Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/s8S1W4cVAgNOzr7acXkokbSU8JY.roa
File: s8S1W4cVAgNOzr7acXkokbSU8JY.roa (raw, json)
Hash identifier: /7uzkfFuCMpRspM3FdinCvV4M+jOL4OCx212IeV9ypg=
Subject key identifier: B3:C4:B5:5B:87:15:02:03:4E:CE:BE:DA:71:79:28:91:B4:94:F0:96
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019424B3AF1769C82EDB24ACE3A687284FDA
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/s8S1W4cVAgNOzr7acXkokbSU8JY.roa
Signing time: Thu 02 Jan 2025 01:49:02 +0000
ROA not before: Thu 02 Jan 2025 01:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51264
IP address blocks: 94.131.125.0/24 maxlen: 24
95.164.90.0/24 maxlen: 24
95.164.92.0/24 maxlen: 24
95.164.93.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:af:17:69:c8:2e:db:24:ac:e3:a6:87:28:4f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 2 01:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3c4b55b871502034ecebeda71792891b494f096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:72:f8:a9:78:03:ac:25:9f:d0:18:48:89:e6:
22:88:8f:d5:7e:da:d4:17:4f:64:4e:9f:5a:48:9a:
a2:58:60:05:55:01:34:2a:49:64:18:77:cd:7a:d7:
64:96:8b:70:09:79:10:9a:83:b1:52:23:66:a1:67:
0f:6a:fb:c9:a6:13:19:04:a8:e7:fd:85:86:e8:db:
70:79:24:69:1a:a9:cd:42:72:41:d2:23:93:b7:94:
36:35:fe:b2:24:58:fb:52:83:cb:6f:b2:6b:22:11:
ba:60:a5:02:28:31:ca:03:f7:22:bf:eb:4b:fe:70:
56:af:48:70:89:a0:22:21:4c:58:00:6e:d1:22:ce:
d8:8f:82:92:46:02:c3:6b:f8:80:b7:e1:a0:17:48:
4f:54:67:4a:a2:ab:4e:d5:08:de:22:a2:22:e0:06:
1c:58:ce:c8:e1:c5:82:7b:69:4a:fd:d1:94:fa:1c:
37:7c:20:24:44:1f:05:84:aa:07:d0:6d:7f:e8:33:
08:3e:98:a5:00:31:95:5e:25:2b:14:68:a1:29:c5:
0e:8c:e6:1a:97:b0:cd:be:da:f8:5d:0b:1f:73:3a:
6e:19:fb:c2:32:14:7e:6d:ba:83:6c:f6:64:ff:6f:
fc:b2:5c:c0:ef:99:1e:63:99:96:14:7f:53:f7:f6:
e5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C4:B5:5B:87:15:02:03:4E:CE:BE:DA:71:79:28:91:B4:94:F0:96
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/s8S1W4cVAgNOzr7acXkokbSU8JY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.125.0/24
95.164.90.0/24
95.164.92.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:c5:8b:06:aa:b1:05:fd:af:c0:7a:6e:21:f1:c5:23:86:21:
0b:50:c6:07:c5:9b:79:72:f3:70:f8:01:c1:a9:6c:04:21:78:
cb:61:a2:46:94:ba:20:de:47:59:56:da:34:d4:cd:9b:43:75:
23:52:17:e9:e2:41:34:8b:cb:d1:51:04:2a:3f:fa:70:cd:8e:
7b:a5:6f:b2:20:f4:5e:d4:83:be:8e:10:f2:01:a8:0d:ab:54:
f8:5e:8d:5f:f1:38:08:62:af:59:3d:d5:00:40:21:18:60:c1:
e5:9d:63:7b:e2:b6:bc:5e:98:cb:d3:e5:4d:f4:c8:5e:9d:91:
70:04:e3:e6:1d:95:02:a1:a5:fa:86:b9:da:7a:6a:08:ad:b2:
80:b9:f7:c5:4c:63:18:53:df:e1:43:69:43:26:56:cc:bd:39:
30:dd:b8:93:9d:0d:53:f2:e3:38:e8:e0:f4:2e:9b:8e:9e:0d:
94:99:7f:99:fd:48:cc:aa:e5:57:4e:d4:91:52:7a:cb:4a:fc:
b1:d7:33:be:ba:0f:23:82:dc:7b:bc:3a:d1:a5:ae:ec:af:9a:
29:03:58:09:fb:de:06:c6:9e:00:27:63:29:5f:5a:68:90:39:
2a:97:ec:11:7f:df:71:ed:21:3f:9f:7f:02:72:77:fc:5a:32:
e4:f7:04:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQks68Xacgu2ySs46aHKE/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMTAyMDE0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2M0YjU1Yjg3MTUwMjAzNGVjZWJlZGE3MTc5Mjg5MWI0OTRmMDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHL4qXgDrCWf0BhIieYiiI/VftrU
F09kTp9aSJqiWGAFVQE0KklkGHfNetdklotwCXkQmoOxUiNmoWcPavvJphMZBKjn
/YWG6NtweSRpGqnNQnJB0iOTt5Q2Nf6yJFj7UoPLb7JrIhG6YKUCKDHKA/civ+tL
/nBWr0hwiaAiIUxYAG7RIs7Yj4KSRgLDa/iAt+GgF0hPVGdKoqtO1QjeIqIi4AYc
WM7I4cWCe2lK/dGU+hw3fCAkRB8FhKoH0G1/6DMIPpilADGVXiUrFGihKcUOjOYa
l7DNvtr4XQsfczpuGfvCMhR+bbqDbPZk/2/8slzA75keY5mWFH9T9/blGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLPEtVuHFQIDTs6+2nF5KJG0lPCWMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvczhTMVc0Y1ZBZ05PenI3YWNYa29rYlNVOEpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXoN9AwQA
X6RaAwQBX6RcMA0GCSqGSIb3DQEBCwUAA4IBAQA8xYsGqrEF/a/Aem4h8cUjhiEL
UMYHxZt5cvNw+AHBqWwEIXjLYaJGlLog3kdZVto01M2bQ3UjUhfp4kE0i8vRUQQq
P/pwzY57pW+yIPRe1IO+jhDyAagNq1T4Xo1f8TgIYq9ZPdUAQCEYYMHlnWN74ra8
XpjL0+VN9MhenZFwBOPmHZUCoaX6hrnaemoIrbKAuffFTGMYU9/hQ2lDJlbMvTkw
3biTnQ1T8uM46OD0LpuOng2UmX+Z/UjMquVXTtSRUnrLSvyx1zO+ug8jgtx7vDrR
pa7sr5opA1gJ+94Gxp4AJ2MpX1pokDkql+wRf99x7SE/n38Ccnf8WjLk9wRW
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:42:24 2025 by rpki-client