Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/_XUidn5LGX4qhZ_75ajbeYWe1Ao.roa
File: _XUidn5LGX4qhZ_75ajbeYWe1Ao.roa (raw, json)
Hash identifier: b/pfq31DckGw+o1qBs5ugJl7vAflaGA+vdef1tZYmPs=
Subject key identifier: FD:75:22:76:7E:4B:19:7E:2A:85:9F:FB:E5:A8:DB:79:85:9E:D4:0A
Certificate issuer: /CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06
Certificate serial: 019425FD6C7F81DB6A88AD9150C83A6C914A
Authority key identifier: D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/_XUidn5LGX4qhZ_75ajbeYWe1Ao.roa
Signing time: Thu 02 Jan 2025 07:49:12 +0000
ROA not before: Thu 02 Jan 2025 07:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15951
IP address blocks: 185.94.176.0/24 maxlen: 24
185.94.177.0/24 maxlen: 24
185.94.178.0/24 maxlen: 24
193.41.164.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:6c:7f:81:db:6a:88:ad:91:50:c8:3a:6c:91:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06
Validity
Not Before: Jan 2 07:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd7522767e4b197e2a859ffbe5a8db79859ed40a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:c0:22:90:cd:36:bf:aa:bd:cc:29:a6:db:c1:
06:7f:0e:44:23:23:ce:4e:d8:97:9c:e1:ae:36:ab:
dc:eb:f4:b6:6e:b8:73:df:32:d4:ff:96:08:d9:7f:
1e:94:11:e3:11:7f:97:b5:19:04:00:49:b7:09:7f:
5b:56:b5:25:db:b0:a8:29:96:b3:78:cd:5f:7e:c4:
ae:c2:ff:b0:ad:c9:86:fa:37:19:aa:81:f1:58:5e:
a6:a6:47:5f:6e:85:83:c0:3d:69:08:6c:f9:0f:10:
83:1c:db:35:66:d0:70:05:28:6b:77:49:c1:a8:71:
b8:63:e7:26:fb:3e:82:3d:3c:74:d6:d2:82:20:bf:
29:e0:e0:34:c9:1b:ed:e1:f6:af:5e:18:49:94:5b:
a3:b8:9b:ca:c4:0c:bc:10:0f:da:b9:51:1f:7b:6f:
53:33:ef:75:6e:96:a4:d4:d4:00:f9:63:01:d0:1e:
cb:db:f9:84:00:6a:94:ab:0f:07:38:65:70:4f:fc:
63:44:cb:06:a6:34:d7:5b:d8:5d:45:a6:aa:5f:53:
c5:91:a7:02:34:97:fa:23:f7:41:63:84:44:28:3b:
33:87:9a:d1:99:9c:3a:fc:7e:5e:9a:44:47:10:f9:
0a:b3:87:21:41:20:d1:c4:2f:d2:c3:93:fd:1a:fb:
b9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:75:22:76:7E:4B:19:7E:2A:85:9F:FB:E5:A8:DB:79:85:9E:D4:0A
X509v3 Authority Key Identifier:
keyid:D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/_XUidn5LGX4qhZ_75ajbeYWe1Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.176.0-185.94.178.255
193.41.164.0/23
Signature Algorithm: sha256WithRSAEncryption
81:bb:74:38:ca:d5:12:24:6a:71:a8:b4:3b:ce:da:07:97:9a:
de:88:61:c4:2b:c1:c7:74:f1:ef:26:42:f2:ca:75:b6:66:65:
c2:e9:7b:9f:f4:f6:48:a2:3f:2d:e1:21:9f:0b:87:b3:3c:26:
8a:6b:6f:8c:9e:40:4b:4a:20:df:df:df:18:df:05:b8:9a:2b:
da:47:b7:be:36:dc:5b:b7:40:d1:4a:0f:eb:f0:c4:5d:77:0c:
93:b4:9d:3b:d4:ba:78:60:93:8e:e3:91:39:e6:a6:57:4c:c1:
7f:71:82:d2:51:5f:b4:5d:a9:18:4a:53:43:7f:c4:e7:26:b9:
12:97:e8:cf:d2:cc:b1:eb:57:58:64:8b:75:28:d9:6c:6d:b2:
c1:da:41:40:46:6b:b4:7a:c5:5d:b9:ef:72:2a:29:19:21:26:
71:db:8b:e8:21:a7:a9:89:57:be:41:7a:7c:ee:98:05:12:41:
1b:b2:0d:6b:2e:64:b7:32:c0:b6:b6:ba:6c:7c:ce:14:76:f1:
a7:bb:d2:c3:93:3d:b3:da:36:c5:89:2f:02:5a:b6:47:5e:cf:
87:7d:c1:91:06:c2:b3:23:c4:f4:e1:e9:4e:48:11:be:bd:0d:
77:fc:95:15:79:65:ae:70:3a:a2:7d:41:ed:3e:ba:92:bb:c4:
91:81:4c:76
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQl/Wx/gdtqiK2RUMg6bJFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMDJmYmU5ZjBhNDEzNjAzZWRlZmI3MzNhNTMxZjJlMmMw
ZTljMDYwHhcNMjUwMTAyMDc0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDc1MjI3NjdlNGIxOTdlMmE4NTlmZmJlNWE4ZGI3OTg1OWVkNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9sAikM02v6q9zCmm28EGfw5EIyPO
TtiXnOGuNqvc6/S2brhz3zLU/5YI2X8elBHjEX+XtRkEAEm3CX9bVrUl27CoKZaz
eM1ffsSuwv+wrcmG+jcZqoHxWF6mpkdfboWDwD1pCGz5DxCDHNs1ZtBwBShrd0nB
qHG4Y+cm+z6CPTx01tKCIL8p4OA0yRvt4favXhhJlFujuJvKxAy8EA/auVEfe29T
M+91bpak1NQA+WMB0B7L2/mEAGqUqw8HOGVwT/xjRMsGpjTXW9hdRaaqX1PFkacC
NJf6I/dBY4REKDszh5rRmZw6/H5emkRHEPkKs4chQSDRxC/Sw5P9Gvu5uQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFP11InZ+Sxl+KoWf++Wo23mFntQKMB8GA1UdIwQY
MBaAFNAC++nwpBNgPt77czpTHy4sDpwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjkt
MTljMDQ1YzZhMTRmLzEvX1hVaWRuNUxHWDRxaFpfNzVhamJlWVdlMUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjktMTljMDQ1YzZhMTRm
LzEvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAS5XrAD
BAC5XrIDBAHBKaQwDQYJKoZIhvcNAQELBQADggEBAIG7dDjK1RIkanGotDvO2geX
mt6IYcQrwcd08e8mQvLKdbZmZcLpe5/09kiiPy3hIZ8Lh7M8Joprb4yeQEtKIN/f
3xjfBbiaK9pHt7423Fu3QNFKD+vwxF13DJO0nTvUunhgk47jkTnmpldMwX9xgtJR
X7RdqRhKU0N/xOcmuRKX6M/SzLHrV1hki3Uo2WxtssHaQUBGa7R6xV2573IqKRkh
JnHbi+ghp6mJV75BenzumAUSQRuyDWsuZLcywLa2umx8zhR28ae70sOTPbPaNsWJ
LwJatkdez4d9wZEGwrMjxPTh6U5IEb69DXf8lRV5Za5wOqJ9Qe0+upK7xJGBTHY=
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:46:02 2025 by rpki-client