Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/i0EkDiLWxZt-jEsL0cMNpe5XN_g.roa
File: i0EkDiLWxZt-jEsL0cMNpe5XN_g.roa (raw, json)
Hash identifier: G7FDEuJ7pS++rTMrLx6g2e+BM36bD3Jhu4w4OIPcRCo=
Subject key identifier: 8B:41:24:0E:22:D6:C5:9B:7E:8C:4B:0B:D1:C3:0D:A5:EE:57:37:F8
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0195607A421C7395DC8C1023005B97740FEA
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/i0EkDiLWxZt-jEsL0cMNpe5XN_g.roa
Signing time: Tue 04 Mar 2025 09:26:19 +0000
ROA not before: Tue 04 Mar 2025 09:26:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 94.74.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:60:7a:42:1c:73:95:dc:8c:10:23:00:5b:97:74:0f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Mar 4 09:26:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b41240e22d6c59b7e8c4b0bd1c30da5ee5737f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:85:17:7a:e4:da:3a:f5:30:e4:42:9a:97:9e:
33:17:f0:ba:cf:26:4b:f3:5c:ed:34:26:db:5b:87:
4e:c3:f3:f2:31:22:b9:91:58:34:3b:69:8b:63:7c:
2f:dd:92:bb:37:93:2e:a0:9d:af:ff:9c:cb:98:00:
01:b0:3b:4f:19:91:8d:d0:9e:80:88:60:75:43:21:
ee:01:0f:72:3a:da:24:fd:14:4c:ce:71:37:52:87:
8b:44:83:07:cc:7c:0f:48:40:d3:9b:59:2d:75:2c:
e3:ed:ef:3b:5a:bb:1d:54:42:bf:23:62:ef:c7:6b:
71:87:cc:eb:e8:7a:f0:e1:2e:c0:32:9f:4c:ed:37:
06:7e:d3:03:cd:e6:ee:7f:2a:91:99:97:14:d3:bd:
24:09:73:11:cb:f6:b5:39:da:be:02:bd:d4:f3:b0:
b8:07:66:3a:eb:79:b7:71:76:a0:03:55:c2:dd:65:
a3:c2:d4:e2:1c:89:3f:cb:1c:a0:ef:19:ca:29:ec:
91:a2:cc:ba:90:be:a5:13:79:36:fa:f2:01:9f:d1:
f1:24:c0:5b:a4:06:61:6d:3f:59:61:f7:f0:00:f5:
fc:a0:04:48:ba:45:51:30:fc:e8:dd:30:e0:38:35:
89:af:83:cf:c5:09:98:be:a2:9b:fc:01:bc:d2:98:
28:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:41:24:0E:22:D6:C5:9B:7E:8C:4B:0B:D1:C3:0D:A5:EE:57:37:F8
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/i0EkDiLWxZt-jEsL0cMNpe5XN_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.158.0/24
Signature Algorithm: sha256WithRSAEncryption
63:d3:23:bc:53:13:38:93:f5:8d:a4:dd:c7:69:a8:5b:c5:36:
7e:94:20:81:8b:84:b4:38:95:0b:5f:6a:51:2c:74:e7:4b:65:
0c:ba:0e:af:99:e8:84:b1:e6:e3:37:93:7c:87:47:29:62:95:
a4:94:56:b3:a7:ef:15:89:4c:f1:d1:76:23:0a:23:3b:ce:26:
d1:88:05:e9:f5:89:f8:0a:56:c5:b9:12:77:3c:50:d2:6d:6c:
7b:31:cf:13:0f:70:c0:6f:5d:d0:2c:4b:89:19:4a:00:58:4b:
cc:8a:d5:4d:87:61:8d:eb:e1:d8:ac:01:af:e3:83:c3:08:ed:
31:a2:80:a1:b1:be:3f:2b:76:55:65:5b:14:1d:0e:48:67:c4:
2e:30:7e:95:dc:14:f4:59:2d:93:52:bf:46:bc:da:56:74:4f:
f4:c6:50:19:58:0d:82:93:7a:51:68:58:d2:9c:d3:a9:18:99:
33:7d:2f:92:0b:8e:0d:25:b2:dc:e4:61:ff:27:b9:ea:ad:24:
1e:9e:0e:3c:55:14:ce:8c:00:30:5c:2e:b4:2a:d6:02:f4:d4:
f5:78:a8:8a:17:62:b9:6d:27:2d:f8:c1:40:4f:ef:f9:a8:fc:
e0:85:8e:c5:71:90:8a:48:82:41:24:46:49:06:79:90:bd:a7:
99:28:fa:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVgekIcc5XcjBAjAFuXdA/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwMzA0MDkyNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQxMjQwZTIyZDZjNTliN2U4YzRiMGJkMWMzMGRhNWVlNTczN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoUXeuTaOvUw5EKal54zF/C6zyZL
81ztNCbbW4dOw/PyMSK5kVg0O2mLY3wv3ZK7N5MuoJ2v/5zLmAABsDtPGZGN0J6A
iGB1QyHuAQ9yOtok/RRMznE3UoeLRIMHzHwPSEDTm1ktdSzj7e87WrsdVEK/I2Lv
x2txh8zr6Hrw4S7AMp9M7TcGftMDzebufyqRmZcU070kCXMRy/a1Odq+Ar3U87C4
B2Y663m3cXagA1XC3WWjwtTiHIk/yxyg7xnKKeyRosy6kL6lE3k2+vIBn9HxJMBb
pAZhbT9ZYffwAPX8oARIukVRMPzo3TDgODWJr4PPxQmYvqKb/AG80pgozwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItBJA4i1sWbfoxLC9HDDaXuVzf4MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvaTBFa0RpTFd4WnQtakVzTDBjTU5wZTVYTl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXkqeMA0G
CSqGSIb3DQEBCwUAA4IBAQBj0yO8UxM4k/WNpN3HaahbxTZ+lCCBi4S0OJULX2pR
LHTnS2UMug6vmeiEsebjN5N8h0cpYpWklFazp+8ViUzx0XYjCiM7zibRiAXp9Yn4
ClbFuRJ3PFDSbWx7Mc8TD3DAb13QLEuJGUoAWEvMitVNh2GN6+HYrAGv44PDCO0x
ooChsb4/K3ZVZVsUHQ5IZ8QuMH6V3BT0WS2TUr9GvNpWdE/0xlAZWA2Ck3pRaFjS
nNOpGJkzfS+SC44NJbLc5GH/J7nqrSQeng48VRTOjAAwXC60KtYC9NT1eKiKF2K5
bSct+MFAT+/5qPzghY7FcZCKSIJBJEZJBnmQvaeZKPr2
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:19:20 2025 by rpki-client