Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bE9gZJNwJN89NZA7Foi7jT4-VVY.roa
File: bE9gZJNwJN89NZA7Foi7jT4-VVY.roa (raw, json)
Hash identifier: t8LvGIQQbno4ZAZkP9bgpHo61QhLzjFMTDzuOGs60B8=
Subject key identifier: 6C:4F:60:64:93:70:24:DF:3D:35:90:3B:16:88:BB:8D:3E:3E:55:56
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0185A860F530B0B7CFDB3FEE360450473BAE
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bE9gZJNwJN89NZA7Foi7jT4-VVY.roa
Signing time: Thu 12 Jan 2023 23:46:44 +0000
ROA not before: Thu 12 Jan 2023 23:46:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 94.131.98.0/24 maxlen: 24
94.131.99.0/24 maxlen: 24
94.131.102.0/24 maxlen: 24
94.131.100.0/24 maxlen: 24
94.131.105.0/24 maxlen: 24
94.131.106.0/24 maxlen: 24
94.131.108.0/24 maxlen: 24
94.131.107.0/24 maxlen: 24
94.131.2.0/24 maxlen: 24
94.131.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a8:60:f5:30:b0:b7:cf:db:3f:ee:36:04:50:47:3b:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 12 23:46:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c4f6064937024df3d35903b1688bb8d3e3e5556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:57:5b:be:a0:84:3f:13:a7:2d:dd:26:73:ee:
b7:fc:11:98:62:05:27:9c:a2:78:04:1e:af:a3:33:
ea:c2:2c:cc:56:9b:a7:fc:f1:f5:b3:03:8c:56:44:
b6:7c:c8:bd:1f:c7:2d:6c:88:f7:c0:f9:ae:c5:43:
30:a5:b7:9f:a4:e2:9f:65:47:20:1f:9a:b0:be:ea:
c7:e2:6b:b0:f1:d3:6a:58:46:65:4a:75:08:42:a8:
87:13:6c:e4:d3:4c:f8:ac:92:41:ee:dc:b1:cd:0e:
11:f2:1d:a4:5b:75:cb:ba:b2:10:35:f6:42:73:c8:
93:ff:b3:43:f5:4e:a3:0a:56:48:b9:67:70:64:c9:
ac:fa:50:1f:88:23:db:21:c2:2e:fa:b3:ea:f9:c1:
39:a1:1d:ae:30:8d:ef:24:9c:ae:24:8e:e6:d6:d3:
55:42:66:d9:1a:2b:82:90:fb:c3:57:0a:61:e5:ff:
ed:72:e3:d2:77:9d:e2:34:3b:02:f0:c5:06:45:ab:
33:13:e7:d7:91:21:a8:bd:92:73:b1:0c:d8:c1:ed:
53:aa:fd:cd:fe:4f:6d:ec:30:6b:c8:03:33:56:d2:
a2:32:3b:65:52:20:71:53:04:88:1d:ab:ac:6f:bd:
44:78:2c:b8:eb:27:c0:96:cc:6a:79:85:c8:07:73:
e1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:4F:60:64:93:70:24:DF:3D:35:90:3B:16:88:BB:8D:3E:3E:55:56
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bE9gZJNwJN89NZA7Foi7jT4-VVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.2.0/23
94.131.98.0-94.131.100.255
94.131.102.0/24
94.131.105.0-94.131.108.255
Signature Algorithm: sha256WithRSAEncryption
31:8b:9a:74:6b:b3:50:aa:ba:8a:47:0c:6e:1b:44:91:30:4e:
89:ac:dc:c9:3d:80:fc:02:49:11:0d:db:ae:28:6f:f3:8a:64:
74:25:2f:5b:f8:b8:2b:f7:2c:86:42:6a:17:b6:78:ba:90:bf:
9b:cb:e0:2f:3b:c2:0f:71:f9:c9:60:fd:db:81:1f:83:c1:d8:
7d:7b:96:c4:af:21:67:7b:5e:49:09:21:a9:c2:81:c1:18:51:
87:2d:ac:ef:03:0c:62:18:ec:ab:9c:de:a7:bd:5e:cf:b1:8a:
20:81:8a:b5:84:fc:1a:cf:3d:4e:90:e6:18:67:e1:8c:c5:9c:
84:86:fc:e9:90:92:de:35:5c:39:ce:db:22:3c:c3:b3:7f:3e:
3b:34:37:cf:2a:1f:a9:f9:f3:db:ca:4a:05:f6:3f:75:23:cd:
d6:32:5a:ec:06:be:67:a2:07:73:aa:c0:bb:b5:de:24:ca:71:
f6:fe:48:9d:87:21:67:1a:a8:93:80:f8:aa:95:92:ec:76:66:
b6:fb:db:a7:03:96:c9:8c:5d:97:6f:ad:58:0a:0b:9e:9d:3a:
45:6d:8b:d7:bf:97:4c:02:b2:ff:17:dc:d6:22:f0:b4:ea:3e:
5f:b3:f4:5e:bb:07:ab:b8:05:3e:21:da:2d:2a:ae:04:1a:b3:
ae:c1:7e:06
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYWoYPUwsLfP2z/uNgRQRzuuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwMTEyMjM0NjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzRmNjA2NDkzNzAyNGRmM2QzNTkwM2IxNjg4YmI4ZDNlM2U1NTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVdbvqCEPxOnLd0mc+63/BGYYgUn
nKJ4BB6vozPqwizMVpun/PH1swOMVkS2fMi9H8ctbIj3wPmuxUMwpbefpOKfZUcg
H5qwvurH4muw8dNqWEZlSnUIQqiHE2zk00z4rJJB7tyxzQ4R8h2kW3XLurIQNfZC
c8iT/7ND9U6jClZIuWdwZMms+lAfiCPbIcIu+rPq+cE5oR2uMI3vJJyuJI7m1tNV
QmbZGiuCkPvDVwph5f/tcuPSd53iNDsC8MUGRaszE+fXkSGovZJzsQzYwe1Tqv3N
/k9t7DBryAMzVtKiMjtlUiBxUwSIHausb71EeCy46yfAlsxqeYXIB3PhOQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGxPYGSTcCTfPTWQOxaIu40+PlVWMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvYkU5Z1pKTndKTjg5TlpBN0ZvaTdqVDQtVlZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBXoMCMAwD
BAFeg2IDBABeg2QDBABeg2YwDAMEAF6DaQMEAF6DbDANBgkqhkiG9w0BAQsFAAOC
AQEAMYuadGuzUKq6ikcMbhtEkTBOiazcyT2A/AJJEQ3brihv84pkdCUvW/i4K/cs
hkJqF7Z4upC/m8vgLzvCD3H5yWD924Efg8HYfXuWxK8hZ3teSQkhqcKBwRhRhy2s
7wMMYhjsq5zep71ez7GKIIGKtYT8Gs89TpDmGGfhjMWchIb86ZCS3jVcOc7bIjzD
s38+OzQ3zyofqfnz28pKBfY/dSPN1jJa7Aa+Z6IHc6rAu7XeJMpx9v5InYchZxqo
k4D4qpWS7HZmtvvbpwOWyYxdl2+tWAoLnp06RW2L17+XTAKy/xfc1iLwtOo+X7P0
XrsHq7gFPiHaLSquBBqzrsF+Bg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:48:04 2025 by rpki-client