Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/B1RwdbxrgWDeyX_orWHcIPoqmyo.roa
File: B1RwdbxrgWDeyX_orWHcIPoqmyo.roa (raw, json)
Hash identifier: yKoHL2zh91n+vVjTKvc+awgT0mVC11chvCiaQD1qnMw=
Subject key identifier: 07:54:70:75:BC:6B:81:60:DE:C9:7F:E8:AD:61:DC:20:FA:2A:9B:2A
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018D7A5790FA03369FD784FA53B38F45FE35
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/B1RwdbxrgWDeyX_orWHcIPoqmyo.roa
Signing time: Mon 05 Feb 2024 17:36:15 +0000
ROA not before: Mon 05 Feb 2024 17:36:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53856
IP address blocks: 94.131.64.0/22 maxlen: 24
94.131.72.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:57:90:fa:03:36:9f:d7:84:fa:53:b3:8f:45:fe:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Feb 5 17:36:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07547075bc6b8160dec97fe8ad61dc20fa2a9b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f2:ea:ab:9f:9d:90:f8:2f:99:94:c5:ab:51:
35:ef:09:71:31:b2:c5:32:44:04:bd:bc:e5:0f:e3:
1d:b9:08:f3:20:37:8e:23:bc:1b:a5:4c:b1:c5:6d:
da:ea:b8:ee:77:ff:a7:4c:b0:03:b3:27:ce:c0:d0:
20:41:b1:9d:e7:94:ff:f8:c9:02:f2:bc:2e:f4:8e:
4a:aa:b4:f6:48:8b:9f:01:58:53:2e:67:18:d0:53:
3f:41:73:cf:c0:9b:40:a3:af:1a:32:4e:84:b5:a6:
d1:f2:f9:9f:72:a2:6b:2b:ee:88:e5:0b:9c:f5:94:
b7:e6:39:32:45:d8:4b:99:6e:8e:16:ac:02:ad:56:
c5:33:51:68:68:76:36:e3:67:28:9c:38:38:3b:7b:
cd:06:da:21:cc:df:d3:b4:38:a3:64:fd:d2:65:4e:
07:a9:df:e3:e6:51:f5:0e:d5:2d:2c:ff:7f:e0:cd:
ce:e6:5a:b0:25:6a:76:f5:ae:a4:6d:a4:1e:68:90:
8d:df:ff:ab:b0:7f:a8:f0:e4:64:72:31:61:ab:5f:
d4:34:88:71:c9:37:87:28:3d:eb:3f:15:88:ba:b8:
c6:52:8f:92:43:06:a1:b0:63:1f:82:7c:ca:fd:fd:
e4:cf:4f:99:a5:6b:4d:8a:8f:d7:76:83:ec:da:8c:
d3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:54:70:75:BC:6B:81:60:DE:C9:7F:E8:AD:61:DC:20:FA:2A:9B:2A
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/B1RwdbxrgWDeyX_orWHcIPoqmyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.64.0/22
94.131.72.0/21
Signature Algorithm: sha256WithRSAEncryption
a4:c9:c3:2d:62:0b:c0:34:b6:d9:74:be:2c:49:c6:8a:a2:a8:
7a:86:19:3a:28:88:29:d0:df:17:03:62:9c:bd:63:6b:60:7f:
40:24:0b:7d:6b:62:f2:96:3a:99:31:62:d2:93:fb:24:73:2e:
ed:13:dd:6c:1c:24:c2:66:a0:ee:0f:e4:6d:b7:f6:81:4f:90:
70:5e:ff:55:0d:a0:b4:f3:77:53:36:2d:41:b3:ce:ea:56:ab:
72:33:86:fd:07:80:ff:33:35:6a:61:f6:20:11:51:1b:99:0c:
d9:ff:b8:8e:62:3b:f9:fa:39:16:90:23:7a:ff:cc:51:ab:4b:
ae:8b:c1:48:41:a1:71:c5:ea:bb:5d:a5:f3:d2:5f:ea:f5:8b:
5d:db:f0:22:fa:01:da:7d:e5:f3:1a:0d:8e:53:94:76:1e:03:
50:d0:b2:a3:1e:bf:77:95:b3:56:bd:fc:7c:d6:24:a9:d0:69:
de:bd:17:05:e1:74:0d:8a:f2:ce:66:7e:f2:88:9e:e7:d1:c0:
9c:c6:b0:7e:12:d2:28:3f:80:c2:eb:6b:7d:dd:18:ff:ef:3d:
83:e7:87:bf:c5:97:5f:11:94:37:65:6e:f3:e1:e9:ac:81:fd:
35:58:ad:f7:e2:9d:51:b9:2c:4c:ab:85:b2:1b:db:8c:81:0b:
24:cd:eb:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY16V5D6Azaf14T6U7OPRf41MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMjA1MTczNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzU0NzA3NWJjNmI4MTYwZGVjOTdmZThhZDYxZGMyMGZhMmE5YjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/Lqq5+dkPgvmZTFq1E17wlxMbLF
MkQEvbzlD+MduQjzIDeOI7wbpUyxxW3a6rjud/+nTLADsyfOwNAgQbGd55T/+MkC
8rwu9I5KqrT2SIufAVhTLmcY0FM/QXPPwJtAo68aMk6EtabR8vmfcqJrK+6I5Quc
9ZS35jkyRdhLmW6OFqwCrVbFM1FoaHY242conDg4O3vNBtohzN/TtDijZP3SZU4H
qd/j5lH1DtUtLP9/4M3O5lqwJWp29a6kbaQeaJCN3/+rsH+o8ORkcjFhq1/UNIhx
yTeHKD3rPxWIurjGUo+SQwahsGMfgnzK/f3kz0+ZpWtNio/XdoPs2ozTOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAdUcHW8a4Fg3sl/6K1h3CD6KpsqMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvQjFSd2RieHJnV0RleVhfb3JXSGNJUG9xbXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXoNAAwQD
XoNIMA0GCSqGSIb3DQEBCwUAA4IBAQCkycMtYgvANLbZdL4sScaKoqh6hhk6KIgp
0N8XA2KcvWNrYH9AJAt9a2LyljqZMWLSk/skcy7tE91sHCTCZqDuD+Rtt/aBT5Bw
Xv9VDaC083dTNi1Bs87qVqtyM4b9B4D/MzVqYfYgEVEbmQzZ/7iOYjv5+jkWkCN6
/8xRq0uui8FIQaFxxeq7XaXz0l/q9Ytd2/Ai+gHafeXzGg2OU5R2HgNQ0LKjHr93
lbNWvfx81iSp0GnevRcF4XQNivLOZn7yiJ7n0cCcxrB+EtIoP4DC62t93Rj/7z2D
54e/xZdfEZQ3ZW7z4emsgf01WK334p1RuSxMq4WyG9uMgQskzeuy
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:56:03 2025 by rpki-client