Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/Qetcf0dQacmnDzzLj6Br0uoMaiI.roa
File: Qetcf0dQacmnDzzLj6Br0uoMaiI.roa (raw, json)
Hash identifier: kfWLgyOV8y1YMkD0xHciwqgNJz90NpBbtolieL+YMGs=
Subject key identifier: 41:EB:5C:7F:47:50:69:C9:A7:0F:3C:CB:8F:A0:6B:D2:EA:0C:6A:22
Certificate issuer: /CN=01292e03a731796e1d7b148b1dd235d144352f5d
Certificate serial: 0194221FEF316FE43219080B26448AC36D63
Authority key identifier: 01:29:2E:03:A7:31:79:6E:1D:7B:14:8B:1D:D2:35:D1:44:35:2F:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ASkuA6cxeW4dexSLHdI10UQ1L10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/Qetcf0dQacmnDzzLj6Br0uoMaiI.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57474
IP address blocks: 195.96.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ef:31:6f:e4:32:19:08:0b:26:44:8a:c3:6d:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01292e03a731796e1d7b148b1dd235d144352f5d
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41eb5c7f475069c9a70f3ccb8fa06bd2ea0c6a22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:62:9e:62:19:51:c1:58:bf:67:b3:16:b9:38:
35:44:80:c9:26:37:5f:b0:0e:86:8a:69:b1:4b:5b:
83:a9:5c:e0:1c:38:3d:70:b8:b5:33:07:e9:22:95:
67:86:76:42:4a:fc:49:4d:ec:2c:07:02:d4:dc:e2:
64:e0:91:b5:31:48:72:28:35:60:66:f7:16:05:88:
3a:ca:28:06:50:5e:12:46:e8:0d:1d:d3:35:fb:4d:
db:57:f0:f2:91:cb:4c:36:2c:8d:20:06:0e:f3:75:
55:32:ac:54:dc:61:66:45:e5:f2:11:b6:fa:1a:4e:
96:77:8d:90:4b:11:7a:9f:50:32:70:56:2c:d5:cf:
8f:c9:67:30:ef:2d:9e:ae:71:6a:1a:13:32:bb:72:
b5:e2:8c:cd:e0:f1:1a:d6:13:7a:19:5f:de:aa:48:
d4:c3:f4:05:56:22:ff:fa:a2:59:50:7b:aa:74:34:
ed:d8:02:60:6e:35:04:0f:8e:06:ab:c9:6b:8f:3a:
b5:3b:a7:75:f0:29:83:79:52:2a:4e:9b:12:a2:9d:
d3:ce:e3:3e:8a:60:cd:45:a8:37:4d:ca:6d:73:f2:
eb:a3:ab:da:35:12:e6:04:09:b9:1d:d0:ad:47:8b:
44:aa:3b:c6:36:3f:98:56:b5:c9:25:92:72:d0:2a:
58:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:EB:5C:7F:47:50:69:C9:A7:0F:3C:CB:8F:A0:6B:D2:EA:0C:6A:22
X509v3 Authority Key Identifier:
keyid:01:29:2E:03:A7:31:79:6E:1D:7B:14:8B:1D:D2:35:D1:44:35:2F:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ASkuA6cxeW4dexSLHdI10UQ1L10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/Qetcf0dQacmnDzzLj6Br0uoMaiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/ASkuA6cxeW4dexSLHdI10UQ1L10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.153.0/24
Signature Algorithm: sha256WithRSAEncryption
af:a0:d6:3d:e7:3f:fb:39:e0:bd:1d:ac:c3:bd:6f:f3:9b:b5:
55:b9:8e:f7:54:8b:25:a3:c8:48:05:1e:78:aa:ea:a8:be:6e:
48:d7:cf:ef:01:10:ee:b7:c9:e8:c1:ce:74:10:97:63:5d:dd:
e9:77:dc:9d:55:2d:11:52:ed:08:43:6a:1a:b2:f9:e8:3e:a6:
f3:57:63:0c:e0:22:dc:0c:50:60:c3:c9:66:59:11:d3:a2:ac:
5c:ef:45:26:c2:63:aa:51:cb:80:08:c7:b9:7c:8a:2c:cb:9e:
09:c3:39:0d:57:b3:62:88:46:5f:f8:44:7a:25:a5:60:85:b9:
7d:4e:96:a4:a4:cb:d9:a9:96:65:57:c9:d3:24:83:c5:84:3a:
b7:af:4f:64:73:78:75:74:73:32:82:96:24:7b:ed:07:e6:46:
b1:62:f8:8b:c3:20:22:2f:7a:3e:96:f5:92:13:74:5f:99:56:
de:6d:0e:4a:06:30:9c:1f:78:c5:39:87:bd:bc:a9:b3:f8:e1:
4d:c4:76:96:b3:59:2e:ab:66:ec:cc:81:54:ea:67:a2:5b:84:
07:31:24:a8:ca:68:d4:12:06:b6:ee:0c:9e:58:8a:14:a3:f9:
93:b8:b8:c7:fb:f1:15:e6:83:34:68:86:be:c1:f0:c4:26:b5:
aa:02:b9:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH+8xb+QyGQgLJkSKw21jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMjkyZTAzYTczMTc5NmUxZDdiMTQ4YjFkZDIzNWQxNDQz
NTJmNWQwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWViNWM3ZjQ3NTA2OWM5YTcwZjNjY2I4ZmEwNmJkMmVhMGM2YTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmKeYhlRwVi/Z7MWuTg1RIDJJjdf
sA6GimmxS1uDqVzgHDg9cLi1MwfpIpVnhnZCSvxJTewsBwLU3OJk4JG1MUhyKDVg
ZvcWBYg6yigGUF4SRugNHdM1+03bV/DykctMNiyNIAYO83VVMqxU3GFmReXyEbb6
Gk6Wd42QSxF6n1AycFYs1c+PyWcw7y2ernFqGhMyu3K14ozN4PEa1hN6GV/eqkjU
w/QFViL/+qJZUHuqdDTt2AJgbjUED44Gq8lrjzq1O6d18CmDeVIqTpsSop3TzuM+
imDNRag3Tcptc/Lro6vaNRLmBAm5HdCtR4tEqjvGNj+YVrXJJZJy0CpY3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHrXH9HUGnJpw88y4+ga9LqDGoiMB8GA1UdIwQY
MBaAFAEpLgOnMXluHXsUix3SNdFENS9dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVNrdUE2Y3hlVzRkZXhTTEhkSTEwVVExTDEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zYWEwZjUtZWFlNS00OWEzLThlZTkt
MGRmN2RmNGQ1YjAxLzEvUWV0Y2YwZFFhY21uRHp6TGo2QnIwdW9NYWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zYWEwZjUtZWFlNS00OWEzLThlZTktMGRmN2RmNGQ1YjAx
LzEvQVNrdUE2Y3hlVzRkZXhTTEhkSTEwVVExTDEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CZMA0G
CSqGSIb3DQEBCwUAA4IBAQCvoNY95z/7OeC9HazDvW/zm7VVuY73VIslo8hIBR54
quqovm5I18/vARDut8nowc50EJdjXd3pd9ydVS0RUu0IQ2oasvnoPqbzV2MM4CLc
DFBgw8lmWRHToqxc70UmwmOqUcuACMe5fIosy54JwzkNV7NiiEZf+ER6JaVghbl9
TpakpMvZqZZlV8nTJIPFhDq3r09kc3h1dHMygpYke+0H5kaxYviLwyAiL3o+lvWS
E3RfmVbebQ5KBjCcH3jFOYe9vKmz+OFNxHaWs1kuq2bszIFU6meiW4QHMSSoymjU
Ega27gyeWIoUo/mTuLjH+/EV5oM0aIa+wfDEJrWqArmO
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:47 2025 by rpki-client on console.sobornost.net