Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/e6f1a4-a43e-47bd-a178-c36a96c04177/1/tv0huOh6mK0H4w2Pkxi0zxGdHcU.roa
File: tv0huOh6mK0H4w2Pkxi0zxGdHcU.roa (raw, json)
Hash identifier: AhjG9w2zaLD4mADBnCLY0U88JMMTl5C2x9ZxBk5L0+Q=
Subject key identifier: B6:FD:21:B8:E8:7A:98:AD:07:E3:0D:8F:93:18:B4:CF:11:9D:1D:C5
Certificate issuer: /CN=1aac7db5193c1b3b7487e847d41a383ed5b26671
Certificate serial: 019425FCF16AEA969D3C4B5FA67F6A451C03
Authority key identifier: 1A:AC:7D:B5:19:3C:1B:3B:74:87:E8:47:D4:1A:38:3E:D5:B2:66:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gqx9tRk8Gzt0h-hH1Bo4PtWyZnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/e6f1a4-a43e-47bd-a178-c36a96c04177/1/tv0huOh6mK0H4w2Pkxi0zxGdHcU.roa
Signing time: Thu 02 Jan 2025 07:48:41 +0000
ROA not before: Thu 02 Jan 2025 07:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210991
IP address blocks: 195.66.96.0/24 maxlen: 24
2a12:7940::/29 maxlen: 29
2a12:7940:1::/48 maxlen: 48
2a12:7940:2::/48 maxlen: 48
2a12:7940:5::/48 maxlen: 48
2a12:7940:6::/48 maxlen: 48
2a12:7940:8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:f1:6a:ea:96:9d:3c:4b:5f:a6:7f:6a:45:1c:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aac7db5193c1b3b7487e847d41a383ed5b26671
Validity
Not Before: Jan 2 07:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6fd21b8e87a98ad07e30d8f9318b4cf119d1dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:80:fd:9d:5f:3e:71:1f:92:d2:d0:ee:55:c5:
ca:d0:8d:66:99:80:98:0a:b1:a7:c0:f9:f3:2b:1c:
a1:41:4e:af:85:32:7f:13:6a:46:09:f9:c7:c0:50:
c1:08:74:c9:c9:c9:7d:f8:a2:c5:1b:a7:5d:3b:14:
70:e6:39:70:cf:1f:67:26:cc:2f:1e:49:c8:2c:a3:
40:72:53:cd:39:3d:86:92:cd:ca:af:10:e7:55:a8:
69:2d:ed:49:46:31:10:47:a3:4a:75:67:d3:3e:dd:
83:d7:65:e8:e4:77:68:83:ba:b6:9d:0d:ea:81:3b:
02:ad:3b:ec:8b:2e:1e:90:db:b4:7b:f6:71:db:c1:
40:8b:44:d1:9e:86:c9:aa:5a:8e:e9:b5:ae:66:cf:
35:e3:8a:12:4e:4f:5f:8f:b9:6e:8c:8c:2d:60:e5:
31:8e:7e:8c:a4:f5:e4:6d:85:43:0c:3e:76:1c:8c:
60:95:4c:36:68:d1:05:2f:91:80:e5:4e:0d:75:e7:
57:af:5a:64:11:74:fc:18:e5:1f:6e:c7:c1:2a:33:
68:c3:6d:23:76:0c:cb:64:84:9b:26:dc:39:6e:70:
9c:1a:e5:07:dc:13:7b:13:5c:e9:1d:e0:a8:a2:37:
94:68:6a:54:6a:b3:6e:83:38:b4:5f:14:23:2c:09:
7c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:FD:21:B8:E8:7A:98:AD:07:E3:0D:8F:93:18:B4:CF:11:9D:1D:C5
X509v3 Authority Key Identifier:
keyid:1A:AC:7D:B5:19:3C:1B:3B:74:87:E8:47:D4:1A:38:3E:D5:B2:66:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gqx9tRk8Gzt0h-hH1Bo4PtWyZnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e6f1a4-a43e-47bd-a178-c36a96c04177/1/tv0huOh6mK0H4w2Pkxi0zxGdHcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e6f1a4-a43e-47bd-a178-c36a96c04177/1/Gqx9tRk8Gzt0h-hH1Bo4PtWyZnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.96.0/24
IPv6:
2a12:7940::/29
Signature Algorithm: sha256WithRSAEncryption
16:a8:96:ff:fa:4b:49:32:36:97:91:20:35:15:db:ca:df:26:
8c:d1:11:79:b1:6d:91:c4:65:59:44:4e:80:52:90:d6:05:b7:
c5:d8:63:fd:fc:b0:0f:88:70:75:c5:a5:06:d1:44:f1:4e:cc:
ca:22:4c:1a:68:89:b3:f2:24:58:97:6d:bd:91:37:14:0b:b3:
85:40:d0:53:34:1b:ee:93:45:ce:73:78:fb:bf:8e:59:b8:89:
79:74:0a:80:ca:1a:c2:6a:33:53:de:a0:52:f3:76:87:af:5c:
80:32:09:82:25:f1:15:3a:9e:9d:29:24:aa:fd:23:0c:10:d9:
d2:b2:d3:2e:0d:8a:d6:2d:e9:de:e7:1b:4f:d7:8a:9e:86:e9:
2e:26:43:96:e0:d4:e8:8a:77:7b:09:b4:62:85:11:dd:02:a6:
95:cf:d6:58:a5:27:e7:41:a6:fe:0d:be:a9:33:f4:00:41:92:
7d:3b:b9:19:db:3f:fd:a7:6c:65:8c:d6:cf:f2:8d:15:b9:f4:
de:51:09:f9:92:31:a0:85:7e:7f:be:85:9f:61:1e:d4:70:50:
c3:69:d2:c0:72:5e:b0:8b:cb:a3:9f:bf:cf:da:83:04:a1:24:
d8:dd:75:4a:31:71:ee:36:c8:e2:8b:a3:b9:91:a1:1d:76:e6:
ed:01:73:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/PFq6padPEtfpn9qRRwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYWM3ZGI1MTkzYzFiM2I3NDg3ZTg0N2Q0MWEzODNlZDVi
MjY2NzEwHhcNMjUwMTAyMDc0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmZkMjFiOGU4N2E5OGFkMDdlMzBkOGY5MzE4YjRjZjExOWQxZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYD9nV8+cR+S0tDuVcXK0I1mmYCY
CrGnwPnzKxyhQU6vhTJ/E2pGCfnHwFDBCHTJycl9+KLFG6ddOxRw5jlwzx9nJswv
HknILKNAclPNOT2Gks3KrxDnVahpLe1JRjEQR6NKdWfTPt2D12Xo5Hdog7q2nQ3q
gTsCrTvsiy4ekNu0e/Zx28FAi0TRnobJqlqO6bWuZs8144oSTk9fj7lujIwtYOUx
jn6MpPXkbYVDDD52HIxglUw2aNEFL5GA5U4NdedXr1pkEXT8GOUfbsfBKjNow20j
dgzLZISbJtw5bnCcGuUH3BN7E1zpHeCoojeUaGpUarNugzi0XxQjLAl8/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLb9IbjoepitB+MNj5MYtM8RnR3FMB8GA1UdIwQY
MBaAFBqsfbUZPBs7dIfoR9QaOD7VsmZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3F4OXRSazhHenQwaC1oSDFCbzRQdFd5Wm5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9lNmYxYTQtYTQzZS00N2JkLWExNzgt
YzM2YTk2YzA0MTc3LzEvdHYwaHVPaDZtSzBINHcyUGt4aTB6eEdkSGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9lNmYxYTQtYTQzZS00N2JkLWExNzgtYzM2YTk2YzA0MTc3
LzEvR3F4OXRSazhHenQwaC1oSDFCbzRQdFd5Wm5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw0JgMA0E
AgACMAcDBQMqEnlAMA0GCSqGSIb3DQEBCwUAA4IBAQAWqJb/+ktJMjaXkSA1FdvK
3yaM0RF5sW2RxGVZRE6AUpDWBbfF2GP9/LAPiHB1xaUG0UTxTszKIkwaaImz8iRY
l229kTcUC7OFQNBTNBvuk0XOc3j7v45ZuIl5dAqAyhrCajNT3qBS83aHr1yAMgmC
JfEVOp6dKSSq/SMMENnSstMuDYrWLene5xtP14qehukuJkOW4NToind7CbRihRHd
AqaVz9ZYpSfnQab+Db6pM/QAQZJ9O7kZ2z/9p2xljNbP8o0VufTeUQn5kjGghX5/
voWfYR7UcFDDadLAcl6wi8ujn7/P2oMEoSTY3XVKMXHuNsjii6O5kaEddubtAXP1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:34 2025 by rpki-client on console.sobornost.net