Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2b8e3e-e3bc-4635-9397-7d5dfa7d03d3/1/lhSTnz9dSxKaD_7rrY5agYRYVq8.roa
File: lhSTnz9dSxKaD_7rrY5agYRYVq8.roa (raw, json)
Hash identifier: a7FLOwi5Bm4QLhtw2DDoENMYnl8gd0idKkpMQuBhkZE=
Subject key identifier: 96:14:93:9F:3F:5D:4B:12:9A:0F:FE:EB:AD:8E:5A:81:84:58:56:AF
Certificate issuer: /CN=abff1f77f397a1a80fba71b4d2d1db917b3ba6a0
Certificate serial: 01856F94D3F4B35AE08B479879FA98E3F0C8
Authority key identifier: AB:FF:1F:77:F3:97:A1:A8:0F:BA:71:B4:D2:D1:DB:91:7B:3B:A6:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q_8fd_OXoagPunG00tHbkXs7pqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/2b8e3e-e3bc-4635-9397-7d5dfa7d03d3/1/lhSTnz9dSxKaD_7rrY5agYRYVq8.roa
Signing time: Sun 01 Jan 2023 23:05:02 +0000
ROA not before: Sun 01 Jan 2023 23:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201106
IP address blocks: 94.154.114.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:d3:f4:b3:5a:e0:8b:47:98:79:fa:98:e3:f0:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abff1f77f397a1a80fba71b4d2d1db917b3ba6a0
Validity
Not Before: Jan 1 23:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9614939f3f5d4b129a0ffeebad8e5a81845856af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ce:f9:99:79:d5:aa:8b:cd:cf:ea:6e:1d:c5:
34:32:a6:43:13:fe:de:c1:a8:a0:2c:22:81:b7:32:
67:a2:ac:aa:94:92:b8:cb:44:35:20:b6:71:41:13:
a9:d9:32:19:ba:ce:a5:5b:25:2d:13:94:c6:72:bb:
ac:84:c3:b6:13:9f:88:42:02:8c:58:dc:1d:76:40:
30:6f:59:b5:ae:4f:9c:29:25:b1:d3:47:e8:0a:d8:
43:27:c3:f8:c6:ac:fb:45:da:0f:ef:76:bf:0d:be:
ef:86:5c:72:d6:94:e5:6f:27:1c:80:1d:59:51:20:
5c:8c:34:39:b3:dc:42:b2:82:4f:f0:84:e8:3c:da:
77:c5:40:89:61:bf:02:98:91:12:fc:52:1c:ee:1a:
d2:da:dc:92:61:06:dc:d6:b2:a6:cc:be:03:5e:f1:
54:85:69:50:a0:d7:5d:6f:57:06:fc:ea:58:29:de:
f0:4e:e3:cb:70:2f:23:20:1e:ae:9f:fd:18:ac:18:
52:5a:49:8e:1e:f2:36:8b:6a:c4:3f:43:b4:99:78:
16:52:e0:7f:1f:ad:2f:b3:31:b9:ac:bf:13:e1:82:
ec:b4:79:23:95:39:ee:d2:f0:de:17:5c:70:0b:d8:
94:79:9a:ce:6f:1c:1f:b5:af:91:90:40:94:ed:90:
5c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:14:93:9F:3F:5D:4B:12:9A:0F:FE:EB:AD:8E:5A:81:84:58:56:AF
X509v3 Authority Key Identifier:
keyid:AB:FF:1F:77:F3:97:A1:A8:0F:BA:71:B4:D2:D1:DB:91:7B:3B:A6:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q_8fd_OXoagPunG00tHbkXs7pqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2b8e3e-e3bc-4635-9397-7d5dfa7d03d3/1/lhSTnz9dSxKaD_7rrY5agYRYVq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2b8e3e-e3bc-4635-9397-7d5dfa7d03d3/1/q_8fd_OXoagPunG00tHbkXs7pqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.114.0/24
Signature Algorithm: sha256WithRSAEncryption
80:96:96:94:7d:ed:46:8e:59:d3:b1:20:e9:f4:0b:8b:6a:83:
96:9a:6a:16:5e:d1:89:fb:6d:95:bf:9d:8d:53:32:83:bc:7a:
6a:a6:7b:c1:0b:07:ac:24:07:19:f9:aa:e0:0f:62:8d:3a:e1:
7a:42:82:95:87:f5:af:01:d5:f8:66:0f:f6:b5:4e:7d:b8:71:
f7:98:d4:7b:5f:48:42:12:55:31:10:56:25:68:9c:c2:fb:6b:
61:52:bd:5b:9a:f4:06:0d:5c:41:5d:45:ed:61:31:12:9b:ab:
24:12:ec:39:bb:47:d8:23:18:e1:1d:03:62:eb:18:73:1e:90:
cf:3e:43:ae:ba:78:3d:bc:20:1f:ee:b7:8f:59:4a:f3:34:28:
fd:68:88:bb:92:95:0f:03:59:fa:bf:25:03:39:ef:42:bc:a3:
85:b3:ac:e4:e3:92:01:39:52:2a:a2:35:6d:05:62:e1:5e:d2:
9d:f5:79:99:f2:40:61:a4:66:50:7d:12:4c:b2:6b:32:40:98:
97:32:f5:a3:91:d3:5f:16:a0:73:22:71:11:b2:24:30:aa:f5:
ba:66:6d:7a:c8:07:03:ce:d1:a5:85:e1:65:f0:ad:71:36:f4:
10:10:ec:20:ff:f4:a5:37:00:16:2b:38:6e:f8:d3:7e:70:ea:
cf:b7:82:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlNP0s1rgi0eYefqY4/DIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZmYxZjc3ZjM5N2ExYTgwZmJhNzFiNGQyZDFkYjkxN2Iz
YmE2YTAwHhcNMjMwMTAxMjMwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjE0OTM5ZjNmNWQ0YjEyOWEwZmZlZWJhZDhlNWE4MTg0NTg1NmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgs75mXnVqovNz+puHcU0MqZDE/7e
waigLCKBtzJnoqyqlJK4y0Q1ILZxQROp2TIZus6lWyUtE5TGcrushMO2E5+IQgKM
WNwddkAwb1m1rk+cKSWx00foCthDJ8P4xqz7RdoP73a/Db7vhlxy1pTlbyccgB1Z
USBcjDQ5s9xCsoJP8IToPNp3xUCJYb8CmJES/FIc7hrS2tySYQbc1rKmzL4DXvFU
hWlQoNddb1cG/OpYKd7wTuPLcC8jIB6un/0YrBhSWkmOHvI2i2rEP0O0mXgWUuB/
H60vszG5rL8T4YLstHkjlTnu0vDeF1xwC9iUeZrObxwfta+RkECU7ZBcIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJYUk58/XUsSmg/+662OWoGEWFavMB8GA1UdIwQY
MBaAFKv/H3fzl6GoD7pxtNLR25F7O6agMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcV84ZmRfT1hvYWdQdW5HMDB0SGJrWHM3cHFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yYjhlM2UtZTNiYy00NjM1LTkzOTct
N2Q1ZGZhN2QwM2QzLzEvbGhTVG56OWRTeEthRF83cnJZNWFnWVJZVnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yYjhlM2UtZTNiYy00NjM1LTkzOTctN2Q1ZGZhN2QwM2Qz
LzEvcV84ZmRfT1hvYWdQdW5HMDB0SGJrWHM3cHFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXppyMA0G
CSqGSIb3DQEBCwUAA4IBAQCAlpaUfe1GjlnTsSDp9AuLaoOWmmoWXtGJ+22Vv52N
UzKDvHpqpnvBCwesJAcZ+argD2KNOuF6QoKVh/WvAdX4Zg/2tU59uHH3mNR7X0hC
ElUxEFYlaJzC+2thUr1bmvQGDVxBXUXtYTESm6skEuw5u0fYIxjhHQNi6xhzHpDP
PkOuung9vCAf7rePWUrzNCj9aIi7kpUPA1n6vyUDOe9CvKOFs6zk45IBOVIqojVt
BWLhXtKd9XmZ8kBhpGZQfRJMsmsyQJiXMvWjkdNfFqBzInERsiQwqvW6Zm16yAcD
ztGlheFl8K1xNvQQEOwg//SlNwAWKzhu+NN+cOrPt4LJ
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:16:44 2025 by rpki-client