Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/b5PBRPOe2gVuEJjLwE8e8i5Rdds.roa
File: b5PBRPOe2gVuEJjLwE8e8i5Rdds.roa (raw, json)
Hash identifier: XVbLMWQ5VfSeVenFFi4+mtu9ibi+N5blb2KTgTa0iMA=
Subject key identifier: 6F:93:C1:44:F3:9E:DA:05:6E:10:98:CB:C0:4F:1E:F2:2E:51:75:DB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01952C69C35095FE83E21053146F52E357C7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/b5PBRPOe2gVuEJjLwE8e8i5Rdds.roa
Signing time: Sat 22 Feb 2025 06:48:03 +0000
ROA not before: Sat 22 Feb 2025 06:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213126
IP address blocks: 94.156.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2c:69:c3:50:95:fe:83:e2:10:53:14:6f:52:e3:57:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 22 06:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f93c144f39eda056e1098cbc04f1ef22e5175db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:01:b8:fa:ff:9e:60:dc:96:01:b2:5b:86:30:
b6:19:44:69:52:8d:1d:a6:a9:65:6e:2e:ac:92:97:
43:8c:f7:2e:93:50:52:97:0f:73:ee:20:1b:d1:2c:
10:17:a9:a4:24:49:53:4d:9d:d1:c7:2f:cf:e6:db:
25:d7:46:1c:9d:0e:62:3f:ff:14:54:75:df:59:89:
ed:b6:4d:8a:0a:f5:03:12:68:e0:98:82:93:16:50:
e2:ad:4b:92:97:22:2c:ff:e4:e5:7c:3a:3a:64:cc:
6b:52:42:6c:20:53:00:36:d8:35:53:ad:cf:04:a2:
c5:70:1b:2b:cf:33:82:36:a6:1c:4f:bf:8e:44:6f:
92:62:b3:ab:6e:7e:51:93:81:b9:37:a9:4a:70:b4:
b9:28:8d:3d:44:ad:04:c1:ae:4f:48:71:5c:ec:e4:
e1:71:cf:9d:bd:2a:38:04:1a:81:16:85:a1:c8:49:
75:51:35:c0:c1:af:94:53:fb:a7:3d:e9:9a:34:8c:
db:f3:9a:0a:5d:0a:9c:0e:89:12:05:4a:3c:16:c7:
7a:53:13:e3:b5:47:c7:0a:8f:d8:28:8c:85:5e:1e:
e5:5e:fb:62:10:21:b6:42:fb:57:4a:42:88:7e:f4:
6f:5f:7f:1c:f5:73:f2:a2:02:9e:27:e4:53:04:f6:
f3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:93:C1:44:F3:9E:DA:05:6E:10:98:CB:C0:4F:1E:F2:2E:51:75:DB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/b5PBRPOe2gVuEJjLwE8e8i5Rdds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.248.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:bc:eb:3d:b0:2c:0a:f6:3f:67:13:35:b4:14:67:70:6e:ec:
fc:6f:fc:3a:35:a7:a4:e3:7f:10:2f:4b:85:1b:46:b8:06:c9:
51:af:b3:ce:4f:f7:a4:3d:10:28:fc:f2:9b:8e:d7:98:1b:66:
55:4e:d2:36:99:fb:bb:56:fb:d1:b1:7f:a8:b3:29:6f:73:e2:
dc:4d:08:06:db:8b:93:03:41:c5:0e:cf:67:a6:c5:1b:ae:45:
ef:0c:a6:29:32:d3:be:f0:d9:6b:c3:09:bd:19:76:4a:ab:ea:
2d:ee:28:0d:ae:b7:a6:f4:ac:3e:cd:e2:c9:22:d0:f1:26:d9:
55:41:b3:63:84:bf:0d:40:2c:c8:e3:9d:ff:e4:75:5a:fa:4d:
4d:a4:b2:48:9b:2f:f2:bf:bc:77:07:9c:f6:2c:8b:9c:33:79:
7c:b0:f2:80:26:7c:8c:74:92:68:28:ea:ca:e9:99:8a:d6:bc:
82:00:41:85:57:da:b6:c0:26:38:ac:4a:05:0a:85:69:ec:29:
36:1a:33:62:14:e2:34:99:02:18:89:54:58:8c:05:d2:eb:d5:
9e:a3:ba:ea:a9:74:5a:aa:19:cc:0a:ea:c5:b6:d5:c2:6a:eb:
43:74:26:1a:fd:63:49:a1:99:77:02:f7:9b:e8:ee:54:69:2e:
54:67:d0:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUsacNQlf6D4hBTFG9S41fHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjIyMDY0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjkzYzE0NGYzOWVkYTA1NmUxMDk4Y2JjMDRmMWVmMjJlNTE3NWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAG4+v+eYNyWAbJbhjC2GURpUo0d
pqllbi6skpdDjPcuk1BSlw9z7iAb0SwQF6mkJElTTZ3Rxy/P5tsl10YcnQ5iP/8U
VHXfWYnttk2KCvUDEmjgmIKTFlDirUuSlyIs/+TlfDo6ZMxrUkJsIFMANtg1U63P
BKLFcBsrzzOCNqYcT7+ORG+SYrOrbn5Rk4G5N6lKcLS5KI09RK0Ewa5PSHFc7OTh
cc+dvSo4BBqBFoWhyEl1UTXAwa+UU/unPemaNIzb85oKXQqcDokSBUo8Fsd6UxPj
tUfHCo/YKIyFXh7lXvtiECG2QvtXSkKIfvRvX38c9XPyogKeJ+RTBPbz8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+TwUTzntoFbhCYy8BPHvIuUXXbMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYjVQQlJQT2UyZ1Z1RUpqTHdFOGU4aTVSZGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpz4MA0G
CSqGSIb3DQEBCwUAA4IBAQCKvOs9sCwK9j9nEzW0FGdwbuz8b/w6Naek438QL0uF
G0a4BslRr7POT/ekPRAo/PKbjteYG2ZVTtI2mfu7VvvRsX+osylvc+LcTQgG24uT
A0HFDs9npsUbrkXvDKYpMtO+8Nlrwwm9GXZKq+ot7igNrrem9Kw+zeLJItDxJtlV
QbNjhL8NQCzI453/5HVa+k1NpLJImy/yv7x3B5z2LIucM3l8sPKAJnyMdJJoKOrK
6ZmK1ryCAEGFV9q2wCY4rEoFCoVp7Ck2GjNiFOI0mQIYiVRYjAXS69Weo7rqqXRa
qhnMCurFttXCautDdCYa/WNJoZl3Aveb6O5UaS5UZ9DE
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:51:00 2025 by rpki-client