Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/0d79a4-88ae-42e4-928c-cc3e78f62dc2/1/9zwR0ItkTBE3NBrhNXLgD19Ygh0.roa
File: 9zwR0ItkTBE3NBrhNXLgD19Ygh0.roa (raw, json)
Hash identifier: 668uqZpsKXpsQP4NHjfvBq7qiMq3YrFIWJSOqGsUVvE=
Subject key identifier: F7:3C:11:D0:8B:64:4C:11:37:34:1A:E1:35:72:E0:0F:5F:58:82:1D
Certificate issuer: /CN=77ca53a8a5a03b055cb3f340fcbeb85d7ad487a8
Certificate serial: 019425FDAC29712622AA4C2D2E0D4D156B5E
Authority key identifier: 77:CA:53:A8:A5:A0:3B:05:5C:B3:F3:40:FC:BE:B8:5D:7A:D4:87:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8pTqKWgOwVcs_NA_L64XXrUh6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/0d79a4-88ae-42e4-928c-cc3e78f62dc2/1/9zwR0ItkTBE3NBrhNXLgD19Ygh0.roa
Signing time: Thu 02 Jan 2025 07:49:29 +0000
ROA not before: Thu 02 Jan 2025 07:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16019
IP address blocks: 188.94.232.0/21 maxlen: 21
2001:36c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:ac:29:71:26:22:aa:4c:2d:2e:0d:4d:15:6b:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77ca53a8a5a03b055cb3f340fcbeb85d7ad487a8
Validity
Not Before: Jan 2 07:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f73c11d08b644c1137341ae13572e00f5f58821d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:81:f8:7b:97:c1:e5:77:95:cf:18:f6:b8:a4:
7d:76:77:01:9c:e2:1b:95:5e:68:6b:40:d0:99:5d:
d0:fa:de:61:64:e6:6f:48:c7:11:0f:d3:2a:80:90:
15:12:a2:d4:80:61:94:99:92:94:c5:2d:aa:42:7d:
de:b6:90:26:a4:8d:30:cd:aa:d4:af:90:be:b7:3b:
99:21:6d:b4:f9:f7:b3:1b:19:3e:2d:19:86:42:e5:
d6:ca:b9:60:64:d2:f6:37:c5:2e:00:3c:06:4c:01:
2f:cf:76:a9:3d:bc:47:27:2a:9b:87:42:3e:7e:38:
26:1e:cd:bd:5d:57:1a:5c:2b:8e:17:9a:fb:10:f5:
b1:e0:f4:f5:4a:47:9c:d6:85:9d:29:f7:04:e1:8b:
26:2f:ec:f2:45:77:e5:bf:f6:66:f3:54:47:1b:6d:
f6:9c:16:f5:98:c3:cf:75:e0:f9:8e:dd:a7:d0:c5:
27:a0:5c:2d:e3:94:54:cb:47:01:03:d5:cc:cf:8c:
18:20:16:ec:69:4f:ed:27:df:16:47:d2:08:af:59:
22:03:23:fc:31:b8:7e:ec:4d:e6:47:36:cf:5b:a3:
fa:7f:14:e0:df:07:a7:19:93:c9:4d:08:36:b2:f8:
08:48:61:07:49:20:9b:11:6b:2a:71:05:49:0a:af:
85:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:3C:11:D0:8B:64:4C:11:37:34:1A:E1:35:72:E0:0F:5F:58:82:1D
X509v3 Authority Key Identifier:
keyid:77:CA:53:A8:A5:A0:3B:05:5C:B3:F3:40:FC:BE:B8:5D:7A:D4:87:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8pTqKWgOwVcs_NA_L64XXrUh6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/0d79a4-88ae-42e4-928c-cc3e78f62dc2/1/9zwR0ItkTBE3NBrhNXLgD19Ygh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/0d79a4-88ae-42e4-928c-cc3e78f62dc2/1/d8pTqKWgOwVcs_NA_L64XXrUh6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.94.232.0/21
IPv6:
2001:36c0::/32
Signature Algorithm: sha256WithRSAEncryption
30:0f:fc:ae:18:96:5a:7a:7c:5e:3b:69:d0:23:cc:2b:b4:ee:
b3:5c:a0:25:31:9d:c7:46:95:6d:56:01:54:0a:a9:0a:cf:b1:
c3:08:56:50:f4:6b:c6:29:37:70:98:40:cd:f8:e3:8f:15:a5:
bd:82:34:b9:3f:aa:95:1a:ba:75:d8:e2:41:50:b4:1c:fc:0b:
f3:1a:6a:b6:a9:03:cf:e4:88:66:09:27:1e:d0:be:d4:36:c4:
17:62:c9:2a:14:c8:89:b0:48:4e:71:6c:b0:37:72:a3:4a:a9:
63:fc:cb:f8:42:10:34:1d:a6:f3:01:5b:f3:40:18:ea:98:99:
d4:6a:30:dc:a9:74:3e:1c:7a:1b:8a:ef:01:b8:1f:a2:69:d4:
d0:6a:0b:4b:a4:ca:8c:c1:d0:0c:62:48:9f:4a:0e:ad:9d:25:
0f:ce:c6:4c:3c:92:00:c4:cd:cb:d4:64:92:7a:ca:13:2e:c0:
3f:7c:b0:da:1d:83:ef:4a:67:61:94:2e:63:5a:69:fb:20:7d:
cc:18:80:c3:b7:90:f0:79:2e:95:56:bf:ba:2c:6d:4c:94:6a:
62:61:16:9d:aa:a9:dc:38:67:22:a0:f2:fa:cc:8c:77:b0:b9:
b4:0e:0e:dd:4d:38:63:7c:cd:65:a1:21:93:96:f8:81:1c:b5:
09:bc:23:a9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/awpcSYiqkwtLg1NFWteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3Y2E1M2E4YTVhMDNiMDU1Y2IzZjM0MGZjYmViODVkN2Fk
NDg3YTgwHhcNMjUwMTAyMDc0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzNjMTFkMDhiNjQ0YzExMzczNDFhZTEzNTcyZTAwZjVmNTg4MjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIH4e5fB5XeVzxj2uKR9dncBnOIb
lV5oa0DQmV3Q+t5hZOZvSMcRD9MqgJAVEqLUgGGUmZKUxS2qQn3etpAmpI0wzarU
r5C+tzuZIW20+fezGxk+LRmGQuXWyrlgZNL2N8UuADwGTAEvz3apPbxHJyqbh0I+
fjgmHs29XVcaXCuOF5r7EPWx4PT1Skec1oWdKfcE4YsmL+zyRXflv/Zm81RHG232
nBb1mMPPdeD5jt2n0MUnoFwt45RUy0cBA9XMz4wYIBbsaU/tJ98WR9IIr1kiAyP8
Mbh+7E3mRzbPW6P6fxTg3wenGZPJTQg2svgISGEHSSCbEWsqcQVJCq+F0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPc8EdCLZEwRNzQa4TVy4A9fWIIdMB8GA1UdIwQY
MBaAFHfKU6iloDsFXLPzQPy+uF161IeoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDhwVHFLV2dPd1Zjc19OQV9MNjRYWHJVaDZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8wZDc5YTQtODhhZS00MmU0LTkyOGMt
Y2MzZTc4ZjYyZGMyLzEvOXp3UjBJdGtUQkUzTkJyaE5YTGdEMTlZZ2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8wZDc5YTQtODhhZS00MmU0LTkyOGMtY2MzZTc4ZjYyZGMy
LzEvZDhwVHFLV2dPd1Zjc19OQV9MNjRYWHJVaDZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDvF7oMA0E
AgACMAcDBQAgATbAMA0GCSqGSIb3DQEBCwUAA4IBAQAwD/yuGJZaenxeO2nQI8wr
tO6zXKAlMZ3HRpVtVgFUCqkKz7HDCFZQ9GvGKTdwmEDN+OOPFaW9gjS5P6qVGrp1
2OJBULQc/AvzGmq2qQPP5IhmCSce0L7UNsQXYskqFMiJsEhOcWywN3KjSqlj/Mv4
QhA0HabzAVvzQBjqmJnUajDcqXQ+HHobiu8BuB+iadTQagtLpMqMwdAMYkifSg6t
nSUPzsZMPJIAxM3L1GSSesoTLsA/fLDaHYPvSmdhlC5jWmn7IH3MGIDDt5DweS6V
Vr+6LG1MlGpiYRadqqncOGcioPL6zIx3sLm0Dg7dTThjfM1loSGTlviBHLUJvCOp
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:31:26 2025 by rpki-client