Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/XA_JQUwBuB_5Bfu8Z1_Pku4UGIs.roa
File: XA_JQUwBuB_5Bfu8Z1_Pku4UGIs.roa (raw, json)
Hash identifier: oqIiAXdBgyeEaTThnTERPbspWHbAcUhHISkkJ+TPcRM=
Subject key identifier: 5C:0F:C9:41:4C:01:B8:1F:F9:05:FB:BC:67:5F:CF:92:EE:14:18:8B
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 0194282791097AE7C450F1F9DD4DB667C1D3
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/XA_JQUwBuB_5Bfu8Z1_Pku4UGIs.roa
Signing time: Thu 02 Jan 2025 17:54:29 +0000
ROA not before: Thu 02 Jan 2025 17:54:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199397
IP address blocks: 84.14.149.0/24 maxlen: 24
84.14.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:91:09:7a:e7:c4:50:f1:f9:dd:4d:b6:67:c1:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 2 17:54:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c0fc9414c01b81ff905fbbc675fcf92ee14188b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7d:0e:3d:2e:b4:87:d3:b3:69:82:50:38:07:
25:ed:c3:20:88:60:5d:2b:60:e5:98:14:9c:bd:e3:
aa:7a:44:2d:7b:3a:5b:9a:33:32:c9:58:b6:b2:75:
86:72:8b:10:04:57:a8:ea:c4:41:13:91:7b:08:e8:
6f:e6:d7:2c:c9:b2:d8:c6:a8:3c:bd:11:b7:ac:f3:
ad:03:0b:05:bc:6e:9b:67:72:2e:3a:98:d0:15:78:
5a:16:7d:19:a8:c7:ac:52:49:46:9a:5e:27:db:4e:
a0:f4:f1:cb:24:35:8f:27:a2:a5:79:9c:d4:d8:de:
c2:24:ed:b5:57:9a:45:79:9d:2b:47:2a:12:7a:2d:
dc:3b:2e:38:1e:c7:7e:6b:12:e5:bc:ff:3e:eb:ba:
21:57:9e:c4:d5:74:47:3f:7e:3b:05:32:72:c4:47:
09:5b:b8:3f:96:e4:96:cf:00:f4:1e:a1:8f:cb:c7:
1f:53:4a:5f:dc:8c:b2:8a:93:7a:61:37:fb:bb:87:
96:98:5e:89:4a:a5:79:8e:5c:d4:0e:ec:77:20:32:
0f:cd:50:d8:dc:1b:8d:13:3c:f0:c2:f0:31:c9:f7:
62:c5:7a:94:e2:e6:bb:7b:b2:ac:43:e3:92:5d:75:
97:9b:fb:91:71:c5:85:d2:37:9f:30:cc:34:22:26:
06:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:0F:C9:41:4C:01:B8:1F:F9:05:FB:BC:67:5F:CF:92:EE:14:18:8B
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/XA_JQUwBuB_5Bfu8Z1_Pku4UGIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.14.149.0/24
84.14.245.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:23:93:e9:57:4c:92:38:35:bc:d6:2d:62:42:86:db:50:7c:
53:34:fa:ca:bb:35:1a:9c:3d:cb:49:c6:ec:65:e4:58:80:8c:
81:2c:4e:f3:41:03:a1:4c:f1:a6:19:94:b6:d8:92:63:84:32:
ea:37:c2:46:e4:9b:0c:d0:be:54:48:92:98:5d:bb:6c:b2:24:
69:68:f5:ad:dd:e7:f9:e1:81:a8:dd:fd:89:47:4d:ae:00:9f:
4c:c1:73:1e:ca:28:fc:ff:df:05:ab:07:c3:e8:4d:31:96:3f:
34:3b:b1:25:54:22:8a:10:2c:b1:ff:1c:fa:1a:2d:57:2a:7a:
ff:82:43:11:c2:92:8c:51:50:20:6a:18:39:be:e0:85:18:eb:
89:9c:24:cf:3e:b7:4d:03:45:a3:59:f8:c6:18:42:57:77:c9:
af:2f:d8:4e:34:b8:fc:7a:5c:98:cd:64:69:f0:72:7c:e9:b8:
ba:0d:93:c8:d9:c5:36:cc:36:05:a5:5d:c3:d2:c3:8f:1f:3b:
65:29:51:96:2d:14:cf:fa:55:5a:0d:d5:ae:80:2c:cc:dd:76:
5d:3d:5b:b6:b3:9b:b8:b3:99:3f:3d:4c:28:dc:49:64:1c:31:
c4:ef:18:1e:b9:e9:d0:3b:cc:dc:1e:db:f6:17:95:11:1f:a4:
54:5b:65:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJ5EJeufEUPH53U22Z8HTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjUwMTAyMTc1NDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzBmYzk0MTRjMDFiODFmZjkwNWZiYmM2NzVmY2Y5MmVlMTQxODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz30OPS60h9OzaYJQOAcl7cMgiGBd
K2DlmBScveOqekQtezpbmjMyyVi2snWGcosQBFeo6sRBE5F7COhv5tcsybLYxqg8
vRG3rPOtAwsFvG6bZ3IuOpjQFXhaFn0ZqMesUklGml4n206g9PHLJDWPJ6KleZzU
2N7CJO21V5pFeZ0rRyoSei3cOy44Hsd+axLlvP8+67ohV57E1XRHP347BTJyxEcJ
W7g/luSWzwD0HqGPy8cfU0pf3IyyipN6YTf7u4eWmF6JSqV5jlzUDux3IDIPzVDY
3BuNEzzwwvAxyfdixXqU4ua7e7KsQ+OSXXWXm/uRccWF0jefMMw0IiYGpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFwPyUFMAbgf+QX7vGdfz5LuFBiLMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvWEFfSlFVd0J1Ql81QmZ1OFoxX1BrdTRVR0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVA6VAwQA
VA71MA0GCSqGSIb3DQEBCwUAA4IBAQCLI5PpV0ySODW81i1iQobbUHxTNPrKuzUa
nD3LScbsZeRYgIyBLE7zQQOhTPGmGZS22JJjhDLqN8JG5JsM0L5USJKYXbtssiRp
aPWt3ef54YGo3f2JR02uAJ9MwXMeyij8/98FqwfD6E0xlj80O7ElVCKKECyx/xz6
Gi1XKnr/gkMRwpKMUVAgahg5vuCFGOuJnCTPPrdNA0WjWfjGGEJXd8mvL9hONLj8
elyYzWRp8HJ86bi6DZPI2cU2zDYFpV3D0sOPHztlKVGWLRTP+lVaDdWugCzM3XZd
PVu2s5u4s5k/PUwo3ElkHDHE7xgeuenQO8zcHtv2F5URH6RUW2VZ
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:11:48 2025 by rpki-client