcQmd7HD
vRDqlnDqRgG2nI+ggrO0fcaxByvzD4hEncCvIlymHIxsWheSbVhHzGOoieLZ/shw
A5TwgtdiR4gmRAMWbv3NynCeVnmAneRIbvzoIDTbBSve2OXerj3mpbHiL+x+/H2q
aiPXMGOLbOH9032FzSNvujyzm+aIY0oQWPLhYMYK0lQnH55qV+BlnVY7EtD8aEys
9ouwNXaHj5qxL8YqxxUc6hWkhpq8xIFqhhrgMulMqGURMVIeVJBkewLtqL/aCaTg
/DBxi+3nA5di7lcbNFqihuz9663zj34Bb7kg+BPgr8t8hU+lGJ1CQ0GrHk6x
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:47 2025 by rpki-client on console.sobornost.net