Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2AQejw2bOyNDfRRogBZoUXIXc7E.roa
File: 2AQejw2bOyNDfRRogBZoUXIXc7E.roa (raw, json)
Hash identifier: 8uVaJy0G4zs6QqW1NvB2uIAEgxmaqARAbhlAXLnIlWU=
Subject key identifier: D8:04:1E:8F:0D:9B:3B:23:43:7D:14:68:80:16:68:51:72:17:73:B1
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 019422FBC54213B836BB90BB8604FF0C528A
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2AQejw2bOyNDfRRogBZoUXIXc7E.roa
Signing time: Wed 01 Jan 2025 17:48:32 +0000
ROA not before: Wed 01 Jan 2025 17:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 147.78.68.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c5:42:13:b8:36:bb:90:bb:86:04:ff:0c:52:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 1 17:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8041e8f0d9b3b23437d146880166851721773b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:15:ad:26:3b:6a:9a:53:32:d7:02:cb:98:9e:
07:93:1b:c4:b5:6d:87:0a:c8:ae:e9:0d:c0:74:18:
84:db:53:08:fe:70:6c:a1:40:53:95:f9:06:74:d5:
e5:67:fd:f8:e9:72:ed:03:3f:95:71:24:eb:dc:a2:
c5:2a:9b:93:2c:01:07:fc:ac:20:93:36:24:0b:3f:
99:83:d2:1e:b7:d5:70:ca:95:1d:91:ad:39:42:4b:
23:0d:6c:38:53:34:0e:0e:41:a0:7d:49:b1:48:87:
76:78:16:3f:ba:df:44:c1:0f:5e:8b:1b:e0:4d:68:
31:63:38:5a:87:b7:e2:32:8e:12:13:b2:2b:66:10:
82:ff:cc:ef:13:cd:e4:0f:98:d5:5e:2b:38:db:6d:
77:e6:bd:7d:24:55:69:58:8e:d5:ac:19:67:28:1e:
9d:d3:5d:8e:f5:11:6c:b1:2e:cd:11:49:2c:fe:63:
11:2a:81:84:bd:94:df:df:2b:46:20:8a:38:4c:7c:
74:3f:af:04:0d:8b:55:28:8b:2f:eb:ab:60:8f:63:
3b:c2:d9:30:8f:aa:3e:30:bd:15:0d:81:8a:b3:95:
b7:70:f5:db:31:c4:09:60:83:60:29:aa:5a:8c:13:
75:a4:71:8b:41:c9:97:3c:32:c5:6a:86:23:8e:32:
40:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:04:1E:8F:0D:9B:3B:23:43:7D:14:68:80:16:68:51:72:17:73:B1
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2AQejw2bOyNDfRRogBZoUXIXc7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.68.0/22
193.187.140.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:81:b1:9c:d4:e3:57:3e:b5:1a:7f:f6:87:91:7d:a8:9b:b3:
64:2b:54:9a:63:f2:a5:1e:0f:3a:39:c2:2d:f6:2f:b8:25:47:
46:b2:59:01:47:ca:96:98:23:40:fd:e8:9e:3a:a7:86:c9:9e:
9c:d7:f9:a9:a2:88:2b:16:b5:4a:d6:de:4e:bf:3a:31:7f:e9:
89:aa:12:fd:87:1f:a8:fc:5c:a3:35:37:f4:f1:2e:ba:b7:23:
7e:f0:f7:0f:0b:c1:af:69:01:28:13:5d:e0:4f:78:dd:77:68:
50:f9:34:50:9c:f8:23:e5:4b:a8:9e:4a:06:0f:51:91:99:e6:
b8:59:99:06:f3:86:10:b4:b1:1b:d7:85:de:e2:e2:c9:c3:af:
b9:33:4b:a8:fd:7c:46:9b:ed:1a:c6:2c:54:4b:20:84:cc:83:
65:e2:3f:c5:4c:ab:58:c6:1c:50:ed:2c:aa:8e:e2:25:06:32:
b8:e6:61:b1:3c:9d:35:6f:87:8c:5c:84:fb:80:f6:0e:45:e7:
e1:11:cb:3e:1d:de:df:58:fd:f9:31:0e:0a:b2:6d:12:b0:2e:
26:03:6b:74:64:7e:73:6c:ee:f5:56:df:28:4f:01:9b:d6:9a:
d2:da:f7:78:ef:68:62:12:a1:55:3e:0c:55:7c:70:c6:98:53:
42:5b:08:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi+8VCE7g2u5C7hgT/DFKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjUwMTAxMTc0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODA0MWU4ZjBkOWIzYjIzNDM3ZDE0Njg4MDE2Njg1MTcyMTc3M2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshWtJjtqmlMy1wLLmJ4HkxvEtW2H
Csiu6Q3AdBiE21MI/nBsoUBTlfkGdNXlZ/346XLtAz+VcSTr3KLFKpuTLAEH/Kwg
kzYkCz+Zg9Iet9VwypUdka05QksjDWw4UzQODkGgfUmxSId2eBY/ut9EwQ9eixvg
TWgxYzhah7fiMo4SE7IrZhCC/8zvE83kD5jVXis422135r19JFVpWI7VrBlnKB6d
012O9RFssS7NEUks/mMRKoGEvZTf3ytGIIo4THx0P68EDYtVKIsv66tgj2M7wtkw
j6o+ML0VDYGKs5W3cPXbMcQJYINgKapajBN1pHGLQcmXPDLFaoYjjjJAPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNgEHo8NmzsjQ30UaIAWaFFyF3OxMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvMkFRZWp3MmJPeU5EZlJSb2dCWm9VWElYYzdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCk05EAwQC
wbuMMA0GCSqGSIb3DQEBCwUAA4IBAQB7gbGc1ONXPrUaf/aHkX2om7NkK1SaY/Kl
Hg86OcIt9i+4JUdGslkBR8qWmCNA/eieOqeGyZ6c1/mpoogrFrVK1t5Ovzoxf+mJ
qhL9hx+o/FyjNTf08S66tyN+8PcPC8GvaQEoE13gT3jdd2hQ+TRQnPgj5UuonkoG
D1GRmea4WZkG84YQtLEb14Xe4uLJw6+5M0uo/XxGm+0axixUSyCEzINl4j/FTKtY
xhxQ7SyqjuIlBjK45mGxPJ01b4eMXIT7gPYORefhEcs+Hd7fWP35MQ4Ksm0SsC4m
A2t0ZH5zbO71Vt8oTwGb1prS2vd472hiEqFVPgxVfHDGmFNCWwhB
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:29:16 2025 by rpki-client