Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/EytKkp-cHU6YafCnB0z54OPcAnc.roa
File: EytKkp-cHU6YafCnB0z54OPcAnc.roa (raw, json)
Hash identifier: qXa8VJW5qO7AGM9oVgWuxQ8fPmA9SdZQmj6ClsTDzLA=
Subject key identifier: 13:2B:4A:92:9F:9C:1D:4E:98:69:F0:A7:07:4C:F9:E0:E3:DC:02:77
Certificate issuer: /CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Certificate serial: 019425FD3DB878325B7868B6DC25C46F29E1
Authority key identifier: EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/EytKkp-cHU6YafCnB0z54OPcAnc.roa
Signing time: Thu 02 Jan 2025 07:49:00 +0000
ROA not before: Thu 02 Jan 2025 07:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39142
IP address blocks: 195.191.240.0/23 maxlen: 23
195.191.240.0/24 maxlen: 24
195.191.241.0/24 maxlen: 24
2a0a:dc07::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:3d:b8:78:32:5b:78:68:b6:dc:25:c4:6f:29:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Validity
Not Before: Jan 2 07:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=132b4a929f9c1d4e9869f0a7074cf9e0e3dc0277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6c:15:70:55:52:54:db:a1:f6:5d:41:81:4a:
98:7b:6c:a7:65:df:64:1d:5b:97:f0:1c:76:c4:89:
19:55:0a:8e:9b:f1:ff:33:d2:f8:f9:c8:f1:2c:7f:
69:5b:83:fd:a0:e4:4a:96:01:5f:6f:e5:49:b8:dc:
07:16:45:76:4e:9f:0f:ed:95:fe:e1:55:40:bd:29:
40:c6:34:60:41:52:89:92:78:0c:f4:3d:f2:26:8e:
5e:20:62:3b:32:f7:86:fe:a1:c2:ec:9e:49:e0:0f:
89:2f:dc:f8:4d:66:b2:9b:3b:e0:2b:65:bb:36:6b:
87:1d:6f:07:b1:89:22:2b:0b:16:7d:44:21:72:aa:
47:1a:99:05:1a:2a:3f:9a:46:99:96:95:92:95:1c:
d4:12:60:9a:90:a2:62:70:42:98:01:f8:5c:1b:b3:
0c:fd:7f:19:f2:7f:1d:be:d3:e6:d0:c6:3a:74:a0:
7f:ec:18:7d:22:02:ba:8f:40:de:4f:f6:d6:8e:68:
a8:11:20:3d:61:c6:fb:5a:2d:d3:b1:99:e9:cb:98:
60:39:a0:e5:ab:47:c4:50:4e:55:3b:3f:90:39:22:
c8:82:da:b4:a2:be:7d:7a:11:72:e0:6a:f6:11:e5:
54:a0:91:3c:21:69:08:61:91:bd:90:d8:3a:f8:3e:
04:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:2B:4A:92:9F:9C:1D:4E:98:69:F0:A7:07:4C:F9:E0:E3:DC:02:77
X509v3 Authority Key Identifier:
keyid:EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/EytKkp-cHU6YafCnB0z54OPcAnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/7-aRQnxuQYBvbOseIYp9xjIP3u0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.240.0/23
IPv6:
2a0a:dc07::/32
Signature Algorithm: sha256WithRSAEncryption
2e:14:cd:c3:16:53:8a:cc:71:c0:4f:4c:7b:83:9f:4b:fd:6b:
7f:93:e5:71:2e:46:1d:87:b3:6c:76:a8:ef:c5:bd:f4:5e:07:
60:b4:f5:1e:19:5b:64:af:f8:b1:1b:1c:c5:fc:66:d9:38:be:
bf:14:1a:f9:c7:16:fb:2f:12:c7:c7:12:08:2d:42:e9:eb:40:
33:1f:05:45:14:8d:8d:89:01:60:29:e5:c3:c5:f6:37:d1:e9:
f0:6d:37:40:90:e0:3e:94:5d:fb:5a:2b:4e:51:5e:6f:61:85:
fb:c1:cd:a7:c6:da:c6:e1:71:65:10:1d:68:3c:c1:fe:a2:d1:
ae:24:5c:20:47:58:4c:96:b2:f3:0b:0f:dc:8a:98:2e:c6:31:
93:5f:a1:ae:65:6c:69:27:3d:93:2b:2e:8c:7e:c9:00:b6:94:
4b:62:17:a4:f2:5d:b5:b3:2e:7f:bb:d1:28:4a:0a:99:ab:c2:
92:e7:a3:56:66:0f:1a:b7:f6:e4:81:b4:61:4d:df:38:99:53:
24:1c:7a:52:70:b7:61:ba:01:41:2e:46:9a:bd:03:99:da:31:
52:06:7e:14:03:1d:da:0a:2b:bf:40:9a:8b:96:fe:2f:32:7c:
60:af:2d:df:4f:4f:61:58:5b:06:4d:0e:b9:29:56:81:16:07:
7e:bb:6e:80
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/T24eDJbeGi23CXEbynhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZTY5MTQyN2M2ZTQxODA2ZjZjZWIxZTIxOGE3ZGM2MzIw
ZmRlZWQwHhcNMjUwMTAyMDc0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzJiNGE5MjlmOWMxZDRlOTg2OWYwYTcwNzRjZjllMGUzZGMwMjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2wVcFVSVNuh9l1BgUqYe2ynZd9k
HVuX8Bx2xIkZVQqOm/H/M9L4+cjxLH9pW4P9oORKlgFfb+VJuNwHFkV2Tp8P7ZX+
4VVAvSlAxjRgQVKJkngM9D3yJo5eIGI7MveG/qHC7J5J4A+JL9z4TWaymzvgK2W7
NmuHHW8HsYkiKwsWfUQhcqpHGpkFGio/mkaZlpWSlRzUEmCakKJicEKYAfhcG7MM
/X8Z8n8dvtPm0MY6dKB/7Bh9IgK6j0DeT/bWjmioESA9Ycb7Wi3TsZnpy5hgOaDl
q0fEUE5VOz+QOSLIgtq0or59ehFy4Gr2EeVUoJE8IWkIYZG9kNg6+D4EqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBMrSpKfnB1OmGnwpwdM+eDj3AJ3MB8GA1UdIwQY
MBaAFO/mkUJ8bkGAb2zrHiGKfcYyD97tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMt
MzgxNGM1N2ZlOWJiLzEvRXl0S2twLWNIVTZZYWZDbkIwejU0T1BjQW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMtMzgxNGM1N2ZlOWJi
LzEvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBw7/wMA0E
AgACMAcDBQAqCtwHMA0GCSqGSIb3DQEBCwUAA4IBAQAuFM3DFlOKzHHAT0x7g59L
/Wt/k+VxLkYdh7Nsdqjvxb30XgdgtPUeGVtkr/ixGxzF/GbZOL6/FBr5xxb7LxLH
xxIILULp60AzHwVFFI2NiQFgKeXDxfY30enwbTdAkOA+lF37WitOUV5vYYX7wc2n
xtrG4XFlEB1oPMH+otGuJFwgR1hMlrLzCw/cipguxjGTX6GuZWxpJz2TKy6MfskA
tpRLYhek8l21sy5/u9EoSgqZq8KS56NWZg8at/bkgbRhTd84mVMkHHpScLdhugFB
LkaavQOZ2jFSBn4UAx3aCiu/QJqLlv4vMnxgry3fT09hWFsGTQ65KVaBFgd+u26A
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:31 2025 by rpki-client on console.sobornost.net