Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/99RaY9xH4qOYuC0KdiJQrFMbC5E.roa
File: 99RaY9xH4qOYuC0KdiJQrFMbC5E.roa (raw, json)
Hash identifier: TZUHN/mcHmz7AzTn504QkH94CMbEPlnfBvzJqjhXWtc=
Subject key identifier: F7:D4:5A:63:DC:47:E2:A3:98:B8:2D:0A:76:22:50:AC:53:1B:0B:91
Certificate issuer: /CN=d23b6477e1c84f52907cd60c63ea83ef5e4ac782
Certificate serial: 019422FB9696A9CFD1405C55FDA5CD3964A2
Authority key identifier: D2:3B:64:77:E1:C8:4F:52:90:7C:D6:0C:63:EA:83:EF:5E:4A:C7:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/99RaY9xH4qOYuC0KdiJQrFMbC5E.roa
Signing time: Wed 01 Jan 2025 17:48:20 +0000
ROA not before: Wed 01 Jan 2025 17:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41299
IP address blocks: 195.60.216.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:96:96:a9:cf:d1:40:5c:55:fd:a5:cd:39:64:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d23b6477e1c84f52907cd60c63ea83ef5e4ac782
Validity
Not Before: Jan 1 17:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7d45a63dc47e2a398b82d0a762250ac531b0b91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2e:11:ee:74:d4:e2:0f:7e:ba:3d:24:91:f9:
cf:c5:73:ff:a9:94:8a:b5:01:40:9f:ad:df:1b:99:
3a:f6:e1:5e:72:f7:f6:c3:1b:e1:60:98:17:1a:2f:
c7:17:0f:4a:a6:0a:35:33:e0:0d:1d:51:da:c8:b2:
d0:1c:1f:41:a9:05:9c:72:55:57:df:dc:41:b0:7b:
6e:6d:1f:40:ae:93:5c:63:0d:d7:bf:dd:2b:42:f9:
08:8b:26:08:62:12:1a:62:34:d0:4b:cd:ae:2b:f9:
45:4d:c8:ab:d3:e6:c4:84:5e:97:c8:f7:0b:c8:89:
b8:00:6a:e3:0c:07:85:2f:b3:09:c7:58:e5:e8:fb:
1d:bc:dc:42:78:29:ca:93:6a:75:c0:5f:24:23:d6:
42:4a:52:ae:bc:56:2b:8d:a4:bb:e8:6a:3e:a8:ac:
63:f1:35:66:1d:71:88:56:ae:72:e1:7b:38:ea:c9:
5f:21:c6:fb:c5:84:1f:a8:2e:19:91:f1:0e:11:1d:
36:db:56:92:c7:74:da:2c:ab:de:fd:af:76:35:8c:
98:a8:88:35:db:89:c5:4d:4b:98:14:3a:86:d8:8f:
a2:61:10:72:7c:2c:a9:d6:ea:0d:55:7f:cf:aa:ce:
2f:00:4e:ed:e7:6e:91:85:5b:d7:df:0e:90:81:0d:
96:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:D4:5A:63:DC:47:E2:A3:98:B8:2D:0A:76:22:50:AC:53:1B:0B:91
X509v3 Authority Key Identifier:
keyid:D2:3B:64:77:E1:C8:4F:52:90:7C:D6:0C:63:EA:83:EF:5E:4A:C7:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/99RaY9xH4qOYuC0KdiJQrFMbC5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.216.0/22
Signature Algorithm: sha256WithRSAEncryption
13:c4:16:d5:6f:96:9a:f3:8b:b0:43:db:1c:f2:35:3c:4b:c6:
75:81:4d:c5:bf:45:34:5f:26:89:8e:6c:41:fc:3a:3a:5d:09:
bc:b4:47:51:0a:2b:29:f5:fe:9c:d7:aa:27:be:c1:f8:fa:39:
f9:da:bf:31:54:1c:ed:d6:2c:8d:ba:60:91:f4:95:a4:d9:fc:
34:f8:60:79:87:99:34:94:77:4b:ff:12:b8:b2:15:38:48:95:
fa:b9:ef:1e:dc:15:3e:b9:e4:cd:07:c4:2c:17:a5:8a:37:74:
19:36:86:8e:1a:39:e8:5f:2c:62:bb:94:74:5a:03:3c:b1:e3:
10:3d:6f:ff:3e:36:9e:60:f2:66:2b:ce:af:b3:d7:bb:1c:53:
82:09:64:08:34:84:bd:eb:1d:89:df:f3:47:14:c0:c4:e8:18:
8b:63:d1:e8:85:0a:6e:f5:4c:db:60:96:b5:d3:52:78:23:f0:
ec:0b:f2:e1:50:5c:4b:a8:c1:be:b9:15:e8:50:0c:ed:88:54:
a8:ca:06:f2:59:ca:b3:3f:5f:30:31:9e:1c:b2:27:18:2e:ec:
86:68:b6:ad:d4:7c:a5:8e:8f:aa:b2:0b:1b:32:97:40:99:75:
cc:a2:62:73:93:cf:ff:88:7e:8f:67:74:7a:0f:68:54:d0:bf:
d9:e5:60:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+5aWqc/RQFxV/aXNOWSiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyM2I2NDc3ZTFjODRmNTI5MDdjZDYwYzYzZWE4M2VmNWU0
YWM3ODIwHhcNMjUwMTAxMTc0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2Q0NWE2M2RjNDdlMmEzOThiODJkMGE3NjIyNTBhYzUzMWIwYjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwS4R7nTU4g9+uj0kkfnPxXP/qZSK
tQFAn63fG5k69uFecvf2wxvhYJgXGi/HFw9Kpgo1M+ANHVHayLLQHB9BqQWcclVX
39xBsHtubR9ArpNcYw3Xv90rQvkIiyYIYhIaYjTQS82uK/lFTcir0+bEhF6XyPcL
yIm4AGrjDAeFL7MJx1jl6PsdvNxCeCnKk2p1wF8kI9ZCSlKuvFYrjaS76Go+qKxj
8TVmHXGIVq5y4Xs46slfIcb7xYQfqC4ZkfEOER0221aSx3TaLKve/a92NYyYqIg1
24nFTUuYFDqG2I+iYRByfCyp1uoNVX/Pqs4vAE7t526RhVvX3w6QgQ2WMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPfUWmPcR+KjmLgtCnYiUKxTGwuRMB8GA1UdIwQY
MBaAFNI7ZHfhyE9SkHzWDGPqg+9eSseCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS80NTU5ZmQtYjQwOS00NzljLWE0MGYt
MjI1NTU4NWRkZWNiLzEvOTlSYVk5eEg0cU9ZdUMwS2RpSlFyRk1iQzVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS80NTU5ZmQtYjQwOS00NzljLWE0MGYtMjI1NTU4NWRkZWNi
LzEvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwzzYMA0G
CSqGSIb3DQEBCwUAA4IBAQATxBbVb5aa84uwQ9sc8jU8S8Z1gU3Fv0U0XyaJjmxB
/Do6XQm8tEdRCisp9f6c16onvsH4+jn52r8xVBzt1iyNumCR9JWk2fw0+GB5h5k0
lHdL/xK4shU4SJX6ue8e3BU+ueTNB8QsF6WKN3QZNoaOGjnoXyxiu5R0WgM8seMQ
PW//PjaeYPJmK86vs9e7HFOCCWQINIS96x2J3/NHFMDE6BiLY9HohQpu9UzbYJa1
01J4I/DsC/LhUFxLqMG+uRXoUAztiFSoygbyWcqzP18wMZ4csicYLuyGaLat1Hyl
jo+qsgsbMpdAmXXMomJzk8//iH6PZ3R6D2hU0L/Z5WDE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:01 2025 by rpki-client on console.sobornost.net