Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d16b46-b8cc-4456-a450-27e27c163102/1/aNZ_w4ct0s6F9JNwvU81Pvph6xA.roa
File: aNZ_w4ct0s6F9JNwvU81Pvph6xA.roa (raw, json)
Hash identifier: DMpkzc/SEQWOGXDtkCkwGEzbNT7zz+eYHoA6cnEiN1w=
Subject key identifier: 68:D6:7F:C3:87:2D:D2:CE:85:F4:93:70:BD:4F:35:3E:FA:61:EB:10
Certificate issuer: /CN=eb0eb8f5487d741a8cc6d6df3b392191ed3eed3f
Certificate serial: 019421B1CA014BDF4B6111B672C963BA6D63
Authority key identifier: EB:0E:B8:F5:48:7D:74:1A:8C:C6:D6:DF:3B:39:21:91:ED:3E:ED:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6w649Uh9dBqMxtbfOzkhke0-7T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d16b46-b8cc-4456-a450-27e27c163102/1/aNZ_w4ct0s6F9JNwvU81Pvph6xA.roa
Signing time: Wed 01 Jan 2025 11:48:07 +0000
ROA not before: Wed 01 Jan 2025 11:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60132
IP address blocks: 195.191.90.0/23 maxlen: 24
195.191.128.0/23 maxlen: 24
2a13:2080::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ca:01:4b:df:4b:61:11:b6:72:c9:63:ba:6d:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb0eb8f5487d741a8cc6d6df3b392191ed3eed3f
Validity
Not Before: Jan 1 11:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68d67fc3872dd2ce85f49370bd4f353efa61eb10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:12:18:84:71:29:7e:4f:7e:0b:fc:ca:81:5b:
f2:62:0e:36:5a:81:d3:c1:5c:12:27:90:e9:85:7d:
03:b5:82:22:44:38:4a:b4:6f:8c:20:ca:de:3f:fc:
43:10:11:f5:b2:d3:e4:63:46:48:fe:9a:c8:47:2e:
95:34:5b:3f:aa:bf:e6:db:59:2d:17:e6:8f:dc:57:
91:cd:24:61:9b:e5:d6:61:9f:86:53:8f:c4:40:bd:
50:fa:96:71:78:1b:dd:cb:40:75:45:26:43:35:11:
6f:4d:dc:0a:b1:88:2d:28:39:8c:68:93:de:ac:4c:
d1:ef:b8:13:88:b9:c6:98:7e:7a:d2:68:4b:5e:c2:
c7:78:bf:94:1f:5e:7d:06:a5:e4:37:65:16:c2:c5:
8d:55:fe:00:4c:82:a8:e8:91:44:1e:31:6a:8a:f1:
46:8e:c3:e8:7e:c4:cc:e6:5f:c1:41:6f:2d:8c:de:
26:cb:1f:10:1b:1e:6c:6a:88:64:9a:b9:79:04:74:
b2:3b:a6:90:92:5f:de:6d:45:97:e0:ab:f7:3b:8e:
cc:e7:05:0b:d4:d9:a6:02:a3:43:b8:82:b0:d5:2a:
a9:ee:53:58:67:59:32:02:1f:0f:f6:4a:03:e8:e8:
e8:f3:30:73:bd:f8:c9:14:24:cb:85:c8:74:d5:39:
db:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D6:7F:C3:87:2D:D2:CE:85:F4:93:70:BD:4F:35:3E:FA:61:EB:10
X509v3 Authority Key Identifier:
keyid:EB:0E:B8:F5:48:7D:74:1A:8C:C6:D6:DF:3B:39:21:91:ED:3E:ED:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6w649Uh9dBqMxtbfOzkhke0-7T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d16b46-b8cc-4456-a450-27e27c163102/1/aNZ_w4ct0s6F9JNwvU81Pvph6xA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d16b46-b8cc-4456-a450-27e27c163102/1/6w649Uh9dBqMxtbfOzkhke0-7T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.90.0/23
195.191.128.0/23
IPv6:
2a13:2080::/29
Signature Algorithm: sha256WithRSAEncryption
65:a0:39:45:1d:11:bf:a0:a7:7e:70:b7:0e:74:8d:02:72:de:
5f:4f:31:da:b5:67:17:72:07:5b:2b:ed:0d:f4:ad:5b:8b:78:
92:57:8b:11:d6:ed:38:d6:5f:6f:52:d1:6b:99:01:07:f2:51:
22:24:84:75:b4:e3:6e:78:7b:41:1b:d2:1c:ff:5f:d1:3f:68:
f5:d0:54:1e:ec:b3:00:cc:a3:9f:33:1c:d7:c6:de:54:32:50:
02:80:91:29:f1:94:eb:5b:ce:29:7c:5f:0f:d7:14:cd:5f:08:
ae:d4:50:96:3b:53:a8:91:f7:0e:95:08:69:1e:33:e3:e8:9b:
ac:09:49:3a:68:9a:d1:ef:bd:d6:71:5f:f7:77:7c:5b:b7:9f:
f5:3a:c0:69:1d:77:3d:e7:04:f2:3c:3a:d7:d1:04:34:34:23:
08:9e:e9:9b:3c:9a:b1:71:b0:ba:7c:17:c3:56:81:45:1c:e0:
30:b6:5f:cc:10:29:2b:92:b1:7c:3d:8e:37:d7:25:e2:02:23:
f0:2e:f2:28:e1:38:20:0a:5d:1d:4a:16:4b:4f:aa:db:7d:89:
0e:22:4a:b1:f3:e2:47:2d:75:da:4b:a4:c9:43:74:2f:44:68:
97:b5:7c:cd:1f:7d:ea:2b:21:c8:7a:64:d5:a2:90:2d:07:f2:
22:6b:f1:8c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhscoBS99LYRG2csljum1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMGViOGY1NDg3ZDc0MWE4Y2M2ZDZkZjNiMzkyMTkxZWQz
ZWVkM2YwHhcNMjUwMTAxMTE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGQ2N2ZjMzg3MmRkMmNlODVmNDkzNzBiZDRmMzUzZWZhNjFlYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBIYhHEpfk9+C/zKgVvyYg42WoHT
wVwSJ5DphX0DtYIiRDhKtG+MIMreP/xDEBH1stPkY0ZI/prIRy6VNFs/qr/m21kt
F+aP3FeRzSRhm+XWYZ+GU4/EQL1Q+pZxeBvdy0B1RSZDNRFvTdwKsYgtKDmMaJPe
rEzR77gTiLnGmH560mhLXsLHeL+UH159BqXkN2UWwsWNVf4ATIKo6JFEHjFqivFG
jsPofsTM5l/BQW8tjN4myx8QGx5saohkmrl5BHSyO6aQkl/ebUWX4Kv3O47M5wUL
1NmmAqNDuIKw1Sqp7lNYZ1kyAh8P9koD6Ojo8zBzvfjJFCTLhch01TnbMwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGjWf8OHLdLOhfSTcL1PNT76YesQMB8GA1UdIwQY
MBaAFOsOuPVIfXQajMbW3zs5IZHtPu0/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnc2NDlVaDlkQnFNeHRiZk96a2hrZTAtN1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMTZiNDYtYjhjYy00NDU2LWE0NTAt
MjdlMjdjMTYzMTAyLzEvYU5aX3c0Y3QwczZGOUpOd3ZVODFQdnBoNnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMTZiNDYtYjhjYy00NDU2LWE0NTAtMjdlMjdjMTYzMTAy
LzEvNnc2NDlVaDlkQnFNeHRiZk96a2hrZTAtN1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBw79aAwQB
w7+AMA0EAgACMAcDBQMqEyCAMA0GCSqGSIb3DQEBCwUAA4IBAQBloDlFHRG/oKd+
cLcOdI0Cct5fTzHatWcXcgdbK+0N9K1bi3iSV4sR1u041l9vUtFrmQEH8lEiJIR1
tONueHtBG9Ic/1/RP2j10FQe7LMAzKOfMxzXxt5UMlACgJEp8ZTrW84pfF8P1xTN
Xwiu1FCWO1OokfcOlQhpHjPj6JusCUk6aJrR773WcV/3d3xbt5/1OsBpHXc95wTy
PDrX0QQ0NCMInumbPJqxcbC6fBfDVoFFHOAwtl/MECkrkrF8PY431yXiAiPwLvIo
4TggCl0dShZLT6rbfYkOIkqx8+JHLXXaS6TJQ3QvRGiXtXzNH33qKyHIemTVopAt
B/Iia/GM
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:45 2025 by rpki-client on console.sobornost.net