Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/32e776-8f36-4d16-956a-5af958ceaf6e/1/bL9sAOLGYhfURofnKnFBFn1wsJo.roa
File: bL9sAOLGYhfURofnKnFBFn1wsJo.roa (raw, json)
Hash identifier: MQ9wm3ykSQpWjdkgAkUhN5KBzQ/fKRTzO8IDNPZe+jY=
Subject key identifier: 6C:BF:6C:00:E2:C6:62:17:D4:46:87:E7:2A:71:41:16:7D:70:B0:9A
Certificate issuer: /CN=4b8d822165e7f01f722c973967f7554605240802
Certificate serial: 0194258FA41EB77FC58DF9B89AB83174F083
Authority key identifier: 4B:8D:82:21:65:E7:F0:1F:72:2C:97:39:67:F7:55:46:05:24:08:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S42CIWXn8B9yLJc5Z_dVRgUkCAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/32e776-8f36-4d16-956a-5af958ceaf6e/1/bL9sAOLGYhfURofnKnFBFn1wsJo.roa
Signing time: Thu 02 Jan 2025 05:49:18 +0000
ROA not before: Thu 02 Jan 2025 05:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 167.94.170.0/23 maxlen: 23
167.94.172.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a4:1e:b7:7f:c5:8d:f9:b8:9a:b8:31:74:f0:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b8d822165e7f01f722c973967f7554605240802
Validity
Not Before: Jan 2 05:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cbf6c00e2c66217d44687e72a7141167d70b09a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2d:17:a8:ce:24:e4:98:2a:b9:af:e7:09:e0:
13:c0:99:db:3f:aa:8d:73:fd:ef:5c:77:20:9a:26:
65:75:40:92:d9:29:53:77:b2:b3:21:a7:56:7d:70:
4e:dc:ab:e7:df:fe:9e:20:08:07:b6:d3:d3:e2:81:
1a:fb:c3:a8:9f:41:cd:4c:9c:46:8a:5c:60:47:df:
90:c9:c1:f8:41:a1:1e:f9:4d:f2:b0:d5:22:c3:07:
4c:04:63:46:2f:5b:71:55:26:f1:79:4c:55:93:5b:
a9:d1:6c:3c:f3:74:98:95:26:23:53:4e:77:51:39:
b4:78:ab:c3:7e:57:33:45:dc:d5:8a:66:da:0a:e8:
b9:90:82:a9:53:bc:4b:c8:25:ca:79:56:6e:a0:2b:
f4:50:47:ba:14:e4:f1:fe:7c:1b:20:b1:f7:d5:cf:
bd:e5:52:7a:bd:05:74:d3:62:8b:ed:b7:3e:fb:f7:
27:b5:f5:d5:02:b1:e5:13:c5:54:53:6b:fa:00:d2:
fa:90:3d:21:5f:86:ca:fc:0f:2a:74:c3:dc:14:2c:
cd:b8:65:39:cf:d0:62:6e:dc:ab:0a:fa:a3:f1:01:
dc:10:75:4a:d1:60:d4:1f:6c:26:6e:49:73:4a:21:
25:60:07:7b:39:0a:3b:29:bb:40:f3:e5:75:cd:41:
b2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BF:6C:00:E2:C6:62:17:D4:46:87:E7:2A:71:41:16:7D:70:B0:9A
X509v3 Authority Key Identifier:
keyid:4B:8D:82:21:65:E7:F0:1F:72:2C:97:39:67:F7:55:46:05:24:08:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S42CIWXn8B9yLJc5Z_dVRgUkCAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/32e776-8f36-4d16-956a-5af958ceaf6e/1/bL9sAOLGYhfURofnKnFBFn1wsJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/32e776-8f36-4d16-956a-5af958ceaf6e/1/S42CIWXn8B9yLJc5Z_dVRgUkCAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.94.170.0-167.94.173.255
Signature Algorithm: sha256WithRSAEncryption
2d:28:61:61:68:d3:89:12:9a:2a:75:70:1d:fa:b2:2e:da:a6:
a7:69:14:f9:67:06:72:24:31:4a:ec:2f:00:46:2e:e8:f2:b8:
30:b1:e7:39:80:b2:a6:b9:0e:43:6f:8e:2d:06:7b:fd:d3:6a:
2a:d3:fb:1d:db:c2:54:d6:f1:26:c3:ff:8d:cf:3a:f2:c4:d3:
f5:23:ed:5a:3b:02:fc:76:a0:bd:51:bd:84:dc:ca:f6:be:8c:
6e:37:6b:f5:95:26:4c:53:9f:0c:c1:4d:fb:79:74:ba:eb:c9:
df:b1:cf:48:06:24:17:dd:83:85:d4:f5:06:a1:4c:ff:14:90:
e9:81:18:74:21:40:7a:75:a3:cd:b4:b7:43:cb:80:12:03:10:
cf:94:d8:6b:7a:62:f8:4d:30:3d:d8:91:ab:48:27:1d:d6:7f:
e6:f1:18:18:54:42:45:c5:dd:c7:d4:f0:45:f4:15:36:60:8c:
b2:4a:69:3d:cf:c2:6f:c8:a4:a1:23:01:64:73:8a:63:4f:b6:
f8:54:91:80:3a:a7:e1:18:b9:2b:0c:44:75:e3:40:41:94:f1:
27:d4:81:70:76:ef:af:7a:e4:03:3c:4f:b9:d3:e1:e5:fc:9a:
61:88:28:02:d8:dd:af:b9:d1:07:af:49:6f:ee:c6:e4:52:18:
fb:da:ca:79
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQlj6Qet3/Fjfm4mrgxdPCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOGQ4MjIxNjVlN2YwMWY3MjJjOTczOTY3Zjc1NTQ2MDUy
NDA4MDIwHhcNMjUwMTAyMDU0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2JmNmMwMGUyYzY2MjE3ZDQ0Njg3ZTcyYTcxNDExNjdkNzBiMDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvS0XqM4k5Jgqua/nCeATwJnbP6qN
c/3vXHcgmiZldUCS2SlTd7KzIadWfXBO3Kvn3/6eIAgHttPT4oEa+8Oon0HNTJxG
ilxgR9+QycH4QaEe+U3ysNUiwwdMBGNGL1txVSbxeUxVk1up0Ww883SYlSYjU053
UTm0eKvDflczRdzVimbaCui5kIKpU7xLyCXKeVZuoCv0UEe6FOTx/nwbILH31c+9
5VJ6vQV002KL7bc++/cntfXVArHlE8VUU2v6ANL6kD0hX4bK/A8qdMPcFCzNuGU5
z9BibtyrCvqj8QHcEHVK0WDUH2wmbklzSiElYAd7OQo7KbtA8+V1zUGyVQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGy/bADixmIX1EaH5ypxQRZ9cLCaMB8GA1UdIwQY
MBaAFEuNgiFl5/AfciyXOWf3VUYFJAgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzQyQ0lXWG44Qjl5TEpjNVpfZFZSZ1VrQ0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zMmU3NzYtOGYzNi00ZDE2LTk1NmEt
NWFmOTU4Y2VhZjZlLzEvYkw5c0FPTEdZaGZVUm9mbktuRkJGbjF3c0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zMmU3NzYtOGYzNi00ZDE2LTk1NmEtNWFmOTU4Y2VhZjZl
LzEvUzQyQ0lXWG44Qjl5TEpjNVpfZFZSZ1VrQ0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGnXqoD
BAGnXqwwDQYJKoZIhvcNAQELBQADggEBAC0oYWFo04kSmip1cB36si7apqdpFPln
BnIkMUrsLwBGLujyuDCx5zmAsqa5DkNvji0Ge/3TairT+x3bwlTW8SbD/43POvLE
0/Uj7Vo7Avx2oL1RvYTcyva+jG43a/WVJkxTnwzBTft5dLrryd+xz0gGJBfdg4XU
9QahTP8UkOmBGHQhQHp1o820t0PLgBIDEM+U2Gt6YvhNMD3YkatIJx3Wf+bxGBhU
QkXF3cfU8EX0FTZgjLJKaT3Pwm/IpKEjAWRzimNPtvhUkYA6p+EYuSsMRHXjQEGU
8SfUgXB276965AM8T7nT4eX8mmGIKALY3a+50QevSW/uxuRSGPvaynk=
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:25:27 2025 by rpki-client