Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/RlgpYJj3OkVQfs46xICidNZqgkU.roa
File: RlgpYJj3OkVQfs46xICidNZqgkU.roa (raw, json)
Hash identifier: XJ+/NHZmf2MnViTp+C1CM6uGW9B5OtA9zpwsYXrrRNM=
Subject key identifier: 46:58:29:60:98:F7:3A:45:50:7E:CE:3A:C4:80:A2:74:D6:6A:82:45
Certificate issuer: /CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
Certificate serial: 018CC5DC05FD8E93DC66E8D478A31B3F2617
Authority key identifier: 4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/RlgpYJj3OkVQfs46xICidNZqgkU.roa
Signing time: Mon 01 Jan 2024 16:29:40 +0000
ROA not before: Mon 01 Jan 2024 16:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20539
IP address blocks: 94.199.160.0/21 maxlen: 24
2a02:680:8000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:05:fd:8e:93:dc:66:e8:d4:78:a3:1b:3f:26:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
Validity
Not Before: Jan 1 16:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4658296098f73a45507ece3ac480a274d66a8245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:84:db:68:14:ab:43:0c:f4:51:3d:98:54:73:
14:00:7e:a4:c9:74:be:f0:a0:b0:bb:ad:81:04:7f:
22:67:3f:28:89:73:8c:8e:de:14:3e:5b:bc:04:a0:
43:43:bb:af:38:82:bc:3a:23:4e:80:5e:ce:bb:28:
5a:0c:19:a7:2d:67:1f:cd:68:25:bd:f7:ad:cb:67:
84:ab:4f:97:4e:fd:c8:ef:ac:31:95:d8:e1:da:96:
e3:1c:0b:b8:ad:9e:ee:14:29:d6:06:6a:43:69:d2:
b7:d0:76:31:7a:9d:c0:13:6d:a8:60:81:60:06:67:
fd:fe:05:8b:44:4a:ba:28:96:2f:b6:52:c7:63:64:
e6:d9:9d:62:05:2f:31:f0:10:5f:3e:f3:c9:6a:95:
50:ab:07:80:87:63:9c:94:8a:a8:62:70:76:63:0d:
42:9c:14:05:62:32:ed:70:ae:17:c4:fc:d1:4c:44:
88:59:eb:f1:05:b0:79:e7:0d:19:6e:53:5d:a2:cd:
1d:54:1c:91:84:3a:c4:f8:94:1a:d9:53:ef:f1:92:
71:0c:90:dd:d8:63:b8:65:9e:83:49:32:f4:92:83:
f2:f4:3f:bf:65:03:38:11:f9:6b:16:7c:f3:eb:0d:
cd:98:5c:02:b9:60:a8:ae:5c:4b:d2:a1:14:ec:4f:
32:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:58:29:60:98:F7:3A:45:50:7E:CE:3A:C4:80:A2:74:D6:6A:82:45
X509v3 Authority Key Identifier:
keyid:4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/RlgpYJj3OkVQfs46xICidNZqgkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.160.0/21
IPv6:
2a02:680:8000::/36
Signature Algorithm: sha256WithRSAEncryption
b3:e7:c8:a8:25:51:77:98:ab:06:52:8f:70:92:b5:92:eb:d2:
d0:d3:4d:40:60:36:46:da:f3:45:00:e6:49:d5:36:2c:aa:26:
84:88:af:0b:b0:77:34:5c:db:4f:cb:fe:b4:53:c8:50:41:d9:
d8:30:ca:95:e4:97:7f:86:cb:8b:19:c4:7c:39:56:7f:b5:bc:
fa:43:d8:c7:0f:52:b7:ed:cb:3c:dc:eb:d6:67:91:c9:2e:8d:
2d:aa:7c:d1:60:b8:c8:75:d6:30:0b:35:e8:34:d2:5b:d2:76:
08:b6:be:a4:df:51:db:59:ee:89:f1:a8:a8:a6:48:bf:43:4b:
eb:14:29:50:0d:83:5e:2d:67:fa:a4:39:82:50:4d:b2:7c:61:
6a:4d:98:54:d1:93:c9:f3:66:e1:48:21:2a:cf:0d:d3:a1:0a:
bb:a7:73:98:40:3a:87:a8:ad:e3:79:71:ae:d9:63:1f:80:22:
e2:2f:66:bc:30:74:54:ba:13:b7:c9:72:8f:39:f6:d5:ed:17:
f5:2b:14:f6:ea:ba:df:d7:46:f4:33:9c:43:6c:85:b8:f4:ac:
f2:b5:3d:e1:21:cf:4f:96:fb:25:85:12:16:c8:f4:63:95:b6:
0e:68:33:7c:d7:ac:d3:85:7b:40:1e:95:3b:21:62:2f:4e:47:
d3:fc:88:23
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzF3AX9jpPcZujUeKMbPyYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTExMzI0ZTg2OWJjNGNhNWVjOGJhZDBkM2RkZmY2ODU0
NDE5NzkwHhcNMjQwMTAxMTYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjU4Mjk2MDk4ZjczYTQ1NTA3ZWNlM2FjNDgwYTI3NGQ2NmE4MjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYTbaBSrQwz0UT2YVHMUAH6kyXS+
8KCwu62BBH8iZz8oiXOMjt4UPlu8BKBDQ7uvOIK8OiNOgF7OuyhaDBmnLWcfzWgl
vfety2eEq0+XTv3I76wxldjh2pbjHAu4rZ7uFCnWBmpDadK30HYxep3AE22oYIFg
Bmf9/gWLREq6KJYvtlLHY2Tm2Z1iBS8x8BBfPvPJapVQqweAh2OclIqoYnB2Yw1C
nBQFYjLtcK4XxPzRTESIWevxBbB55w0ZblNdos0dVByRhDrE+JQa2VPv8ZJxDJDd
2GO4ZZ6DSTL0koPy9D+/ZQM4EflrFnzz6w3NmFwCuWCorlxL0qEU7E8y5QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFEZYKWCY9zpFUH7OOsSAonTWaoJFMB8GA1UdIwQY
MBaAFEyREyToabxMpeyLrQ093/aFRBl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUt
YjdkMWNhYzUxZTBjLzEvUmxncFlKajNPa1ZRZnM0NnhJQ2lkTlpxZ2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUtYjdkMWNhYzUxZTBj
LzEvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQDXsegMA4E
AgACMAgDBgQqAgaAgDANBgkqhkiG9w0BAQsFAAOCAQEAs+fIqCVRd5irBlKPcJK1
kuvS0NNNQGA2RtrzRQDmSdU2LKomhIivC7B3NFzbT8v+tFPIUEHZ2DDKleSXf4bL
ixnEfDlWf7W8+kPYxw9St+3LPNzr1meRyS6NLap80WC4yHXWMAs16DTSW9J2CLa+
pN9R21nuifGoqKZIv0NL6xQpUA2DXi1n+qQ5glBNsnxhak2YVNGTyfNm4UghKs8N
06EKu6dzmEA6h6it43lxrtljH4Ai4i9mvDB0VLoTt8lyjzn21e0X9SsU9uq639dG
9DOcQ2yFuPSs8rU94SHPT5b7JYUSFsj0Y5W2DmgzfNes04V7QB6VOyFiL05H0/yI
Iw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:41:13 2025 by rpki-client