Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/JuflCKY-Mb7BlQudMjqutisHkO0.roa
File: JuflCKY-Mb7BlQudMjqutisHkO0.roa (raw, json)
Hash identifier: 8TAVjWPKryefk6C3xQCj3q5ZBmjPOTBTdzadDKXxGwM=
Subject key identifier: 26:E7:E5:08:A6:3E:31:BE:C1:95:0B:9D:32:3A:AE:B6:2B:07:90:ED
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 019426D9BF068B929E9F7330E992D02B4BCA
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/JuflCKY-Mb7BlQudMjqutisHkO0.roa
Signing time: Thu 02 Jan 2025 11:49:51 +0000
ROA not before: Thu 02 Jan 2025 11:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 94.137.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:bf:06:8b:92:9e:9f:73:30:e9:92:d0:2b:4b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Jan 2 11:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=26e7e508a63e31bec1950b9d323aaeb62b0790ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:85:e5:48:54:6b:b7:eb:df:28:97:e5:da:f0:
19:4c:7b:c5:94:fb:46:ef:92:28:68:07:41:55:af:
ea:df:7c:1d:8f:f8:3a:40:85:88:14:3e:12:5c:17:
74:22:53:c4:13:d0:24:19:91:0a:f1:bd:b1:bd:82:
2b:51:c2:f2:5f:ba:4f:91:26:7f:c9:c5:5c:18:c3:
67:a7:dd:17:91:95:b3:fb:39:90:5a:4a:13:98:7b:
0d:7f:d3:cb:d8:a1:6b:68:c1:9b:19:8d:b7:21:08:
ca:36:1d:f4:02:4d:80:54:2d:e8:fd:74:c9:d2:ff:
93:50:00:5e:bb:3e:99:46:57:39:b4:a4:61:ac:b9:
10:5a:21:1b:b0:ff:d9:89:50:18:a1:fb:17:a7:c3:
8a:c7:37:a4:73:cf:38:5e:3d:1d:e8:60:b2:ab:eb:
8c:27:67:14:d7:9e:0e:1d:cb:b7:c5:b2:86:32:4f:
5b:8f:76:db:ea:d3:98:2b:43:8d:cc:60:d0:d5:50:
36:01:df:c5:a5:7b:f0:a1:1c:a0:99:1b:59:ac:5f:
a4:96:01:3d:91:84:7a:3f:b6:96:32:30:e8:ff:e6:
7b:de:b9:df:0a:02:8f:8b:d6:6b:5b:cd:df:ff:53:
56:69:98:20:04:01:45:3d:8c:b1:3b:6d:9e:c3:b9:
39:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:E7:E5:08:A6:3E:31:BE:C1:95:0B:9D:32:3A:AE:B6:2B:07:90:ED
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/JuflCKY-Mb7BlQudMjqutisHkO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.137.95.0/24
Signature Algorithm: sha256WithRSAEncryption
16:f7:59:7c:82:bd:e2:27:45:94:b5:5b:01:3b:03:f7:9f:bd:
66:c3:44:af:7c:0f:cd:cf:bf:11:fc:76:fc:ed:94:5e:e3:fd:
de:61:be:2c:98:f1:d2:31:08:70:59:1c:88:dc:72:76:69:c5:
30:13:27:eb:c3:e3:84:e3:30:d3:4e:f6:aa:7e:ed:d9:c5:d7:
82:91:a0:1e:82:b3:a6:be:12:c9:cc:ec:77:13:f2:7f:bc:29:
83:61:b9:7d:be:8c:34:47:40:26:1f:31:06:f3:3b:b7:fb:e5:
6b:b4:3c:97:8a:6f:64:11:0d:b6:0a:03:78:dd:de:49:33:7e:
40:0a:ac:d4:c1:33:5d:6d:3a:cf:d0:4b:d2:c7:9e:67:e3:dc:
22:b3:cf:d4:15:13:39:dd:7f:05:b1:bf:9c:80:45:6b:59:f5:
47:30:2e:65:8c:c5:c1:c6:64:16:90:f6:d8:5b:18:0e:13:e4:
61:8b:9a:87:f2:d1:7b:23:2e:d0:b1:38:a6:b2:97:86:c3:7b:
86:06:76:70:a2:65:14:27:fc:0c:85:b2:b9:e0:d7:c4:74:46:
6d:34:6d:b9:a7:88:18:e8:5c:5f:04:35:b8:e4:bc:41:1c:12:
d2:71:28:7c:9a:3b:57:58:bf:8a:e1:14:61:e2:cb:a7:65:15:
03:cc:d0:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2b8Gi5Ken3Mw6ZLQK0vKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjUwMTAyMTE0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmU3ZTUwOGE2M2UzMWJlYzE5NTBiOWQzMjNhYWViNjJiMDc5MGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoXlSFRrt+vfKJfl2vAZTHvFlPtG
75IoaAdBVa/q33wdj/g6QIWIFD4SXBd0IlPEE9AkGZEK8b2xvYIrUcLyX7pPkSZ/
ycVcGMNnp90XkZWz+zmQWkoTmHsNf9PL2KFraMGbGY23IQjKNh30Ak2AVC3o/XTJ
0v+TUABeuz6ZRlc5tKRhrLkQWiEbsP/ZiVAYofsXp8OKxzekc884Xj0d6GCyq+uM
J2cU154OHcu3xbKGMk9bj3bb6tOYK0ONzGDQ1VA2Ad/FpXvwoRygmRtZrF+klgE9
kYR6P7aWMjDo/+Z73rnfCgKPi9ZrW83f/1NWaZggBAFFPYyxO22ew7k57QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCbn5QimPjG+wZULnTI6rrYrB5DtMB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEvSnVmbENLWS1NYjdCbFF1ZE1qcXV0aXNIa08wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXolfMA0G
CSqGSIb3DQEBCwUAA4IBAQAW91l8gr3iJ0WUtVsBOwP3n71mw0SvfA/Nz78R/Hb8
7ZRe4/3eYb4smPHSMQhwWRyI3HJ2acUwEyfrw+OE4zDTTvaqfu3ZxdeCkaAegrOm
vhLJzOx3E/J/vCmDYbl9vow0R0AmHzEG8zu3++VrtDyXim9kEQ22CgN43d5JM35A
CqzUwTNdbTrP0EvSx55n49wis8/UFRM53X8Fsb+cgEVrWfVHMC5ljMXBxmQWkPbY
WxgOE+Rhi5qH8tF7Iy7QsTimspeGw3uGBnZwomUUJ/wMhbK54NfEdEZtNG25p4gY
6FxfBDW45LxBHBLScSh8mjtXWL+K4RRh4sunZRUDzNAv
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:23 2025 by rpki-client